Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/d7xOYTNhDI50RoPaPCkiHp-hJ78.roa
File: d7xOYTNhDI50RoPaPCkiHp-hJ78.roa (raw, json)
Hash identifier: 4/Wk9JZwHs2BgqJTy11AtLh6VlZbbt3O1m/hW69E1lU=
Subject key identifier: 77:BC:4E:61:33:61:0C:8E:74:46:83:DA:3C:29:22:1E:9F:A1:27:BF
Certificate issuer: /CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Certificate serial: 01963900B7715F9D911D395BC8BC204A323F
Authority key identifier: 87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/d7xOYTNhDI50RoPaPCkiHp-hJ78.roa
Signing time: Tue 15 Apr 2025 10:31:10 +0000
ROA not before: Tue 15 Apr 2025 10:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132839
IP address blocks: 2.59.100.0/22 maxlen: 22
2.59.100.0/24 maxlen: 24
2.59.101.0/24 maxlen: 24
2.59.102.0/24 maxlen: 24
2.59.103.0/24 maxlen: 24
45.8.29.0/24 maxlen: 24
45.8.30.0/24 maxlen: 24
45.9.108.0/24 maxlen: 24
45.9.110.0/24 maxlen: 24
45.9.111.0/24 maxlen: 24
45.10.208.0/22 maxlen: 22
45.13.160.0/22 maxlen: 22
45.13.160.0/24 maxlen: 24
45.66.188.0/22 maxlen: 22
45.66.188.0/24 maxlen: 24
45.66.189.0/24 maxlen: 24
45.66.190.0/24 maxlen: 24
45.66.191.0/24 maxlen: 24
45.87.228.0/22 maxlen: 22
45.87.231.0/24 maxlen: 24
45.93.64.0/22 maxlen: 22
45.93.64.0/24 maxlen: 24
45.93.65.0/24 maxlen: 24
45.93.66.0/24 maxlen: 24
45.93.67.0/24 maxlen: 24
45.131.156.0/22 maxlen: 22
45.131.156.0/24 maxlen: 24
45.131.157.0/24 maxlen: 24
45.131.158.0/24 maxlen: 24
45.131.159.0/24 maxlen: 24
45.142.76.0/22 maxlen: 22
45.142.79.0/24 maxlen: 24
45.147.212.0/22 maxlen: 22
45.147.215.0/24 maxlen: 24
45.149.68.0/22 maxlen: 22
45.149.68.0/24 maxlen: 24
45.149.69.0/24 maxlen: 24
45.156.168.0/22 maxlen: 22
45.156.169.0/24 maxlen: 24
45.156.171.0/24 maxlen: 24
45.156.216.0/22 maxlen: 22
45.158.220.0/22 maxlen: 22
45.158.221.0/24 maxlen: 24
45.158.223.0/24 maxlen: 24
62.192.188.0/22 maxlen: 22
62.192.188.0/24 maxlen: 24
62.192.189.0/24 maxlen: 24
62.192.190.0/24 maxlen: 24
62.192.191.0/24 maxlen: 24
83.150.224.0/22 maxlen: 22
83.150.224.0/24 maxlen: 24
83.150.225.0/24 maxlen: 24
85.208.56.0/22 maxlen: 22
85.208.56.0/24 maxlen: 24
85.208.57.0/24 maxlen: 24
85.208.58.0/24 maxlen: 24
85.208.59.0/24 maxlen: 24
92.118.144.0/22 maxlen: 22
92.118.144.0/24 maxlen: 24
92.118.145.0/24 maxlen: 24
92.118.146.0/24 maxlen: 24
92.118.147.0/24 maxlen: 24
185.51.164.0/22 maxlen: 22
185.51.164.0/24 maxlen: 24
185.51.167.0/24 maxlen: 24
