Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/ly9rO62shUEBoDNUDJjbD5Yxytg.roa
File: ly9rO62shUEBoDNUDJjbD5Yxytg.roa (raw, json)
Hash identifier: g1KFTfm+6GpLHgXiL8IOKKOjyI518G9WoEiz60ql4ME=
Subject key identifier: 97:2F:6B:3B:AD:AC:85:41:01:A0:33:54:0C:98:DB:0F:96:31:CA:D8
Certificate issuer: /CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Certificate serial: 018D62A462478FB5BFD0F0624C506BC71498
Authority key identifier: 9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/ly9rO62shUEBoDNUDJjbD5Yxytg.roa
Signing time: Thu 01 Feb 2024 03:09:16 +0000
ROA not before: Thu 01 Feb 2024 03:09:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20676
IP address blocks: 62.8.128.0/17 maxlen: 17
62.8.168.0/21 maxlen: 21
62.8.176.0/20 maxlen: 20
62.145.0.0/19 maxlen: 19
62.206.0.0/16 maxlen: 16
62.206.164.0/24 maxlen: 24
62.206.165.0/24 maxlen: 24
62.206.166.0/24 maxlen: 24
83.236.0.0/16 maxlen: 16
83.236.0.0/20 maxlen: 20
83.236.16.0/20 maxlen: 20
83.236.32.0/21 maxlen: 21
84.245.128.0/18 maxlen: 18
85.8.132.0/22 maxlen: 22
87.193.0.0/16 maxlen: 16
87.234.0.0/16 maxlen: 16
92.192.0.0/13 maxlen: 13
92.192.0.0/17 maxlen: 17
92.192.128.0/17 maxlen: 17
92.193.0.0/17 maxlen: 17
92.193.128.0/17 maxlen: 17
92.194.0.0/17 maxlen: 17
92.194.128.0/17 maxlen: 17
92.195.0.0/17 maxlen: 17
92.195.128.0/17 maxlen: 17
92.196.0.0/17 maxlen: 17
92.196.128.0/17 maxlen: 17
92.197.130.0/24 maxlen: 24
92.198.192.0/18 maxlen: 18
92.200.0.0/16 maxlen: 16
92.200.0.0/17 maxlen: 17
92.200.128.0/17 maxlen: 17
185.144.188.0/22 maxlen: 22
194.9.127.0/24 maxlen: 24
194.140.96.0/20 maxlen: 20
195.32.128.0/17 maxlen: 17
195.80.192.0/19 maxlen: 19
195.90.0.0/19 maxlen: 19
195.90.8.0/21 maxlen: 21
195.158.160.0/19 maxlen: 19
212.4.160.0/19 maxlen: 19
212.4.176.0/20 maxlen: 20
212.5.0.0/19 maxlen: 19
212.5.8.0/21 maxlen: 21
212.5.16.0/20 maxlen: 20
212.60.192.0/18 maxlen: 18
212.63.32.0/19 maxlen: 19
212.84.208.0/20 maxlen: 20
212.84.224.0/19 maxlen: 19
212.105.192.0/19 maxlen: 19
212.110.192.0/19 maxlen: 19
212.202.0.0/16 maxlen: 16
212.202.0.0/19 maxlen: 19
212.202.40.0/21 maxlen: 21
212.202.48.0/20 maxlen: 20
212.202.168.0/21 maxlen: 21
212.202.176.0/20 maxlen: 20
213.148.128.0/19 maxlen: 19
213.148.128.0/24 maxlen: 24
213.148.129.0/24 maxlen: 24
213.148.130.0/24 maxlen: 24
213.148.133.0/24 maxlen: 24
213.160.0.0/19 maxlen: 19
213.217.64.0/18 maxlen: 18
217.146.128.0/19 maxlen: 19
2001:658::/29 maxlen: 29
2001:1a80::/29 maxlen: 29
2001:1a80:800::/48 maxlen: 48
2001:1a80:801::/48 maxlen: 48
2001:1a80:802::/48 maxlen: 48
