Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/hC96XfS2zubtKNx34c3d6-um9aI.roa
File: hC96XfS2zubtKNx34c3d6-um9aI.roa (raw, json)
Hash identifier: +JMh84mq7fRuCwz6UGWm7BqXVqsyu0dj71XtAQrs11E=
Subject key identifier: 84:2F:7A:5D:F4:B6:CE:E6:ED:28:DC:77:E1:CD:DD:EB:EB:A6:F5:A2
Certificate issuer: /CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Certificate serial: 018CC5010664566C5CA10EB51DF774B45A91
Authority key identifier: 4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/hC96XfS2zubtKNx34c3d6-um9aI.roa
Signing time: Mon 01 Jan 2024 12:30:27 +0000
ROA not before: Mon 01 Jan 2024 12:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20776
IP address blocks: 89.16.0.0/19 maxlen: 19
89.16.0.0/20 maxlen: 20
89.16.16.0/21 maxlen: 21
89.16.16.0/20 maxlen: 20
89.16.24.0/21 maxlen: 21
82.197.96.0/19 maxlen: 23
92.49.64.0/19 maxlen: 19
92.49.64.0/20 maxlen: 20
82.197.112.0/20 maxlen: 20
109.62.80.0/20 maxlen: 20
109.62.80.0/21 maxlen: 21
109.62.88.0/21 maxlen: 21
109.62.96.0/20 maxlen: 20
92.49.125.0/24 maxlen: 24
92.49.120.0/21 maxlen: 21
82.197.126.0/24 maxlen: 24
92.49.80.0/20 maxlen: 20
92.49.96.0/19 maxlen: 19
92.49.96.0/20 maxlen: 20
92.49.96.0/21 maxlen: 21
92.49.104.0/24 maxlen: 24
92.49.105.0/24 maxlen: 24
92.49.108.0/22 maxlen: 22
92.49.107.0/24 maxlen: 24
92.49.106.0/24 maxlen: 24
92.49.112.0/20 maxlen: 20
92.49.112.0/21 maxlen: 21
188.115.96.0/21 maxlen: 21
188.115.96.0/19 maxlen: 19
93.176.0.0/20 maxlen: 20
93.176.0.0/19 maxlen: 19
188.115.104.0/21 maxlen: 21
93.176.16.0/20 maxlen: 20
188.115.112.0/22 maxlen: 22
188.115.116.0/22 maxlen: 22
188.115.120.0/21 maxlen: 21
109.62.27.0/24 maxlen: 24
109.62.28.0/22 maxlen: 22
109.62.26.0/24 maxlen: 24
109.62.56.0/21 maxlen: 21
109.62.56.0/22 maxlen: 22
109.62.64.0/24 maxlen: 24
109.62.60.0/22 maxlen: 22
109.62.66.0/24 maxlen: 24
109.62.67.0/24 maxlen: 24
109.62.68.0/22 maxlen: 23
109.62.68.0/23 maxlen: 23
109.62.70.0/23 maxlen: 23
109.62.76.0/22 maxlen: 22
109.62.72.0/21 maxlen: 21
109.62.72.0/22 maxlen: 22
109.62.0.0/17 maxlen: 24
109.62.4.0/22 maxlen: 22
109.62.0.0/19 maxlen: 19
109.62.0.0/21 maxlen: 21
109.62.10.0/23 maxlen: 23
109.62.9.0/24 maxlen: 24
109.62.8.0/24 maxlen: 24
109.62.12.0/23 maxlen: 23
80.243.240.0/20 maxlen: 20
80.243.240.0/21 maxlen: 21
109.62.16.0/21 maxlen: 21
109.62.15.0/24 maxlen: 24
109.62.14.0/24 maxlen: 24
109.62.24.0/23 maxlen: 23
80.243.248.0/21 maxlen: 21
188.115.64.0/20 maxlen: 20
188.115.64.0/19 maxlen: 19
188.115.64.0/18 maxlen: 18
188.115.80.0/20 maxlen: 20
217.175.160.0/19 maxlen: 24
217.175.171.0/24 maxlen: 24
217.175.170.0/24 maxlen: 24
217.175.172.0/24 maxlen: 24
217.175.168.0/24 maxlen: 24
217.175.169.0/24 maxlen: 24
217.175.168.0/21 maxlen: 21
217.175.174.0/23 maxlen: 23
217.175.176.0/21 maxlen: 21
217.175.176.0/22 maxlen: 22
217.175.180.0/22 maxlen: 22
217.175.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 17 Apr 2024 09:37:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:06:64:56:6c:5c:a1:0e:b5:1d:f7:74:b4:5a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Validity
Not Before: Jan 1 12:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=842f7a5df4b6cee6ed28dc77e1cdddebeba6f5a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e0:c5:94:6e:f6:91:9b:90:a8:d4:d6:df:86:
76:4b:7a:81:da:d2:d0:80:24:c5:fb:4f:4b:f5:f8:
10:8c:6d:45:f5:69:af:40:0f:ae:f0:9d:d4:52:3e:
78:aa:2d:02:6c:5f:bb:42:35:2d:1c:11:a4:0c:2a:
