Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/vhR67U_w77UioFaP9TDKOpar3G8.roa
File: vhR67U_w77UioFaP9TDKOpar3G8.roa (raw, json)
Hash identifier: vTi8MfVdHx+rqFf07Ww78CaVMR52qnAo2aEGHDpfgIg=
Subject key identifier: BE:14:7A:ED:4F:F0:EF:B5:22:A0:56:8F:F5:30:CA:3A:96:AB:DC:6F
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01941F8C0E64B14F67DC8426830606FFD681
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/vhR67U_w77UioFaP9TDKOpar3G8.roa
Signing time: Wed 01 Jan 2025 01:47:39 +0000
ROA not before: Wed 01 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 80.96.12.0/24 maxlen: 24
80.96.43.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
80.96.51.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.69.0/24 maxlen: 24
80.96.72.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.219.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.30.0/24 maxlen: 24
81.181.112.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
81.181.246.0/24 maxlen: 24
85.120.20.0/24 maxlen: 24
85.120.23.0/24 maxlen: 24
193.226.16.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.125.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
193.230.158.0/24 maxlen: 24
193.230.171.0/24 maxlen: 24
193.230.217.0/24 maxlen: 24
193.230.229.0/24 maxlen: 24
193.231.75.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.194.0/24 maxlen: 24
193.231.226.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
194.102.98.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
194.153.224.0/24 maxlen: 24
217.156.14.0/24 maxlen: 24
217.156.20.0/23 maxlen: 23
217.156.41.0/24 maxlen: 24
217.156.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 08:38:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0e:64:b1:4f:67:dc:84:26:83:06:06:ff:d6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be147aed4ff0efb522a0568ff530ca3a96abdc6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:de:63:5c:b7:ae:87:24:25:b4:17:7e:c9:99:
2f:fb:39:c6:5f:f9:2b:97:b8:12:1d:1d:0a:a6:c7:
05:1a:6b:ec:0f:13:d1:e2:fd:a1:21:6b:54:e6:24:
2e:bf:9f:91:9d:fa:2f:fe:2c:8e:97:da:95:f6:15:
56:15:26:80:25:5c:29:c5:07:7e:fa:25:d2:84:c2:
5e:5f:ff:19:c1:5e:79:e6:ae:e5:9e:c9:d9:28:ce:
e5:0a:ac:c2:e5:8a:54:42:d7:34:aa:f6:16:ae:fc:
eb:77:ec:33:9e:72:e6:d1:6e:a7:c7:99:c0:76:4f:
f1:57:8e:88:f3:73:dc:e6:af:48:22:c3:9a:c4:b0:
2f:97:32:6c:e4:dd:a0:e1:74:f7:f2:e6:1e:f9:33:
dc:09:02:8c:67:50:7f:6d:a3:86:ac:bb:66:f7:02:
85:b4:c0:be:23:ce:8a:65:10:1c:51:f8:a4:31:a4:
96:28:f0:a8:c0:d0:25:76:cf:c0:dd:6c:3e:36:a5:
ac:63:3f:8c:15:92:5b:6b:81:e0:45:62:aa:e0:64:
7b:d2:69:99:14:47:ba:98:c1:86:57:63:d4:d1:8e:
98:be:24:be:00:a6:96:a6:f1:7a:b7:26:84:18:f4:
51:8a:8b:86:fe:d3:12:57:c7:d5:f9:12:02:69:9d:
6c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:14:7A:ED:4F:F0:EF:B5:22:A0:56:8F:F5:30:CA:3A:96:AB:DC:6F
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/vhR67U_w77UioFaP9TDKOpar3G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.43.0/24
80.96.47.0/24
80.96.51.0/24
80.96.67.0/24
80.96.69.0/24
80.96.72.0/24
80.96.79.0/24
