Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/pylBf9pUhOqewGtSo1BGgn9TvLA.roa
File: pylBf9pUhOqewGtSo1BGgn9TvLA.roa (raw, json)
Hash identifier: fa0V34fqAjGze+MuOUunsSEWIAZssq6VSiMcMvmUYwY=
Subject key identifier: A7:29:41:7F:DA:54:84:EA:9E:C0:6B:52:A3:50:46:82:7F:53:BC:B0
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 0196341C1CC2D0D111F22E6C243FE9475A88
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/pylBf9pUhOqewGtSo1BGgn9TvLA.roa
Signing time: Mon 14 Apr 2025 11:42:59 +0000
ROA not before: Mon 14 Apr 2025 11:42:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 46.254.0.0/21 maxlen: 24
62.249.192.0/18 maxlen: 18
78.32.0.0/15 maxlen: 15
79.143.144.0/20 maxlen: 20
81.31.96.0/19 maxlen: 19
84.45.128.0/17 maxlen: 24
87.127.0.0/16 maxlen: 16
109.224.160.0/19 maxlen: 24
156.67.240.0/20 maxlen: 24
185.81.192.0/22 maxlen: 24
185.101.148.0/22 maxlen: 24
185.129.72.0/22 maxlen: 24
185.220.12.0/22 maxlen: 22
188.39.0.0/16 maxlen: 16
195.74.96.0/19 maxlen: 19
2001:4d48::/29 maxlen: 29
2001:4d48::/32 maxlen: 32
2a05:8940::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Apr 2025 12:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:1c:1c:c2:d0:d1:11:f2:2e:6c:24:3f:e9:47:5a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Apr 14 11:42:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a729417fda5484ea9ec06b52a35046827f53bcb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a2:a5:34:58:df:70:0e:ff:09:0f:d7:2e:5d:
a5:8c:2c:ce:30:51:86:8c:1b:27:e6:73:34:47:65:
d5:13:40:72:b6:99:87:46:13:a6:58:6a:99:00:a1:
c5:10:12:90:0c:7a:8c:e1:24:35:d6:2e:ea:68:fc:
6c:bd:1e:5f:fc:a6:80:38:54:9d:4d:a4:6e:20:cd:
f5:04:66:fe:a2:0d:74:4d:b9:61:47:a9:32:46:eb:
44:73:fd:a4:7f:d7:5b:92:59:6e:4a:8d:63:e6:82:
32:6f:73:4a:c3:ff:0d:ec:8d:f0:2b:3d:a7:f7:09:
0d:cb:3c:c2:70:78:9a:f5:18:22:63:4f:b0:ba:db:
3f:c0:24:eb:d3:66:e8:1f:59:60:66:28:75:bb:47:
c7:93:60:a6:c4:bc:80:9d:79:1a:08:2c:a0:7e:fd:
c9:03:a7:ee:3c:5e:98:15:5b:cc:33:6f:f4:0d:56:
09:46:a2:7d:13:3a:93:d6:38:dd:38:3c:b1:b0:7f:
92:5c:20:b9:d7:a1:15:cd:e6:b3:ee:c6:ee:d7:4d:
63:a9:b1:07:29:53:ec:44:f1:10:f7:99:ab:78:00:
b6:a1:a4:3b:67:60:fa:4a:fb:75:88:0d:4a:54:4f:
10:6f:77:6a:87:f0:67:03:0e:40:d3:f9:10:34:67:
03:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:29:41:7F:DA:54:84:EA:9E:C0:6B:52:A3:50:46:82:7F:53:BC:B0
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/pylBf9pUhOqewGtSo1BGgn9TvLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.0.0/21
62.249.192.0/18
78.32.0.0/15
79.143.144.0/20
