Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/z_sbJxHFEnfOvaD-t5idAJ2GLe8.roa
File: z_sbJxHFEnfOvaD-t5idAJ2GLe8.roa (raw, json)
Hash identifier: KPF+VtSOFCFtUSKvtkJQbiQXB+aqzeElxHuFZSkIl8I=
Subject key identifier: CF:FB:1B:27:11:C5:12:77:CE:BD:A0:FE:B7:98:9D:00:9D:86:2D:EF
Certificate issuer: /CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Certificate serial: 01969015CF5D0FFD99D3AF02FDB644825C54
Authority key identifier: 8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/z_sbJxHFEnfOvaD-t5idAJ2GLe8.roa
Signing time: Fri 02 May 2025 08:21:10 +0000
ROA not before: Fri 02 May 2025 08:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30742
IP address blocks: 2.59.32.0/22 maxlen: 24
2.59.33.0/24 maxlen: 24
2.59.34.0/24 maxlen: 24
2.59.35.0/24 maxlen: 24
80.245.132.0/22 maxlen: 24
80.245.136.0/21 maxlen: 24
82.198.192.0/19 maxlen: 24
176.118.180.0/22 maxlen: 24
176.118.180.0/24 maxlen: 24
176.118.181.0/24 maxlen: 24
176.118.182.0/24 maxlen: 24
176.118.183.0/24 maxlen: 24
185.43.24.0/22 maxlen: 24
185.48.224.0/22 maxlen: 24
185.106.184.0/22 maxlen: 23
185.115.80.0/22 maxlen: 24
185.139.112.0/22 maxlen: 24
192.145.112.0/22 maxlen: 24
193.176.72.0/22 maxlen: 24
194.146.0.0/22 maxlen: 24
2a01:9b60::/32 maxlen: 32
2a03:9980::/29 maxlen: 32
2a03:9980::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 02 May 2025 11:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:15:cf:5d:0f:fd:99:d3:af:02:fd:b6:44:82:5c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Validity
Not Before: May 2 08:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cffb1b2711c51277cebda0feb7989d009d862def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c0:e9:77:9f:46:a4:fc:90:09:c9:4b:0d:49:
7d:40:44:cb:72:6d:8e:34:c1:92:e3:50:41:61:97:
87:fa:0b:bd:a9:a7:c3:6a:bc:61:3c:20:a0:ce:16:
22:aa:1b:12:f9:e4:26:97:ed:1f:cc:e7:52:c8:b6:
e5:26:3e:15:b8:66:e3:81:40:89:64:42:8b:52:4c:
c0:a9:d5:2c:80:8c:0b:80:66:69:1d:6e:f4:ba:94:
a0:75:9f:14:68:d0:30:87:4c:6f:33:97:59:98:cb:
96:58:3c:e3:ad:c6:3a:90:f2:0f:a0:55:f4:ed:a2:
1b:9d:57:17:8c:ba:40:47:f9:99:c5:77:b3:69:89:
00:aa:0b:13:ba:67:bb:ba:13:74:eb:a3:02:d3:87:
2f:54:cf:93:36:41:38:2a:57:b2:c4:50:ed:cb:b6:
25:fb:2b:10:b0:86:35:07:87:ac:b7:86:d2:0d:ff:
bd:c5:73:b5:c4:a0:b1:83:2b:7c:0a:9f:94:1c:33:
c3:76:34:dd:e8:96:36:9c:b4:1b:ca:fc:52:73:45:
e7:62:bf:6c:97:e1:34:eb:94:eb:42:02:a4:88:8f:
30:b6:4b:13:23:f0:d8:9d:52:a7:78:fb:5b:bf:33:
b3:9c:0a:d9:52:c2:07:83:9d:16:6d:6b:65:c1:56:
c0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FB:1B:27:11:C5:12:77:CE:BD:A0:FE:B7:98:9D:00:9D:86:2D:EF
X509v3 Authority Key Identifier:
keyid:8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/z_sbJxHFEnfOvaD-t5idAJ2GLe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/jsSmfb7XRE3dJ-gA-2whATpbEcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.32.0/22
