Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/IgpAYm2Io8CP3Nav01oveu45nlg.roa
File: IgpAYm2Io8CP3Nav01oveu45nlg.roa (raw, json)
Hash identifier: qLv3WV3VmjP5jFZY/QzUhN3JPx15gVSuhNLWy1waZEQ=
Subject key identifier: 22:0A:40:62:6D:88:A3:C0:8F:DC:D6:AF:D3:5A:2F:7A:EE:39:9E:58
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01945EF301AEF1A14718D2229BD496A7A655
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/IgpAYm2Io8CP3Nav01oveu45nlg.roa
Signing time: Mon 13 Jan 2025 09:16:11 +0000
ROA not before: Mon 13 Jan 2025 09:16:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.132.132.0/22 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
103.231.72.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.56.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.62.42.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/21 maxlen: 24
213.159.72.0/21 maxlen: 24
213.159.76.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a0b:cf45::/32 maxlen: 32
2a0b:cf46::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a11:4c05::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d85::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Jan 2025 11:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5e:f3:01:ae:f1:a1:47:18:d2:22:9b:d4:96:a7:a6:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jan 13 09:16:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=220a40626d88a3c08fdcd6afd35a2f7aee399e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:13:dd:0a:45:5d:78:52:7f:c9:6e:f5:fc:f3:
38:40:5e:40:dc:98:c4:a5:f0:45:54:26:fd:6f:8b:
06:92:c8:d5:c6:73:88:a2:f1:f2:04:8a:ca:d8:19:
b8:56:86:0d:50:81:08:86:68:30:ac:c7:be:06:23:
bc:61:72:e8:a4:ae:8c:21:52:3d:12:20:89:99:5c:
1b:77:32:f9:86:79:ee:dc:55:18:fd:32:0d:47:8d:
bc:84:e6:67:42:aa:66:70:7f:43:25:4e:d6:fb:50:
b6:45:0a:3a:60:7b:c6:3f:58:74:20:1b:a3:df:d4:
f3:41:74:ff:46:a1:72:ca:da:f9:2d:bd:7d:29:bf:
30:4f:c0:dc:85:0e:d5:3c:53:a1:2a:68:ba:8f:87:
34:9e:99:c3:87:67:63:1d:5a:26:be:6b:f2:63:bd:
9a:e7:b3:a3:71:5e:64:79:27:d8:9e:6c:57:9e:33:
6b:5a:a3:dc:04:74:d1:2d:7f:18:fc:53:d4:ff:f6:
ab:a0:a7:93:61:bf:b6:19:12:21:46:34:f1:e2:4e:
17:8c:12:b8:e4:e5:5f:4b:ed:5b:0b:a0:da:4d:df:
20:6d:6b:45:9f:a4:53:65:61:27:ee:eb:b0:33:f5:
5b:03:91:4c:b5:f8:7f:3d:17:84:e3:44:2f:80:aa:
45:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0A:40:62:6D:88:A3:C0:8F:DC:D6:AF:D3:5A:2F:7A:EE:39:9E:58
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/IgpAYm2Io8CP3Nav01oveu45nlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/22
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.132.132.0/22
91.194.161.0/24
91.225.217.0-91.225.219.255
94.131.8.0/24
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
103.231.72.0/22
176.120.64.0/22
176.120.72.0/22
185.234.56.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.54.156.0/22
194.62.42.0/24
194.246.114.0/23
195.42.232.0/22
195.149.87.0/24
213.159.64.0/20
