Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/iM-N7UCPDJiFGor_TWxLiaj4uA8.roa
File: iM-N7UCPDJiFGor_TWxLiaj4uA8.roa (raw, json)
Hash identifier: rq7YLoSs40K7gB5Aq0t8NRPyBZBYAcVjTFne9aFzYA8=
Subject key identifier: 88:CF:8D:ED:40:8F:0C:98:85:1A:8A:FF:4D:6C:4B:89:A8:F8:B8:0F
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 019634BD3E22919F973B0B104F0B1E9BBC44
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/iM-N7UCPDJiFGor_TWxLiaj4uA8.roa
Signing time: Mon 14 Apr 2025 14:38:59 +0000
ROA not before: Mon 14 Apr 2025 14:38:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 46.254.0.0/21 maxlen: 24
62.249.192.0/18 maxlen: 24
78.32.0.0/15 maxlen: 24
79.143.144.0/20 maxlen: 24
81.31.96.0/19 maxlen: 24
84.45.128.0/17 maxlen: 24
87.127.0.0/16 maxlen: 24
109.224.160.0/19 maxlen: 24
156.67.240.0/20 maxlen: 24
185.81.192.0/22 maxlen: 24
185.101.148.0/22 maxlen: 24
185.129.72.0/22 maxlen: 24
185.220.12.0/22 maxlen: 24
188.39.0.0/16 maxlen: 24
195.74.96.0/19 maxlen: 24
2001:4d48::/29 maxlen: 48
2001:4d48::/32 maxlen: 32
2a05:8940::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Apr 2025 08:43:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:bd:3e:22:91:9f:97:3b:0b:10:4f:0b:1e:9b:bc:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Apr 14 14:38:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88cf8ded408f0c98851a8aff4d6c4b89a8f8b80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8c:07:27:80:36:ce:31:8b:22:2d:6e:0f:c5:
23:b0:0b:43:0c:2d:d5:09:ff:75:1e:3a:04:a8:de:
a2:98:3c:f8:5c:f6:a0:dd:63:b0:b8:a4:f7:d7:91:
7d:0e:93:06:15:d8:3d:9d:38:bd:a7:18:67:9c:6c:
34:80:70:d6:94:da:c6:1a:14:5c:49:34:7e:2b:2a:
ed:00:37:66:0a:3a:50:c2:df:6e:25:2f:f2:49:60:
b5:f8:ab:43:47:82:58:59:c1:92:64:41:68:b9:3c:
da:66:cd:a6:a0:cd:fb:bc:ed:ca:3c:c6:01:3c:a5:
67:cf:59:5e:3d:e3:62:0e:3c:bd:e2:06:58:aa:2d:
12:57:e4:51:8c:88:f5:c8:33:b7:c0:93:44:c1:78:
04:dd:9e:f6:f6:15:60:46:2d:66:64:9e:24:c4:13:
a2:6b:c2:bc:5b:b9:87:41:33:ed:42:0d:69:9f:f4:
7d:72:41:a1:f7:56:7f:b5:3e:e8:e4:58:20:98:80:
19:95:ab:71:43:25:85:cb:64:54:e4:4b:bc:07:93:
bf:50:4e:c6:ab:13:71:ca:e7:c2:96:34:76:15:4b:
4a:3a:37:5a:44:b1:f8:6c:56:6c:7b:39:de:2b:15:
d7:2b:10:c8:18:65:1e:82:24:62:04:49:1b:22:d4:
14:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:CF:8D:ED:40:8F:0C:98:85:1A:8A:FF:4D:6C:4B:89:A8:F8:B8:0F
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/iM-N7UCPDJiFGor_TWxLiaj4uA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.0.0/21
62.249.192.0/18
78.32.0.0/15
79.143.144.0/20
