Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fVqmsxVojUo3etMeX-I6fKJz4M4.roa
File: fVqmsxVojUo3etMeX-I6fKJz4M4.roa (raw, json)
Hash identifier: 35DSr7NJSF3ux1hHZif30P6NhDIO1oLh6YzkB2eV7ik=
Subject key identifier: 7D:5A:A6:B3:15:68:8D:4A:37:7A:D3:1E:5F:E2:3A:7C:A2:73:E0:CE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019751162FB5BD4947A53223BFD47BA8FD81
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fVqmsxVojUo3etMeX-I6fKJz4M4.roa
Signing time: Sun 08 Jun 2025 19:48:17 +0000
ROA not before: Sun 08 Jun 2025 19:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.48.0/22 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.108.0/22 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.217.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.230.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.60.0/22 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.127.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 13:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:51:16:2f:b5:bd:49:47:a5:32:23:bf:d4:7b:a8:fd:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 8 19:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d5aa6b315688d4a377ad31e5fe23a7ca273e0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b8:9a:82:41:af:bc:30:19:31:81:c6:e0:87:
90:4e:3d:ac:14:14:01:d8:e1:82:8d:dd:5d:e5:32:
0d:d9:fd:c9:00:99:39:68:27:c4:68:46:77:b5:28:
11:01:a4:78:fb:ae:f5:29:ae:08:ae:f3:a0:70:10:
b9:03:05:ca:fc:fa:c7:2f:df:e0:e3:06:e3:b0:00:
ad:8a:0f:9f:cd:eb:e9:40:1f:d7:bd:94:2f:be:ac:
40:80:e1:89:d8:69:e3:22:5a:85:64:f1:0c:50:c6:
d4:82:ea:33:da:30:77:0d:26:c5:d5:df:38:ba:a7:
1c:f1:0b:8c:07:ec:79:de:2f:b9:71:36:f0:c9:36:
03:ba:a8:25:23:40:d9:0e:a9:8a:21:82:3b:1b:08:
58:73:55:70:ab:1a:4f:09:78:c2:e4:19:fd:3e:f5:
74:f6:4c:0a:38:e3:61:44:23:b9:57:bb:6a:e4:c0:
ca:1b:16:31:31:08:d4:4c:d2:f0:cb:3c:7a:3d:a1:
c8:25:ff:a0:03:bd:35:12:82:c8:1a:b4:66:ab:69:
63:f8:1f:f4:c7:f2:b1:32:ba:66:22:24:54:16:d1:
29:06:a6:38:59:1c:09:19:ea:5e:5e:51:71:88:52:
15:b4:e0:c1:b6:26:10:12:d3:7a:00:d5:2c:3a:25:
be:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:5A:A6:B3:15:68:8D:4A:37:7A:D3:1E:5F:E2:3A:7C:A2:73:E0:CE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fVqmsxVojUo3etMeX-I6fKJz4M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0-84.32.51.255
84.32.64.0/24
84.32.104.0/24
84.32.108.0/22
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.217.0/24
84.32.223.0/24
84.32.230.0/24
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.60.0/22
88.216.66.0/23
88.216.90.0/24
88.216.93.0/24
88.216.127.0/24
88.216.130.0/23
88.216.134.0/23
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:53:97:ba:6c:c2:36:2f:37:be:34:48:a3:09:ea:3e:6b:19:
53:4b:48:32:ba:1a:cc:06:9c:82:b5:74:1a:b5:88:9f:5f:11:
32:46:17:93:95:ca:5b:78:b6:8d:30:a2:2c:b4:2f:62:21:e5:
da:89:0d:e0:93:6d:7b:79:22:53:06:ae:1f:08:9b:b6:59:c3:
56:91:9e:f1:46:36:b2:81:d1:2d:c6:5f:97:13:7e:fc:53:aa:
f8:e3:71:07:ef:e1:75:c5:6b:ce:08:87:76:fb:2d:18:96:70:
62:35:29:c5:4b:cd:1e:b8:f6:94:43:6e:52:31:96:bb:82:0a:
8a:7a:1c:87:e1:45:5f:36:e7:19:e1:86:ec:2d:f8:45:5b:ce:
af:b0:18:16:cc:ad:a2:d6:76:f5:94:69:b3:e6:44:33:31:e4:
20:9a:79:d5:66:71:47:c2:d7:e3:3f:5c:f8:ad:cc:28:a2:86:
9b:08:1f:b7:5f:c9:2a:b9:0a:7c:7a:e0:0a:0a:a7:dc:43:ad:
ec:17:33:9f:27:b1:2d:68:e7:62:d0:4b:24:e5:66:57:6d:d5:
9c:2a:ed:cb:b2:97:28:6b:0d:7c:f3:71:17:82:00:e1:42:9e:
cd:f6:ca:8f:f3:b9:4d:e2:85:f0:89:49:5a:22:ed:a2:38:4b:
12:73:66:e7
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZdRFi+1vUlHpTIjv9R7qP2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwNjA4MTk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDVhYTZiMzE1Njg4ZDRhMzc3YWQzMWU1ZmUyM2E3Y2EyNzNlMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLiagkGvvDAZMYHG4IeQTj2sFBQB
2OGCjd1d5TIN2f3JAJk5aCfEaEZ3tSgRAaR4+671Ka4IrvOgcBC5AwXK/PrHL9/g
4wbjsACtig+fzevpQB/XvZQvvqxAgOGJ2GnjIlqFZPEMUMbUguoz2jB3DSbF1d84
uqcc8QuMB+x53i+5cTbwyTYDuqglI0DZDqmKIYI7GwhYc1VwqxpPCXjC5Bn9PvV0
9kwKOONhRCO5V7tq5MDKGxYxMQjUTNLwyzx6PaHIJf+gA701EoLIGrRmq2lj+B/0
x/KxMrpmIiRUFtEpBqY4WRwJGepeXlFxiFIVtODBtiYQEtN6ANUsOiW+rQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFH1aprMVaI1KN3rTHl/iOnyic+DOMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZlZxbXN4Vm9qVW8zZXRNZVgtSTZmS0p6NE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AFQgBwMEAFQgCAMEAlQgFDAMAwQBVCAuAwQCVCAwAwQAVCBAAwQAVCBoAwQCVCBs
AwQCVCCUAwQBVCCuAwQBVCDWAwQAVCDZAwQAVCDfAwQAVCDmAwQCVCD0AwQBWNgW
AwQBWNgsAwQCWNg8AwQBWNhCAwQAWNhaAwQAWNhdAwQAWNh/AwQBWNiCAwQBWNiG
AwQAWNjfMA0GCSqGSIb3DQEBCwUAA4IBAQAcU5e6bMI2Lze+NEijCeo+axlTS0gy
uhrMBpyCtXQatYifXxEyRheTlcpbeLaNMKIstC9iIeXaiQ3gk217eSJTBq4fCJu2
WcNWkZ7xRjaygdEtxl+XE378U6r443EH7+F1xWvOCId2+y0YlnBiNSnFS80euPaU
Q25SMZa7ggqKehyH4UVfNucZ4YbsLfhFW86vsBgWzK2i1nb1lGmz5kQzMeQgmnnV
ZnFHwtfjP1z4rcwoooabCB+3X8kquQp8euAKCqfcQ63sFzOfJ7EtaOdi0Esk5WZX
bdWcKu3Lspcoaw1883EXggDhQp7N9sqP87lN4oXwiUlaIu2iOEsSc2bn
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:36:32 2025 by rpki-client