Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0OBTWwwmYaokQUmBruXahCuTnPA.roa
File: 0OBTWwwmYaokQUmBruXahCuTnPA.roa (raw, json)
Hash identifier: A1fHs9QJwu/HVfvaaxtHR+2Vnqyt6TVnRR/tVPOJnh4=
Subject key identifier: D0:E0:53:5B:0C:26:61:AA:24:41:49:81:AE:E5:DA:84:2B:93:9C:F0
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 01941C768EE718DD473CE79457931AAE0D2B
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0OBTWwwmYaokQUmBruXahCuTnPA.roa
Signing time: Tue 31 Dec 2024 11:25:19 +0000
ROA not before: Tue 31 Dec 2024 11:25:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 46.248.128.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
58.0.0.0/16 maxlen: 16
58.1.128.0/17 maxlen: 17
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
62.23.23.0/24 maxlen: 24
62.23.43.0/24 maxlen: 24
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
62.23.254.0/24 maxlen: 24
62.23.255.0/24 maxlen: 24
62.72.96.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
62.97.64.0/18 maxlen: 18
62.152.96.0/19 maxlen: 19
62.192.0.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
78.156.64.0/19 maxlen: 19
78.156.64.0/20 maxlen: 20
78.156.80.0/21 maxlen: 21
80.80.0.0/19 maxlen: 19
80.169.0.0/16 maxlen: 16
80.251.160.0/19 maxlen: 19
82.112.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
84.14.63.0/24 maxlen: 24
84.14.217.0/24 maxlen: 24
84.16.160.0/19 maxlen: 19
85.88.128.0/19 maxlen: 19
87.241.0.0/18 maxlen: 18
116.83.0.0/17 maxlen: 17
118.67.224.0/19 maxlen: 19
136.225.0.0/16 maxlen: 16
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
157.120.240.0/20 maxlen: 20
193.82.32.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
193.114.160.0/19 maxlen: 19
193.118.160.0/19 maxlen: 19
193.118.224.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
195.68.0.0/17 maxlen: 17
195.68.74.0/24 maxlen: 24
195.110.64.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
212.31.224.0/19 maxlen: 19
212.35.96.0/19 maxlen: 19
212.36.128.0/18 maxlen: 18
212.36.144.0/20 maxlen: 20
212.36.160.0/20 maxlen: 20
212.36.184.0/21 maxlen: 21
212.74.64.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
212.74.79.0/24 maxlen: 24
212.78.160.0/19 maxlen: 19
212.121.128.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
212.161.0.0/17 maxlen: 17
212.203.64.0/18 maxlen: 18
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
213.61.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
213.164.0.0/19 maxlen: 19
213.173.160.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
213.208.192.0/18 maxlen: 18
213.215.128.0/17 maxlen: 17
213.229.128.0/18 maxlen: 18
213.246.192.0/18 maxlen: 18
217.110.0.0/15 maxlen: 15
217.173.96.0/20 maxlen: 20
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
2001:921::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:926:40::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:76:8e:e7:18:dd:47:3c:e7:94:57:93:1a:ae:0d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Dec 31 11:25:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0e0535b0c2661aa24414981aee5da842b939cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:66:11:86:23:82:89:94:f6:46:8f:4f:61:66:
a2:80:6a:b3:d5:c2:a3:08:cb:85:20:7f:72:ff:f3:
67:9b:da:cc:14:15:a9:75:58:bc:7a:a5:14:e2:ce:
23:9c:aa:80:7f:b9:9d:d6:7a:d2:2b:fe:35:73:10:
6e:1a:90:10:1e:41:3a:a4:5b:9a:a3:10:95:76:9a:
91:08:47:f5:b6:7f:37:8d:95:df:fa:95:5f:32:3a:
bc:1c:03:5a:ac:64:ae:c8:19:ae:33:0b:59:e3:30:
46:e8:39:7e:11:5f:c8:16:eb:88:6c:64:09:e9:c1:
38:af:f3:4f:0e:a2:7f:fc:73:94:26:8b:9c:cf:0d:
05:d4:6f:bd:f1:13:0b:c0:26:98:cb:74:f1:7d:f1:
