Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/9HQaY3yuOjvL5x2Ydyq2sCeuEsQ.roa
File: 9HQaY3yuOjvL5x2Ydyq2sCeuEsQ.roa (raw, json)
Hash identifier: BfpMsdA/dc+V3yKcwRZNAduj8zX7LxPrzJpq5S16F28=
Subject key identifier: F4:74:1A:63:7C:AE:3A:3B:CB:E7:1D:98:77:2A:B6:B0:27:AE:12:C4
Certificate issuer: /CN=6d150b438cc68f62dc15d359593161f799de53af
Certificate serial: 01957F70E58904CF9170000B2C18813FD81B
Authority key identifier: 6D:15:0B:43:8C:C6:8F:62:DC:15:D3:59:59:31:61:F7:99:DE:53:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bRULQ4zGj2LcFdNZWTFh95neU68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/9HQaY3yuOjvL5x2Ydyq2sCeuEsQ.roa
Signing time: Mon 10 Mar 2025 09:44:20 +0000
ROA not before: Mon 10 Mar 2025 09:44:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35258
IP address blocks: 46.254.120.0/21 maxlen: 21
83.143.208.0/21 maxlen: 21
83.143.210.0/24 maxlen: 24
87.253.184.0/22 maxlen: 22
91.208.244.0/24 maxlen: 24
185.6.252.0/22 maxlen: 22
185.102.104.0/22 maxlen: 22
185.102.105.0/24 maxlen: 24
185.102.106.0/23 maxlen: 23
195.85.38.0/24 maxlen: 24
195.85.72.0/23 maxlen: 23
213.238.48.0/23 maxlen: 23
2a00:e400::/29 maxlen: 29
2a06:23c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 10 Mar 2025 14:46:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:70:e5:89:04:cf:91:70:00:0b:2c:18:81:3f:d8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d150b438cc68f62dc15d359593161f799de53af
Validity
Not Before: Mar 10 09:44:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4741a637cae3a3bcbe71d98772ab6b027ae12c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:8b:b4:2c:8b:e0:c4:02:b0:45:94:cc:05:c8:
57:7a:ea:0e:6f:e9:b2:d1:85:aa:9c:44:10:53:00:
6b:d3:0f:3e:fd:3f:81:4c:2d:8d:5b:f1:77:5c:b8:
9a:83:8b:60:63:dd:77:5e:54:5e:c9:ed:0e:6c:7e:
9a:47:4d:3b:9f:3b:0f:5f:5b:9d:a1:31:f3:42:de:
ed:52:b1:25:20:b7:5e:41:88:a4:88:61:bc:02:ee:
d0:10:f3:3a:4f:89:0b:58:c8:89:40:8c:12:dc:5f:
47:c7:53:fd:39:c9:3f:70:3f:12:ed:8c:33:f3:72:
7e:e8:36:f1:a7:44:4f:db:04:fa:b2:c7:ce:33:25:
a0:cd:2d:69:37:2f:cd:31:71:ef:75:d2:72:7a:38:
95:46:05:85:06:3b:e6:4d:23:ab:d6:c6:ec:05:ac:
27:03:bc:08:24:f8:20:f8:28:7b:c7:b2:d8:d9:a1:
71:64:7c:a0:a2:fa:ac:6b:d7:57:3a:9e:68:c4:33:
01:f3:44:68:b9:50:01:e8:06:57:8b:f1:7e:50:a3:
ee:82:a4:d2:5f:72:d5:73:bc:90:89:18:2e:43:4f:
41:74:f4:36:7e:02:e1:c3:84:c0:8c:67:f8:9c:20:
3f:92:e5:8f:45:8f:58:aa:6f:1b:8d:45:3f:93:09:
70:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:74:1A:63:7C:AE:3A:3B:CB:E7:1D:98:77:2A:B6:B0:27:AE:12:C4
X509v3 Authority Key Identifier:
keyid:6D:15:0B:43:8C:C6:8F:62:DC:15:D3:59:59:31:61:F7:99:DE:53:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bRULQ4zGj2LcFdNZWTFh95neU68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/9HQaY3yuOjvL5x2Ydyq2sCeuEsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/bRULQ4zGj2LcFdNZWTFh95neU68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.120.0/21
