Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/TZYrHboLxbJas3ddpsSzXFSCPYk.roa
File: TZYrHboLxbJas3ddpsSzXFSCPYk.roa (raw, json)
Hash identifier: H3+D1OKt2vRuNfWij/2y0PuHIjUjdC+cDDEea38NCl0=
Subject key identifier: 4D:96:2B:1D:BA:0B:C5:B2:5A:B3:77:5D:A6:C4:B3:5C:54:82:3D:89
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01975410D21B54BB444B658CF1FAF2BED1EC
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/TZYrHboLxbJas3ddpsSzXFSCPYk.roa
Signing time: Mon 09 Jun 2025 09:41:17 +0000
ROA not before: Mon 09 Jun 2025 09:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12430
IP address blocks: 2.152.0.0/14 maxlen: 17
2.152.0.0/16 maxlen: 16
2.154.0.0/15 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
2.155.0.0/16 maxlen: 16
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.101.160.0/19 maxlen: 19
62.117.128.0/17 maxlen: 17
62.174.0.0/15 maxlen: 19
80.174.0.0/16 maxlen: 17
80.224.0.0/16 maxlen: 16
81.60.0.0/15 maxlen: 18
81.172.0.0/17 maxlen: 17
81.184.0.0/16 maxlen: 16
81.202.0.0/15 maxlen: 15
81.202.0.0/16 maxlen: 16
82.158.0.0/15 maxlen: 16
82.159.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
83.138.192.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 16
89.141.0.0/16 maxlen: 16
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.22.32.0/19 maxlen: 20
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.122.96.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
213.254.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 16 Jun 2025 08:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:10:d2:1b:54:bb:44:4b:65:8c:f1:fa:f2:be:d1:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 9 09:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d962b1dba0bc5b25ab3775da6c4b35c54823d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:ca:89:9f:7d:39:60:5d:fd:ff:76:8a:d7:ae:
04:01:d9:5a:0d:0e:7d:92:df:a1:7a:c1:47:f6:6e:
cd:41:cb:5c:3b:71:86:0c:bb:57:b0:f3:04:04:d0:
15:d7:fc:db:f1:39:8e:f2:a1:01:57:93:21:3f:2e:
00:d9:2e:6a:7a:74:ad:e7:e0:72:cd:39:74:48:9e:
52:c6:4f:74:1e:4e:b6:a3:8e:38:11:25:88:17:6b:
71:ef:50:8c:d5:9e:7e:6d:c3:3e:9b:84:c9:8c:4d:
99:fa:71:5a:53:a7:56:d2:de:64:2b:1f:f2:4a:10:
c3:cf:c2:f7:c5:1b:1f:26:c0:c3:09:91:59:7f:ce:
28:27:c5:c6:ff:b6:ba:1b:e3:09:59:43:4e:08:3b:
bd:e0:47:89:68:e2:29:6f:e2:44:8a:be:d7:98:d9:
ad:f8:b5:b7:a8:d0:22:62:83:74:78:7f:b4:f0:b2:
fa:3a:a2:18:2b:fb:67:b4:91:52:4e:0f:c9:57:1c:
79:f4:bc:55:93:c1:cf:ee:12:c4:a4:5c:d6:4b:9f:
f4:3e:d8:59:3b:2c:36:6f:72:68:05:72:9d:b5:dd:
73:27:04:a8:f8:8a:cb:1c:1f:b0:14:63:29:5b:18:
99:d3:7a:ef:53:64:fa:f2:95:0d:6c:85:e1:e3:de:
96:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:96:2B:1D:BA:0B:C5:B2:5A:B3:77:5D:A6:C4:B3:5C:54:82:3D:89
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/TZYrHboLxbJas3ddpsSzXFSCPYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.117.128.0/17