8f:fc:82:ae:64:3b:bd:f8:0d:55:72:2a:fd:27:e7:
82:94:6c:e8:1f:42:1a:73:d4:c9:f6:13:53:b2:19:
9b:5e:3c:c3:3f:aa:d2:ba:d3:81:56:a9:6f:f7:f1:
71:9d:57:25:89:cb:56:d4:70:d9:c4:b7:90:c1:f6:
72:83:61:76:6d:3e:c6:24:85:62:83:c1:59:f4:dd:
be:30:53:bf:17:11:bb:82:d7:db:0a:05:e4:fc:ea:
ef:a8:eb:f8:98:81:ba:aa:17:16:60:9e:b1:64:62:
d5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E0:53:5B:0C:26:61:AA:24:41:49:81:AE:E5:DA:84:2B:93:9C:F0
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0OBTWwwmYaokQUmBruXahCuTnPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.128.0/19
57.133.0.0/16
58.0.0.0/16
58.1.128.0/17
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
116.83.0.0/17
118.67.224.0/19
136.225.0.0/16
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.118.160.0/19
193.118.224.0/19
193.188.132.0/23
194.223.128.0-194.223.139.255
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
31:b3:ca:13:6f:32:b0:f0:7f:cf:9a:6b:b0:f3:00:d1:ee:91:
95:4d:d6:5b:a3:9b:00:21:6c:44:f3:3a:9f:04:45:89:fc:81:
b2:df:4b:42:9f:97:de:29:59:63:e9:05:9e:b7:b5:19:ed:4f:
5b:65:ee:ac:3f:80:bd:f8:55:c3:57:67:fc:61:9d:7b:fb:55:
fb:fd:3f:b7:ad:ba:4a:c8:d1:6e:0e:e1:43:71:57:7c:63:00:
47:51:30:21:60:5c:ac:e4:5a:85:f2:d1:f8:53:cf:e6:39:f0:
99:ea:2c:c4:cf:e1:6a:49:5e:35:58:43:47:22:c7:d0:e9:3f:
40:63:72:de:63:44:6f:4b:9a:a7:71:3d:13:64:59:e9:e6:51:
67:10:c4:d3:89:2e:1b:4e:fb:30:c5:39:90:f6:56:3e:a6:08:
a1:38:97:3e:56:b0:a9:a4:a0:cb:3a:8c:a7:a2:3c:c1:dd:fb:
21:42:13:75:09:02:64:61:b3:01:d9:5b:a9:35:59:4a:9a:20:
4e:79:e4:13:1a:da:36:a8:7c:e5:d1:70:56:63:d2:c7:51:57:
0d:46:c8:39:02:c7:dc:3d:0c:f5:b1:f7:55:2b:3d:57:60:32:
8e:c0:ca:32:08:00:8f:29:95:0e:5c:d7:03:d7:97:fe:09:0f:
84:fd:4a:37
-----BEGIN CERTIFICATE-----
MIIGdzCCBV+gAwIBAgISAZQcdo7nGN1HPOeUV5Marg0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjQxMjMxMTEyNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGUwNTM1YjBjMjY2MWFhMjQ0MTQ5ODFhZWU1ZGE4NDJiOTM5Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWYRhiOCiZT2Ro9PYWaigGqz1cKj
CMuFIH9y//Nnm9rMFBWpdVi8eqUU4s4jnKqAf7md1nrSK/41cxBuGpAQHkE6pFua
oxCVdpqRCEf1tn83jZXf+pVfMjq8HANarGSuyBmuMwtZ4zBG6Dl+EV/IFuuIbGQJ
6cE4r/NPDqJ//HOUJouczw0F1G+98RMLwCaYy3TxffGP/IKuZDu9+A1Vcir9J+eC
lGzoH0Iac9TJ9hNTshmbXjzDP6rSutOBVqlv9/FxnVclictW1HDZxLeQwfZyg2F2
bT7GJIVig8FZ9N2+MFO/FxG7gtfbCgXk/OrvqOv4mIG6qhcWYJ6xZGLV+wIDAQAB
o4IDgzCCA38wHQYDVR0OBBYEFNDgU1sMJmGqJEFJga7l2oQrk5zwMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvME9CVFd3d21ZYW9rUVVtQnJ1WGFoQ3VUblBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlwYIKwYBBQUHAQcBAf8EggGGMIIBgjCCAW8EAgABMIIB
ZwMEBS74gAMDADmFAwMAOgADBAc6AYADAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQG
PmFAAwQFPphgAwQFPsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVS
cMADAwBUDgMEBVQQoAMEBVVYgAMEBlfxAAMEB3RTAAMEBXZD4AMDAIjhAwQDnXjg
MAsDBAKdeOwDAwCdeAMEBcFSIAMEAsFdUAMEBcFyoAMEBcF2oAMEBcF24AMEAcG8
hDAMAwQHwt+AAwQCwt+IAwQHw0QAAwQFw25AAwQF1ABgAwQF1BfgAwQF1B/gAwQF
1CNgAwQG1CSAAwQF1EpAAwQF1E6gAwQF1HmAAwQG1HvAAwQH1KEAAwQG1MtAAwQH
1RuAAwQH1SkAAwMA1T0DAwDVVgMEBdWkAAMEBdWtoAMEBdW5oAMEBtXQwAMEB9XX
gAMEBtXlgAMEBtX2wAMDAdluAwQE2a1gMA0EAgACMAcDBQMgAQkgMA0GCSqGSIb3
DQEBCwUAA4IBAQAxs8oTbzKw8H/Pmmuw8wDR7pGVTdZbo5sAIWxE8zqfBEWJ/IGy
30tCn5feKVlj6QWet7UZ7U9bZe6sP4C9+FXDV2f8YZ17+1X7/T+3rbpKyNFuDuFD
cVd8YwBHUTAhYFys5FqF8tH4U8/mOfCZ6izEz+FqSV41WENHIsfQ6T9AY3LeY0Rv
S5qncT0TZFnp5lFnEMTTiS4bTvswxTmQ9lY+pgihOJc+VrCppKDLOoynojzB3fsh
QhN1CQJkYbMB2VupNVlKmiBOeeQTGto2qHzl0XBWY9LHUVcNRsg5AsfcPQz1sfdV
Kz1XYDKOwMoyCACPKZUOXNcD15f+CQ+E/Uo3
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:06:29 2025 by rpki-client