Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pfhTwrCcD7wHIwog15JFemLWxFE.roa
File: pfhTwrCcD7wHIwog15JFemLWxFE.roa (raw, json)
Hash identifier: 57vSyIHkeYjM0yyhSbzPic0NfLOggVKE7pJBKQTqhNM=
Subject key identifier: A5:F8:53:C2:B0:9C:0F:BC:07:23:0A:20:D7:92:45:7A:62:D6:C4:51
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0195A34579F62CD2DC0EAC208DABF0B4E3B3
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pfhTwrCcD7wHIwog15JFemLWxFE.roa
Signing time: Mon 17 Mar 2025 08:43:14 +0000
ROA not before: Mon 17 Mar 2025 08:43:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.126.82.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 09:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:45:79:f6:2c:d2:dc:0e:ac:20:8d:ab:f0:b4:e3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 17 08:43:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5f853c2b09c0fbc07230a20d792457a62d6c451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7e:7b:90:9b:c8:5d:fe:61:df:d5:ef:a6:41:
6e:b0:df:ba:3b:da:f0:c2:e3:aa:46:a7:24:46:45:
50:e0:84:11:cf:f3:62:9d:47:b6:77:a7:43:1b:7b:
e6:6f:31:ea:c9:fa:46:45:37:bd:07:39:1b:b7:41:
41:31:4f:6c:38:f8:bc:44:29:23:eb:90:f0:f0:f7:
88:57:89:07:47:e2:fb:99:fb:11:eb:ce:1e:09:7b:
77:3f:96:a6:80:03:c4:42:3d:31:30:e8:4b:33:11:
b2:19:84:66:a6:a8:0c:59:8d:42:41:b1:55:f4:35:
8f:b8:d1:85:a7:1a:a1:e0:59:32:85:74:99:14:b4:
ca:35:f4:3b:03:16:35:cd:88:be:ad:05:ef:84:c1:
11:29:d5:dd:10:6d:24:ee:ca:91:2b:11:96:24:55:
9f:b8:b3:9f:6a:80:09:9b:66:7d:a9:6d:65:2b:27:
80:63:f6:9d:41:8f:af:27:a6:02:4a:ec:4d:90:9c:
c9:76:95:7f:bb:1b:da:81:68:7d:48:db:a8:5f:5d:
2f:af:de:89:28:43:b1:33:34:8d:35:d0:82:1a:98:
67:04:19:b2:72:4c:56:32:36:44:8a:02:7a:ca:ee:
fb:2b:6e:49:f5:2e:40:07:d4:7f:5f:a3:87:b2:29:
70:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F8:53:C2:B0:9C:0F:BC:07:23:0A:20:D7:92:45:7A:62:D6:C4:51
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pfhTwrCcD7wHIwog15JFemLWxFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.82.0/24
185.209.38.0/24
185.209.73.0/24
185.209.75.0/24
185.214.108.0/24
185.218.20.0/24
185.220.248.0/24
185.220.250.0/23
185.222.28.0/24
185.223.78.0/24
185.223.80.0/24
185.225.0.0/23
185.225.3.0/24
185.227.146.0/23
185.228.75.0/24
185.246.112.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
40:ee:1a:6f:b1:f7:00:28:f6:b5:c4:84:4c:bd:af:d3:a5:86:
9a:b1:b0:e6:bb:68:28:3c:1c:b6:1a:df:29:d2:f1:22:b3:3d:
8a:f9:6a:50:03:e1:0f:59:4d:c8:a5:89:f4:2c:a8:74:34:04:
62:a2:85:84:76:cd:10:f0:6a:2e:8b:b5:cd:7f:a0:5a:15:41:
13:a2:dd:86:ec:70:4e:7b:1d:7f:82:fe:9b:43:b8:88:2d:56:
7d:5d:63:f0:b3:5f:cc:54:4d:2f:d7:9d:6c:e0:ac:d0:4e:72:
a4:dd:a8:75:5e:fd:4a:cb:63:f0:53:2f:f2:a4:f0:ee:f5:9e:
ca:79:15:45:93:92:53:e4:2d:da:5f:3e:c5:41:b7:49:2f:b1:
35:5b:f4:f8:4e:39:46:cf:fb:ef:64:f9:20:b1:af:eb:e6:5f:
65:c8:53:56:d2:ff:b1:1c:32:4d:b6:f5:bd:24:1f:a6:f5:b6:
c1:1b:cf:23:01:e5:6d:76:fc:ac:bd:11:2d:06:67:fb:1e:89:
fc:60:8a:a3:d4:8c:48:0b:74:1e:63:b0:b5:e6:c5:7f:bb:40:
a1:83:2d:be:67:46:7f:77:db:81:0b:38:a6:6b:8a:27:c3:84:
ee:98:d8:e2:21:5a:60:67:9e:5f:19:57:64:96:2d:40:c8:60:
81:5d:d6:f9
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZWjRXn2LNLcDqwgjavwtOOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzE3MDg0MzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWY4NTNjMmIwOWMwZmJjMDcyMzBhMjBkNzkyNDU3YTYyZDZjNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5n57kJvIXf5h39XvpkFusN+6O9rw
wuOqRqckRkVQ4IQRz/NinUe2d6dDG3vmbzHqyfpGRTe9Bzkbt0FBMU9sOPi8RCkj
65Dw8PeIV4kHR+L7mfsR684eCXt3P5amgAPEQj0xMOhLMxGyGYRmpqgMWY1CQbFV
9DWPuNGFpxqh4FkyhXSZFLTKNfQ7AxY1zYi+rQXvhMERKdXdEG0k7sqRKxGWJFWf
uLOfaoAJm2Z9qW1lKyeAY/adQY+vJ6YCSuxNkJzJdpV/uxvagWh9SNuoX10vr96J
KEOxMzSNNdCCGphnBBmyckxWMjZEigJ6yu77K25J9S5AB9R/X6OHsilwgwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFKX4U8KwnA+8ByMKINeSRXpi1sRRMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcGZoVHdyQ2NEN3dISXdvZzE1SkZlbUxXeEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEALl+UgME
ALnRJgMEALnRSQMEALnRSwMEALnWbAMEALnaFAMEALnc+AMEAbnc+gMEALneHAME
ALnfTgMEALnfUAMEAbnhAAMEALnhAwMEAbnjkgMEALnkSwMEALn2cAMEAcEIcAME
AcE6kjANBgkqhkiG9w0BAQsFAAOCAQEAQO4ab7H3ACj2tcSETL2v06WGmrGw5rto
KDwcthrfKdLxIrM9ivlqUAPhD1lNyKWJ9CyodDQEYqKFhHbNEPBqLou1zX+gWhVB
E6LdhuxwTnsdf4L+m0O4iC1WfV1j8LNfzFRNL9edbOCs0E5ypN2odV79Sstj8FMv
8qTw7vWeynkVRZOSU+Qt2l8+xUG3SS+xNVv0+E45Rs/772T5ILGv6+ZfZchTVtL/
sRwyTbb1vSQfpvW2wRvPIwHlbXb8rL0RLQZn+x6J/GCKo9SMSAt0HmOwtebFf7tA
oYMtvmdGf3fbgQs4pmuKJ8OE7pjY4iFaYGeeXxlXZJYtQMhggV3W+Q==
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:32:28 2025 by rpki-client