Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/d3jnevvO7yD7yq4aXH9tWaCj3tY.roa
File: d3jnevvO7yD7yq4aXH9tWaCj3tY.roa (raw, json)
Hash identifier: EvYHor172/t8WMihBgd/fzB279Yn4599ijqphm/zmRk=
Subject key identifier: 77:78:E7:7A:FB:CE:EF:20:FB:CA:AE:1A:5C:7F:6D:59:A0:A3:DE:D6
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 019633C470A0D7A2CCCB2657F805CD7CD8FF
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/d3jnevvO7yD7yq4aXH9tWaCj3tY.roa
Signing time: Mon 14 Apr 2025 10:07:13 +0000
ROA not before: Mon 14 Apr 2025 10:07:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 46.254.0.0/21 maxlen: 24
62.249.192.0/18 maxlen: 18
78.32.0.0/15 maxlen: 15
79.143.144.0/20 maxlen: 20
81.31.96.0/19 maxlen: 19
84.45.128.0/17 maxlen: 17
87.127.0.0/16 maxlen: 16
109.224.160.0/19 maxlen: 19
156.67.240.0/20 maxlen: 24
185.81.192.0/22 maxlen: 24
185.101.148.0/22 maxlen: 24
185.129.72.0/22 maxlen: 24
185.220.12.0/22 maxlen: 22
188.39.0.0/16 maxlen: 16
195.74.96.0/19 maxlen: 19
2001:4d48::/29 maxlen: 29
2001:4d48::/32 maxlen: 32
2a05:8940::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Apr 2025 11:13:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:c4:70:a0:d7:a2:cc:cb:26:57:f8:05:cd:7c:d8:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Apr 14 10:07:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7778e77afbceef20fbcaae1a5c7f6d59a0a3ded6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b5:c4:25:c0:f9:60:7c:c6:39:67:22:23:90:
08:61:36:1b:0d:17:f5:79:de:e1:74:5f:3c:f4:74:
9e:a4:14:dd:05:bd:c6:7f:79:e7:31:9f:d7:6e:c8:
f0:23:1c:79:c5:aa:bb:92:c2:7b:71:8a:ad:84:e1:
a3:bc:13:fa:5e:40:9b:56:24:2d:00:8c:d5:8e:7b:
66:59:f7:07:64:54:02:b1:41:49:a8:0e:d0:c7:1a:
31:5d:a7:3c:27:ce:8d:c5:ec:c0:a4:a6:e1:3e:50:
8e:db:96:3f:f5:b5:f7:94:ac:db:2a:4a:10:94:33:
3b:19:9c:d7:5f:ab:7d:c5:9f:54:b6:85:eb:7b:d2:
73:b3:96:cd:b4:54:8d:c1:46:a5:ac:57:0d:c1:d6:
31:55:a5:e7:aa:4e:ba:b9:08:ea:e1:f1:c8:14:98:
cc:77:10:62:16:ab:97:7e:51:f6:c4:a4:e4:02:fc:
12:40:dc:d2:c7:0d:b1:0d:52:5b:e4:0f:f4:46:43:
61:1d:ce:ff:c8:d3:c9:a3:9e:f7:3d:a3:2f:f8:5c:
4d:20:8f:a3:af:a8:38:65:21:3d:fe:fe:5a:ae:18:
8d:98:d3:75:c2:d8:ef:07:55:ec:52:40:98:c2:a0:
48:04:f4:29:51:19:86:99:4a:38:df:d9:25:c1:94:
b4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:78:E7:7A:FB:CE:EF:20:FB:CA:AE:1A:5C:7F:6D:59:A0:A3:DE:D6
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/d3jnevvO7yD7yq4aXH9tWaCj3tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.0.0/21
62.249.192.0/18
78.32.0.0/15
79.143.144.0/20
