Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/tyDhwtsUL8yGPo6XxOY6nmyP57I.roa
File: tyDhwtsUL8yGPo6XxOY6nmyP57I.roa (raw, json)
Hash identifier: YJDMg3yajWLlfbrTgvEoL5ear/1oc3TkOwqeUeDFbt0=
Subject key identifier: B7:20:E1:C2:DB:14:2F:CC:86:3E:8E:97:C4:E6:3A:9E:6C:8F:E7:B2
Certificate issuer: /CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Certificate serial: 019512F6DB5D90B97C6731DA121CE879AD56
Authority key identifier: 97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/tyDhwtsUL8yGPo6XxOY6nmyP57I.roa
Signing time: Mon 17 Feb 2025 08:12:02 +0000
ROA not before: Mon 17 Feb 2025 08:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41833
IP address blocks: 46.227.248.0/21 maxlen: 21
46.227.248.0/24 maxlen: 24
46.227.249.0/24 maxlen: 24
46.227.251.0/24 maxlen: 24
46.227.252.0/24 maxlen: 24
46.227.253.0/24 maxlen: 24
46.227.254.0/24 maxlen: 24
46.227.255.0/24 maxlen: 24
89.249.208.0/20 maxlen: 20
89.249.208.0/24 maxlen: 24
89.249.209.0/24 maxlen: 24
89.249.210.0/24 maxlen: 24
89.249.211.0/24 maxlen: 24
89.249.212.0/24 maxlen: 24
89.249.212.0/28 maxlen: 28
89.249.213.0/24 maxlen: 24
89.249.214.0/24 maxlen: 24
89.249.215.0/24 maxlen: 24
89.249.216.0/24 maxlen: 24
89.249.217.0/24 maxlen: 24
89.249.218.0/24 maxlen: 24
89.249.219.0/24 maxlen: 24
89.249.220.0/24 maxlen: 24
89.249.221.0/24 maxlen: 24
89.249.221.80/29 maxlen: 29
89.249.222.0/24 maxlen: 24
89.249.223.0/24 maxlen: 24
93.185.224.0/20 maxlen: 20
93.185.224.0/24 maxlen: 24
93.185.225.0/24 maxlen: 24
93.185.226.0/24 maxlen: 24
93.185.227.0/24 maxlen: 24
93.185.228.0/24 maxlen: 24
93.185.229.0/24 maxlen: 24
93.185.229.0/30 maxlen: 30
93.185.230.0/24 maxlen: 24
93.185.231.0/24 maxlen: 24
93.185.231.0/29 maxlen: 29
93.185.232.0/24 maxlen: 24
93.185.233.0/24 maxlen: 24
93.185.234.0/24 maxlen: 24
93.185.235.0/24 maxlen: 24
93.185.236.0/24 maxlen: 24
93.185.236.136/29 maxlen: 29
93.185.237.0/24 maxlen: 24
93.185.238.0/24 maxlen: 24
93.185.239.0/24 maxlen: 24
95.141.48.0/20 maxlen: 20
95.141.48.0/24 maxlen: 24
95.141.49.0/24 maxlen: 24
95.141.55.0/24 maxlen: 24
95.141.56.0/24 maxlen: 24
95.141.57.0/24 maxlen: 24
95.141.58.0/24 maxlen: 24
95.141.59.0/24 maxlen: 24
95.141.60.0/24 maxlen: 24
95.141.61.0/24 maxlen: 24
95.141.62.0/24 maxlen: 24
95.141.63.0/24 maxlen: 24
141.138.176.0/20 maxlen: 20
141.138.176.0/24 maxlen: 24
141.138.177.0/24 maxlen: 24
141.138.178.0/24 maxlen: 24
141.138.179.0/24 maxlen: 24
141.138.180.0/24 maxlen: 24
141.138.181.0/24 maxlen: 24
141.138.182.0/24 maxlen: 24
141.138.183.0/24 maxlen: 24
141.138.184.0/24 maxlen: 24
141.138.185.0/24 maxlen: 24
141.138.186.0/24 maxlen: 24
141.138.186.96/29 maxlen: 29
141.138.186.144/29 maxlen: 29
141.138.187.0/24 maxlen: 24
141.138.188.0/24 maxlen: 24
141.138.189.0/24 maxlen: 24
141.138.191.0/24 maxlen: 24
185.58.200.0/22 maxlen: 22
185.58.200.0/24 maxlen: 24
185.58.201.0/24 maxlen: 24
185.58.202.0/24 maxlen: 24
2a02:f50::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Feb 2025 08:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:f6:db:5d:90:b9:7c:67:31:da:12:1c:e8:79:ad:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Validity
Not Before: Feb 17 08:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b720e1c2db142fcc863e8e97c4e63a9e6c8fe7b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:76:b1:51:e8:a2:3d:09:7f:66:df:dc:b1:ee:
a1:c2:9c:25:08:b0:06:a0:67:b8:c4:fa:d4:2c:b6:
fc:c4:bf:b7:3b:b6:e3:cb:49:53:b4:93:5b:34:62:
