Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/pDA-d9BUR7N37LjuNNrfewTQpdk.roa
File: pDA-d9BUR7N37LjuNNrfewTQpdk.roa (raw, json)
Hash identifier: 0UF6Wjj7kaES0wL5XI3AxpYaoKlsc6abVC+ASSFQ31w=
Subject key identifier: A4:30:3E:77:D0:54:47:B3:77:EC:B8:EE:34:DA:DF:7B:04:D0:A5:D9
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 019422FBA4B26777F84A58F2E0354870CC8B
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/pDA-d9BUR7N37LjuNNrfewTQpdk.roa
Signing time: Wed 01 Jan 2025 17:48:24 +0000
ROA not before: Wed 01 Jan 2025 17:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49964
IP address blocks: 37.19.8.0/21 maxlen: 24
46.18.33.0/24 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.34.0/24 maxlen: 24
46.18.35.0/24 maxlen: 24
46.18.36.0/22 maxlen: 24
46.18.36.0/24 maxlen: 24
46.18.37.0/24 maxlen: 24
46.18.38.0/24 maxlen: 24
46.18.39.0/24 maxlen: 24
62.112.29.0/24 maxlen: 24
62.112.31.0/24 maxlen: 24
85.119.216.0/21 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.217.16/28 maxlen: 28
109.69.219.0/24 maxlen: 24
109.69.220.0/24 maxlen: 24
109.69.221.0/24 maxlen: 24
109.69.221.192/28 maxlen: 28
109.69.222.0/24 maxlen: 24
185.64.64.0/22 maxlen: 24
185.185.228.0/24 maxlen: 24
185.185.229.0/24 maxlen: 24
185.185.231.0/24 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 13:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a4:b2:67:77:f8:4a:58:f2:e0:35:48:70:cc:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 1 17:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4303e77d05447b377ecb8ee34dadf7b04d0a5d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:a1:8e:3d:f3:d4:3a:66:a2:27:ae:72:32:
f3:69:ef:05:42:ba:26:37:a8:42:e6:ca:36:a7:38:
1a:5b:80:21:67:d4:be:b2:a9:f5:05:ed:40:22:10:
54:55:c8:d0:20:16:79:dd:50:34:83:63:46:ed:ec:
9b:af:93:0d:a8:87:b1:29:be:3a:e7:8e:6d:93:b2:
e1:c6:12:bb:16:25:9a:de:b7:ef:44:b8:1f:a0:4b:
83:d9:50:09:5d:4c:00:7e:b1:2f:1d:1e:8a:3a:87:
e6:39:f1:0d:c7:34:fe:e1:43:91:7f:6d:b5:ae:08:
b3:b0:a5:f5:be:95:6e:ee:d5:8a:1d:cc:41:d6:24:
6f:3b:c4:53:70:7b:64:e6:5b:ef:e7:85:59:d4:6e:
97:f3:cc:9f:be:c2:b8:67:2e:de:1c:e0:cb:7a:00:
ff:f5:10:74:06:88:0e:9b:40:92:08:6f:69:7c:6d:
8b:75:08:83:77:26:28:42:86:cb:0b:9e:72:5c:7b:
d5:62:03:99:bc:35:3f:ae:7d:bf:7a:de:b8:38:24:
76:75:08:90:d3:0d:52:c0:a8:81:64:ec:1e:aa:e6:
84:7f:38:55:fc:3e:da:cc:ad:f2:d5:86:6c:08:1d:
b3:c2:52:6b:ae:12:b5:85:c4:33:55:b9:9e:af:bb:
87:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:30:3E:77:D0:54:47:B3:77:EC:B8:EE:34:DA:DF:7B:04:D0:A5:D9
