Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/tFxEnxXJwMBTt2mfNUgim9PFWPY.roa
File: tFxEnxXJwMBTt2mfNUgim9PFWPY.roa (raw, json)
Hash identifier: XQRVQp9nqL1TpFGM0AYuYR0P/M91fS2YlAepNvuJ0BE=
Subject key identifier: B4:5C:44:9F:15:C9:C0:C0:53:B7:69:9F:35:48:22:9B:D3:C5:58:F6
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01967B482EDA8E66BCA814973833660E033A
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/tFxEnxXJwMBTt2mfNUgim9PFWPY.roa
Signing time: Mon 28 Apr 2025 07:24:10 +0000
ROA not before: Mon 28 Apr 2025 07:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.68.0/24 maxlen: 24
213.145.70.0/23 maxlen: 24
213.145.71.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.82.0/24 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 05:15:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:48:2e:da:8e:66:bc:a8:14:97:38:33:66:0e:03:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Apr 28 07:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b45c449f15c9c0c053b7699f3548229bd3c558f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:0f:90:9a:74:99:b2:ab:3c:b9:f4:53:07:
cb:b5:6e:f6:ac:9a:06:d0:63:91:d0:66:b1:ff:4b:
e9:bd:f3:d1:29:6c:08:31:61:4b:0d:46:da:98:47:
72:3b:5e:6d:74:f5:e9:eb:a1:c9:18:91:8b:be:63:
67:d4:8c:d4:3d:64:5e:8f:0f:4c:3d:61:6d:26:b8:
e5:4c:c5:4a:84:e4:48:8c:f1:52:34:e8:a1:8d:a5:
c5:f7:b2:af:22:ed:2b:cb:6b:71:2b:0c:ca:48:66:
60:55:9e:46:90:c9:61:bf:c5:45:6b:70:13:5b:5e:
b6:07:88:6d:9f:d7:98:8d:ce:35:ff:2d:f1:6c:89:
89:65:ce:3e:79:e2:4c:7a:9a:c0:d6:94:50:1a:11:
61:27:9f:36:fa:4f:00:87:c1:aa:50:84:52:be:75:
ef:d9:48:28:81:ab:24:92:0c:9c:52:ad:bc:21:c0:
12:f2:5a:08:bd:d0:3e:12:55:7d:f0:36:46:f5:c1:
7a:81:13:f1:c1:f5:e2:69:40:f5:de:79:db:b3:bf:
a8:1a:4b:6c:7a:46:5e:88:b6:14:d5:e7:8a:66:52:
b6:19:dc:32:e3:d5:3b:37:7a:cd:16:2e:97:03:6f:
22:0c:9d:d7:89:87:35:cf:c8:bb:c6:38:c2:d8:91:
2c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:5C:44:9F:15:C9:C0:C0:53:B7:69:9F:35:48:22:9B:D3:C5:58:F6
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/tFxEnxXJwMBTt2mfNUgim9PFWPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
9e:a1:96:23:3c:85:19:72:0b:58:98:27:3c:1a:a8:27:0f:28:
39:b5:33:1c:11:66:d9:da:fa:da:c4:57:25:38:c4:7a:64:58:
d2:c9:fa:ef:02:33:43:2c:57:b7:87:47:cc:83:5b:39:d7:dd:
02:6b:4c:a0:3f:06:eb:35:de:89:cc:86:08:5e:25:f7:c8:ae:
0c:31:cf:cc:ec:97:a4:f8:61:bc:37:5f:42:8d:37:08:c4:34:
01:b7:8a:e8:e7:ba:73:9b:0b:ea:8b:39:f4:c3:69:a6:85:e3:
71:4f:ad:fc:e1:d4:ee:78:7e:fb:d5:09:be:95:4b:be:57:e0:
9f:29:c9:e4:8d:49:b3:c7:e8:f9:99:77:f7:1e:37:a9:fe:88:
46:b7:73:b6:44:cc:08:8b:9b:2a:d3:f0:75:ee:73:0c:03:d1:
1e:fb:fa:3a:37:d9:12:c9:f5:98:cd:3a:87:1e:22:06:15:39:
a8:48:55:79:d7:fa:d5:f0:dd:d4:cd:44:74:cc:de:16:a0:6a:
6b:1b:32:03:dd:c0:ac:21:e9:ad:bd:de:10:47:42:79:3b:af:
3b:fb:95:70:df:b3:fa:d0:de:01:59:47:15:4d:8d:21:4d:66:
82:cc:6d:57:0d:49:7f:b6:17:11:d4:84:9b:7c:65:65:d4:f2:
0e:8d:52:fa
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZZ7SC7ajma8qBSXODNmDgM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwNDI4MDcyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDVjNDQ5ZjE1YzljMGMwNTNiNzY5OWYzNTQ4MjI5YmQzYzU1OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8QPkJp0mbKrPLn0UwfLtW72rJoG
0GOR0Gax/0vpvfPRKWwIMWFLDUbamEdyO15tdPXp66HJGJGLvmNn1IzUPWRejw9M
PWFtJrjlTMVKhORIjPFSNOihjaXF97KvIu0ry2txKwzKSGZgVZ5GkMlhv8VFa3AT
W162B4htn9eYjc41/y3xbImJZc4+eeJMeprA1pRQGhFhJ582+k8Ah8GqUIRSvnXv
2UgogaskkgycUq28IcAS8loIvdA+ElV98DZG9cF6gRPxwfXiaUD13nnbs7+oGkts
ekZeiLYU1eeKZlK2Gdwy49U7N3rNFi6XA28iDJ3XiYc1z8i7xjjC2JEsjwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLRcRJ8VycDAU7dpnzVIIpvTxVj2MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvdEZ4RW54WEp3TUJUdDJtZk5VZ2ltOVBGV1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOCAQEAnqGW
IzyFGXILWJgnPBqoJw8oObUzHBFm2dr62sRXJTjEemRY0sn67wIzQyxXt4dHzINb
OdfdAmtMoD8G6zXeicyGCF4l98iuDDHPzOyXpPhhvDdfQo03CMQ0AbeK6Oe6c5sL
6os59MNppoXjcU+t/OHU7nh++9UJvpVLvlfgnynJ5I1Js8fo+Zl39x43qf6IRrdz
tkTMCIubKtPwde5zDAPRHvv6OjfZEsn1mM06hx4iBhU5qEhVedf61fDd1M1EdMze
FqBqaxsyA93ArCHprb3eEEdCeTuvO/uVcN+z+tDeAVlHFU2NIU1mgsxtVw1Jf7YX
EdSEm3xlZdTyDo1S+g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:49:35 2025 by rpki-client