81.31.96.0/19
84.45.128.0/17
87.127.0.0/16
109.224.160.0/19
156.67.240.0/20
185.81.192.0/22
185.101.148.0/22
185.129.72.0/22
185.220.12.0/22
188.39.0.0/16
195.74.96.0/19
IPv6:
2001:4d48::/29
2a05:8940::/29
Signature Algorithm: sha256WithRSAEncryption
68:7a:10:31:f9:95:d3:22:94:de:5b:ad:b8:42:09:98:e6:af:
1c:70:05:23:21:10:d2:58:a5:f6:13:8a:20:f4:e5:e1:fc:aa:
e8:6b:d8:89:21:ac:37:79:40:d8:6a:bc:a8:a5:7e:6d:eb:ef:
93:a1:29:20:90:45:c8:f6:4d:a7:2b:5e:98:38:43:f0:1f:5a:
c8:ad:a5:bc:20:4d:eb:b9:ca:cc:01:1f:2d:cb:ee:ec:e1:e0:
66:4a:15:aa:00:4b:8c:54:5c:03:b8:50:da:5d:18:b6:bf:6a:
81:08:2f:cd:fc:bc:45:ff:31:9b:97:cd:8a:d5:04:7c:26:8c:
29:bd:4f:11:8f:1a:ef:63:36:b5:a2:e9:02:3d:f3:ae:fe:04:
8b:20:ca:47:30:10:14:a1:98:8c:cd:cd:07:cd:cc:2b:77:02:
cd:39:f4:a2:d1:17:28:e8:d1:18:32:89:b2:a8:d9:25:cb:e9:
5e:39:fa:5c:91:10:2d:8a:9f:6e:af:69:6e:6e:fe:13:d9:bd:
fb:5e:91:79:bf:4b:a9:f8:3a:8b:98:52:b4:62:c0:fe:b9:a4:
50:6f:ed:b8:19:1f:30:c7:84:a7:40:18:8b:1f:d3:9f:d4:f2:
b3:0b:0c:8b:60:4b:4f:60:41:4c:03:9e:d5:29:b5:b5:28:64:
0f:e6:93:4b
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZY0vT4ikZ+XOwsQTwsem7xEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjUwNDE0MTQzODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGNmOGRlZDQwOGYwYzk4ODUxYThhZmY0ZDZjNGI4OWE4ZjhiODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIwHJ4A2zjGLIi1uD8UjsAtDDC3V
Cf91HjoEqN6imDz4XPag3WOwuKT315F9DpMGFdg9nTi9pxhnnGw0gHDWlNrGGhRc
STR+KyrtADdmCjpQwt9uJS/ySWC1+KtDR4JYWcGSZEFouTzaZs2moM37vO3KPMYB
PKVnz1lePeNiDjy94gZYqi0SV+RRjIj1yDO3wJNEwXgE3Z729hVgRi1mZJ4kxBOi
a8K8W7mHQTPtQg1pn/R9ckGh91Z/tT7o5FggmIAZlatxQyWFy2RU5Eu8B5O/UE7G
qxNxyufCljR2FUtKOjdaRLH4bFZsezneKxXXKxDIGGUegiRiBEkbItQUPQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFIjPje1AjwyYhRqK/01sS4mo+LgPMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvaU0tTjdVQ1BESmlGR29yX1RXeExpYWo0dUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwXQQCAAEwVwMEAy7+AAME
Bj75wAMDAU4gAwQET4+QAwQFUR9gAwQHVC2AAwMAV38DBAVt4KADBAScQ/ADBAK5
UcADBAK5ZZQDBAK5gUgDBAK53AwDAwC8JwMEBcNKYDAUBAIAAjAOAwUDIAFNSAMF
AyoFiUAwDQYJKoZIhvcNAQELBQADggEBAGh6EDH5ldMilN5brbhCCZjmrxxwBSMh
ENJYpfYTiiD05eH8quhr2IkhrDd5QNhqvKilfm3r75OhKSCQRcj2TacrXpg4Q/Af
WsitpbwgTeu5yswBHy3L7uzh4GZKFaoAS4xUXAO4UNpdGLa/aoEIL838vEX/MZuX
zYrVBHwmjCm9TxGPGu9jNrWi6QI9867+BIsgykcwEBShmIzNzQfNzCt3As059KLR
Fyjo0RgyibKo2SXL6V45+lyREC2Kn26vaW5u/hPZvftekXm/S6n4OouYUrRiwP65
pFBv7bgZHzDHhKdAGIsf05/U8rMLDItgS09gQUwDntUptbUoZA/mk0s=
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:34:27 2025 by rpki-client