81.31.96.0/19
84.45.128.0/17
87.127.0.0/16
109.224.160.0/19
156.67.240.0/20
185.81.192.0/22
185.101.148.0/22
185.129.72.0/22
185.220.12.0/22
188.39.0.0/16
195.74.96.0/19
IPv6:
2001:4d48::/29
2a05:8940::/29
Signature Algorithm: sha256WithRSAEncryption
9d:25:6d:8f:13:4f:79:f1:b0:72:2c:35:e9:0b:54:82:eb:72:
db:74:2d:11:ca:90:bd:e5:96:6a:57:cf:97:cd:96:e8:39:0a:
af:fd:2f:a6:43:39:57:0f:7c:c3:b9:4a:60:80:56:a4:94:f6:
35:37:be:a3:e9:35:98:67:28:09:3b:dd:db:21:26:ec:c8:f2:
a4:1e:5b:4e:9b:2a:12:d9:65:c2:90:87:6d:c4:8b:18:9f:19:
3c:4b:0e:0e:d8:7c:af:33:33:c4:3e:86:5d:10:07:59:67:85:
ab:ce:de:4c:51:fa:31:d7:c7:7c:63:c6:67:d2:cc:8f:0d:24:
f6:d8:2b:21:94:60:32:42:92:15:52:83:71:cd:48:c1:2e:96:
19:dc:9a:62:d6:69:9f:63:68:82:14:ad:cd:6c:bd:31:2f:20:
2b:8b:20:93:83:40:41:50:dc:37:33:0f:b0:8f:67:4c:7b:03:
ab:90:f5:ee:f4:01:36:c5:cd:2e:a7:14:65:1f:a4:a2:3b:94:
b0:02:b3:d9:6c:1d:8f:63:4f:d0:3f:aa:81:e7:e6:40:16:2a:
5b:ac:62:7a:1e:67:85:8a:5a:db:a1:17:cb:3f:f6:50:83:e9:
1f:ef:48:6d:16:1c:df:d9:55:89:f5:cc:3e:30:be:21:40:02:
32:70:cf:86
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZYzxHCg16LMyyZX+AXNfNj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjUwNDE0MTAwNzEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzc4ZTc3YWZiY2VlZjIwZmJjYWFlMWE1YzdmNmQ1OWEwYTNkZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbXEJcD5YHzGOWciI5AIYTYbDRf1
ed7hdF889HSepBTdBb3Gf3nnMZ/XbsjwIxx5xaq7ksJ7cYqthOGjvBP6XkCbViQt
AIzVjntmWfcHZFQCsUFJqA7QxxoxXac8J86NxezApKbhPlCO25Y/9bX3lKzbKkoQ
lDM7GZzXX6t9xZ9UtoXre9Jzs5bNtFSNwUalrFcNwdYxVaXnqk66uQjq4fHIFJjM
dxBiFquXflH2xKTkAvwSQNzSxw2xDVJb5A/0RkNhHc7/yNPJo573PaMv+FxNII+j
r6g4ZSE9/v5arhiNmNN1wtjvB1XsUkCYwqBIBPQpURmGmUo439klwZS0GwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFHd453r7zu8g+8quGlx/bVmgo97WMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvZDNqbmV2dk83eUQ3eXE0YVhIOXRXYUNqM3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwXQQCAAEwVwMEAy7+AAME
Bj75wAMDAU4gAwQET4+QAwQFUR9gAwQHVC2AAwMAV38DBAVt4KADBAScQ/ADBAK5
UcADBAK5ZZQDBAK5gUgDBAK53AwDAwC8JwMEBcNKYDAUBAIAAjAOAwUDIAFNSAMF
AyoFiUAwDQYJKoZIhvcNAQELBQADggEBAJ0lbY8TT3nxsHIsNekLVILrctt0LRHK
kL3llmpXz5fNlug5Cq/9L6ZDOVcPfMO5SmCAVqSU9jU3vqPpNZhnKAk73dshJuzI
8qQeW06bKhLZZcKQh23EixifGTxLDg7YfK8zM8Q+hl0QB1lnhavO3kxR+jHXx3xj
xmfSzI8NJPbYKyGUYDJCkhVSg3HNSMEulhncmmLWaZ9jaIIUrc1svTEvICuLIJOD
QEFQ3DczD7CPZ0x7A6uQ9e70ATbFzS6nFGUfpKI7lLACs9lsHY9jT9A/qoHn5kAW
KlusYnoeZ4WKWtuhF8s/9lCD6R/vSG0WHN/ZVYn1zD4wviFAAjJwz4Y=
-----END CERTIFICATE-----
Generated at Tue May 13 04:49:16 2025 by rpki-client