193.42.15.0/24 maxlen: 24
193.42.132.0/24 maxlen: 24
193.42.135.0/24 maxlen: 24
193.42.149.0/24 maxlen: 24
193.108.46.0/23 maxlen: 23
193.108.96.0/23 maxlen: 23
193.164.222.0/23 maxlen: 23
193.168.4.0/23 maxlen: 23
194.146.84.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 15 Apr 2025 10:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:00:b7:71:5f:9d:91:1d:39:5b:c8:bc:20:4a:32:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Validity
Not Before: Apr 15 10:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77bc4e6133610c8e744683da3c29221e9fa127bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0b:44:5d:e9:33:b3:45:33:b4:2d:28:d3:37:
bb:e3:a2:57:c7:fd:7a:ca:07:1f:0a:ba:c4:8a:9d:
02:96:f3:88:99:cc:0d:11:8a:4a:35:33:52:05:bd:
fb:f9:2a:06:cc:19:46:24:b9:0d:21:61:62:e3:96:
ef:2c:bf:32:7d:a3:5e:88:2b:5b:9e:23:5e:08:ca:
62:8f:47:4b:7f:36:8d:7e:05:28:f7:0f:90:f6:44:
34:61:b9:f8:37:2c:e1:72:38:4b:88:da:73:b5:3a:
9d:88:12:ff:de:fe:9c:5a:02:7f:4f:f6:95:95:56:
d2:e2:fa:12:da:c6:3d:13:34:61:43:6f:bc:7c:67:
02:0a:9b:33:34:fd:7b:ef:48:92:98:7b:53:c5:92:
54:37:02:c5:25:29:16:49:3d:7c:c5:54:d3:0b:26:
26:a6:4d:b8:14:a1:0d:87:94:d9:d7:da:32:74:33:
b3:83:bf:33:50:81:18:2f:0c:90:1e:b1:32:2a:59:
b6:e6:1a:ae:24:27:1b:e9:e1:2b:4f:85:ad:32:d3:
90:cf:d1:3d:cd:e7:d5:38:15:f1:8e:07:ee:29:6a:
97:6b:bd:5c:5c:b1:fe:0b:c2:5c:68:6b:11:5e:98:
46:a4:9f:b3:c5:de:d4:98:47:4c:f7:c1:af:86:a8:
9a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BC:4E:61:33:61:0C:8E:74:46:83:DA:3C:29:22:1E:9F:A1:27:BF
X509v3 Authority Key Identifier:
keyid:87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/d7xOYTNhDI50RoPaPCkiHp-hJ78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.100.0/22
45.8.29.0-45.8.30.255
45.9.108.0/24
45.9.110.0/23
45.10.208.0/22
45.13.160.0/22
45.66.188.0/22
45.87.228.0/22
45.93.64.0/22
45.131.156.0/22
45.142.76.0/22
45.147.212.0/22
45.149.68.0/22
45.156.168.0/22
45.156.216.0/22
45.158.220.0/22
62.192.188.0/22
83.150.224.0/22
85.208.56.0/22
92.118.144.0/22
185.51.164.0/22
193.42.15.0/24
193.42.132.0/24
193.42.135.0/24
193.42.149.0/24
193.108.46.0/23
193.108.96.0/23
193.164.222.0/23
193.168.4.0/23
194.146.84.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:c2:3d:b6:37:8a:56:9e:b5:ec:ad:3a:f1:77:ee:a3:0b:a7:
15:7b:41:e2:33:90:7b:88:bb:be:4d:78:77:56:86:ec:16:c5:
58:3d:b1:ff:a9:4b:70:1b:9a:9f:ba:31:03:0a:d2:e9:10:5d:
