Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iffBNGB1d4_Fz9L3g5gvLIbDCb4.roa
File: iffBNGB1d4_Fz9L3g5gvLIbDCb4.roa (raw, json)
Hash identifier: NOsjXS9SepKZn+NriJeU39+hZ/OyZsyIp1Z3ksLILAs=
Subject key identifier: 89:F7:C1:34:60:75:77:8F:C5:CF:D2:F7:83:98:2F:2C:86:C3:09:BE
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0196F156A8C7FBDFCAFBA984304628778139
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iffBNGB1d4_Fz9L3g5gvLIbDCb4.roa
Signing time: Wed 21 May 2025 05:35:10 +0000
ROA not before: Wed 21 May 2025 05:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
85.115.211.0/24 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.68.0/24 maxlen: 24
213.145.70.0/23 maxlen: 24
213.145.71.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 May 2025 14:57:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:56:a8:c7:fb:df:ca:fb:a9:84:30:46:28:77:81:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: May 21 05:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89f7c1346075778fc5cfd2f783982f2c86c309be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:14:45:08:50:3b:0f:fb:8e:eb:54:f8:f1:85:
d7:8b:1c:9b:ea:8e:1c:4c:c5:2c:10:e3:44:d2:8b:
99:6b:c6:1a:1b:92:ee:77:fb:bc:67:11:40:62:ce:
5a:75:e8:ab:11:f2:d5:85:82:d0:86:c2:70:dd:0c:
f7:be:b9:40:21:ad:ee:e4:4c:27:3d:3c:44:87:d6:
53:a7:3b:aa:f1:99:76:f4:4a:f2:1c:6e:91:b9:e7:
a5:6a:68:6c:cc:86:3c:4a:ca:1d:77:aa:d6:5a:5b:
81:45:d7:c1:70:b4:43:46:40:9f:df:c2:92:88:35:
f1:7e:f5:48:fa:6b:24:df:83:d6:b5:b7:08:1d:bd:
ec:ff:6a:83:5d:51:27:3d:ea:23:f5:02:c2:b5:64:
81:e8:f3:73:f4:b6:e0:62:a1:bc:2b:07:27:9f:67:
70:8f:27:b4:3f:cf:ad:98:76:a8:54:69:a2:bb:64:
f2:59:06:10:17:49:67:fd:92:83:de:c5:0d:81:84:
03:12:8f:a0:31:2e:b5:88:8f:ba:00:c3:90:1f:f2:
b2:5c:9d:01:24:58:3a:a4:c5:40:32:cb:bc:ed:f5:
ef:41:b5:bd:44:54:90:64:fe:2e:07:62:83:c4:08:
94:81:53:a3:b6:93:45:c6:94:20:5e:9d:9c:4e:1f:
9b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F7:C1:34:60:75:77:8F:C5:CF:D2:F7:83:98:2F:2C:86:C3:09:BE
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iffBNGB1d4_Fz9L3g5gvLIbDCb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
8d:dc:3b:2d:8a:f4:84:82:66:ad:9d:c7:9e:b2:3f:b1:78:b1:
16:1e:63:55:06:f5:7f:20:f2:ef:66:ff:9c:a5:c4:a3:d5:82:
f4:a2:e6:e2:f1:47:bf:3c:15:bc:d1:0c:36:fc:75:9b:38:81:
8a:cb:22:17:6f:66:31:fa:23:bd:47:41:ec:ef:bd:f7:d0:35:
ee:b6:ac:b6:20:b9:08:ac:3f:f1:1e:3e:1d:76:b0:30:a1:ad:
84:0d:d8:f8:dc:3a:75:a5:a1:74:fc:6f:19:08:8b:a2:7b:a1:
e6:8a:bb:08:f9:49:c2:61:24:02:4c:6c:bf:ad:38:7f:1b:4c:
d5:0a:13:19:b6:4d:da:6d:c8:8b:32:39:e4:dd:d0:b6:9b:ac:
9a:29:5a:f2:86:94:f4:38:2a:73:25:1b:aa:26:4c:27:a4:17:
fc:b0:8a:25:c0:b2:80:cc:7e:85:bc:7b:f6:5c:b6:cd:8a:ee:
8a:b3:88:1e:b9:41:cd:ff:dd:17:0a:93:af:7e:f7:44:1a:59:
e8:62:f5:6c:ee:4c:04:50:0d:6c:6e:ec:b7:d8:99:17:55:4d:
4e:b2:49:12:a7:d0:f2:c9:cd:33:40:6b:53:9b:6c:63:42:e8:
7f:59:07:c2:76:3e:b6:ef:bf:c8:4b:51:d8:c1:80:d7:e1:24:
26:e2:94:28
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZbxVqjH+9/K+6mEMEYod4E5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwNTIxMDUzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWY3YzEzNDYwNzU3NzhmYzVjZmQyZjc4Mzk4MmYyYzg2YzMwOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRRFCFA7D/uO61T48YXXixyb6o4c
TMUsEONE0ouZa8YaG5Lud/u8ZxFAYs5adeirEfLVhYLQhsJw3Qz3vrlAIa3u5Ewn
PTxEh9ZTpzuq8Zl29EryHG6RueelamhszIY8Ssodd6rWWluBRdfBcLRDRkCf38KS
iDXxfvVI+msk34PWtbcIHb3s/2qDXVEnPeoj9QLCtWSB6PNz9LbgYqG8Kwcnn2dw
jye0P8+tmHaoVGmiu2TyWQYQF0ln/ZKD3sUNgYQDEo+gMS61iI+6AMOQH/KyXJ0B
JFg6pMVAMsu87fXvQbW9RFSQZP4uB2KDxAiUgVOjtpNFxpQgXp2cTh+b/QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIn3wTRgdXePxc/S94OYLyyGwwm+MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvaWZmQk5HQjFkNF9GejlMM2c1Z3ZMSWJEQ2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOCAQEAjdw7
LYr0hIJmrZ3HnrI/sXixFh5jVQb1fyDy72b/nKXEo9WC9KLm4vFHvzwVvNEMNvx1
mziBissiF29mMfojvUdB7O+999A17rastiC5CKw/8R4+HXawMKGthA3Y+Nw6daWh
dPxvGQiLonuh5oq7CPlJwmEkAkxsv604fxtM1QoTGbZN2m3IizI55N3Qtpusmila
8oaU9DgqcyUbqiZMJ6QX/LCKJcCygMx+hbx79ly2zYruirOIHrlBzf/dFwqTr373
RBpZ6GL1bO5MBFANbG7st9iZF1VNTrJJEqfQ8snNM0BrU5tsY0Lof1kHwnY+tu+/
yEtR2MGA1+EkJuKUKA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:07:28 2025 by rpki-client