2001:1a81:1000::/36 maxlen: 40
2001:1a81:1000::/40 maxlen: 48
2001:1a81:2000::/36 maxlen: 40
2001:1a81:2000::/40 maxlen: 48
2001:1a81:3000::/36 maxlen: 40
2001:1a81:3000::/40 maxlen: 48
2001:1a81:4000::/36 maxlen: 40
2001:1a81:4000::/40 maxlen: 48
2001:1a81:5000::/36 maxlen: 40
2001:1a81:5000::/40 maxlen: 48
2001:1a81:6000::/36 maxlen: 40
2001:1a81:6000::/40 maxlen: 48
2001:1a81:7000::/36 maxlen: 40
2001:1a81:7000::/40 maxlen: 48
2a09:7100::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 07 Feb 2024 15:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:a4:62:47:8f:b5:bf:d0:f0:62:4c:50:6b:c7:14:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Validity
Not Before: Feb 1 03:09:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=972f6b3badac854101a033540c98db0f9631cad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:eb:e9:0f:88:71:08:8e:36:6d:a0:36:14:6c:
29:2a:0c:78:2d:8a:c9:89:fa:6d:eb:dd:48:c0:8b:
de:56:cd:24:57:50:45:7d:2d:b2:19:e3:de:85:fe:
a9:22:54:80:8d:bd:db:b5:b3:4c:9e:89:18:e8:cc:
f1:9d:ed:74:b1:06:30:27:50:4b:c8:5a:f1:14:07:
aa:b1:7f:da:21:20:16:6c:20:b4:55:03:6a:5e:e1:
40:76:f9:cc:2b:f8:ce:40:c5:55:c3:a4:07:9e:20:
53:9c:b7:3d:0e:a1:f9:44:52:6f:99:96:8d:c3:51:
25:28:8f:c6:06:1d:c3:d9:71:97:17:ec:1b:a5:1c:
b2:9a:5b:48:7b:fb:be:b9:8b:86:b1:82:7e:63:95:
5f:4c:e9:f8:ea:92:95:0b:e8:84:03:3e:26:b6:fe:
03:2b:94:23:a4:82:fd:58:8c:9d:7f:7b:08:11:ba:
c5:c5:dc:9b:2d:2f:6b:e0:7e:92:75:6c:32:d4:b6:
e3:a1:c7:37:14:43:32:c3:b3:0b:c7:89:52:95:4c:
c3:77:16:78:0e:8b:4b:3e:30:f6:1b:3a:4d:6d:e0:
dd:88:ad:b0:25:ec:77:41:47:fb:13:0a:a2:78:fc:
53:5c:90:9f:00:ea:b5:9d:62:06:38:06:77:4a:4d:
99:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2F:6B:3B:AD:AC:85:41:01:A0:33:54:0C:98:DB:0F:96:31:CA:D8
X509v3 Authority Key Identifier:
keyid:9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/ly9rO62shUEBoDNUDJjbD5Yxytg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/nQZsuEiNrn5CNKp8iSQw2tEf5bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.8.128.0/17
62.145.0.0/19
62.206.0.0/16
83.236.0.0/16
84.245.128.0/18
85.8.132.0/22
87.193.0.0/16
87.234.0.0/16
92.192.0.0-92.200.255.255
185.144.188.0/22
194.9.127.0/24
194.140.96.0/20
195.32.128.0/17
195.80.192.0/19
195.90.0.0/19
195.158.160.0/19
212.4.160.0/19
212.5.0.0/19
212.60.192.0/18
212.63.32.0/19
212.84.208.0-212.84.255.255
212.105.192.0/19
212.110.192.0/19
212.202.0.0/16
213.148.128.0/19
213.160.0.0/19
213.217.64.0/18
217.146.128.0/19
IPv6:
2001:658::/29
2001:1a80::/29
2a09:7100::/29
Signature Algorithm: sha256WithRSAEncryption
4f:df:ed:f1:57:6e:81:d1:fc:f2:5d:ef:66:fa:6d:cf:a3:0f:
