Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/1-8V89J9-1ih1516uFLQrhGWh2e4.roa
File: 1-8V89J9-1ih1516uFLQrhGWh2e4.roa (raw, json)
Hash identifier: p1//keabFke47DWhapwxK382D5gESD59FJwyMKzdYss=
Subject key identifier: FB:C5:7C:F4:9F:7E:D6:28:75:E7:5E:AE:14:B4:2B:84:65:A1:D9:EE
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0195A50FC86C1019BDBD8511E3B28B6766AA
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/1-8V89J9-1ih1516uFLQrhGWh2e4.roa
Signing time: Mon 17 Mar 2025 17:03:49 +0000
ROA not before: Mon 17 Mar 2025 17:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
37.123.112.0/24 maxlen: 32
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/19 maxlen: 23
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/20 maxlen: 24
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Mar 2025 16:10:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a5:0f:c8:6c:10:19:bd:bd:85:11:e3:b2:8b:67:66:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Mar 17 17:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbc57cf49f7ed62875e75eae14b42b8465a1d9ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:89:57:56:91:78:17:93:e2:39:fa:65:ef:5a:
ef:8e:84:d2:07:cb:ad:92:30:44:c2:2b:61:23:80:
46:d6:ab:58:e6:9d:94:9d:d5:1a:d3:b3:df:fd:08:
92:05:4f:41:07:58:b4:d7:1d:1a:43:9c:f4:73:c0:
04:c6:2f:b8:76:a3:2f:b4:03:7d:c3:4d:6c:34:6b:
b3:10:da:2f:7a:1b:e1:cd:e4:88:42:b0:3f:6d:f2:
65:0c:05:62:92:8f:05:f7:c4:c1:4b:69:94:ee:3c:
3e:f4:22:d1:69:4f:ca:c8:e7:f3:e5:48:14:ae:15:
0c:cc:70:4a:6b:fa:c9:77:a3:dd:ae:9e:8f:84:39:
17:cc:1a:e7:e5:61:5e:b6:42:5a:29:63:ad:62:28:
b9:72:7c:a5:b9:a6:cd:2d:1e:e8:29:99:66:8f:25:
27:26:27:2b:cd:d6:16:a8:a6:94:66:11:6e:e4:e6:
42:02:ec:c7:fe:9b:31:5d:7a:6e:0c:92:57:18:0d:
f2:33:d7:be:91:89:44:a0:ca:55:9a:f3:1b:72:f0:
6e:ef:59:75:3a:7b:d6:4d:e8:17:54:12:3a:a3:99:
65:f5:f9:a3:c9:ab:4f:29:2a:1e:59:19:1e:6a:eb:
10:d9:3d:f2:b7:dd:ae:99:a5:5c:7a:b7:e8:99:5d:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C5:7C:F4:9F:7E:D6:28:75:E7:5E:AE:14:B4:2B:84:65:A1:D9:EE
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/1-8V89J9-1ih1516uFLQrhGWh2e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
85:fb:f2:07:19:31:0b:97:ff:a1:0b:88:4d:37:d4:66:54:38:
90:3f:1f:c7:bd:f0:6e:45:15:42:cd:73:76:d3:9f:a7:3a:ef:
ba:80:65:6f:74:fb:1e:77:ca:d1:05:a4:2d:e6:c5:d2:59:47:
ca:56:c5:60:91:fb:74:33:5d:97:70:a5:7a:c7:f3:33:70:8c:
d0:dc:7b:ff:d3:61:51:42:89:e6:2d:9c:54:6c:33:ea:72:0c:
e9:04:a9:74:25:87:c5:77:f0:6a:75:29:0e:1f:cf:85:07:b0:
be:b4:52:b5:c4:b2:73:e0:01:6e:1a:51:73:38:e6:14:4d:a7:
a3:35:a3:8f:74:aa:84:0e:c1:6f:b0:9a:19:15:89:85:52:c6:
61:c1:95:62:2f:12:0e:6d:ee:f7:bb:00:b4:85:58:b5:cd:6e:
34:06:3a:4a:ea:6a:ab:02:a4:72:9e:2f:df:fa:9e:74:18:a0:
4c:90:3f:cb:a5:fe:ed:ae:75:3c:f0:62:c2:28:e2:4a:ed:e3:
87:b9:81:b9:c1:92:4e:9d:cf:8f:23:2a:e4:42:22:60:2b:af:
6a:e2:80:de:c6:0b:74:15:5b:fe:51:dd:e9:b2:7a:73:89:6e:
e9:eb:8a:e7:36:3c:f6:12:0c:b5:4f:aa:03:e9:51:da:43:a6:
0b:eb:ac:57
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZWlD8hsEBm9vYUR47KLZ2aqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwMzE3MTcwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmM1N2NmNDlmN2VkNjI4NzVlNzVlYWUxNGI0MmI4NDY1YTFkOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4lXVpF4F5PiOfpl71rvjoTSB8ut
kjBEwithI4BG1qtY5p2UndUa07Pf/QiSBU9BB1i01x0aQ5z0c8AExi+4dqMvtAN9
w01sNGuzENovehvhzeSIQrA/bfJlDAViko8F98TBS2mU7jw+9CLRaU/KyOfz5UgU
rhUMzHBKa/rJd6Pdrp6PhDkXzBrn5WFetkJaKWOtYii5cnyluabNLR7oKZlmjyUn
JicrzdYWqKaUZhFu5OZCAuzH/psxXXpuDJJXGA3yM9e+kYlEoMpVmvMbcvBu71l1
OnvWTegXVBI6o5ll9fmjyatPKSoeWRkeausQ2T3yt92umaVcerfomV2kdQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFPvFfPSfftYodederhS0K4RlodnuMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvMS04Vjg5SjktMWloMTUxNnVGTFFyaEdXaDJlNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDQvYzExYzg3LWVmYmItNDVlOC05YjAzLWQ1MjU3MThhYTQ0
YS8xL0dmX19LSjh0clFfQWhGYXd1dFZOZTZSSnBKSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBhAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDBAMfGOAD
BAMle3ADBAQuF0ADBAVNXEADBANSo0gDBAZTqkADBARYyrADBANYyuADBANbbfAD
BAZte0ADBAOwQ6ADBACwQ6kwDAMEALBDqwMEBLBDoAMEArkH4DANBAIAAjAHAwUA
KgIkmDANBgkqhkiG9w0BAQsFAAOCAQEAhfvyBxkxC5f/oQuITTfUZlQ4kD8fx73w
bkUVQs1zdtOfpzrvuoBlb3T7HnfK0QWkLebF0llHylbFYJH7dDNdl3ClesfzM3CM
0Nx7/9NhUUKJ5i2cVGwz6nIM6QSpdCWHxXfwanUpDh/PhQewvrRStcSyc+ABbhpR
czjmFE2nozWjj3SqhA7Bb7CaGRWJhVLGYcGVYi8SDm3u97sAtIVYtc1uNAY6Supq
qwKkcp4v3/qedBigTJA/y6X+7a51PPBiwijiSu3jh7mBucGSTp3PjyMq5EIiYCuv
auKA3sYLdBVb/lHd6bJ6c4lu6euK5zY89hIMtU+qA+lR2kOmC+usVw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:19:48 2025 by rpki-client