Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/S_GYTSsETXvj6l6TId_oPMzHCGs.roa
File: S_GYTSsETXvj6l6TId_oPMzHCGs.roa (raw, json)
Hash identifier: CwgS87mhlSY0LPTePeyuFGCZd8o9Q5zTC806qsZRb/s=
Subject key identifier: 4B:F1:98:4D:2B:04:4D:7B:E3:EA:5E:93:21:DF:E8:3C:CC:C7:08:6B
Certificate issuer: /CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Certificate serial: 01926AC6D5D48F183229D70878C9919B0B1A
Authority key identifier: 9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/S_GYTSsETXvj6l6TId_oPMzHCGs.roa
Signing time: Tue 08 Oct 2024 06:17:48 +0000
ROA not before: Tue 08 Oct 2024 06:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31638
IP address blocks: 5.144.184.0/21 maxlen: 24
37.156.96.0/22 maxlen: 23
37.156.148.0/22 maxlen: 23
37.156.168.0/22 maxlen: 23
37.156.208.0/22 maxlen: 23
46.255.80.0/21 maxlen: 24
86.104.6.0/24 maxlen: 24
86.104.229.0/24 maxlen: 24
86.105.8.0/24 maxlen: 24
86.105.179.0/24 maxlen: 24
89.33.232.0/24 maxlen: 24
89.34.6.0/24 maxlen: 24
89.39.92.0/24 maxlen: 24
89.39.224.0/20 maxlen: 21
89.42.230.0/24 maxlen: 24
89.44.206.0/24 maxlen: 24
89.45.24.0/21 maxlen: 21
89.45.24.0/24 maxlen: 24
89.45.25.0/24 maxlen: 24
89.45.26.0/24 maxlen: 24
89.45.27.0/24 maxlen: 24
89.45.95.0/24 maxlen: 24
89.45.216.0/22 maxlen: 23
89.47.32.0/23 maxlen: 24
93.113.89.0/24 maxlen: 24
93.115.170.0/23 maxlen: 23
93.118.37.0/24 maxlen: 24
94.177.18.0/23 maxlen: 23
94.177.151.0/24 maxlen: 24
176.223.164.0/24 maxlen: 24
185.82.168.0/22 maxlen: 23
185.82.169.0/24 maxlen: 24
185.82.170.0/24 maxlen: 24
185.82.171.0/24 maxlen: 24
188.209.80.0/20 maxlen: 24
188.209.88.0/21 maxlen: 21
188.210.239.0/24 maxlen: 24
188.212.153.0/24 maxlen: 24
188.215.44.0/22 maxlen: 23
188.215.65.0/24 maxlen: 24
188.215.247.0/24 maxlen: 24
188.215.248.0/24 maxlen: 24
188.241.4.0/23 maxlen: 24
188.241.190.0/23 maxlen: 24
195.62.160.0/19 maxlen: 20
2a02:20d8::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6a:c6:d5:d4:8f:18:32:29:d7:08:78:c9:91:9b:0b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Validity
Not Before: Oct 8 06:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bf1984d2b044d7be3ea5e9321dfe83cccc7086b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fa:84:68:82:63:34:14:d1:15:33:a9:0e:68:
8f:f2:3f:a0:a6:d1:42:c6:77:d7:ab:93:19:b4:ad:
1a:40:90:29:58:2a:c6:f4:2c:ca:5e:c2:0b:71:de:
9a:74:8b:00:05:85:74:39:ea:d7:72:e2:00:0c:53:
7f:27:da:87:50:d1:d8:c2:e1:a1:64:ce:e0:89:31:
04:3a:5c:a4:6b:b9:71:6b:ea:69:e6:b1:ac:eb:2b:
c0:51:fd:15:09:09:0e:26:0c:91:e3:dc:c3:f6:a4:
a3:73:82:ee:81:08:8d:4c:69:bc:e0:8c:3b:ea:e3:
16:13:bc:d1:e0:73:1a:99:c5:07:d8:34:5d:e7:9d:
13:52:57:23:51:db:26:ae:8d:fc:49:0a:70:5a:ef:
4b:7b:e2:32:6b:7c:80:fe:f9:9e:b1:d7:80:d1:fd:
92:e4:bb:ef:bb:e9:30:bb:a0:57:5b:70:cd:0f:aa:
f3:c8:c4:be:9a:47:cb:a3:81:6f:2a:5b:b9:a7:e8:
af:c5:7c:7e:37:2c:59:17:58:bc:07:58:17:a9:97:
82:19:ae:79:1f:a4:c2:d7:ba:a2:cf:04:7e:92:10:
60:88:f0:d1:1d:39:01:97:a1:84:2a:78:bc:35:24:
12:54:be:24:7d:7d:74:fd:17:6b:c9:09:8c:f4:a7:
af:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F1:98:4D:2B:04:4D:7B:E3:EA:5E:93:21:DF:E8:3C:CC:C7:08:6B
X509v3 Authority Key Identifier:
keyid:9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/S_GYTSsETXvj6l6TId_oPMzHCGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.184.0/21
