Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/DoA8MMAQG83mFtfUmuanT5wvPNk.roa
File: DoA8MMAQG83mFtfUmuanT5wvPNk.roa (raw, json)
Hash identifier: MlYbRnH14JXEjohdcfxKRrc6bT5cH45agN0VJEul0sI=
Subject key identifier: 0E:80:3C:30:C0:10:1B:CD:E6:16:D7:D4:9A:E6:A7:4F:9C:2F:3C:D9
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0196F78733168F4E10E291DAB46BBE9257AE
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/DoA8MMAQG83mFtfUmuanT5wvPNk.roa
Signing time: Thu 22 May 2025 10:25:54 +0000
ROA not before: Thu 22 May 2025 10:25:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 79.121.132.0/22 maxlen: 24
79.121.140.0/22 maxlen: 24
79.121.144.0/23 maxlen: 24
79.121.148.0/22 maxlen: 24
79.121.154.0/23 maxlen: 24
79.121.156.0/23 maxlen: 24
79.121.162.0/23 maxlen: 24
79.121.164.0/22 maxlen: 24
79.121.168.0/23 maxlen: 24
79.121.178.0/23 maxlen: 24
79.121.180.0/23 maxlen: 24
79.121.184.0/23 maxlen: 24
79.121.200.0/21 maxlen: 24
79.121.212.0/22 maxlen: 24
79.121.216.0/22 maxlen: 24
79.121.222.0/23 maxlen: 24
79.121.226.0/23 maxlen: 24
79.121.232.0/22 maxlen: 24
79.121.238.0/23 maxlen: 24
95.177.0.0/23 maxlen: 24
95.177.8.0/23 maxlen: 24
95.177.20.0/23 maxlen: 24
95.177.54.0/23 maxlen: 24
95.177.64.0/23 maxlen: 24
95.177.68.0/22 maxlen: 24
95.177.72.0/23 maxlen: 24
95.177.76.0/22 maxlen: 24
95.177.80.0/22 maxlen: 24
95.177.104.0/22 maxlen: 24
95.177.114.0/23 maxlen: 24
95.177.124.0/22 maxlen: 24
109.204.6.0/23 maxlen: 24
109.204.12.0/23 maxlen: 24
109.204.20.0/23 maxlen: 24
109.204.28.0/23 maxlen: 24
109.204.32.0/23 maxlen: 24
109.204.40.0/23 maxlen: 24
109.204.44.0/23 maxlen: 24
109.204.50.0/23 maxlen: 24
109.204.54.0/23 maxlen: 24
109.204.58.0/23 maxlen: 24
109.204.60.0/23 maxlen: 24
109.204.72.0/23 maxlen: 24
109.204.82.0/23 maxlen: 24
109.204.92.0/23 maxlen: 24
109.204.112.0/23 maxlen: 24
109.204.120.0/23 maxlen: 24
109.204.124.0/23 maxlen: 24
217.79.104.0/22 maxlen: 24
217.79.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 May 2025 04:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:87:33:16:8f:4e:10:e2:91:da:b4:6b:be:92:57:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 22 10:25:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e803c30c0101bcde616d7d49ae6a74f9c2f3cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:a3:36:14:88:5e:e1:8e:ef:62:dc:d2:63:
a6:41:c4:ef:f2:de:65:cd:9e:59:37:f7:31:ec:76:
7c:c0:1f:84:44:b0:b2:63:23:d3:c8:81:71:eb:8d:
f4:18:d4:48:42:d4:98:7c:87:2e:55:8b:1c:ba:f3:
18:f7:59:79:df:ad:9f:b2:6d:23:6e:10:53:f8:9a:
92:20:05:b8:25:3d:98:21:0a:12:2b:bd:f1:f7:90:
16:1f:9d:5d:20:70:ef:d0:a8:08:f4:8e:b4:e5:01:
7a:cd:83:22:66:2f:45:ee:63:3c:a1:0c:96:a7:c3:
56:7c:b4:7c:60:9e:f5:3c:fc:36:40:4a:c9:24:6d:
75:6f:a0:f0:7f:74:60:3e:56:08:04:c1:75:cc:1f:
4e:7f:40:18:b4:e5:a2:7f:cd:23:0e:c5:cb:42:0d:
f8:42:58:8b:1a:e1:a7:04:07:7b:bd:ab:52:fe:8c:
f8:6c:80:ee:7e:d2:a6:e4:e0:c6:e4:46:67:03:dc:
91:83:61:c4:0a:35:d5:55:2c:d4:e7:3a:46:0b:30:
0a:a9:39:45:ec:60:2c:73:2c:89:02:6b:ca:57:cd:
7e:18:78:07:5f:9a:73:c0:b7:36:ce:70:f4:68:8d:
54:5f:20:eb:36:9a:ea:e9:10:86:26:20:c1:53:73:
97:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:80:3C:30:C0:10:1B:CD:E6:16:D7:D4:9A:E6:A7:4F:9C:2F:3C:D9
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/DoA8MMAQG83mFtfUmuanT5wvPNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.121.132.0/22
