Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/rtzydSLh4BWO7P7IVavBAOEZBPg.roa
File: rtzydSLh4BWO7P7IVavBAOEZBPg.roa (raw, json)
Hash identifier: r8HStM0NqOUP19CNZoOE/7jfi8rtgXJcGfTsh+jaQBI=
Subject key identifier: AE:DC:F2:75:22:E1:E0:15:8E:EC:FE:C8:55:AB:C1:00:E1:19:04:F8
Certificate issuer: /CN=bffd0f0ad9c784096c5a0fb9e8cf5c2f0440413b
Certificate serial: 0194CBFA9D8C5DC4B00EF746C761984254B0
Authority key identifier: BF:FD:0F:0A:D9:C7:84:09:6C:5A:0F:B9:E8:CF:5C:2F:04:40:41:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v_0PCtnHhAlsWg-56M9cLwRAQTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/rtzydSLh4BWO7P7IVavBAOEZBPg.roa
Signing time: Mon 03 Feb 2025 13:23:06 +0000
ROA not before: Mon 03 Feb 2025 13:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44692
IP address blocks: 78.31.144.0/23 maxlen: 23
78.31.146.0/23 maxlen: 23
78.31.148.0/23 maxlen: 23
78.31.150.0/23 maxlen: 23
85.202.96.0/20 maxlen: 20
85.202.107.0/24 maxlen: 24
109.125.192.0/19 maxlen: 19
109.125.218.0/23 maxlen: 23
109.125.220.0/22 maxlen: 22
109.125.224.0/23 maxlen: 23
109.125.226.0/23 maxlen: 23
109.125.228.0/23 maxlen: 23
109.125.230.0/23 maxlen: 23
109.125.232.0/22 maxlen: 22
109.125.236.0/22 maxlen: 22
109.125.240.0/22 maxlen: 22
109.125.244.0/22 maxlen: 22
109.125.248.0/22 maxlen: 22
109.125.254.0/24 maxlen: 24
109.125.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 13:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:fa:9d:8c:5d:c4:b0:0e:f7:46:c7:61:98:42:54:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bffd0f0ad9c784096c5a0fb9e8cf5c2f0440413b
Validity
Not Before: Feb 3 13:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aedcf27522e1e0158eecfec855abc100e11904f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:31:93:4c:ae:be:c1:65:02:32:e2:32:dd:d7:
f0:ea:5f:41:32:c3:62:ee:cd:32:42:ba:4b:bd:55:
a1:41:5a:e0:2e:66:85:82:43:d6:73:02:e3:c0:d9:
29:f4:28:4c:bc:a9:ab:0b:96:cb:2d:e2:fe:65:e8:
33:ba:d8:df:58:35:91:d2:5e:f0:49:1b:be:4c:44:
b9:91:e2:0a:9b:2f:47:78:12:7a:ba:a3:b2:02:4a:
b6:d6:bd:75:6b:97:00:f8:b4:d3:0d:32:6d:8d:2e:
13:53:ab:70:37:db:69:80:94:5f:a3:c9:70:11:84:
77:8c:8d:9d:59:d5:2c:df:e2:78:36:07:07:49:d7:
75:57:85:e5:da:89:bb:aa:62:4d:33:61:6c:45:49:
bb:89:8a:34:d0:60:f8:db:b1:ed:82:a8:13:54:0c:
b7:f4:3d:3e:5b:28:11:d1:d8:0b:ae:35:5f:52:5b:
77:8e:5a:22:96:e9:79:9b:49:06:55:72:80:18:f2:
3c:8d:83:74:e4:66:c7:a9:49:e6:7b:b0:42:7e:fa:
da:95:a5:e1:25:5a:9a:e6:39:99:f9:c2:09:08:8e:
0b:f5:f5:a6:0f:b9:3e:78:ed:ce:70:21:4f:e0:73:
da:f9:a3:ec:17:03:89:09:90:11:4c:e9:7e:09:ef:
1f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DC:F2:75:22:E1:E0:15:8E:EC:FE:C8:55:AB:C1:00:E1:19:04:F8
X509v3 Authority Key Identifier:
keyid:BF:FD:0F:0A:D9:C7:84:09:6C:5A:0F:B9:E8:CF:5C:2F:04:40:41:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v_0PCtnHhAlsWg-56M9cLwRAQTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/rtzydSLh4BWO7P7IVavBAOEZBPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/v_0PCtnHhAlsWg-56M9cLwRAQTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.144.0/21
85.202.96.0/20
109.125.192.0-109.125.251.255
109.125.254.0/23
Signature Algorithm: sha256WithRSAEncryption
00:19:13:81:a8:9c:dc:c0:bf:c6:b5:42:5e:d2:ac:d2:44:60:
55:ed:52:93:2b:8d:9a:71:3a:78:72:93:47:be:12:7e:e3:b2:
33:a9:80:4c:e4:c3:d7:0d:54:fb:5f:64:36:2a:ac:a5:b6:ab:
7a:80:a1:ca:e9:0d:7c:f2:69:3f:5d:4e:79:38:4e:78:ca:62:
bb:01:79:15:d0:bd:27:7d:8e:01:03:54:37:fa:70:e4:90:88:
54:d2:08:0c:5d:a7:1c:51:af:43:e3:99:00:40:dc:5e:a4:42:
09:5f:f7:e4:27:d9:0c:0a:86:b4:59:59:aa:53:2b:19:2f:42:
3a:f7:8f:d8:f3:12:cf:01:bd:52:69:08:db:2d:ac:15:42:cb:
6c:47:72:e5:f6:32:9f:41:9f:37:3f:dd:e1:fa:35:de:33:4f:
3d:46:3e:35:d9:bc:19:77:96:d9:0a:7f:ac:03:95:07:b9:25:
9b:13:56:c8:1e:31:30:fe:62:a8:63:0c:d3:3f:10:fc:4e:b9:
a4:c3:72:23:6e:5c:ee:34:f5:87:a2:9f:7e:11:da:47:70:51:
2c:d5:d1:56:4a:62:37:53:e1:c3:ce:2e:f2:f2:f4:25:71:bd:
d0:78:71:d5:ae:46:fb:88:b3:2c:a5:5e:78:b2:4f:41:74:f7:
19:9c:80:13
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZTL+p2MXcSwDvdGx2GYQlSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZmQwZjBhZDljNzg0MDk2YzVhMGZiOWU4Y2Y1YzJmMDQ0
MDQxM2IwHhcNMjUwMjAzMTMyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWRjZjI3NTIyZTFlMDE1OGVlY2ZlYzg1NWFiYzEwMGUxMTkwNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozGTTK6+wWUCMuIy3dfw6l9BMsNi
7s0yQrpLvVWhQVrgLmaFgkPWcwLjwNkp9ChMvKmrC5bLLeL+ZegzutjfWDWR0l7w
SRu+TES5keIKmy9HeBJ6uqOyAkq21r11a5cA+LTTDTJtjS4TU6twN9tpgJRfo8lw
EYR3jI2dWdUs3+J4NgcHSdd1V4Xl2om7qmJNM2FsRUm7iYo00GD427HtgqgTVAy3
9D0+WygR0dgLrjVfUlt3jloilul5m0kGVXKAGPI8jYN05GbHqUnme7BCfvralaXh
JVqa5jmZ+cIJCI4L9fWmD7k+eO3OcCFP4HPa+aPsFwOJCZARTOl+Ce8foQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK7c8nUi4eAVjuz+yFWrwQDhGQT4MB8GA1UdIwQY
MBaAFL/9DwrZx4QJbFoPuejPXC8EQEE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdl8wUEN0bkhoQWxzV2ctNTZNOWNMd1JBUVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYWVhNTktOTE5ZC00MTM1LTliZGUt
NmRjZjBjOTNjYmRiLzEvcnR6eWRTTGg0QldPN1A3SVZhdkJBT0VaQlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYWVhNTktOTE5ZC00MTM1LTliZGUtNmRjZjBjOTNjYmRi
LzEvdl8wUEN0bkhoQWxzV2ctNTZNOWNMd1JBUVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDTh+QAwQE
VcpgMAwDBAZtfcADBAJtffgDBAFtff4wDQYJKoZIhvcNAQELBQADggEBAAAZE4Go
nNzAv8a1Ql7SrNJEYFXtUpMrjZpxOnhyk0e+En7jsjOpgEzkw9cNVPtfZDYqrKW2
q3qAocrpDXzyaT9dTnk4TnjKYrsBeRXQvSd9jgEDVDf6cOSQiFTSCAxdpxxRr0Pj
mQBA3F6kQglf9+Qn2QwKhrRZWapTKxkvQjr3j9jzEs8BvVJpCNstrBVCy2xHcuX2
Mp9Bnzc/3eH6Nd4zTz1GPjXZvBl3ltkKf6wDlQe5JZsTVsgeMTD+YqhjDNM/EPxO
uaTDciNuXO409Yein34R2kdwUSzV0VZKYjdT4cPOLvLy9CVxvdB4cdWuRvuIsyyl
XniyT0F09xmcgBM=
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:08:32 2025 by rpki-client