62.174.0.0/15
80.174.0.0/16
80.224.0.0/16
81.60.0.0/15
81.172.0.0/17
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/15
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.22.32.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.122.96.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7d:9d:8e:ed:06:a0:1c:bc:b7:f9:f3:92:99:d6:5e:f1:92:87:
60:ca:51:f0:cb:83:6f:89:ba:7d:0a:4a:83:33:df:55:dd:59:
56:0f:5e:b9:86:b3:48:f1:dc:93:2d:58:1f:98:ba:be:37:44:
81:20:bc:b2:01:40:80:90:80:c9:6b:7f:7d:2f:56:89:63:de:
db:4b:3f:8c:1e:12:1e:a3:45:18:4a:e1:04:7f:d0:f9:17:15:
a1:d4:a9:4c:ad:9b:c9:3b:0e:f8:21:69:9d:50:34:88:25:d2:
6f:74:92:81:fb:3b:c0:26:d6:e2:40:fe:f6:9d:c2:60:e1:a8:
02:5b:db:cb:59:6f:75:86:2e:b7:a4:f3:94:df:11:cd:60:d1:
df:8f:f5:03:0c:54:62:d9:e0:2c:cf:99:56:74:f7:2a:2d:2c:
8a:42:f5:d4:97:2d:a0:ff:64:b0:77:f3:ca:c4:5c:98:60:eb:
05:08:63:84:05:1d:79:f5:38:64:c6:40:0d:fa:11:3c:af:46:
eb:de:e3:84:28:01:16:42:c4:02:e6:0f:59:04:6a:8c:7c:06:
cd:a5:23:c8:d7:a2:60:28:40:01:55:32:57:3c:d1:78:88:ee:
3c:05:95:2c:75:0f:09:dc:9e:35:16:cf:95:93:47:52:08:4f:
55:4d:8b:af
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZdUENIbVLtES2WM8fryvtHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwNjA5MDk0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk2MmIxZGJhMGJjNWIyNWFiMzc3NWRhNmM0YjM1YzU0ODIzZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9cqJn305YF39/3aK164EAdlaDQ59
kt+hesFH9m7NQctcO3GGDLtXsPMEBNAV1/zb8TmO8qEBV5MhPy4A2S5qenSt5+By
zTl0SJ5Sxk90Hk62o444ESWIF2tx71CM1Z5+bcM+m4TJjE2Z+nFaU6dW0t5kKx/y
ShDDz8L3xRsfJsDDCZFZf84oJ8XG/7a6G+MJWUNOCDu94EeJaOIpb+JEir7XmNmt
+LW3qNAiYoN0eH+08LL6OqIYK/tntJFSTg/JVxx59LxVk8HP7hLEpFzWS5/0PthZ
Oyw2b3JoBXKdtd1zJwSo+IrLHB+wFGMpWxiZ03rvU2T68pUNbIXh496WBQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFE2WKx26C8WyWrN3XabEs1xUgj2JMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvVFpZckhib0x4YkphczNkZHBzU3pYRlNDUFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwMC
ApgDAwAFKAMDAT4qAwMAPjkwCgMDAD5RAwMCPlADBAU+ZGADBAU+ZaADBAc+dYAD
AwE+rgMDAFCuAwMAUOADAwFRPAMEB1GsAAMDAFG4AwMBUcoDAwFSngMEBlLVgAME
BlOKwAMEBlOtgAMDA1R4AwQHVdsAAwMAVfsDAwFZjAMDAF8nAwQCuYCAAwQFwmoA
AwQGwoyAAwQFwpXAAwQF1BXgAwQF1BYgAwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/A
AwQF1GGgAwQF1HpgAwQG1LfAAwMA1SUDBAfVyQADBAbV4wADBAbV50ADBAbV/kAw
DQYJKoZIhvcNAQELBQADggEBAH2dju0GoBy8t/nzkpnWXvGSh2DKUfDLg2+Jun0K
SoMz31XdWVYPXrmGs0jx3JMtWB+Yur43RIEgvLIBQICQgMlrf30vVolj3ttLP4we
Eh6jRRhK4QR/0PkXFaHUqUytm8k7DvghaZ1QNIgl0m90koH7O8Am1uJA/vadwmDh
qAJb28tZb3WGLrek85TfEc1g0d+P9QMMVGLZ4CzPmVZ09yotLIpC9dSXLaD/ZLB3
88rEXJhg6wUIY4QFHXn1OGTGQA36ETyvRuve44QoARZCxALmD1kEaox8Bs2lI8jX
omAoQAFVMlc80XiI7jwFlSx1DwncnjUWz5WTR1IIT1VNi68=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:25:49 2025 by rpki-client