Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/CzfTlcR9HIGc2uzv5gOx-t9w_og.roa
File: CzfTlcR9HIGc2uzv5gOx-t9w_og.roa (raw, json)
Hash identifier: Qu2HaYZ3Lxak/9v0BtPJiWvhknEc4/Fzwv0ZVmhXZ9o=
Subject key identifier: 0B:37:D3:95:C4:7D:1C:81:9C:DA:EC:EF:E6:03:B1:FA:DF:70:FE:88
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 019425FDA4399514F9D33A90796EAF748E40
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/CzfTlcR9HIGc2uzv5gOx-t9w_og.roa
Signing time: Thu 02 Jan 2025 07:49:26 +0000
ROA not before: Thu 02 Jan 2025 07:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31500
IP address blocks: 94.124.182.0/24 maxlen: 24
94.124.183.0/24 maxlen: 24
95.140.80.0/24 maxlen: 32
95.140.82.0/24 maxlen: 24
95.140.83.0/24 maxlen: 24
95.140.88.0/24 maxlen: 24
95.140.89.0/24 maxlen: 24
95.140.90.0/24 maxlen: 24
95.140.91.0/24 maxlen: 24
95.140.93.0/24 maxlen: 24
95.140.95.0/24 maxlen: 24
95.161.128.0/24 maxlen: 24
109.239.128.0/24 maxlen: 24
109.239.129.0/24 maxlen: 24
109.239.130.0/24 maxlen: 24
109.239.130.128/25 maxlen: 25
109.239.131.0/24 maxlen: 24
109.239.132.0/24 maxlen: 24
109.239.133.0/24 maxlen: 24
109.239.134.0/24 maxlen: 24
109.239.135.0/24 maxlen: 24
109.239.138.0/24 maxlen: 24
109.239.139.0/24 maxlen: 24
109.239.140.0/24 maxlen: 24
109.239.141.0/24 maxlen: 24
109.239.142.0/24 maxlen: 24
109.239.143.0/24 maxlen: 24
178.18.228.0/24 maxlen: 24
178.18.229.0/24 maxlen: 24
178.18.231.0/24 maxlen: 24
178.18.232.0/24 maxlen: 24
2001:b28::/32 maxlen: 32
2001:b28:4::/48 maxlen: 48
2001:b28:7b0c::/48 maxlen: 48
2001:b28:9999::/48 maxlen: 48
2001:b28:9a9c::/48 maxlen: 48
2001:b28:a451::/48 maxlen: 48
2001:b28:ffff::/48 maxlen: 48
2a03:5f80::/46 maxlen: 46
2a03:5f80:2:10::/64 maxlen: 64
2a03:5f80:8::/46 maxlen: 46
2a03:5f80:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Apr 2025 14:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a4:39:95:14:f9:d3:3a:90:79:6e:af:74:8e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 2 07:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b37d395c47d1c819cdaecefe603b1fadf70fe88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a8:71:e7:c3:55:aa:ec:1a:ca:f8:a2:f0:3c:
8f:ac:f6:d2:db:9a:b0:f9:8c:6c:59:64:66:45:ee:
84:01:2c:96:54:57:86:8a:e2:45:b3:64:06:49:6b:
ab:80:68:7f:fb:d9:86:c7:d4:b1:34:ff:7b:3c:d5:
ea:5a:e9:95:aa:ce:8b:f6:53:35:c9:7b:17:22:52:
92:39:9e:6e:ac:21:70:a0:61:84:e1:a9:6e:bf:0b:
5c:58:b7:57:78:61:c8:76:ab:e8:b1:50:22:b0:40:
64:4f:75:68:80:e7:20:24:4f:7b:6a:c1:de:f8:8b:
46:39:8f:fb:a9:53:83:17:4d:78:59:ae:43:16:76:
d9:b7:53:1d:96:7d:c3:41:f1:17:4e:fd:db:de:65:
11:74:3c:f2:3f:78:12:e9:14:c0:3d:10:3c:9d:f5:
01:2f:8d:a8:a2:e9:52:4e:7f:e6:25:a5:8b:48:8b:
a2:39:f2:9a:02:82:07:07:07:bb:0c:0e:c0:45:e3:
62:5c:38:12:26:f7:04:ef:08:f9:f9:24:a0:52:9c:
ab:ec:85:fd:0f:07:c5:82:e0:53:7e:14:cb:34:a0:
d0:a1:6d:70:0b:d4:8f:32:7b:ae:93:9d:90:1c:28:
7e:c8:ca:49:8f:a6:b2:15:d5:c1:15:38:9f:16:0c:
e4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:37:D3:95:C4:7D:1C:81:9C:DA:EC:EF:E6:03:B1:FA:DF:70:FE:88
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/CzfTlcR9HIGc2uzv5gOx-t9w_og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.182.0/23
95.140.80.0/24
95.140.82.0/23
95.140.88.0/22
95.140.93.0/24
95.140.95.0/24
95.161.128.0/24
109.239.128.0/21
109.239.138.0-109.239.143.255
178.18.228.0/23
178.18.231.0-178.18.232.255
IPv6:
2001:b28::/32
2a03:5f80::/46
2a03:5f80:8::/46
Signature Algorithm: sha256WithRSAEncryption
86:0f:7c:94:27:b7:6c:e7:b5:af:79:41:e7:13:0f:c5:97:f3:
d7:33:3d:d1:63:5f:8b:07:d4:ad:aa:fc:b4:34:4e:dd:9b:1a:
d8:b9:ec:62:9a:58:cb:e6:e6:fd:ca:ca:59:38:1f:8b:ba:c7:
c1:a8:34:14:c1:e7:81:a0:b1:99:37:6c:a9:cb:25:69:26:87:
bb:89:af:ca:06:99:46:2a:50:89:49:50:50:64:2f:2b:38:43:
46:0c:de:82:af:54:bc:e3:c9:ed:33:20:08:6e:dc:57:ce:50:
ed:fc:e1:44:5b:b8:97:2d:55:6c:83:77:d6:35:2e:07:99:26:
fe:de:73:dd:83:41:54:11:7a:c1:96:32:20:8e:6a:8c:b9:bf:
7a:d7:bb:ae:36:78:99:93:a0:81:6d:13:26:90:8e:9c:0c:cb:
c2:90:41:8e:4e:2b:38:7f:1c:46:07:0c:06:37:9d:90:83:ab:
a1:de:ab:6f:8a:e4:08:33:16:b7:d4:4c:55:78:ef:55:4a:4b:
93:ec:cd:8d:9b:ae:8e:19:a0:5a:46:ee:58:57:d7:a2:c1:af:
d3:f6:dc:89:3d:ff:ad:bc:1e:c4:47:25:08:9f:76:0c:92:0d:
c7:f6:7b:92:c6:ff:8e:2b:7b:3c:46:fb:95:8c:d3:d3:21:a4:
18:22:c4:a5
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZQl/aQ5lRT50zqQeW6vdI5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwMTAyMDc0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM3ZDM5NWM0N2QxYzgxOWNkYWVjZWZlNjAzYjFmYWRmNzBmZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKhx58NVquwayvii8DyPrPbS25qw
+YxsWWRmRe6EASyWVFeGiuJFs2QGSWurgGh/+9mGx9SxNP97PNXqWumVqs6L9lM1
yXsXIlKSOZ5urCFwoGGE4aluvwtcWLdXeGHIdqvosVAisEBkT3VogOcgJE97asHe
+ItGOY/7qVODF014Wa5DFnbZt1Mdln3DQfEXTv3b3mURdDzyP3gS6RTAPRA8nfUB
L42ooulSTn/mJaWLSIuiOfKaAoIHBwe7DA7AReNiXDgSJvcE7wj5+SSgUpyr7IX9
DwfFguBTfhTLNKDQoW1wC9SPMnuuk52QHCh+yMpJj6ayFdXBFTifFgzkEwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFAs305XEfRyBnNrs7+YDsfrfcP6IMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvQ3pmVGxjUjlISUdjMnV6djVnT3gtdDl3X29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswWAQCAAEwUgMEAV58tgME
AF+MUAMEAV+MUgMEAl+MWAMEAF+MXQMEAF+MXwMEAF+hgAMEA23vgDAMAwQBbe+K
AwQEbe+AAwQBshLkMAwDBACyEucDBACyEugwHwQCAAIwGQMFACABCygDBwIqA1+A
AAADBwIqA1+AAAgwDQYJKoZIhvcNAQELBQADggEBAIYPfJQnt2znta95QecTD8WX
89czPdFjX4sH1K2q/LQ0Tt2bGti57GKaWMvm5v3Kylk4H4u6x8GoNBTB54GgsZk3
bKnLJWkmh7uJr8oGmUYqUIlJUFBkLys4Q0YM3oKvVLzjye0zIAhu3FfOUO384URb
uJctVWyDd9Y1LgeZJv7ec92DQVQResGWMiCOaoy5v3rXu642eJmToIFtEyaQjpwM
y8KQQY5OKzh/HEYHDAY3nZCDq6Heq2+K5AgzFrfUTFV471VKS5PszY2bro4ZoFpG
7lhX16LBr9P23Ik9/628HsRHJQifdgySDcf2e5LG/44rezxG+5WM09MhpBgixKU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:22:02 2025 by rpki-client