Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/bWLnODoV9R_6IEiySjrlmLnf2nY.roa
File: bWLnODoV9R_6IEiySjrlmLnf2nY.roa (raw, json)
Hash identifier: 5d7W0MDBEBkOpkJIheV/TyrNOvwhvQZg4zA1g43B4Lw=
Subject key identifier: 6D:62:E7:38:3A:15:F5:1F:FA:20:48:B2:4A:3A:E5:98:B9:DF:DA:76
Certificate issuer: /CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Certificate serial: 01967BB5222C1911645250282909C1DC9250
Authority key identifier: 89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/bWLnODoV9R_6IEiySjrlmLnf2nY.roa
Signing time: Mon 28 Apr 2025 09:23:10 +0000
ROA not before: Mon 28 Apr 2025 09:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8412
IP address blocks: 62.178.0.0/16 maxlen: 17
80.108.0.0/15 maxlen: 16
80.110.0.0/16 maxlen: 17
80.110.64.0/23 maxlen: 23
80.241.16.0/20 maxlen: 21
84.112.0.0/14 maxlen: 15
84.115.208.0/20 maxlen: 20
84.115.224.0/20 maxlen: 20
185.35.152.0/22 maxlen: 23
195.34.128.0/23 maxlen: 24
195.34.131.0/24 maxlen: 24
195.34.136.0/21 maxlen: 22
195.34.144.0/20 maxlen: 21
212.17.64.0/18 maxlen: 19
212.186.0.0/16 maxlen: 17
213.47.0.0/17 maxlen: 18
213.47.128.0/18 maxlen: 19
213.47.192.0/20 maxlen: 21
213.47.208.0/21 maxlen: 22
213.47.216.0/22 maxlen: 23
213.47.224.0/19 maxlen: 20
217.25.112.0/20 maxlen: 22
217.25.122.0/23 maxlen: 23
2a00:e360::/32 maxlen: 33
2a02:8380::/28 maxlen: 29
2a02:8380::/30 maxlen: 33
2a02:8383:1d::/48 maxlen: 48
2a02:8384::/31 maxlen: 32
2a02:8384:8000::/36 maxlen: 40
2a02:8388::/29 maxlen: 30
2a02:8388::/31 maxlen: 36
2a02:8389:c000::/36 maxlen: 36
2a02:838a::/41 maxlen: 44
2a02:838a:2000::/36 maxlen: 40
2a02:838c::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 28 Apr 2025 10:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:b5:22:2c:19:11:64:52:50:28:29:09:c1:dc:92:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Validity
Not Before: Apr 28 09:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d62e7383a15f51ffa2048b24a3ae598b9dfda76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:dc:61:89:f9:87:9d:67:27:42:3e:bb:68:bd:
b0:5f:21:14:fb:a9:6d:dd:f9:63:a4:56:c3:84:e6:
fb:90:2e:13:ac:89:09:d2:2a:e3:9e:fb:29:a3:1f:
1c:ea:e2:b4:5a:c5:dd:6e:4f:71:ed:f6:a5:8e:25:
be:11:81:1a:cc:44:ca:58:7f:3f:05:99:93:d3:95:
a6:a9:f6:60:c7:38:75:d3:cb:e7:8c:46:8b:e5:e9:
84:14:bf:ff:70:73:ba:30:db:a5:44:65:a9:8f:f2:
08:04:e4:c2:8c:3b:3a:9f:20:c8:92:be:62:d2:06:
fc:9c:de:b2:a9:a9:81:84:93:70:3e:74:a7:26:55:
a8:20:fd:6d:32:07:87:02:3e:19:1b:2a:ea:55:d2:
11:29:61:85:35:d5:92:ca:f9:a9:17:39:ca:83:ef:
e3:87:3f:49:72:c3:5d:b0:4f:7a:47:ce:4b:93:a1:
c3:26:6e:a5:4e:cf:5a:17:e8:22:e3:49:16:c2:3f:
d1:81:dd:91:29:0d:19:79:3d:56:b5:1d:02:0c:25:
cd:ad:72:24:07:98:a3:d3:87:d7:ca:ae:5e:dd:5c:
e6:0d:5b:6b:c5:f4:ab:da:23:61:ba:cc:79:83:9f:
27:b8:58:08:0f:40:c9:0b:f9:7a:6e:60:77:97:f3:
5e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:62:E7:38:3A:15:F5:1F:FA:20:48:B2:4A:3A:E5:98:B9:DF:DA:76
X509v3 Authority Key Identifier:
keyid:89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/bWLnODoV9R_6IEiySjrlmLnf2nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.178.0.0/16
80.108.0.0-80.110.255.255
80.241.16.0/20
84.112.0.0/14
185.35.152.0/22
195.34.128.0/23
195.34.131.0/24
195.34.136.0-195.34.159.255
212.17.64.0/18
212.186.0.0/16
213.47.0.0-213.47.219.255
213.47.224.0/19
217.25.112.0/20
IPv6:
2a00:e360::/32
2a02:8380::/28
Signature Algorithm: sha256WithRSAEncryption
83:ac:f2:ec:f1:29:6e:7c:88:bf:c4:89:39:59:79:91:57:c6:
2c:4b:f4:05:50:b9:5d:74:38:f1:dc:6a:7d:70:1b:27:2a:23:
85:00:91:d8:7e:ec:3e:32:a0:f1:69:47:5a:7e:22:0c:09:96:
41:00:d0:dd:99:17:c6:1a:bc:34:b9:f1:c7:8b:d5:7a:fd:64:
12:ce:97:a3:1c:3c:c2:25:f1:cc:f6:1b:14:69:c3:3f:4a:54:
58:3a:e3:f8:c7:aa:21:a8:6a:28:5c:a4:ab:0b:9a:9a:b2:03:
4c:79:76:ee:d9:41:38:e4:91:fb:bc:fe:26:86:66:8a:cf:78:
13:bb:e6:ac:c7:c2:4b:43:e4:72:9e:60:42:32:fb:e4:05:d3:
3f:22:f5:01:c4:a8:db:13:be:29:41:f0:0e:bb:8c:67:1f:a1:
92:42:26:c3:77:dc:64:c5:5b:ce:60:95:ee:b2:81:7d:f0:f4:
54:65:49:6c:29:49:94:c0:87:19:ca:ce:b8:de:05:fd:5a:33:
11:bd:e9:e5:e5:e1:7b:33:cf:2c:53:c7:a3:de:2f:c7:04:50:
bc:4a:b5:ff:4d:e0:01:55:29:d5:06:c6:53:ad:6a:b4:b1:e9:
af:68:a7:f2:ff:70:98:ca:8c:56:69:46:1f:27:59:59:ba:ef:
b5:a0:54:c4
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZZ7tSIsGRFkUlAoKQnB3JJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjVmYWQxOGRkOTExMDQxM2EzMWI0ZDhlMTg3NjVhMjdk
NGMzZjEwHhcNMjUwNDI4MDkyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDYyZTczODNhMTVmNTFmZmEyMDQ4YjI0YTNhZTU5OGI5ZGZkYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NxhifmHnWcnQj67aL2wXyEU+6lt
3fljpFbDhOb7kC4TrIkJ0irjnvspox8c6uK0WsXdbk9x7faljiW+EYEazETKWH8/
BZmT05WmqfZgxzh108vnjEaL5emEFL//cHO6MNulRGWpj/IIBOTCjDs6nyDIkr5i
0gb8nN6yqamBhJNwPnSnJlWoIP1tMgeHAj4ZGyrqVdIRKWGFNdWSyvmpFznKg+/j
hz9JcsNdsE96R85Lk6HDJm6lTs9aF+gi40kWwj/Rgd2RKQ0ZeT1WtR0CDCXNrXIk
B5ij04fXyq5e3VzmDVtrxfSr2iNhusx5g58nuFgID0DJC/l6bmB3l/NeswIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFG1i5zg6FfUf+iBIsko65Zi539p2MB8GA1UdIwQY
MBaAFIm1+tGN2REEE6MbTY4Ydlon1MPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAt
NDI1MGNlNTUxN2Q5LzEvYldMbk9Eb1Y5Ul82SUVpeVNqcmxtTG5mMm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAtNDI1MGNlNTUxN2Q5
LzEvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADAwA+sjAK
AwMCUGwDAwBQbgMEBFDxEAMDAlRwAwQCuSOYAwQBwyKAAwQAwyKDMAwDBAPDIogD
BAXDIoADBAbUEUADAwDUujALAwMA1S8DBALVL9gDBAXVL+ADBATZGXAwFAQCAAIw
DgMFACoA42ADBQQqAoOAMA0GCSqGSIb3DQEBCwUAA4IBAQCDrPLs8SlufIi/xIk5
WXmRV8YsS/QFULlddDjx3Gp9cBsnKiOFAJHYfuw+MqDxaUdafiIMCZZBANDdmRfG
Grw0ufHHi9V6/WQSzpejHDzCJfHM9hsUacM/SlRYOuP4x6ohqGooXKSrC5qasgNM
eXbu2UE45JH7vP4mhmaKz3gTu+asx8JLQ+RynmBCMvvkBdM/IvUBxKjbE74pQfAO
u4xnH6GSQibDd9xkxVvOYJXusoF98PRUZUlsKUmUwIcZys643gX9WjMRvenl5eF7
M88sU8ej3i/HBFC8SrX/TeABVSnVBsZTrWq0semvaKfy/3CYyoxWaUYfJ1lZuu+1
oFTE
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:13:29 2025 by rpki-client