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/pDA-d9BUR7N37LjuNNrfewTQpdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.119.216.0/21
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
185.185.231.0/24
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
4d:44:13:d7:28:4b:c7:cc:b3:a7:fd:1c:96:7c:81:42:86:4e:
9d:5a:b5:32:f7:96:08:2f:4b:eb:af:06:16:c1:81:2c:e4:d2:
00:88:cf:30:0c:51:4a:33:75:ac:df:e4:4b:15:69:50:a3:ae:
84:24:47:1e:60:d9:22:90:06:27:58:67:7b:f3:2b:d1:22:6d:
06:18:97:72:ee:ab:d0:69:30:eb:48:83:40:2d:93:45:c5:34:
5a:5a:57:f7:00:fb:64:68:e4:27:d1:63:2f:17:a1:0f:76:48:
4c:90:e3:22:ea:f7:35:7c:0e:dd:f5:04:e6:a6:90:ce:e4:19:
78:c6:ae:b3:d2:42:31:0f:f9:a0:cc:04:ab:57:4a:c0:32:80:
1e:84:61:e1:46:44:19:46:67:d7:dd:a6:d1:d8:1e:1b:4b:d2:
a4:0b:5b:1d:ec:74:28:f0:0b:5c:8c:3a:28:dc:97:71:a0:aa:
f2:6a:f2:bc:f9:11:d0:d8:84:d0:b4:87:64:80:6f:c8:5d:9b:
1c:22:98:2e:90:b3:8f:09:d1:d4:73:38:3a:3f:27:ec:c3:79:
27:87:81:ae:65:aa:f4:c7:a1:19:f9:ba:bb:8c:1c:31:a6:2f:
f8:de:3f:81:51:a6:6b:cf:41:99:ab:b4:b3:76:b8:ee:82:ac:
87:b5:08:02
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZQi+6SyZ3f4Sljy4DVIcMyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjUwMTAxMTc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMwM2U3N2QwNTQ0N2IzNzdlY2I4ZWUzNGRhZGY3YjA0ZDBhNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+ehjj3z1DpmoieucjLzae8FQrom
N6hC5so2pzgaW4AhZ9S+sqn1Be1AIhBUVcjQIBZ53VA0g2NG7eybr5MNqIexKb46
545tk7LhxhK7FiWa3rfvRLgfoEuD2VAJXUwAfrEvHR6KOofmOfENxzT+4UORf221
rgizsKX1vpVu7tWKHcxB1iRvO8RTcHtk5lvv54VZ1G6X88yfvsK4Zy7eHODLegD/
9RB0BogOm0CSCG9pfG2LdQiDdyYoQobLC55yXHvVYgOZvDU/rn2/et64OCR2dQiQ
0w1SwKiBZOwequaEfzhV/D7azK3y1YZsCB2zwlJrrhK1hcQzVbmer7uHGwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFKQwPnfQVEezd+y47jTa33sE0KXZMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvcERBLWQ5QlVSN04zN0xqdU5OcmZld1RRcGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQDJRMIMAwD
BAAuEiEDBAMuEiADBAA+cB0DBAA+cB8DBANVd9gDBAFtRdgwDAMEAG1F2wMEAG1F
3gMEArlAQAMEAbm55AMEALm55zANBAIAAjAHAwUAKgAVKDANBgkqhkiG9w0BAQsF
AAOCAQEATUQT1yhLx8yzp/0clnyBQoZOnVq1MveWCC9L668GFsGBLOTSAIjPMAxR
SjN1rN/kSxVpUKOuhCRHHmDZIpAGJ1hne/Mr0SJtBhiXcu6r0Gkw60iDQC2TRcU0
WlpX9wD7ZGjkJ9FjLxehD3ZITJDjIur3NXwO3fUE5qaQzuQZeMaus9JCMQ/5oMwE
q1dKwDKAHoRh4UZEGUZn192m0dgeG0vSpAtbHex0KPALXIw6KNyXcaCq8mryvPkR
0NiE0LSHZIBvyF2bHCKYLpCzjwnR1HM4Oj8n7MN5J4eBrmWq9MehGfm6u4wcMaYv
+N4/gVGma89Bmau0s3a47oKsh7UIAg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 11:16:24 2025 by rpki-client