80.96.219.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.30.0/24
81.181.112.0/24
81.181.128.0/24
81.181.167.0/24
81.181.246.0/24
85.120.20.0/24
85.120.23.0/24
193.226.16.0/24
193.226.116.0/24
193.226.125.0/24
193.226.127.0/24
193.230.158.0/24
193.230.171.0/24
193.230.217.0/24
193.230.229.0/24
193.231.75.0/24
193.231.108.0/24
193.231.184.0/24
193.231.194.0/24
193.231.226.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.98.0/24
194.102.134.0/24
194.102.229.0/24
194.153.224.0/24
217.156.14.0/24
217.156.20.0/23
217.156.41.0/24
217.156.92.0/24
Signature Algorithm: sha256WithRSAEncryption
39:6c:c6:c2:3d:1b:0d:c0:92:bd:09:be:6b:ab:77:f7:1b:2d:
fa:83:4e:30:bb:4a:3e:2f:df:36:1f:fc:1d:00:65:23:05:83:
c9:e8:4b:e0:e1:fe:d1:7a:8e:ba:16:f8:6c:f5:04:b1:79:ab:
ef:5c:b2:54:25:e8:8d:c8:89:99:e2:42:87:8d:8a:90:ea:6d:
8f:c0:e7:56:21:4f:ee:6f:b8:05:b7:07:09:9d:32:12:62:4a:
7b:82:1a:e4:50:85:30:5b:d2:73:ee:50:eb:3f:3e:8e:47:0a:
3e:d4:26:fc:0c:77:08:49:a2:08:81:a2:a2:23:94:53:d5:1f:
ec:d2:1a:58:4c:c9:5d:fa:2a:a7:0e:c7:9e:b5:6a:3f:9d:1d:
f4:ba:15:88:c0:00:0e:cb:c0:a3:90:6b:ec:68:3d:20:47:bc:
25:99:26:0c:38:af:7b:a7:61:3c:ce:52:c7:4b:13:a4:4b:81:
98:fd:04:d8:b9:d6:ed:11:3d:d9:a8:7f:9c:cc:2d:da:5f:0d:
da:77:a8:aa:57:80:82:2f:55:6a:b0:36:a0:56:d9:c7:ca:17:
2f:3f:a0:35:4c:d4:d3:be:10:c6:d4:ff:c8:92:59:8a:62:14:
01:6e:0f:ea:56:b3:b4:ca:ff:25:d4:b6:04:c1:5c:ae:12:7e:
82:e2:b8:41
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZQfjA5ksU9n3IQmgwYG/9aBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMTAxMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTE0N2FlZDRmZjBlZmI1MjJhMDU2OGZmNTMwY2EzYTk2YWJkYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN5jXLeuhyQltBd+yZkv+znGX/kr
l7gSHR0KpscFGmvsDxPR4v2hIWtU5iQuv5+Rnfov/iyOl9qV9hVWFSaAJVwpxQd+
+iXShMJeX/8ZwV555q7lnsnZKM7lCqzC5YpUQtc0qvYWrvzrd+wznnLm0W6nx5nA
dk/xV46I83Pc5q9IIsOaxLAvlzJs5N2g4XT38uYe+TPcCQKMZ1B/baOGrLtm9wKF
tMC+I86KZRAcUfikMaSWKPCowNAlds/A3Ww+NqWsYz+MFZJba4HgRWKq4GR70mmZ
FEe6mMGGV2PU0Y6YviS+AKaWpvF6tyaEGPRRiouG/tMSV8fV+RICaZ1s6wIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFL4Ueu1P8O+1IqBWj/UwyjqWq9xvMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvdmhSNjdVX3c3N1Vpb0ZhUDlUREtPcGFyM0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAFBgDAMEAFBgKwMEAFBgLwMEAFBgMwMEAFBgQwMEAFBgRQMEAFBgSAMEAFBg
TwMEAFBg2zAMAwQAUGGTAwQBUGGUAwQAUbQbAwQAUbUeAwQAUbVwAwQAUbWAAwQA
UbWnAwQAUbX2AwQAVXgUAwQAVXgXAwQAweIQAwQAweJ0AwQAweJ9AwQAweJ/AwQA
weaeAwQAwearAwQAwebZAwQAweblAwQAwedLAwQAwedsAwQAwee4AwQAwefCAwQA
wefiAwQAwefpAwQAwefsAwQAwefuAwQAwef8AwQAwmZiAwQAwmaGAwQAwmblAwQA
wpngAwQA2ZwOAwQB2ZwUAwQA2ZwpAwQA2ZxcMA0GCSqGSIb3DQEBCwUAA4IBAQA5
bMbCPRsNwJK9Cb5rq3f3Gy36g04wu0o+L982H/wdAGUjBYPJ6Evg4f7Reo66Fvhs
9QSxeavvXLJUJeiNyImZ4kKHjYqQ6m2PwOdWIU/ub7gFtwcJnTISYkp7ghrkUIUw
W9Jz7lDrPz6ORwo+1Cb8DHcISaIIgaKiI5RT1R/s0hpYTMld+iqnDseetWo/nR30
uhWIwAAOy8CjkGvsaD0gR7wlmSYMOK97p2E8zlLHSxOkS4GY/QTYudbtET3ZqH+c
zC3aXw3ad6iqV4CCL1VqsDagVtnHyhcvP6A1TNTTvhDG1P/IklmKYhQBbg/qVrO0
yv8l1LYEwVyuEn6C4rhB
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:54:11 2025 by rpki-client