31:76:09:b8:ea:eb:59:f2:c3:3b:da:c9:c3:c8:e9:
1d:ad:8c:b5:5b:78:03:34:ab:11:a7:dc:4f:c7:f5:
dc:04:8e:8d:2d:a9:4e:69:8e:97:bf:b8:f5:b2:4d:
dd:05:61:fc:ee:7e:ed:da:3a:cd:ec:5b:82:df:96:
04:85:67:30:99:d8:6f:83:c2:60:28:da:b0:bc:d4:
0f:74:ca:35:ce:e0:c7:7f:f2:66:27:99:3a:fc:2f:
90:42:18:6f:92:39:05:5f:41:37:d0:e5:aa:5c:b7:
eb:38:29:94:b4:0e:0b:fb:74:5e:2b:b4:1a:af:a1:
47:7a:79:d7:35:b8:b8:d6:b2:41:80:4b:0d:74:53:
8e:3f:f3:8a:98:ba:96:7d:c3:cb:d3:9f:f5:93:1b:
76:b9:d7:b7:53:94:43:a6:4c:2b:51:97:6f:8c:a3:
3a:3b:24:e6:40:26:31:38:f6:e8:3d:e9:2a:53:1e:
63:96:d6:7b:ce:90:8d:03:95:b6:3a:c7:f2:c2:67:
6c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2F:7A:5D:F4:B6:CE:E6:ED:28:DC:77:E1:CD:DD:EB:EB:A6:F5:A2
X509v3 Authority Key Identifier:
keyid:4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/hC96XfS2zubtKNx34c3d6-um9aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.240.0/20
82.197.96.0/19
89.16.0.0/19
92.49.64.0/18
93.176.0.0/19
109.62.0.0/17
188.115.64.0/18
217.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:5c:39:c9:08:3c:29:3f:a1:ac:6f:61:05:0c:ec:30:72:18:
00:b8:a9:f5:c9:1c:54:c6:52:d9:c2:02:23:51:c8:66:f6:4e:
9c:9b:7f:a5:6f:6f:9c:11:a6:cc:35:15:b7:c8:3c:d3:d5:7b:
74:8e:e5:fd:5c:fc:90:a2:cf:21:cb:99:5a:34:4a:55:32:7e:
30:31:8e:3b:50:70:61:c9:ca:7a:0e:3a:e7:6d:3d:da:c0:b7:
3a:27:8b:48:b9:f8:2b:05:4e:37:cc:0c:39:a1:76:49:07:72:
5d:ff:f0:76:79:80:89:97:c4:0b:82:3f:9c:e3:97:e1:29:96:
af:bf:49:0d:b0:30:fa:19:fa:90:5e:a2:d3:fc:6a:c9:89:f8:
72:d8:8e:16:0a:0f:36:83:88:b3:e9:70:00:f7:82:bf:d8:35:
74:7a:bc:58:d9:00:78:ce:67:bf:a5:0e:58:5c:0f:7c:cb:7f:
ce:93:62:00:0a:6a:19:82:92:2e:94:6f:36:df:53:fe:14:f8:
8f:b0:d5:17:6b:b4:94:84:3b:25:fa:0d:56:03:8c:8a:7d:00:
71:57:0b:45:80:a3:f2:4d:f9:27:18:9e:f9:16:c7:cc:7c:5b:
43:3f:3c:78:a1:6e:f8:fa:dd:e4:61:4a:aa:60:44:1f:a8:9a:
8a:90:12:59
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzFAQZkVmxcoQ61Hfd0tFqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTRkNjE5OWFlYzgyOGY2OTg5ZTJlODRjZWMxNzc2NWJh
YzVjZDUwHhcNMjQwMTAxMTIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJmN2E1ZGY0YjZjZWU2ZWQyOGRjNzdlMWNkZGRlYmViYTZmNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+DFlG72kZuQqNTW34Z2S3qB2tLQ
gCTF+09L9fgQjG1F9WmvQA+u8J3UUj54qi0CbF+7QjUtHBGkDCoxdgm46utZ8sM7
2snDyOkdrYy1W3gDNKsRp9xPx/XcBI6NLalOaY6Xv7j1sk3dBWH87n7t2jrN7FuC
35YEhWcwmdhvg8JgKNqwvNQPdMo1zuDHf/JmJ5k6/C+QQhhvkjkFX0E30OWqXLfr
OCmUtA4L+3ReK7Qar6FHennXNbi41rJBgEsNdFOOP/OKmLqWfcPL05/1kxt2ude3
U5RDpkwrUZdvjKM6OyTmQCYxOPboPekqUx5jltZ7zpCNA5W2Osfywmds0QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIQvel30ts7m7Sjcd+HN3evrpvWiMB8GA1UdIwQY
MBaAFE2k1hma7IKPaYni6EzsF3ZbrFzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQt
NDA4MzdkNDg0NzNkLzEvaEM5NlhmUzJ6dWJ0S054MzRjM2Q2LXVtOWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQtNDA4MzdkNDg0NzNk
LzEvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUPPwAwQF
UsVgAwQFWRAAAwQGXDFAAwQFXbAAAwQHbT4AAwQGvHNAAwQF2a+gMA0GCSqGSIb3
DQEBCwUAA4IBAQAsXDnJCDwpP6Gsb2EFDOwwchgAuKn1yRxUxlLZwgIjUchm9k6c
m3+lb2+cEabMNRW3yDzT1Xt0juX9XPyQos8hy5laNEpVMn4wMY47UHBhycp6Djrn
bT3awLc6J4tIufgrBU43zAw5oXZJB3Jd//B2eYCJl8QLgj+c45fhKZavv0kNsDD6
GfqQXqLT/GrJifhy2I4WCg82g4iz6XAA94K/2DV0erxY2QB4zme/pQ5YXA98y3/O
k2IACmoZgpIulG8231P+FPiPsNUXa7SUhDsl+g1WA4yKfQBxVwtFgKPyTfknGJ75
FsfMfFtDPzx4oW74+t3kYUqqYEQfqJqKkBJZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:31 2025 by rpki-client