Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/pgpJn-J8tJVEa-Z6h-kiY8Fbpco.roa
File: pgpJn-J8tJVEa-Z6h-kiY8Fbpco.roa (raw, json)
Hash identifier: WCEQ0KdTun+N6vbg8srtV/nO6OxYgnOzKAcXWJWoV9U=
Subject key identifier: A6:0A:49:9F:E2:7C:B4:95:44:6B:E6:7A:87:E9:22:63:C1:5B:A5:CA
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 01973512DB97E380225A0AF5D9D1CC3A21EE
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/pgpJn-J8tJVEa-Z6h-kiY8Fbpco.roa
Signing time: Tue 03 Jun 2025 09:15:17 +0000
ROA not before: Tue 03 Jun 2025 09:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200350
IP address blocks: 31.44.8.0/21 maxlen: 24
37.230.172.0/22 maxlen: 24
37.230.188.0/22 maxlen: 24
45.133.96.0/22 maxlen: 24
46.21.244.0/22 maxlen: 24
51.250.0.0/17 maxlen: 24
62.84.112.0/20 maxlen: 24
84.201.128.0/18 maxlen: 24
84.252.128.0/20 maxlen: 24
89.169.128.0/18 maxlen: 24
89.232.188.0/22 maxlen: 24
92.255.1.0/24 maxlen: 24
93.77.160.0/19 maxlen: 24
130.193.32.0/19 maxlen: 24
158.160.0.0/16 maxlen: 24
178.154.192.0/18 maxlen: 24
185.206.164.0/22 maxlen: 24
185.216.194.0/23 maxlen: 24
193.32.216.0/22 maxlen: 24
213.165.192.0/19 maxlen: 24
217.28.224.0/20 maxlen: 24
217.198.168.0/21 maxlen: 24
2a0d:d6c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 05 Jun 2025 10:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:12:db:97:e3:80:22:5a:0a:f5:d9:d1:cc:3a:21:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Jun 3 09:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a60a499fe27cb495446be67a87e92263c15ba5ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6f:4c:fd:c6:c5:ad:04:cf:21:f0:d6:76:5e:
c6:4d:87:a0:c9:4a:92:9e:35:36:36:fd:48:ae:a6:
18:4d:eb:0b:22:5a:eb:20:f2:29:b1:85:a4:dd:c3:
ae:2d:14:ba:b9:79:93:8b:7f:09:4c:d0:48:40:61:
ba:cf:ac:95:48:bd:ed:20:cc:58:5e:70:e3:c5:f1:
f1:f1:62:b8:90:43:40:bb:f9:42:ca:31:f8:05:b6:
1c:1a:7b:d6:bd:85:98:11:8f:f8:f0:32:b2:eb:cb:
a5:d6:3c:af:0a:eb:5c:87:32:8e:25:2b:3b:fe:18:
3b:be:f2:cb:02:4d:10:58:34:97:05:80:92:c0:24:
c2:47:6d:10:42:15:92:83:6a:70:22:4f:68:f0:9c:
6d:9c:b6:02:b5:73:c4:ed:d3:a7:9c:dd:18:ba:13:
c0:a9:7a:6f:83:23:fb:6e:22:82:0c:57:85:9c:5f:
d8:f3:c2:b6:2b:71:a5:9d:67:c6:29:b1:b9:71:1a:
d0:02:83:85:12:a7:68:12:39:f1:78:f2:a3:b6:13:
58:f7:84:19:32:39:02:cc:bd:ba:15:1b:87:cc:1f:
12:42:74:4a:09:ab:fa:49:9d:6f:eb:7f:4a:a3:c8:
51:e0:5f:be:b8:e6:17:76:2c:8a:9d:ca:cf:f5:8b:
a5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0A:49:9F:E2:7C:B4:95:44:6B:E6:7A:87:E9:22:63:C1:5B:A5:CA
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/pgpJn-J8tJVEa-Z6h-kiY8Fbpco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.8.0/21
37.230.172.0/22
