Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/A7qQBAtK5opjVNkTUeC5CeByvSM.roa
File: A7qQBAtK5opjVNkTUeC5CeByvSM.roa (raw, json)
Hash identifier: SBw3DR5RBoShEGt7yTfWxPwC+x0TPtt3jYj/tqVlMNY=
Subject key identifier: 03:BA:90:04:0B:4A:E6:8A:63:54:D9:13:51:E0:B9:09:E0:72:BD:23
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 0196200AA9DF6AF9F996DC123667978304C5
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/A7qQBAtK5opjVNkTUeC5CeByvSM.roa
Signing time: Thu 10 Apr 2025 14:11:31 +0000
ROA not before: Thu 10 Apr 2025 14:11:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 46.254.0.0/21 maxlen: 21
62.249.192.0/18 maxlen: 18
78.32.0.0/15 maxlen: 15
79.143.144.0/20 maxlen: 20
81.31.96.0/19 maxlen: 19
84.45.128.0/17 maxlen: 17
87.127.0.0/16 maxlen: 16
109.224.160.0/19 maxlen: 19
156.67.240.0/20 maxlen: 24
185.81.192.0/22 maxlen: 24
185.129.72.0/22 maxlen: 24
185.220.12.0/22 maxlen: 22
188.39.0.0/16 maxlen: 16
195.74.96.0/19 maxlen: 19
2001:4d48::/29 maxlen: 29
2001:4d48::/32 maxlen: 32
2a05:8940::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 10 Apr 2025 14:46:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:0a:a9:df:6a:f9:f9:96:dc:12:36:67:97:83:04:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Apr 10 14:11:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03ba90040b4ae68a6354d91351e0b909e072bd23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:28:07:0b:87:68:ba:6b:f5:6b:a7:14:3b:9b:
be:23:41:b6:cf:fe:1b:da:08:9c:1f:1d:9e:3d:d0:
9b:d2:3d:83:51:87:2c:05:e6:72:59:86:42:0a:e7:
0d:19:92:ee:7a:4c:b1:c1:64:d1:6c:f2:46:c5:77:
ac:0a:0b:05:6e:78:75:5f:18:03:e2:5b:43:8d:df:
1c:2f:d5:df:06:47:fe:d6:86:98:bd:7b:a2:cd:84:
25:c0:9f:c6:33:ba:fe:ef:16:95:d8:8b:c3:ca:b5:
df:a7:26:2c:47:94:f1:0d:41:64:b0:52:21:b3:54:
be:27:83:d6:af:3c:e1:8f:41:3a:7f:82:37:5b:95:
f3:58:ee:91:f9:db:36:41:4e:d9:cd:67:a8:d0:c5:
fc:cd:22:17:ef:b6:3e:0d:42:a0:0d:b2:d4:bd:67:
e9:fa:97:bc:8e:72:10:1b:0a:5a:79:48:b6:69:18:
6a:63:3e:33:83:c2:93:87:30:af:72:c2:7c:9f:b7:
89:04:96:7f:e3:bb:80:e7:16:4a:6b:10:18:a3:e8:
36:ab:cd:51:8a:a0:8c:12:cc:40:e1:d5:b9:a2:5e:
05:5e:70:a2:60:47:60:2c:7e:47:49:b8:4e:5c:a6:
f0:15:a2:34:45:9c:da:32:3b:25:64:9a:5f:c7:18:
cc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:BA:90:04:0B:4A:E6:8A:63:54:D9:13:51:E0:B9:09:E0:72:BD:23
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/A7qQBAtK5opjVNkTUeC5CeByvSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.0.0/21
62.249.192.0/18
78.32.0.0/15
79.143.144.0/20