83.143.208.0/21
87.253.184.0/22
91.208.244.0/24
185.6.252.0/22
185.102.104.0/22
195.85.38.0/24
195.85.72.0/23
213.238.48.0/23
IPv6:
2a00:e400::/29
2a06:23c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:3c:9a:c7:9b:99:77:7d:a7:09:8b:f7:5a:ef:c6:0e:85:ef:
ca:d1:6e:19:7a:8d:72:6c:e5:79:bf:58:37:e7:33:10:b0:be:
fc:37:8f:5d:f3:75:59:0f:ed:67:9b:6b:0b:3d:d6:9f:57:c2:
b0:a7:8c:18:06:44:cf:bc:8e:f4:38:db:5d:b3:c6:8f:84:36:
2d:e1:03:8e:36:39:09:00:e1:c8:22:6f:99:1e:24:27:c6:e5:
cd:8b:eb:1e:02:b8:c2:80:14:ae:64:a5:22:c6:6f:cc:0a:04:
2b:b3:8a:68:d8:13:10:ca:7b:5c:ce:a3:bb:e9:cc:c5:0f:b9:
c3:97:ba:0a:3f:fa:9a:51:7f:ce:d3:01:aa:35:aa:7b:32:f3:
69:0a:df:29:0d:46:fd:eb:c1:5f:79:f1:28:0c:7c:af:1d:5f:
59:97:eb:0a:5f:0c:00:af:c2:27:d0:a0:b0:01:f7:4c:ec:17:
f3:3d:c4:c1:70:70:7b:9c:93:10:eb:04:93:92:94:ec:fb:15:
ca:7a:97:92:b1:3c:1c:82:1b:52:f0:ad:90:b0:48:40:ba:21:
ef:0d:f6:7e:ea:5e:38:10:33:b6:ce:bf:8e:c8:b3:cc:9e:6f:
6c:73:a5:68:f1:e1:3d:53:e2:71:7f:43:2a:b6:af:6f:f0:ba:
e1:4d:b8:30
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZV/cOWJBM+RcAALLBiBP9gbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMTUwYjQzOGNjNjhmNjJkYzE1ZDM1OTU5MzE2MWY3OTlk
ZTUzYWYwHhcNMjUwMzEwMDk0NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDc0MWE2MzdjYWUzYTNiY2JlNzFkOTg3NzJhYjZiMDI3YWUxMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Iu0LIvgxAKwRZTMBchXeuoOb+my
0YWqnEQQUwBr0w8+/T+BTC2NW/F3XLiag4tgY913XlReye0ObH6aR007nzsPX1ud
oTHzQt7tUrElILdeQYikiGG8Au7QEPM6T4kLWMiJQIwS3F9Hx1P9Ock/cD8S7Ywz
83J+6Dbxp0RP2wT6ssfOMyWgzS1pNy/NMXHvddJyejiVRgWFBjvmTSOr1sbsBawn
A7wIJPgg+Ch7x7LY2aFxZHygovqsa9dXOp5oxDMB80RouVAB6AZXi/F+UKPugqTS
X3LVc7yQiRguQ09BdPQ2fgLhw4TAjGf4nCA/kuWPRY9Yqm8bjUU/kwlwNQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFPR0GmN8rjo7y+cdmHcqtrAnrhLEMB8GA1UdIwQY
MBaAFG0VC0OMxo9i3BXTWVkxYfeZ3lOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlJVTFE0ekdqMkxjRmROWldURmg5NW5lVTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yZmE4NmYtN2Y0ZS00YWFiLTlkZmQt
MWIzZDk4YmVmMWU5LzEvOUhRYVkzeXVPanZMNXgyWWR5cTJzQ2V1RXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yZmE4NmYtN2Y0ZS00YWFiLTlkZmQtMWIzZDk4YmVmMWU5
LzEvYlJVTFE0ekdqMkxjRmROWldURmg5NW5lVTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLv54AwQD
U4/QAwQCV/24AwQAW9D0AwQCuQb8AwQCuWZoAwQAw1UmAwQBw1VIAwQB1e4wMBQE
AgACMA4DBQMqAOQAAwUDKgYjwDANBgkqhkiG9w0BAQsFAAOCAQEAFjyax5uZd32n
CYv3Wu/GDoXvytFuGXqNcmzleb9YN+czELC+/DePXfN1WQ/tZ5trCz3Wn1fCsKeM
GAZEz7yO9DjbXbPGj4Q2LeEDjjY5CQDhyCJvmR4kJ8blzYvrHgK4woAUrmSlIsZv
zAoEK7OKaNgTEMp7XM6ju+nMxQ+5w5e6Cj/6mlF/ztMBqjWqezLzaQrfKQ1G/evB
X3nxKAx8rx1fWZfrCl8MAK/CJ9CgsAH3TOwX8z3EwXBwe5yTEOsEk5KU7PsVynqX
krE8HIIbUvCtkLBIQLoh7w32fupeOBAzts6/jsizzJ5vbHOlaPHhPVPicX9DKrav
b/C64U24MA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:37:51 2025 by rpki-client