37.230.188.0/22
45.133.96.0/22
46.21.244.0/22
51.250.0.0/17
62.84.112.0/20
84.201.128.0/18
84.252.128.0/20
89.169.128.0/18
89.232.188.0/22
92.255.1.0/24
93.77.160.0/19
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
213.165.192.0/19
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:2d:7f:bc:79:35:aa:6b:48:ec:b7:7c:4b:f2:89:89:7a:87:
fa:c1:41:54:6c:31:65:00:36:a1:3b:7f:fd:10:61:e7:10:2f:
f4:09:18:2c:97:06:49:90:b9:96:4f:7c:4d:6b:98:bf:b9:dd:
75:cb:23:74:68:13:3b:70:a2:10:29:70:06:58:27:1a:06:67:
90:a1:7c:23:42:09:f5:1c:91:23:15:7f:a4:3e:f4:f1:7d:c9:
bd:04:f6:7a:20:de:f6:d3:c8:3c:a3:18:ee:9e:de:01:0c:2e:
ce:79:37:00:e9:9f:31:15:96:8f:1a:1c:e2:c6:d8:8c:e7:03:
b4:e7:1d:5a:1e:0a:80:2b:95:51:3e:f7:e1:ad:bc:4a:27:e0:
3f:89:e0:38:f4:1d:96:cc:04:6d:50:d2:25:8c:69:c3:75:80:
41:1a:bb:67:21:2f:5f:ea:0b:c5:d7:e0:eb:24:23:2d:6d:f1:
c1:6f:93:a8:a0:c8:84:b6:78:ed:ae:95:18:62:e4:6c:cc:98:
4d:22:c5:33:2e:f9:8e:86:c4:b6:60:3c:8d:29:be:3a:1a:63:
5f:f2:d8:f8:04:97:81:2e:6d:49:c9:2b:a3:a4:64:4b:2f:30:
57:b2:7a:e1:a7:2e:25:81:f4:13:04:37:58:37:e9:5b:d2:10:
17:cc:57:c7
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZc1EtuX44AiWgr12dHMOiHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjUwNjAzMDkxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBhNDk5ZmUyN2NiNDk1NDQ2YmU2N2E4N2U5MjI2M2MxNWJhNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi29M/cbFrQTPIfDWdl7GTYegyUqS
njU2Nv1IrqYYTesLIlrrIPIpsYWk3cOuLRS6uXmTi38JTNBIQGG6z6yVSL3tIMxY
XnDjxfHx8WK4kENAu/lCyjH4BbYcGnvWvYWYEY/48DKy68ul1jyvCutchzKOJSs7
/hg7vvLLAk0QWDSXBYCSwCTCR20QQhWSg2pwIk9o8JxtnLYCtXPE7dOnnN0YuhPA
qXpvgyP7biKCDFeFnF/Y88K2K3GlnWfGKbG5cRrQAoOFEqdoEjnxePKjthNY94QZ
MjkCzL26FRuHzB8SQnRKCav6SZ1v639Ko8hR4F++uOYXdiyKncrP9YulJwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFKYKSZ/ifLSVRGvmeofpImPBW6XKMB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvcGdwSm4tSjh0SlZFYS1aNmgta2lZOEZicGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBigQCAAEwgYMDBAMf
LAgDBAIl5qwDBAIl5rwDBAIthWADBAIuFfQDBAcz+gADBAQ+VHADBAZUyYADBARU
/IADBAZZqYADBAJZ6LwDBABc/wEDBAVdTaADBAWCwSADAwCeoAMEBrKawAMEArnO
pAMEAbnYwgMEAsEg2AMEBdWlwAMEBNkc4AMEA9nGqDANBAIAAjAHAwUDKg3WwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKi1/vHk1qmtI7Ld8S/KJiXqH+sFBVGwxZQA2oTt/
/RBh5xAv9AkYLJcGSZC5lk98TWuYv7nddcsjdGgTO3CiEClwBlgnGgZnkKF8I0IJ
9RyRIxV/pD708X3JvQT2eiDe9tPIPKMY7p7eAQwuznk3AOmfMRWWjxoc4sbYjOcD
tOcdWh4KgCuVUT734a28SifgP4ngOPQdlswEbVDSJYxpw3WAQRq7ZyEvX+oLxdfg
6yQjLW3xwW+TqKDIhLZ47a6VGGLkbMyYTSLFMy75jobEtmA8jSm+OhpjX/LY+ASX
gS5tSckro6RkSy8wV7J64acuJYH0EwQ3WDfpW9IQF8xXxw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:34:35 2025 by rpki-client