Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/TaPz-Jvgv85KEOpraMTC37rmEBk.roa
File: TaPz-Jvgv85KEOpraMTC37rmEBk.roa (raw, json)
Hash identifier: V/XIFdKr8IeJNeznXEq/ytVrDfm/xIIzzpLOw6pGFSg=
Subject key identifier: 4D:A3:F3:F8:9B:E0:BF:CE:4A:10:EA:6B:68:C4:C2:DF:BA:E6:10:19
Certificate issuer: /CN=54a31ab033cfd2dee6852fa9d8bf5a4a0e352414
Certificate serial: 01975DAC27D1568B62E3BCE5E3DE2115F76B
Authority key identifier: 54:A3:1A:B0:33:CF:D2:DE:E6:85:2F:A9:D8:BF:5A:4A:0E:35:24:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VKMasDPP0t7mhS-p2L9aSg41JBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/TaPz-Jvgv85KEOpraMTC37rmEBk.roa
Signing time: Wed 11 Jun 2025 06:27:32 +0000
ROA not before: Wed 11 Jun 2025 06:27:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 87.121.168.0/24 maxlen: 24
87.121.169.0/24 maxlen: 24
87.121.171.0/24 maxlen: 24
87.121.172.0/24 maxlen: 24
87.121.173.0/24 maxlen: 24
87.121.174.0/24 maxlen: 24
87.121.175.0/24 maxlen: 24
185.64.24.0/24 maxlen: 24
185.64.25.0/24 maxlen: 24
185.64.26.0/24 maxlen: 24
185.64.27.0/24 maxlen: 24
193.203.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 05:29:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:ac:27:d1:56:8b:62:e3:bc:e5:e3:de:21:15:f7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54a31ab033cfd2dee6852fa9d8bf5a4a0e352414
Validity
Not Before: Jun 11 06:27:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4da3f3f89be0bfce4a10ea6b68c4c2dfbae61019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2d:63:13:8e:ce:89:a3:bc:af:9b:a8:21:f4:
68:20:21:19:81:f9:f7:59:aa:17:4d:ec:7e:d9:2b:
a4:70:07:20:62:16:cd:f1:74:72:d2:97:e6:38:b5:
9b:5e:69:f0:31:0d:30:d7:a1:0e:40:67:d2:c8:88:
25:0e:f2:58:79:0b:a1:77:00:b4:d0:f4:17:51:5c:
75:81:6b:4f:26:28:2f:37:de:eb:e4:d1:25:d6:1c:
28:37:ef:a8:ca:7c:66:2b:f0:b2:c8:0e:49:4b:27:
74:62:68:35:17:be:8c:e7:4b:2b:e4:1a:27:58:97:
5c:4d:3f:0b:75:04:91:95:58:4c:f6:d9:f3:4c:38:
9c:68:a0:19:50:4a:0d:5f:de:d3:01:6b:a9:d6:d7:
d7:e1:f9:09:c7:10:a5:4e:80:64:e2:70:ff:3a:33:
e4:16:47:5a:65:d5:01:c0:4c:d6:ac:0a:a6:e8:09:
a2:9d:ef:7e:e2:00:e6:59:d7:95:ef:08:49:28:3a:
68:48:5c:97:b0:fe:5f:91:27:37:73:ed:a7:0f:ce:
1e:ca:e3:3e:52:de:10:68:e1:a0:a5:ba:af:df:d2:
e9:81:45:9f:74:bb:b1:6a:d0:47:01:fb:db:98:26:
fa:92:90:4a:80:35:1e:f5:be:b6:df:df:3b:64:09:
a7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A3:F3:F8:9B:E0:BF:CE:4A:10:EA:6B:68:C4:C2:DF:BA:E6:10:19
X509v3 Authority Key Identifier:
keyid:54:A3:1A:B0:33:CF:D2:DE:E6:85:2F:A9:D8:BF:5A:4A:0E:35:24:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VKMasDPP0t7mhS-p2L9aSg41JBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/TaPz-Jvgv85KEOpraMTC37rmEBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/VKMasDPP0t7mhS-p2L9aSg41JBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.168.0/23