e4:08:b2:6f:b9:1a:6e:64:64:45:b3:e5:4f:d7:48:79:cf:d8:
3b:5c:58:e5:78:03:23:dc:d1:e7:74:e3:f1:76:fd:13:dc:9a:
dc:12:17:8a:6e:67:bb:f9:a1:f5:d5:3b:48:21:0f:a8:33:1c:
32:7a:44:d7:5f:d6:27:58:d9:bc:39:03:9e:0b:df:6c:c6:33:
d2:c2:65:ee:a5:d2:8c:b4:e6:b7:e4:eb:da:01:b9:bc:d4:c6:
31:11:13:18:16:27:da:e5:11:44:b8:de:c7:60:9a:34:1f:6b:
63:94:be:ba:da:30:37:80:e4:98:f0:b8:bf:a8:d1:37:8a:3d:
03:69:da:5f:e0:4d:73:17:82:dd:a9:88:64:28:11:79:85:17:
a0:cb:94:b8:6c:af:42:0f:b1:21:34:c7:50:c5:5d:bc:2e:f5:
fd:36:7d:79:11:45:81:e6:11:37:e0:1d:28:41:a8:a9:5b:25:
bd:d7:6b:e9:6c:2e:6d:88:ac:6a:1c:fc:72:cb:17:98:81:87:
ed:5e:71:43
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZY5ALdxX52RHTlbyLwgSjI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGFiYjI5OTc3YTY1YjE0MGNhY2I2ZTcyYWIyNGNlZGRk
NGU4YzUwHhcNMjUwNDE1MTAzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JjNGU2MTMzNjEwYzhlNzQ0NjgzZGEzYzI5MjIxZTlmYTEyN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wtEXekzs0UztC0o0ze746JXx/16
ygcfCrrEip0ClvOImcwNEYpKNTNSBb37+SoGzBlGJLkNIWFi45bvLL8yfaNeiCtb
niNeCMpij0dLfzaNfgUo9w+Q9kQ0Ybn4NyzhcjhLiNpztTqdiBL/3v6cWgJ/T/aV
lVbS4voS2sY9EzRhQ2+8fGcCCpszNP1770iSmHtTxZJUNwLFJSkWST18xVTTCyYm
pk24FKENh5TZ19oydDOzg78zUIEYLwyQHrEyKlm25hquJCcb6eErT4WtMtOQz9E9
zefVOBXxjgfuKWqXa71cXLH+C8JcaGsRXphGpJ+zxd7UmEdM98GvhqiaNwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFHe8TmEzYQyOdEaD2jwpIh6foSe/MB8GA1UdIwQY
MBaAFIeKuymXemWxQMrLbnKrJM7d1OjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2Et
YWM4NjQ3ZDA1NThhLzEvZDd4T1lUTmhESTUwUm9QYVBDa2lIcC1oSjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2EtYWM4NjQ3ZDA1NThh
LzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAIC
O2QwDAMEAC0IHQMEAC0IHgMEAC0JbAMEAS0JbgMEAi0K0AMEAi0NoAMEAi1CvAME
Ai1X5AMEAi1dQAMEAi2DnAMEAi2OTAMEAi2T1AMEAi2VRAMEAi2cqAMEAi2c2AME
Ai2e3AMEAj7AvAMEAlOW4AMEAlXQOAMEAlx2kAMEArkzpAMEAMEqDwMEAMEqhAME
AMEqhwMEAMEqlQMEAcFsLgMEAcFsYAMEAcGk3gMEAcGoBAMEAsKSVDANBgkqhkiG
9w0BAQsFAAOCAQEAt8I9tjeKVp617K068XfuowunFXtB4jOQe4i7vk14d1aG7BbF
WD2x/6lLcBuan7oxAwrS6RBd5Aiyb7kabmRkRbPlT9dIec/YO1xY5XgDI9zR53Tj
8Xb9E9ya3BIXim5nu/mh9dU7SCEPqDMcMnpE11/WJ1jZvDkDngvfbMYz0sJl7qXS
jLTmt+Tr2gG5vNTGMRETGBYn2uURRLjex2CaNB9rY5S+utowN4DkmPC4v6jRN4o9
A2naX+BNcxeC3amIZCgReYUXoMuUuGyvQg+xITTHUMVdvC71/TZ9eRFFgeYRN+Ad
KEGoqVslvddr6WwubYisahz8cssXmIGH7V5xQw==
-----END CERTIFICATE-----
Generated at Fri May 9 22:06:16 2025 by rpki-client