e5:ab:65:04:18:dc:ac:6c:b4:33:68:76:4f:0b:52:
be:e3:2a:98:a8:65:0f:07:77:58:2e:db:92:ce:41:
2c:a1:35:ca:e3:c7:1d:97:e6:2c:82:0c:e1:91:f4:
be:09:e2:8e:7f:60:91:44:c1:ed:44:f1:c3:2a:37:
3b:b9:f4:92:03:03:59:7a:f1:54:a0:d3:40:2b:bc:
58:50:2f:03:d0:12:b4:3f:60:d0:8c:7c:98:02:92:
e5:b6:71:f3:50:4a:90:9b:34:27:30:f6:f6:8b:17:
50:ea:6d:83:f6:f9:0e:09:0a:07:14:65:51:eb:b2:
ff:5d:c0:b6:9a:c0:72:7f:0d:ac:2f:42:06:cf:e1:
79:69:26:40:e9:60:6a:9c:07:53:56:1f:64:b0:e8:
68:67:4c:21:82:b5:0c:26:df:78:a1:c7:9b:93:54:
e7:db:8a:af:a5:40:55:56:2b:c5:31:b2:41:4c:b5:
fc:c3:2d:a4:6d:09:29:11:14:7f:33:99:98:c0:6f:
b1:4f:94:1b:a5:19:c9:2b:a7:c3:e7:b1:74:0d:a7:
ce:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:20:E1:C2:DB:14:2F:CC:86:3E:8E:97:C4:E6:3A:9E:6C:8F:E7:B2
X509v3 Authority Key Identifier:
keyid:97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/tyDhwtsUL8yGPo6XxOY6nmyP57I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.248.0/21
89.249.208.0/20
93.185.224.0/20
95.141.48.0/20
141.138.176.0/20
185.58.200.0/22
IPv6:
2a02:f50::/32
Signature Algorithm: sha256WithRSAEncryption
b5:83:97:fd:3f:0b:dd:d0:c5:9c:a1:30:88:3d:46:cf:f6:83:
00:af:f7:5b:68:b4:21:4e:78:fc:68:39:59:55:89:e9:23:7e:
1d:2f:5d:13:4f:50:46:27:0a:d0:ab:30:02:11:28:00:3a:55:
cf:36:63:b6:92:c3:4a:25:25:56:be:b2:85:dc:2b:71:a9:d5:
da:96:b9:f0:a7:60:49:50:8c:44:f7:69:7a:94:81:e7:8f:0f:
eb:30:0d:59:01:91:ef:0d:86:0f:c0:76:7c:aa:4a:35:a7:38:
2b:4d:79:58:f5:d9:3d:8e:d8:46:96:1c:ac:7f:8e:60:58:e6:
6f:32:94:7e:1a:e6:8d:73:64:13:26:2c:da:b7:d4:7a:d7:e8:
9d:55:dd:a4:fb:a1:41:41:38:08:0d:cb:93:6e:10:5f:57:bf:
7d:f2:10:b0:9f:79:73:57:6f:33:95:58:bc:41:bc:b8:36:8f:
1a:09:e8:63:f2:30:d6:e5:b2:1c:2a:21:e5:2f:03:ff:81:0d:
6b:b2:24:0f:12:b8:4e:b3:42:2d:12:5f:39:34:d5:ba:da:9c:
fc:1f:d0:2e:a1:5f:06:22:51:46:3e:f2:24:71:4e:63:ae:07:
00:6a:17:9c:e2:27:ce:59:a1:d4:f5:2e:38:5c:a8:b7:f6:22:
08:e3:56:06
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZUS9ttdkLl8ZzHaEhzoea1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDI5ZGU4YmNjM2JlNDc0YWJiZGEyYmUyYTg5ZDBmMzIw
OGMzODUwHhcNMjUwMjE3MDgxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzIwZTFjMmRiMTQyZmNjODYzZThlOTdjNGU2M2E5ZTZjOGZlN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XaxUeiiPQl/Zt/cse6hwpwlCLAG
oGe4xPrULLb8xL+3O7bjy0lTtJNbNGLlq2UEGNysbLQzaHZPC1K+4yqYqGUPB3dY
LtuSzkEsoTXK48cdl+YsggzhkfS+CeKOf2CRRMHtRPHDKjc7ufSSAwNZevFUoNNA
K7xYUC8D0BK0P2DQjHyYApLltnHzUEqQmzQnMPb2ixdQ6m2D9vkOCQoHFGVR67L/
XcC2msByfw2sL0IGz+F5aSZA6WBqnAdTVh9ksOhoZ0whgrUMJt94ocebk1Tn24qv
pUBVVivFMbJBTLX8wy2kbQkpERR/M5mYwG+xT5QbpRnJK6fD57F0DafO/wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLcg4cLbFC/Mhj6Ol8TmOp5sj+eyMB8GA1UdIwQY
MBaAFJdCnei8w75HSrvaK+KonQ8yCMOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMt
MDQ5YmRjNmI4ZWYzLzEvdHlEaHd0c1VMOHlHUG82WHhPWTZubXlQNTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMtMDQ5YmRjNmI4ZWYz
LzEvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuP4AwQE
WfnQAwQEXbngAwQEX40wAwQEjYqwAwQCuTrIMA0EAgACMAcDBQAqAg9QMA0GCSqG
SIb3DQEBCwUAA4IBAQC1g5f9Pwvd0MWcoTCIPUbP9oMAr/dbaLQhTnj8aDlZVYnp
I34dL10TT1BGJwrQqzACESgAOlXPNmO2ksNKJSVWvrKF3CtxqdXalrnwp2BJUIxE
92l6lIHnjw/rMA1ZAZHvDYYPwHZ8qko1pzgrTXlY9dk9jthGlhysf45gWOZvMpR+
GuaNc2QTJizat9R61+idVd2k+6FBQTgIDcuTbhBfV7998hCwn3lzV28zlVi8Qby4
No8aCehj8jDW5bIcKiHlLwP/gQ1rsiQPErhOs0ItEl85NNW62pz8H9AuoV8GIlFG
PvIkcU5jrgcAahec4ifOWaHU9S44XKi39iII41YG
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:16:45 2025 by rpki-client