Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/3lNfhD31Y0aLpzQRV2GFE8VJHBE.roa
File: 3lNfhD31Y0aLpzQRV2GFE8VJHBE.roa (raw, json)
Hash identifier: XD/mmmlnyy9XaAF4VUhLfm2iNhER0qV1P1wOexgXf24=
Subject key identifier: DE:53:5F:84:3D:F5:63:46:8B:A7:34:11:57:61:85:13:C5:49:1C:11
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 01953D467579585BD8348D7B6D54BAECC538
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/3lNfhD31Y0aLpzQRV2GFE8VJHBE.roa
Signing time: Tue 25 Feb 2025 13:23:02 +0000
ROA not before: Tue 25 Feb 2025 13:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34444
IP address blocks: 84.22.64.0/19 maxlen: 19
84.22.68.0/24 maxlen: 24
84.22.69.0/24 maxlen: 24
84.22.73.0/24 maxlen: 24
84.22.77.0/24 maxlen: 24
84.22.78.0/24 maxlen: 24
84.22.80.0/24 maxlen: 24
84.22.84.0/24 maxlen: 24
84.22.85.0/24 maxlen: 24
195.234.248.0/22 maxlen: 22
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.230.0/24 maxlen: 24
213.180.240.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 14:56:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:46:75:79:58:5b:d8:34:8d:7b:6d:54:ba:ec:c5:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Feb 25 13:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de535f843df563468ba7341157618513c5491c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ec:7c:42:45:96:b1:c0:b7:e9:e4:a2:0b:20:
52:13:aa:98:1c:25:ab:4d:ce:78:d8:b0:9b:4e:23:
19:98:12:d9:17:c9:1d:bf:7e:7a:73:6e:27:f6:f9:
a2:a8:e4:24:03:b7:c6:e9:65:7c:07:9c:03:67:43:
69:08:8c:1f:d8:a4:86:24:50:70:13:03:8e:fe:b8:
ab:07:6f:4e:21:8f:4b:25:fb:f1:05:6b:97:f5:38:
5b:b8:5a:51:b0:9c:cb:83:1a:2f:49:d9:6a:af:9b:
de:55:d5:da:9f:41:01:b5:d8:7a:56:40:42:93:7b:
8a:ea:f3:17:81:55:83:0a:0b:6b:61:3c:a7:1e:ce:
80:64:05:60:b7:36:5b:e9:6d:e3:a4:4e:1d:7c:a4:
e8:ba:19:2b:71:6e:2e:ee:e1:0d:c7:d3:75:40:f9:
fa:e7:e3:b6:37:ed:b9:85:2a:ae:33:39:73:3e:6b:
c2:cd:34:4c:93:f8:a0:d7:3f:62:05:85:97:37:81:
ad:01:5b:ed:ef:8e:a5:1a:8e:86:45:5b:3e:c1:15:
73:a1:90:86:74:01:45:23:81:c4:85:3f:34:ea:4a:
3d:b8:a0:04:96:ba:e3:51:ad:29:5d:99:0d:98:26:
05:c5:48:4d:e6:4d:62:67:6d:6f:aa:23:c2:d0:88:
9f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:53:5F:84:3D:F5:63:46:8B:A7:34:11:57:61:85:13:C5:49:1C:11
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/3lNfhD31Y0aLpzQRV2GFE8VJHBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0/19
195.234.248.0/22
213.180.225.0-213.180.226.255
213.180.228.0-213.180.230.255
213.180.240.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:33:ca:31:7b:36:29:24:46:64:5a:70:83:17:00:aa:f8:14:
1f:2a:ec:ca:ed:08:67:14:2a:51:68:59:2c:91:3c:a1:92:16:
cc:d6:35:8c:d9:63:c5:73:d8:58:6d:44:4e:0c:2f:c6:5b:f4:
a0:6f:74:f4:e5:6c:43:f8:3b:1b:72:0f:41:6d:2d:8a:26:03:
db:88:64:eb:74:c5:0a:5b:5c:42:20:3b:5c:f5:a7:bf:d0:cf:
7a:75:0b:f9:54:04:ae:e1:dc:ca:4e:05:38:33:53:dc:7d:c6:
84:73:0a:67:a1:ec:73:2c:9f:b4:9b:de:2a:59:71:5b:15:3c:
8c:88:b6:da:96:8d:da:89:dc:99:e3:64:40:5c:2e:ac:ab:93:
91:bc:e1:8d:fc:43:de:37:a2:65:4f:7f:28:d1:1f:48:eb:69:
f7:09:d6:70:2b:fc:36:f2:d9:3a:c7:2e:b0:67:df:01:1b:5d:
99:14:4f:54:4d:66:73:d7:26:f5:b5:aa:68:aa:74:47:ae:7b:
05:4c:04:5d:af:d4:0e:89:3d:f7:4a:e2:5f:04:c1:23:1b:f1:
62:7b:ae:af:88:4b:82:0e:f4:05:f1:8c:fd:59:8f:a7:3f:ab:
68:fa:60:1b:a2:88:70:51:8d:ca:bb:83:ae:9b:b0:18:05:b2:
5b:66:0a:a5
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZU9RnV5WFvYNI17bVS67MU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwMjI1MTMyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTUzNWY4NDNkZjU2MzQ2OGJhNzM0MTE1NzYxODUxM2M1NDkxYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ex8QkWWscC36eSiCyBSE6qYHCWr
Tc542LCbTiMZmBLZF8kdv356c24n9vmiqOQkA7fG6WV8B5wDZ0NpCIwf2KSGJFBw
EwOO/rirB29OIY9LJfvxBWuX9ThbuFpRsJzLgxovSdlqr5veVdXan0EBtdh6VkBC
k3uK6vMXgVWDCgtrYTynHs6AZAVgtzZb6W3jpE4dfKTouhkrcW4u7uENx9N1QPn6
5+O2N+25hSquMzlzPmvCzTRMk/ig1z9iBYWXN4GtAVvt746lGo6GRVs+wRVzoZCG
dAFFI4HEhT806ko9uKAElrrjUa0pXZkNmCYFxUhN5k1iZ21vqiPC0Iif5QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFN5TX4Q99WNGi6c0EVdhhRPFSRwRMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvM2xOZmhEMzFZMGFMcHpRUlYyR0ZFOFZKSEJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQFVBZAAwQC
w+r4MAwDBADVtOEDBADVtOIwDAMEAtW05AMEANW05gMEA9W08DANBgkqhkiG9w0B
AQsFAAOCAQEAqDPKMXs2KSRGZFpwgxcAqvgUHyrsyu0IZxQqUWhZLJE8oZIWzNY1
jNljxXPYWG1ETgwvxlv0oG909OVsQ/g7G3IPQW0tiiYD24hk63TFCltcQiA7XPWn
v9DPenUL+VQEruHcyk4FODNT3H3GhHMKZ6HscyyftJveKllxWxU8jIi22paN2onc
meNkQFwurKuTkbzhjfxD3jeiZU9/KNEfSOtp9wnWcCv8NvLZOscusGffARtdmRRP
VE1mc9cm9bWqaKp0R657BUwEXa/UDok990riXwTBIxvxYnuur4hLgg70BfGM/VmP
pz+raPpgG6KIcFGNyruDrpuwGAWyW2YKpQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:06:43 2025 by rpki-client