IPv6:
2a09:7c40::/29
2a0b:cf45::-2a0b:cf46:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3805::/32
2a11:3c02::/31
2a11:4c05::-2a11:4c06:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2d80::/30
2a14:2d85::/32
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/32
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
38:04:5e:3c:82:da:0f:1b:60:9f:e1:51:0c:f6:a8:54:f3:40:
48:ca:4f:81:b5:d1:92:93:d7:10:ad:14:c1:d7:24:8f:a7:44:
a9:40:d1:d5:18:51:19:a5:78:20:53:9b:7f:c9:2e:2b:45:b8:
8a:9f:34:ca:49:a9:da:d8:57:2f:9f:ac:42:3a:bb:bf:ed:33:
61:3a:4c:20:3e:da:44:66:06:8c:57:ba:76:2c:3b:18:6f:67:
77:14:ff:78:55:0e:db:96:7d:1a:bc:b8:e3:e3:b1:c0:f2:2c:
2d:2e:45:4d:96:2a:73:b3:15:10:42:86:da:c7:6c:fc:cf:b0:
7d:1d:37:c5:66:c7:af:ea:f7:4e:ee:17:9f:21:b0:23:03:7d:
f9:13:f6:9c:60:5d:4e:40:8c:e4:be:e8:2a:c4:f4:14:eb:57:
98:20:09:8c:83:34:c4:4d:4a:15:4b:07:b2:14:6c:f8:c0:e7:
fe:ff:85:af:ab:12:c2:7d:60:39:ee:fb:01:d0:92:f8:d4:c9:
b5:0d:56:34:e6:09:c2:a4:b6:cf:66:fa:91:bf:58:bc:18:34:
87:da:d8:62:6a:f3:f8:9a:45:61:1e:52:2b:00:2d:fc:26:88:
10:d4:b2:2d:ff:d9:9d:c6:6f:80:cd:5e:24:7c:44:aa:3f:41:
f1:4f:fb:d3
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgISAZRe8wGu8aFHGNIim9SWp6ZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwMTEzMDkxNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjBhNDA2MjZkODhhM2MwOGZkY2Q2YWZkMzVhMmY3YWVlMzk5ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxPdCkVdeFJ/yW71/PM4QF5A3JjE
pfBFVCb9b4sGksjVxnOIovHyBIrK2Bm4VoYNUIEIhmgwrMe+BiO8YXLopK6MIVI9
EiCJmVwbdzL5hnnu3FUY/TINR428hOZnQqpmcH9DJU7W+1C2RQo6YHvGP1h0IBuj
39TzQXT/RqFyytr5Lb19Kb8wT8DchQ7VPFOhKmi6j4c0npnDh2djHVomvmvyY72a
57OjcV5keSfYnmxXnjNrWqPcBHTRLX8Y/FPU//aroKeTYb+2GRIhRjTx4k4XjBK4
5OVfS+1bC6DaTd8gbWtFn6RTZWEn7uuwM/VbA5FMtfh/PReE40QvgKpF9QIDAQAB
o4IDPDCCAzgwHQYDVR0OBBYEFCIKQGJtiKPAj9zWr9NaL3ruOZ5YMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvSWdwQVltMklvOENQM05hdjAxb3ZldTQ1bmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUAYIKwYBBQUHAQcBAf8EggE/MIIBOzCB0QQCAAEwgcoD
BAIl3XwDBAItQ+QDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBczgMEAlZo
SAMEAVnd4AMEAluEhAMEAFvCoTAMAwQAW+HZAwQCW+HYAwQAXoMIAwQCZyO8AwQC
Z2oAAwQCZ3FEAwQCZ+dIAwQCsHhAAwQCsHhIAwQCueo4AwQCuepAAwQCuevwAwQC
uezoAwQCufJUAwQCufqUAwQAwcvKAwQCwjacAwQAwj4qAwQBwvZyAwQCwyroAwQA
w5VXAwQE1Z9AMGUEAgACMF8DBQMqCXxAMA4DBQAqC89FAwUAKgvPRgMFACoROAUD
BQEqETwCMA4DBQAqEUwFAwUAKhFMBgMFAioULYADBQAqFC2FAwUAKhQugAMFACoU
L4ADBQAqFDCAAwUAKhQ4gDANBgkqhkiG9w0BAQsFAAOCAQEAOARePILaDxtgn+FR
DPaoVPNASMpPgbXRkpPXEK0Uwdckj6dEqUDR1RhRGaV4IFObf8kuK0W4ip80ykmp
2thXL5+sQjq7v+0zYTpMID7aRGYGjFe6diw7GG9ndxT/eFUO25Z9Gry44+OxwPIs
LS5FTZYqc7MVEEKG2sds/M+wfR03xWbHr+r3Tu4XnyGwIwN9+RP2nGBdTkCM5L7o
KsT0FOtXmCAJjIM0xE1KFUsHshRs+MDn/v+Fr6sSwn1gOe77AdCS+NTJtQ1WNOYJ
wqS2z2b6kb9YvBg0h9rYYmrz+JpFYR5SKwAt/CaIENSyLf/ZncZvgM1eJHxEqj9B
8U/70w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:57:18 2025 by rpki-client