96:ef:4c:7a:aa:b8:47:83:2a:61:eb:5d:e4:61:fe:2c:29:e4:
37:34:c4:ea:49:b6:b2:a8:87:18:de:56:00:f0:f0:31:1f:71:
ae:cd:ed:06:84:9c:e1:7a:40:f7:fe:13:27:95:ff:1d:ab:5d:
e8:9d:42:f8:ba:39:40:a2:6b:96:86:8a:22:a3:39:da:48:bf:
52:32:1c:bc:78:73:25:29:ad:f3:82:94:73:da:6e:58:e5:81:
94:68:1a:d3:d6:62:f1:2b:d4:7d:2c:aa:75:16:5b:4f:be:86:
66:fe:72:0e:5c:87:8d:ee:c7:50:7f:04:0a:0d:5d:e2:eb:c7:
22:ef:a0:09:6a:17:d8:95:de:bb:d9:fc:36:4c:1b:33:93:6a:
cb:67:18:87:38:03:42:39:a9:79:24:7d:51:57:e5:25:7a:81:
00:08:db:38:f3:90:49:4d:3f:25:05:68:b8:6b:d1:94:65:68:
5b:f6:6c:08:f9:60:19:97:27:6c:f1:85:14:31:49:ba:89:66:
4d:2d:a5:2b:a1:01:01:51:e7:89:44:76:c9:17:bd:92:bb:ba:
c4:b2:51:2e:bb:9b:7f:9b:92:33:06:e7:2a:10:53:3c:70:5e:
16:b2:72:a5
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAY1ipGJHj7W/0PBiTFBrxxSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMDY2Y2I4NDg4ZGFlN2U0MjM0YWE3Yzg5MjQzMGRhZDEx
ZmU1YjEwHhcNMjQwMjAxMDMwOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJmNmIzYmFkYWM4NTQxMDFhMDMzNTQwYzk4ZGIwZjk2MzFjYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuvpD4hxCI42baA2FGwpKgx4LYrJ
ifpt691IwIveVs0kV1BFfS2yGePehf6pIlSAjb3btbNMnokY6Mzxne10sQYwJ1BL
yFrxFAeqsX/aISAWbCC0VQNqXuFAdvnMK/jOQMVVw6QHniBTnLc9DqH5RFJvmZaN
w1ElKI/GBh3D2XGXF+wbpRyymltIe/u+uYuGsYJ+Y5VfTOn46pKVC+iEAz4mtv4D
K5QjpIL9WIydf3sIEbrFxdybLS9r4H6SdWwy1Lbjocc3FEMyw7MLx4lSlUzDdxZ4
DotLPjD2GzpNbeDdiK2wJex3QUf7EwqiePxTXJCfAOq1nWIGOAZ3Sk2ZkwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFJcvazutrIVBAaAzVAyY2w+WMcrYMB8GA1UdIwQY
MBaAFJ0GbLhIja5+QjSqfIkkMNrRH+WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQt
M2VmMDJkNTE0MGI3LzEvbHk5ck82MnNoVUVCb0ROVURKamJENVl4eXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQtM2VmMDJkNTE0MGI3
LzEvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbADBAc+
CIADBAU+kQADAwA+zgMDAFPsAwQGVPWAAwQCVQiEAwMAV8EDAwBX6jAKAwMGXMAD
AwBcyAMEArmQvAMEAMIJfwMEBMKMYAMEB8MggAMEBcNQwAMEBcNaAAMEBcOeoAME
BdQEoAMEBdQFAAMEBtQ8wAMEBdQ/IDALAwQE1FTQAwMA1FQDBAXUacADBAXUbsAD
AwDUygMEBdWUgAMEBdWgAAMEBtXZQAMEBdmSgDAbBAIAAjAVAwUDIAEGWAMFAyAB
GoADBQMqCXEAMA0GCSqGSIb3DQEBCwUAA4IBAQBP3+3xV26B0fzyXe9m+m3Pow+W
70x6qrhHgyph613kYf4sKeQ3NMTqSbayqIcY3lYA8PAxH3Guze0GhJzhekD3/hMn
lf8dq13onUL4ujlAomuWhooioznaSL9SMhy8eHMlKa3zgpRz2m5Y5YGUaBrT1mLx
K9R9LKp1FltPvoZm/nIOXIeN7sdQfwQKDV3i68ci76AJahfYld672fw2TBszk2rL
ZxiHOANCOal5JH1RV+UleoEACNs485BJTT8lBWi4a9GUZWhb9mwI+WAZlyds8YUU
MUm6iWZNLaUroQEBUeeJRHbJF72Su7rEslEuu5t/m5IzBucqEFM8cF4WsnKl
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:26:48 2025 by rpki-client