Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/OBtpitDWjUx70DC3M0l7JDfqgcY.roa
File: OBtpitDWjUx70DC3M0l7JDfqgcY.roa (raw, json)
Hash identifier: gNJ8hCdbWVyk2ETSFO7F3v/mEEbUn+WF4Mv0QKQ2rpc=
Subject key identifier: 38:1B:69:8A:D0:D6:8D:4C:7B:D0:30:B7:33:49:7B:24:37:EA:81:C6
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 019634018F92024D6A17B546C8BCB4BF787A
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/OBtpitDWjUx70DC3M0l7JDfqgcY.roa
Signing time: Mon 14 Apr 2025 11:13:59 +0000
ROA not before: Mon 14 Apr 2025 11:13:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 46.254.0.0/21 maxlen: 24
62.249.192.0/18 maxlen: 18
78.32.0.0/15 maxlen: 15
79.143.144.0/20 maxlen: 20
81.31.96.0/19 maxlen: 19
84.45.128.0/17 maxlen: 24
87.127.0.0/16 maxlen: 16
109.224.160.0/19 maxlen: 19
156.67.240.0/20 maxlen: 24
185.81.192.0/22 maxlen: 24
185.101.148.0/22 maxlen: 24
185.129.72.0/22 maxlen: 24
185.220.12.0/22 maxlen: 22
188.39.0.0/16 maxlen: 16
195.74.96.0/19 maxlen: 19
2001:4d48::/29 maxlen: 29
2001:4d48::/32 maxlen: 32
2a05:8940::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Apr 2025 11:42:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:01:8f:92:02:4d:6a:17:b5:46:c8:bc:b4:bf:78:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Apr 14 11:13:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=381b698ad0d68d4c7bd030b733497b2437ea81c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:90:b3:0f:b6:fa:a5:63:5b:fe:e6:9a:06:ea:
0e:6a:d9:be:85:83:a9:2b:da:79:98:b8:f3:b1:ae:
20:a8:46:f6:3e:99:53:27:3d:c1:ab:2a:82:b5:75:
b9:9f:b7:24:42:a3:a3:3b:0b:2f:de:8c:85:b1:0d:
80:b5:cc:bc:71:d9:61:15:28:2b:4b:45:6a:07:43:
46:9b:4c:b1:c6:b2:fc:6b:0b:2c:4e:9f:13:71:12:
53:ab:74:83:86:7f:bc:5a:5f:2a:75:49:e8:b6:b8:
2a:85:2d:a8:8e:46:28:5b:c5:4d:84:4d:3e:18:d4:
e7:44:f0:72:cc:56:d4:00:fa:e2:b9:82:6b:8e:41:
bc:85:fb:30:22:4d:d6:3e:0b:16:3d:bb:62:f7:36:
71:c1:79:4d:41:50:be:88:27:07:e7:48:03:a5:e9:
b4:23:3b:d6:22:33:ce:7d:65:3b:e6:9d:91:53:f7:
c6:14:9e:ab:11:50:ef:10:55:a0:65:c5:be:21:83:
25:8d:ba:68:1f:4b:36:bd:d4:5c:ce:ea:38:07:8e:
bb:a1:55:e1:f8:84:06:64:7c:99:44:e2:12:ea:ff:
83:4b:ec:a9:f7:37:9b:93:b4:41:af:ef:71:42:12:
f6:f6:70:0c:8f:0f:53:c3:29:7d:e2:2a:f2:42:51:
7b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1B:69:8A:D0:D6:8D:4C:7B:D0:30:B7:33:49:7B:24:37:EA:81:C6
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/OBtpitDWjUx70DC3M0l7JDfqgcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.0.0/21
62.249.192.0/18
78.32.0.0/15
79.143.144.0/20
