Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/2Dw9eoBT_LrbQmRTKZdOCsgYvos.roa
File: 2Dw9eoBT_LrbQmRTKZdOCsgYvos.roa (raw, json)
Hash identifier: khe32DS4olffiu5OMwepOJ/hzJUfrlBOWt1rVcTtoKI=
Subject key identifier: D8:3C:3D:7A:80:53:FC:BA:DB:42:64:53:29:97:4E:0A:C8:18:BE:8B
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 0197352B940C40942D96D045C280F17F9B14
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/2Dw9eoBT_LrbQmRTKZdOCsgYvos.roa
Signing time: Tue 03 Jun 2025 09:42:17 +0000
ROA not before: Tue 03 Jun 2025 09:42:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8648
IP address blocks: 81.173.82.0/24 maxlen: 24
81.173.88.0/21 maxlen: 24
2a00:1128::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Jun 2025 12:24:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:2b:94:0c:40:94:2d:96:d0:45:c2:80:f1:7f:9b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: Jun 3 09:42:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d83c3d7a8053fcbadb42645329974e0ac818be8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6c:a2:af:7f:73:71:c9:af:76:90:f0:8f:fb:
e0:f5:bf:c3:04:03:fd:1c:db:42:d4:81:d3:1c:19:
4c:b4:29:5e:0f:0e:d8:01:72:32:d1:d9:92:38:b2:
68:d0:24:b9:72:c9:3e:a4:db:57:c5:9c:ed:6a:87:
9a:1a:bc:b9:05:fe:06:fc:b4:b1:a9:b8:ce:71:b7:
fa:96:83:47:df:8a:73:03:5a:9d:45:97:0f:2f:91:
bd:c3:23:77:5a:38:f2:e3:a7:61:cb:b7:69:6e:dd:
c7:b1:de:6e:41:96:00:bc:ac:ca:db:9a:75:ed:ff:
07:17:90:b8:05:63:d9:25:8f:a6:15:7a:89:cb:c5:
9f:c3:47:51:c9:a7:85:46:58:3e:fa:e9:fa:e1:59:
d9:d3:2c:cc:89:ef:c8:e3:51:54:cc:c0:dc:7b:01:
7d:b8:9c:d9:0b:ee:93:79:a8:7d:dd:38:04:ad:35:
72:89:79:4e:0d:1d:f4:c4:8c:55:cb:8c:13:52:29:
36:6a:55:ab:05:d4:55:75:03:e8:59:0d:ef:60:57:
d9:28:9e:0a:3f:06:78:c7:6a:b9:11:de:e3:9d:46:
e0:b1:ac:7e:92:10:ce:2b:dd:45:2b:b2:2b:fd:93:
df:f9:cc:90:be:83:b4:62:1f:62:32:1b:51:aa:e9:
ae:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3C:3D:7A:80:53:FC:BA:DB:42:64:53:29:97:4E:0A:C8:18:BE:8B
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/2Dw9eoBT_LrbQmRTKZdOCsgYvos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.82.0/24
81.173.88.0/21
IPv6:
2a00:1128::/32
Signature Algorithm: sha256WithRSAEncryption
82:20:2a:25:ec:db:3c:bf:f0:be:32:0b:63:72:69:56:80:37:
37:91:bb:07:0c:ca:e0:95:2e:c3:0d:c1:24:b7:de:e9:15:71:
59:23:38:bf:23:a2:74:bc:ca:0c:28:da:a4:fb:82:af:5a:fa:
2a:3a:7d:cc:c0:b2:37:e7:70:97:14:9d:25:56:f8:64:6e:29:
03:ec:09:0c:f3:1f:dc:a4:54:f8:b8:50:bb:b0:87:fd:1a:2f:
b0:6c:02:59:cf:19:55:10:08:e2:41:1a:95:4f:cd:54:04:a8:
bd:7a:9f:fd:be:b9:53:fc:3e:57:43:bc:f6:e1:0d:90:f7:35:
5d:cc:cd:f1:0b:15:76:e5:ec:b6:8d:89:34:e3:7c:d9:69:43:
8a:a1:ed:8c:ff:f1:30:96:55:ab:27:22:81:25:b1:2a:6a:83:
18:65:eb:31:33:aa:d6:db:3b:5a:cb:6b:47:94:68:ef:6f:a4:
00:57:61:84:da:1a:5c:e6:9f:d4:ad:ba:dd:5f:54:9f:b6:a0:
e1:c2:77:05:db:59:54:0f:0f:7a:f3:c2:f9:d6:7a:5f:52:e9:
18:fb:32:6d:7a:f8:76:c3:85:3a:5c:3d:eb:4c:e7:0c:4d:7c:
3e:72:9a:cc:b6:64:92:19:3e:f9:15:d7:9a:d1:8d:44:60:5c:
dc:9b:2a:0c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZc1K5QMQJQtltBFwoDxf5sUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjUwNjAzMDk0MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODNjM2Q3YTgwNTNmY2JhZGI0MjY0NTMyOTk3NGUwYWM4MThiZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGyir39zccmvdpDwj/vg9b/DBAP9
HNtC1IHTHBlMtCleDw7YAXIy0dmSOLJo0CS5csk+pNtXxZztaoeaGry5Bf4G/LSx
qbjOcbf6loNH34pzA1qdRZcPL5G9wyN3Wjjy46dhy7dpbt3Hsd5uQZYAvKzK25p1
7f8HF5C4BWPZJY+mFXqJy8Wfw0dRyaeFRlg++un64VnZ0yzMie/I41FUzMDcewF9
uJzZC+6Teah93TgErTVyiXlODR30xIxVy4wTUik2alWrBdRVdQPoWQ3vYFfZKJ4K
PwZ4x2q5Ed7jnUbgsax+khDOK91FK7Ir/ZPf+cyQvoO0Yh9iMhtRqumuXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNg8PXqAU/y620JkUymXTgrIGL6LMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvMkR3OWVvQlRfTHJiUW1SVEtaZE9Dc2dZdm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUa1SAwQD
Ua1YMA0EAgACMAcDBQAqABEoMA0GCSqGSIb3DQEBCwUAA4IBAQCCICol7Ns8v/C+
MgtjcmlWgDc3kbsHDMrglS7DDcEkt97pFXFZIzi/I6J0vMoMKNqk+4KvWvoqOn3M
wLI353CXFJ0lVvhkbikD7AkM8x/cpFT4uFC7sIf9Gi+wbAJZzxlVEAjiQRqVT81U
BKi9ep/9vrlT/D5XQ7z24Q2Q9zVdzM3xCxV25ey2jYk043zZaUOKoe2M//EwllWr
JyKBJbEqaoMYZesxM6rW2ztay2tHlGjvb6QAV2GE2hpc5p/UrbrdX1SftqDhwncF
21lUDw9688L51npfUukY+zJtevh2w4U6XD3rTOcMTXw+cprMtmSSGT75Fdea0Y1E
YFzcmyoM
-----END CERTIFICATE-----
Generated at Wed Jun 11 08:49:40 2025 by rpki-client