79.121.140.0-79.121.145.255
79.121.148.0/22
79.121.154.0-79.121.157.255
79.121.162.0-79.121.169.255
79.121.178.0-79.121.181.255
79.121.184.0/23
79.121.200.0/21
79.121.212.0-79.121.219.255
79.121.222.0/23
79.121.226.0/23
79.121.232.0/22
79.121.238.0/23
95.177.0.0/23
95.177.8.0/23
95.177.20.0/23
95.177.54.0/23
95.177.64.0/23
95.177.68.0-95.177.73.255
95.177.76.0-95.177.83.255
95.177.104.0/22
95.177.114.0/23
95.177.124.0/22
109.204.6.0/23
109.204.12.0/23
109.204.20.0/23
109.204.28.0/23
109.204.32.0/23
109.204.40.0/23
109.204.44.0/23
109.204.50.0/23
109.204.54.0/23
109.204.58.0-109.204.61.255
109.204.72.0/23
109.204.82.0/23
109.204.92.0/23
109.204.112.0/23
109.204.120.0/23
109.204.124.0/23
217.79.104.0/22
217.79.116.0/22
Signature Algorithm: sha256WithRSAEncryption
79:ba:f1:6c:84:15:65:23:39:c0:57:85:37:9e:ed:51:e9:0e:
9f:72:ae:3a:22:d5:fa:9b:0e:4f:e5:68:c7:ed:0f:a2:1b:c9:
d6:5c:61:db:83:a7:fc:c3:aa:61:25:6c:4e:d3:c5:e7:eb:ff:
1a:be:ca:eb:44:83:84:df:14:07:b6:4c:d6:3c:10:d5:b3:4a:
42:1b:64:55:31:c8:82:ca:84:5f:41:82:0d:9c:e6:e1:69:36:
aa:ff:42:d4:49:e0:32:87:b5:48:f6:cc:85:45:8e:32:a5:23:
1c:c6:1d:6c:63:c0:ca:d0:00:db:5c:8d:fa:ae:4a:c6:10:6c:
e4:76:e5:ac:c1:11:c8:7c:b2:3f:1c:b0:b4:88:1a:5c:ba:f3:
a9:5a:eb:0a:e1:c6:83:80:a0:66:1d:0f:aa:b0:11:63:de:2a:
a7:e5:4e:ae:e4:c8:4b:3d:e7:03:9e:3c:71:46:22:ed:53:72:
b1:1c:f4:f4:30:d4:21:ef:2f:29:3c:58:39:18:42:b6:57:7b:
65:db:7c:79:db:c5:17:19:14:3f:16:ea:ae:0d:c7:bf:1b:fc:
f5:9e:04:29:6a:48:19:54:9c:c6:18:e5:df:cf:df:64:54:e9:
fc:0f:71:77:3a:f2:de:62:40:1f:85:f4:43:55:64:be:dc:e4:
5b:c2:c5:7f
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgISAZb3hzMWj04Q4pHatGu+kleuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwNTIyMTAyNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTgwM2MzMGMwMTAxYmNkZTYxNmQ3ZDQ5YWU2YTc0ZjljMmYzY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq76jNhSIXuGO72Lc0mOmQcTv8t5l
zZ5ZN/cx7HZ8wB+ERLCyYyPTyIFx6430GNRIQtSYfIcuVYscuvMY91l5362fsm0j
bhBT+JqSIAW4JT2YIQoSK73x95AWH51dIHDv0KgI9I605QF6zYMiZi9F7mM8oQyW
p8NWfLR8YJ71PPw2QErJJG11b6Dwf3RgPlYIBMF1zB9Of0AYtOWif80jDsXLQg34
QliLGuGnBAd7vatS/oz4bIDuftKm5ODG5EZnA9yRg2HECjXVVSzU5zpGCzAKqTlF
7GAscyyJAmvKV81+GHgHX5pzwLc2znD0aI1UXyDrNprq6RCGJiDBU3OXLwIDAQAB
o4IDQzCCAz8wHQYDVR0OBBYEFA6APDDAEBvN5hbX1Jrmp0+cLzzZMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvRG9BOE1NQVFHODNtRnRmVW11YW5UNXd2UE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVwYIKwYBBQUHAQcBAf8EggFGMIIBQjCCAT4EAgABMIIB
NgMEAk95hDAMAwQCT3mMAwQBT3mQAwQCT3mUMAwDBAFPeZoDBAFPeZwwDAMEAU95
ogMEAU95qDAMAwQBT3myAwQBT3m0AwQBT3m4AwQDT3nIMAwDBAJPedQDBAJPedgD
BAFPed4DBAFPeeIDBAJPeegDBAFPee4DBAFfsQADBAFfsQgDBAFfsRQDBAFfsTYD
BAFfsUAwDAMEAl+xRAMEAV+xSDAMAwQCX7FMAwQCX7FQAwQCX7FoAwQBX7FyAwQC
X7F8AwQBbcwGAwQBbcwMAwQBbcwUAwQBbcwcAwQBbcwgAwQBbcwoAwQBbcwsAwQB
bcwyAwQBbcw2MAwDBAFtzDoDBAFtzDwDBAFtzEgDBAFtzFIDBAFtzFwDBAFtzHAD
BAFtzHgDBAFtzHwDBALZT2gDBALZT3QwDQYJKoZIhvcNAQELBQADggEBAHm68WyE
FWUjOcBXhTee7VHpDp9yrjoi1fqbDk/laMftD6IbydZcYduDp/zDqmElbE7Txefr
/xq+yutEg4TfFAe2TNY8ENWzSkIbZFUxyILKhF9Bgg2c5uFpNqr/QtRJ4DKHtUj2
zIVFjjKlIxzGHWxjwMrQANtcjfquSsYQbOR25azBEch8sj8csLSIGly686la6wrh
xoOAoGYdD6qwEWPeKqflTq7kyEs95wOePHFGIu1TcrEc9PQw1CHvLyk8WDkYQrZX
e2XbfHnbxRcZFD8W6q4Nx78b/PWeBClqSBlUnMYY5d/P32RU6fwPcXc68t5iQB+F
9ENVZL7c5FvCxX8=
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:25:10 2025 by rpki-client