80.245.132.0-80.245.143.255
82.198.192.0/19
176.118.180.0/22
185.43.24.0/22
185.48.224.0/22
185.106.184.0/22
185.115.80.0/22
185.139.112.0/22
192.145.112.0/22
193.176.72.0/22
194.146.0.0/22
IPv6:
2a01:9b60::/32
2a03:9980::/29
Signature Algorithm: sha256WithRSAEncryption
83:d7:37:72:6b:19:3a:ec:47:bb:2f:eb:14:71:1b:a7:2a:15:
72:03:02:60:cf:54:4c:d4:f2:9c:f3:01:eb:cf:0e:3f:3d:9e:
4f:c7:35:4e:f7:2a:04:6c:dd:db:c2:20:88:d3:73:c8:5f:33:
b1:42:05:18:32:5e:28:76:c4:43:a1:f5:11:7a:e4:f8:a1:2f:
19:d2:7d:7a:34:29:59:72:74:a6:94:ec:aa:1c:32:dd:6e:79:
9e:14:5b:63:29:99:8c:ce:e5:65:f3:c3:63:fb:66:d4:3f:b7:
86:f3:49:72:28:f4:f5:4a:b1:d4:f7:52:6e:3c:9b:fd:af:b1:
8c:e4:d1:21:17:fc:c2:ca:71:57:5e:e1:a1:28:6d:3b:79:15:
1d:ba:4c:14:59:ee:6a:dd:37:33:f5:f4:b8:7b:7b:7a:60:69:
87:9f:28:7d:f0:5a:07:a4:c3:76:e1:71:87:30:e9:c7:17:f0:
59:9f:cf:f0:d9:3d:28:d5:0a:69:5c:79:65:4c:f3:85:89:a4:
74:5c:45:7e:6b:9e:4e:3e:f8:62:35:85:f2:dc:69:43:fd:e4:
94:c2:86:ee:1c:e8:66:bd:84:d7:a3:76:98:8d:eb:e8:17:4d:
27:fd:96:da:69:64:ca:69:2e:0e:15:1b:ee:34:28:dd:81:a9:
e9:47:ee:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZaQFc9dD/2Z068C/bZEglxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzRhNjdkYmVkNzQ0NGRkZDI3ZTgwMGZiNmMyMTAxM2E1
YjExYzYwHhcNMjUwNTAyMDgyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmZiMWIyNzExYzUxMjc3Y2ViZGEwZmViNzk4OWQwMDlkODYyZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcDpd59GpPyQCclLDUl9QETLcm2O
NMGS41BBYZeH+gu9qafDarxhPCCgzhYiqhsS+eQml+0fzOdSyLblJj4VuGbjgUCJ
ZEKLUkzAqdUsgIwLgGZpHW70upSgdZ8UaNAwh0xvM5dZmMuWWDzjrcY6kPIPoFX0
7aIbnVcXjLpAR/mZxXezaYkAqgsTume7uhN066MC04cvVM+TNkE4KleyxFDty7Yl
+ysQsIY1B4est4bSDf+9xXO1xKCxgyt8Cp+UHDPDdjTd6JY2nLQbyvxSc0XnYr9s
l+E065TrQgKkiI8wtksTI/DYnVKnePtbvzOznArZUsIHg50WbWtlwVbA/wIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFM/7GycRxRJ3zr2g/reYnQCdhi3vMB8GA1UdIwQY
MBaAFI7Epn2+10RN3SfoAPtsIQE6WxHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMt
MGNlZjUxMmY1MDA5LzEvel9zYkp4SEZFbmZPdmFELXQ1aWRBSjJHTGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMtMGNlZjUxMmY1MDA5
LzEvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQCAjsgMAwD
BAJQ9YQDBARQ9YADBAVSxsADBAKwdrQDBAK5KxgDBAK5MOADBAK5argDBAK5c1AD
BAK5i3ADBALAkXADBALBsEgDBALCkgAwFAQCAAIwDgMFACoBm2ADBQMqA5mAMA0G
CSqGSIb3DQEBCwUAA4IBAQCD1zdyaxk67Ee7L+sUcRunKhVyAwJgz1RM1PKc8wHr
zw4/PZ5PxzVO9yoEbN3bwiCI03PIXzOxQgUYMl4odsRDofUReuT4oS8Z0n16NClZ
cnSmlOyqHDLdbnmeFFtjKZmMzuVl88Nj+2bUP7eG80lyKPT1SrHU91JuPJv9r7GM
5NEhF/zCynFXXuGhKG07eRUdukwUWe5q3Tcz9fS4e3t6YGmHnyh98FoHpMN24XGH
MOnHF/BZn8/w2T0o1QppXHllTPOFiaR0XEV+a55OPvhiNYXy3GlD/eSUwobuHOhm
vYTXo3aYjevoF00n/ZbaaWTKaS4OFRvuNCjdganpR+6F
-----END CERTIFICATE-----
Generated at Tue May 6 13:01:25 2025 by rpki-client