37.156.96.0/22
37.156.148.0/22
37.156.168.0/22
37.156.208.0/22
46.255.80.0/21
86.104.6.0/24
86.104.229.0/24
86.105.8.0/24
86.105.179.0/24
89.33.232.0/24
89.34.6.0/24
89.39.92.0/24
89.39.224.0/20
89.42.230.0/24
89.44.206.0/24
89.45.24.0/21
89.45.95.0/24
89.45.216.0/22
89.47.32.0/23
93.113.89.0/24
93.115.170.0/23
93.118.37.0/24
94.177.18.0/23
94.177.151.0/24
176.223.164.0/24
185.82.168.0/22
188.209.80.0/20
188.210.239.0/24
188.212.153.0/24
188.215.44.0/22
188.215.65.0/24
188.215.247.0-188.215.248.255
188.241.4.0/23
188.241.190.0/23
195.62.160.0/19
IPv6:
2a02:20d8::/29
Signature Algorithm: sha256WithRSAEncryption
3e:bd:04:03:83:50:00:cd:24:8e:df:5e:98:52:f4:fd:f5:9b:
33:4c:d1:bc:68:17:2c:79:f7:98:74:2e:c4:b7:3b:72:2f:ef:
0d:4b:8b:e7:da:99:f0:fd:ba:d2:12:dd:4d:f9:e0:f1:54:82:
dc:a0:6d:22:bf:89:04:63:d1:cd:cb:2e:98:de:b1:41:d4:45:
a8:66:d0:b0:4a:48:ff:11:1c:40:94:38:77:4d:c3:52:c1:29:
37:2c:99:f8:53:57:f9:a6:4e:ed:b2:a8:c9:45:0b:8c:ce:ec:
91:55:2b:16:2a:f6:70:1b:37:81:58:99:5d:a5:0a:80:aa:40:
03:d0:7e:28:ea:29:e4:d1:98:4f:c6:b8:75:95:8a:13:e0:e0:
9f:ef:8b:f8:51:7c:f0:ea:10:8a:ad:51:77:28:d2:df:3d:a6:
50:05:50:41:5b:f4:29:ac:3f:31:64:0a:01:f8:ab:32:b9:a4:
db:1b:bd:3f:35:54:59:1f:70:72:7a:f1:e7:04:c9:84:17:f8:
98:8c:84:c6:87:60:3c:4b:2b:1a:79:ad:9b:bf:36:26:69:50:
5d:98:24:94:5c:37:a7:88:98:08:2c:d5:7b:35:77:c9:ff:ba:
ab:6d:b4:73:96:6d:09:62:6d:ac:0b:b6:16:bd:f2:42:c2:39:
b7:89:98:52
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZJqxtXUjxgyKdcIeMmRmwsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMjAwZDBlN2FkM2NlZjcyMjM4YjUxNjRjNGIyY2RkZTIz
YTZhMWUwHhcNMjQxMDA4MDYxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYxOTg0ZDJiMDQ0ZDdiZTNlYTVlOTMyMWRmZTgzY2NjYzcwODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfqEaIJjNBTRFTOpDmiP8j+gptFC
xnfXq5MZtK0aQJApWCrG9CzKXsILcd6adIsABYV0OerXcuIADFN/J9qHUNHYwuGh
ZM7giTEEOlyka7lxa+pp5rGs6yvAUf0VCQkOJgyR49zD9qSjc4LugQiNTGm84Iw7
6uMWE7zR4HMamcUH2DRd550TUlcjUdsmro38SQpwWu9Le+Iya3yA/vmesdeA0f2S
5Lvvu+kwu6BXW3DND6rzyMS+mkfLo4FvKlu5p+ivxXx+NyxZF1i8B1gXqZeCGa55
H6TC17qizwR+khBgiPDRHTkBl6GEKni8NSQSVL4kfX10/RdryQmM9KevWQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFEvxmE0rBE174+pekyHf6DzMxwhrMB8GA1UdIwQY
MBaAFJsgDQ560873Iji1FkxLLN3iOmoeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2Mt
YTRmMDhkYmI4NWE1LzEvU19HWVRTc0VUWHZqNmw2VElkX29QTXpIQ0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2MtYTRmMDhkYmI4NWE1
LzEvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgAwQD
BZC4AwQCJZxgAwQCJZyUAwQCJZyoAwQCJZzQAwQDLv9QAwQAVmgGAwQAVmjlAwQA
VmkIAwQAVmmzAwQAWSHoAwQAWSIGAwQAWSdcAwQEWSfgAwQAWSrmAwQAWSzOAwQD
WS0YAwQAWS1fAwQCWS3YAwQBWS8gAwQAXXFZAwQBXXOqAwQAXXYlAwQBXrESAwQA
XrGXAwQAsN+kAwQCuVKoAwQEvNFQAwQAvNLvAwQAvNSZAwQCvNcsAwQAvNdBMAwD
BAC81/cDBAC81/gDBAG88QQDBAG88b4DBAXDPqAwDQQCAAIwBwMFAyoCINgwDQYJ
KoZIhvcNAQELBQADggEBAD69BAODUADNJI7fXphS9P31mzNM0bxoFyx595h0LsS3
O3Iv7w1Li+famfD9utIS3U354PFUgtygbSK/iQRj0c3LLpjesUHURahm0LBKSP8R
HECUOHdNw1LBKTcsmfhTV/mmTu2yqMlFC4zO7JFVKxYq9nAbN4FYmV2lCoCqQAPQ
fijqKeTRmE/GuHWVihPg4J/vi/hRfPDqEIqtUXco0t89plAFUEFb9CmsPzFkCgH4
qzK5pNsbvT81VFkfcHJ68ecEyYQX+JiMhMaHYDxLKxp5rZu/NiZpUF2YJJRcN6eI
mAgs1Xs1d8n/uqtttHOWbQlibawLtha98kLCObeJmFI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:56 2025 by rpki-client