81.31.96.0/19
84.45.128.0/17
87.127.0.0/16
109.224.160.0/19
156.67.240.0/20
185.81.192.0/22
185.101.148.0/22
185.129.72.0/22
185.220.12.0/22
188.39.0.0/16
195.74.96.0/19
IPv6:
2001:4d48::/29
2a05:8940::/29
Signature Algorithm: sha256WithRSAEncryption
b0:51:da:fe:33:5b:0e:bc:69:e9:67:41:c4:e7:e3:a8:dd:26:
6a:51:e4:8c:fd:94:fb:b9:4c:12:82:75:da:6a:96:2c:8b:34:
d2:af:e3:c3:3b:d4:4b:d7:1f:ef:94:52:f8:11:6b:50:c3:d7:
50:ca:27:58:5a:6b:48:95:56:5f:e0:c8:1b:b4:47:97:23:aa:
d5:7d:98:d8:a2:fd:8e:6e:f4:3c:89:02:90:90:14:dd:ec:89:
62:6b:08:2a:8a:2e:39:00:72:2c:7c:88:5b:51:bd:94:7e:97:
21:5b:b3:08:9c:d3:b4:51:7f:53:07:f3:d8:01:b7:02:8e:6d:
b8:40:46:b1:0e:b3:17:0a:12:a4:d4:23:20:a7:6e:65:cc:1d:
5a:ba:ab:e0:26:3f:5c:e9:ba:b6:60:97:a7:0b:d6:b8:4c:54:
85:a1:09:04:ca:3a:46:87:c2:cb:f1:e2:8f:20:db:fa:24:8c:
fc:c6:98:db:67:42:e7:b4:19:01:e5:6c:bf:5c:0c:20:07:b3:
2e:80:c6:05:af:96:59:ba:42:eb:fa:2d:87:50:05:7b:69:36:
ff:49:56:56:8c:3c:04:e8:5d:a9:cc:e9:86:d1:a6:7c:6a:be:
e6:4d:fb:29:5b:7b:66:aa:3a:14:21:a8:00:91:96:ed:e8:cd:
5f:5d:76:69
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZY0AY+SAk1qF7VGyLy0v3h6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjUwNDE0MTExMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFiNjk4YWQwZDY4ZDRjN2JkMDMwYjczMzQ5N2IyNDM3ZWE4MWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5CzD7b6pWNb/uaaBuoOatm+hYOp
K9p5mLjzsa4gqEb2PplTJz3BqyqCtXW5n7ckQqOjOwsv3oyFsQ2Atcy8cdlhFSgr
S0VqB0NGm0yxxrL8awssTp8TcRJTq3SDhn+8Wl8qdUnotrgqhS2ojkYoW8VNhE0+
GNTnRPByzFbUAPriuYJrjkG8hfswIk3WPgsWPbti9zZxwXlNQVC+iCcH50gDpem0
IzvWIjPOfWU75p2RU/fGFJ6rEVDvEFWgZcW+IYMljbpoH0s2vdRczuo4B467oVXh
+IQGZHyZROIS6v+DS+yp9zebk7RBr+9xQhL29nAMjw9Twyl94iryQlF7HQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFDgbaYrQ1o1Me9AwtzNJeyQ36oHGMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvT0J0cGl0RFdqVXg3MERDM00wbDdKRGZxZ2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwXQQCAAEwVwMEAy7+AAME
Bj75wAMDAU4gAwQET4+QAwQFUR9gAwQHVC2AAwMAV38DBAVt4KADBAScQ/ADBAK5
UcADBAK5ZZQDBAK5gUgDBAK53AwDAwC8JwMEBcNKYDAUBAIAAjAOAwUDIAFNSAMF
AyoFiUAwDQYJKoZIhvcNAQELBQADggEBALBR2v4zWw68aelnQcTn46jdJmpR5Iz9
lPu5TBKCddpqliyLNNKv48M71EvXH++UUvgRa1DD11DKJ1haa0iVVl/gyBu0R5cj
qtV9mNii/Y5u9DyJApCQFN3siWJrCCqKLjkAcix8iFtRvZR+lyFbswic07RRf1MH
89gBtwKObbhARrEOsxcKEqTUIyCnbmXMHVq6q+AmP1zpurZgl6cL1rhMVIWhCQTK
OkaHwsvx4o8g2/okjPzGmNtnQue0GQHlbL9cDCAHsy6AxgWvllm6Quv6LYdQBXtp
Nv9JVlaMPAToXanM6YbRpnxqvuZN+ylbe2aqOhQhqACRlu3ozV9ddmk=
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:35:02 2025 by rpki-client