81.31.96.0/19
84.45.128.0/17
87.127.0.0/16
109.224.160.0/19
156.67.240.0/20
185.81.192.0/22
185.129.72.0/22
185.220.12.0/22
188.39.0.0/16
195.74.96.0/19
IPv6:
2001:4d48::/29
2a05:8940::/29
Signature Algorithm: sha256WithRSAEncryption
87:60:a3:32:7e:43:c3:74:d6:c7:31:5e:97:73:f7:8f:27:76:
68:1c:b9:f6:61:31:75:b2:8e:f3:db:97:ac:87:de:4d:37:95:
e9:32:a2:2e:ba:72:e7:6a:2c:05:68:c3:29:45:7d:bb:11:e0:
a0:52:e1:d7:d7:d0:60:96:c3:a0:4e:ca:83:4a:e5:94:01:e5:
52:64:55:32:d2:6d:b8:06:4a:85:e3:64:89:4a:dc:ca:d4:16:
cd:94:20:97:31:77:8d:6d:bb:9b:f1:a6:19:4b:af:58:6d:63:
ff:7c:c3:2b:1c:78:72:f4:59:1a:dd:17:80:b5:4f:54:17:f5:
19:97:4b:c7:f6:1e:19:ff:df:63:62:0f:ba:02:d7:46:01:de:
8b:11:d2:b7:b5:4f:0b:23:43:8d:ef:aa:32:55:e4:e0:80:77:
cd:d2:be:0a:80:c3:0e:0c:f0:28:ae:f8:d4:5c:28:e4:44:67:
c9:fd:18:4d:06:64:10:b8:bc:2b:bd:d2:93:a2:e6:c0:29:55:
84:54:0e:ba:5f:ec:ec:17:78:e0:4d:97:ce:51:0b:52:21:a3:
f1:60:4d:31:60:58:90:e4:54:ac:23:7f:95:8c:26:f4:6f:cc:
60:a0:fb:a9:a1:9d:f2:a6:0a:06:41:76:24:56:92:4a:ce:b7:
b1:33:39:c0
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZYgCqnfavn5ltwSNmeXgwTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjUwNDEwMTQxMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2JhOTAwNDBiNGFlNjhhNjM1NGQ5MTM1MWUwYjkwOWUwNzJiZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSgHC4doumv1a6cUO5u+I0G2z/4b
2gicHx2ePdCb0j2DUYcsBeZyWYZCCucNGZLuekyxwWTRbPJGxXesCgsFbnh1XxgD
4ltDjd8cL9XfBkf+1oaYvXuizYQlwJ/GM7r+7xaV2IvDyrXfpyYsR5TxDUFksFIh
s1S+J4PWrzzhj0E6f4I3W5XzWO6R+ds2QU7ZzWeo0MX8zSIX77Y+DUKgDbLUvWfp
+pe8jnIQGwpaeUi2aRhqYz4zg8KThzCvcsJ8n7eJBJZ/47uA5xZKaxAYo+g2q81R
iqCMEsxA4dW5ol4FXnCiYEdgLH5HSbhOXKbwFaI0RZzaMjslZJpfxxjMLQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFAO6kAQLSuaKY1TZE1HguQngcr0jMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvQTdxUUJBdEs1b3BqVk5rVFVlQzVDZUJ5dlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wVwQCAAEwUQMEAy7+AAME
Bj75wAMDAU4gAwQET4+QAwQFUR9gAwQHVC2AAwMAV38DBAVt4KADBAScQ/ADBAK5
UcADBAK5gUgDBAK53AwDAwC8JwMEBcNKYDAUBAIAAjAOAwUDIAFNSAMFAyoFiUAw
DQYJKoZIhvcNAQELBQADggEBAIdgozJ+Q8N01scxXpdz948ndmgcufZhMXWyjvPb
l6yH3k03lekyoi66cudqLAVowylFfbsR4KBS4dfX0GCWw6BOyoNK5ZQB5VJkVTLS
bbgGSoXjZIlK3MrUFs2UIJcxd41tu5vxphlLr1htY/98wysceHL0WRrdF4C1T1QX
9RmXS8f2Hhn/32NiD7oC10YB3osR0re1TwsjQ43vqjJV5OCAd83SvgqAww4M8Ciu
+NRcKOREZ8n9GE0GZBC4vCu90pOi5sApVYRUDrpf7OwXeOBNl85RC1Iho/FgTTFg
WJDkVKwjf5WMJvRvzGCg+6mhnfKmCgZBdiRWkkrOt7EzOcA=
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:09:17 2025 by rpki-client