87.121.171.0-87.121.175.255
185.64.24.0/22
193.203.254.0/24
Signature Algorithm: sha256WithRSAEncryption
26:10:53:27:a4:e8:02:45:d9:0e:dc:77:a1:7d:b7:95:fa:fa:
7d:a1:9d:6a:39:e2:a2:97:0e:f9:82:35:a5:76:0e:8f:1e:f5:
f2:9c:37:8b:72:28:d1:bf:1a:90:bc:ca:7a:ed:e6:7f:cf:9a:
64:19:29:72:dc:ef:11:14:f0:3f:7c:37:af:c5:43:0d:ba:77:
e4:25:ae:38:43:f9:ef:16:de:30:c7:2f:01:e2:ed:cb:85:e9:
06:9e:88:49:83:3c:92:2a:73:3d:14:2b:91:16:8f:29:21:12:
ba:76:83:f0:ca:33:f5:e0:5a:5b:c5:45:09:77:d2:76:27:f3:
37:ba:83:99:24:d6:ef:98:15:e3:d1:de:94:e1:b4:bb:b2:3d:
cd:59:8f:29:94:32:c7:bf:24:22:69:6b:6c:10:51:f8:0c:e5:
a5:94:f9:57:5c:b5:0c:56:80:44:01:5a:3d:b4:45:cd:17:ef:
bd:79:b7:c3:63:67:68:e5:69:c8:eb:99:1a:19:ab:69:1e:a4:
11:0e:18:4e:76:6a:f4:84:b1:85:e6:8f:2e:02:05:a0:fd:53:
13:2f:e4:64:b1:3a:45:93:45:a0:32:7f:9b:60:6e:58:e7:1a:
bf:bb:5f:8d:33:29:e0:dd:b8:e5:b3:93:bf:dc:67:32:49:d8:
f6:31:23:ef
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZddrCfRVoti47zl494hFfdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YTMxYWIwMzNjZmQyZGVlNjg1MmZhOWQ4YmY1YTRhMGUz
NTI0MTQwHhcNMjUwNjExMDYyNzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGEzZjNmODliZTBiZmNlNGExMGVhNmI2OGM0YzJkZmJhZTYxMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC1jE47OiaO8r5uoIfRoICEZgfn3
WaoXTex+2SukcAcgYhbN8XRy0pfmOLWbXmnwMQ0w16EOQGfSyIglDvJYeQuhdwC0
0PQXUVx1gWtPJigvN97r5NEl1hwoN++oynxmK/CyyA5JSyd0Ymg1F76M50sr5Bon
WJdcTT8LdQSRlVhM9tnzTDicaKAZUEoNX97TAWup1tfX4fkJxxClToBk4nD/OjPk
FkdaZdUBwEzWrAqm6Amine9+4gDmWdeV7whJKDpoSFyXsP5fkSc3c+2nD84eyuM+
Ut4QaOGgpbqv39LpgUWfdLuxatBHAfvbmCb6kpBKgDUe9b623987ZAmnOQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFE2j8/ib4L/OShDqa2jEwt+65hAZMB8GA1UdIwQY
MBaAFFSjGrAzz9Le5oUvqdi/WkoONSQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVktNYXNEUFAwdDdtaFMtcDJMOWFTZzQxSkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wODAzNjEtMWJiZS00NzYzLTgwMGIt
NjE5YzI2MTk0MTY4LzEvVGFQei1Kdmd2ODVLRU9wcmFNVEMzN3JtRUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wODAzNjEtMWJiZS00NzYzLTgwMGItNjE5YzI2MTk0MTY4
LzEvVktNYXNEUFAwdDdtaFMtcDJMOWFTZzQxSkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBV3moMAwD
BABXeasDBARXeaADBAK5QBgDBADBy/4wDQYJKoZIhvcNAQELBQADggEBACYQUyek
6AJF2Q7cd6F9t5X6+n2hnWo54qKXDvmCNaV2Do8e9fKcN4tyKNG/GpC8ynrt5n/P
mmQZKXLc7xEU8D98N6/FQw26d+QlrjhD+e8W3jDHLwHi7cuF6QaeiEmDPJIqcz0U
K5EWjykhErp2g/DKM/XgWlvFRQl30nYn8ze6g5kk1u+YFePR3pThtLuyPc1ZjymU
Mse/JCJpa2wQUfgM5aWU+VdctQxWgEQBWj20Rc0X7715t8NjZ2jlacjrmRoZq2ke
pBEOGE52avSEsYXmjy4CBaD9UxMv5GSxOkWTRaAyf5tgbljnGr+7X40zKeDduOWz
k7/cZzJJ2PYxI+8=
-----END CERTIFICATE-----
Generated at Mon Jun 16 08:17:11 2025 by rpki-client