Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8ceGFeavxzgA5_qtJf_tzxPkCdU.roa
File: 8ceGFeavxzgA5_qtJf_tzxPkCdU.roa (raw, json)
Hash identifier: SdF7/F++pugE6cdWZf4hHmUhpb3cUufJVYoZ9ZkR1Tk=
Subject key identifier: F1:C7:86:15:E6:AF:C7:38:00:E7:FA:AD:25:FF:ED:CF:13:E4:09:D5
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01969BFF6E06CFA40CE10E6CF9C111CFA738
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8ceGFeavxzgA5_qtJf_tzxPkCdU.roa
Signing time: Sun 04 May 2025 15:52:10 +0000
ROA not before: Sun 04 May 2025 15:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.109.45.0/24 maxlen: 24
147.185.196.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.197.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
207.244.208.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 09:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9b:ff:6e:06:cf:a4:0c:e1:0e:6c:f9:c1:11:cf:a7:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: May 4 15:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1c78615e6afc73800e7faad25ffedcf13e409d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:11:66:c2:63:c4:4f:39:89:05:ae:6f:1c:46:
7c:4c:84:fd:c3:af:a4:ff:af:9b:29:7b:99:7a:0d:
da:ec:05:8a:14:20:74:cd:a1:da:30:cd:74:67:1f:
aa:b5:b0:a4:df:1c:3f:09:0b:3d:3a:b7:c9:b9:15:
05:42:eb:2a:fa:30:ee:6a:7f:a7:36:7c:56:8e:a4:
78:5b:53:7d:5b:03:1b:7b:bb:79:06:d7:7b:96:dd:
ed:bc:9b:a4:af:68:ee:3f:47:97:ce:c3:2d:ea:d3:
1b:5a:2b:8b:82:ab:5d:2f:18:8e:ff:c4:52:36:83:
86:10:9a:bf:f3:3f:2f:b8:9b:82:21:d9:b0:6c:7a:
45:f8:f2:66:bd:2d:dd:d4:66:ed:5a:ba:b5:96:73:
36:4f:f2:46:99:b1:af:bb:97:59:c5:8b:3f:d8:2c:
00:4a:e8:00:57:b6:ad:d0:39:f0:5c:0d:a7:6c:97:
87:8a:ea:27:bb:f6:9e:c2:8c:21:20:73:01:d0:18:
16:ad:57:a2:b6:7e:0c:81:21:e7:d7:5a:48:ab:52:
2c:ff:2f:73:c3:ac:05:c7:de:2b:15:08:7d:f2:82:
a9:2b:da:68:ed:3a:74:b7:32:bb:bd:73:8d:ce:a6:
66:b7:09:b4:4d:5c:a1:d6:9b:d9:5c:db:45:fb:1f:
b2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C7:86:15:E6:AF:C7:38:00:E7:FA:AD:25:FF:ED:CF:13:E4:09:D5
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8ceGFeavxzgA5_qtJf_tzxPkCdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.45.0/24
147.185.196.0/24
193.168.203.0/24
207.244.197.0-207.244.198.255
207.244.208.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:48:8a:8c:8d:22:2b:5b:3b:bb:ee:cb:e1:af:88:5c:d0:09:
77:a4:04:0c:93:0f:8e:43:2b:7e:98:3d:1d:ee:2b:e6:86:e8:
b9:90:cb:ee:ce:c3:35:88:86:5d:df:ee:1c:01:d7:ce:d8:44:
6a:6a:86:43:87:5f:46:fd:2d:a5:ed:fd:6c:84:9c:c2:ca:ca:
5f:b4:cc:1c:12:41:fa:6e:6e:ad:13:9a:92:4e:d7:06:61:19:
11:c2:9a:cb:84:c7:dc:b2:44:26:56:a6:4b:f5:35:d4:7d:2d:
fb:cc:c1:50:89:e9:fc:e2:f7:27:11:f4:d0:f6:a4:5e:2b:b1:
7f:8a:9f:6d:08:3e:c4:d0:a5:0b:f5:f2:ba:e0:76:9a:cb:71:
c6:69:fd:77:e7:6f:5d:4d:f2:1a:a1:d7:c3:69:1a:25:56:52:
61:92:bd:1e:de:44:d3:4e:dd:bd:36:ff:46:1a:00:3c:76:14:
f1:a6:d4:7c:3b:50:a8:af:5f:9a:ab:ce:0c:a8:c3:0d:21:99:
7c:a2:8f:ea:94:4c:93:b7:04:ce:28:5c:c2:67:66:b7:50:f9:
d0:56:01:79:39:72:3c:14:d2:55:b4:71:16:32:c2:8f:3c:c5:
29:cb:ec:7b:03:16:e0:54:ec:55:27:9d:82:43:f7:68:f1:69:
40:4e:a6:67
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZab/24Gz6QM4Q5s+cERz6c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNTA0MTU1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWM3ODYxNWU2YWZjNzM4MDBlN2ZhYWQyNWZmZWRjZjEzZTQwOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RFmwmPETzmJBa5vHEZ8TIT9w6+k
/6+bKXuZeg3a7AWKFCB0zaHaMM10Zx+qtbCk3xw/CQs9OrfJuRUFQusq+jDuan+n
NnxWjqR4W1N9WwMbe7t5Btd7lt3tvJukr2juP0eXzsMt6tMbWiuLgqtdLxiO/8RS
NoOGEJq/8z8vuJuCIdmwbHpF+PJmvS3d1GbtWrq1lnM2T/JGmbGvu5dZxYs/2CwA
SugAV7at0DnwXA2nbJeHiuonu/aewowhIHMB0BgWrVeitn4MgSHn11pIq1Is/y9z
w6wFx94rFQh98oKpK9po7Tp0tzK7vXONzqZmtwm0TVyh1pvZXNtF+x+yRwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPHHhhXmr8c4AOf6rSX/7c8T5AnVMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvOGNlR0ZlYXZ4emdBNV9xdEpmX3R6eFBrQ2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW20tAwQA
k7nEAwQAwajLMAwDBADP9MUDBADP9MYDBAHP9NAwDQYJKoZIhvcNAQELBQADggEB
AH5IioyNIitbO7vuy+GviFzQCXekBAyTD45DK36YPR3uK+aG6LmQy+7OwzWIhl3f
7hwB187YRGpqhkOHX0b9LaXt/WyEnMLKyl+0zBwSQfpubq0TmpJO1wZhGRHCmsuE
x9yyRCZWpkv1NdR9LfvMwVCJ6fzi9ycR9ND2pF4rsX+Kn20IPsTQpQv18rrgdprL
ccZp/Xfnb11N8hqh18NpGiVWUmGSvR7eRNNO3b02/0YaADx2FPGm1Hw7UKivX5qr
zgyoww0hmXyij+qUTJO3BM4oXMJnZrdQ+dBWAXk5cjwU0lW0cRYywo88xSnL7HsD
FuBU7FUnnYJD92jxaUBOpmc=
-----END CERTIFICATE-----
Generated at Mon May 12 19:09:56 2025 by rpki-client