81.31.96.0/19
84.45.128.0/17
87.127.0.0/16
109.224.160.0/19
156.67.240.0/20
185.81.192.0/22
185.101.148.0/22
185.129.72.0/22
185.220.12.0/22
188.39.0.0/16
195.74.96.0/19
IPv6:
2001:4d48::/29
2a05:8940::/29
Signature Algorithm: sha256WithRSAEncryption
92:c3:24:29:c8:bd:12:8b:72:8f:6a:04:cc:4a:28:d4:f3:31:
89:5e:72:a1:65:70:6a:e2:b3:69:c1:bc:6a:91:4b:c3:86:8e:
1c:7c:41:4e:5e:33:8a:5c:5f:34:44:43:b8:7d:93:9b:3b:26:
cd:e0:08:a7:20:12:b5:cc:85:05:8c:4b:45:e1:a0:6c:a2:e6:
80:f8:70:ea:b9:dd:7c:86:13:e0:58:d7:1f:34:ac:7e:4a:fd:
d0:71:92:a2:6d:84:46:98:f1:f3:54:15:36:7a:42:c5:60:0b:
70:39:0c:f2:e5:d1:df:cd:83:19:fb:75:ad:46:ab:c1:2f:b0:
23:29:88:61:87:a1:f4:a9:62:87:93:0e:82:19:c3:b9:72:c8:
00:60:11:a4:5f:c1:26:ea:1a:f3:77:6a:38:8a:09:2d:50:6b:
59:40:82:a8:14:6b:b9:f7:a0:16:54:8b:58:72:9b:15:99:98:
8b:67:7d:35:70:fa:57:95:2c:89:8f:9d:d8:ae:75:82:38:89:
46:ab:10:d0:3c:1f:f2:a3:21:1b:a4:9d:f3:17:95:b9:b2:25:
f5:88:f8:8a:31:99:ae:fc:7e:64:1e:63:e3:65:9f:bf:7a:48:
ee:1d:cc:e6:1e:73:7d:5a:a9:2b:87:0f:f4:0f:ca:5c:5a:6b:
d0:f2:56:1e
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZY0HBzC0NER8i5sJD/pR1qIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjUwNDE0MTE0MjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI5NDE3ZmRhNTQ4NGVhOWVjMDZiNTJhMzUwNDY4MjdmNTNiY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKKlNFjfcA7/CQ/XLl2ljCzOMFGG
jBsn5nM0R2XVE0BytpmHRhOmWGqZAKHFEBKQDHqM4SQ11i7qaPxsvR5f/KaAOFSd
TaRuIM31BGb+og10TblhR6kyRutEc/2kf9dbklluSo1j5oIyb3NKw/8N7I3wKz2n
9wkNyzzCcHia9RgiY0+wuts/wCTr02boH1lgZih1u0fHk2CmxLyAnXkaCCygfv3J
A6fuPF6YFVvMM2/0DVYJRqJ9EzqT1jjdODyxsH+SXCC516EVzeaz7sbu101jqbEH
KVPsRPEQ95mreAC2oaQ7Z2D6Svt1iA1KVE8Qb3dqh/BnAw5A0/kQNGcDKQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFKcpQX/aVITqnsBrUqNQRoJ/U7ywMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvcHlsQmY5cFVoT3Fld0d0U28xQkdnbjlUdkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwXQQCAAEwVwMEAy7+AAME
Bj75wAMDAU4gAwQET4+QAwQFUR9gAwQHVC2AAwMAV38DBAVt4KADBAScQ/ADBAK5
UcADBAK5ZZQDBAK5gUgDBAK53AwDAwC8JwMEBcNKYDAUBAIAAjAOAwUDIAFNSAMF
AyoFiUAwDQYJKoZIhvcNAQELBQADggEBAJLDJCnIvRKLco9qBMxKKNTzMYlecqFl
cGris2nBvGqRS8OGjhx8QU5eM4pcXzREQ7h9k5s7Js3gCKcgErXMhQWMS0XhoGyi
5oD4cOq53XyGE+BY1x80rH5K/dBxkqJthEaY8fNUFTZ6QsVgC3A5DPLl0d/Ngxn7
da1Gq8EvsCMpiGGHofSpYoeTDoIZw7lyyABgEaRfwSbqGvN3ajiKCS1Qa1lAgqgU
a7n3oBZUi1hymxWZmItnfTVw+leVLImPndiudYI4iUarENA8H/KjIRuknfMXlbmy
JfWI+Ioxma78fmQeY+Nln796SO4dzOYec31aqSuHD/QPylxaa9DyVh4=
-----END CERTIFICATE-----
Generated at Sat May 10 18:30:10 2025 by rpki-client