Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9PvvyrKjVfgZ3FUN_S4UbV3GVA8.roa
File: 9PvvyrKjVfgZ3FUN_S4UbV3GVA8.roa (raw, json)
Hash identifier: xKYYfYXQfVMYwKdQbJltNHkQ+AVUeQ4WzFn9PTKghGg=
Subject key identifier: F4:FB:EF:CA:B2:A3:55:F8:19:DC:55:0D:FD:2E:14:6D:5D:C6:54:0F
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 0194221FBFCC465C3D93D471C33E1AADE6D4
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9PvvyrKjVfgZ3FUN_S4UbV3GVA8.roa
Signing time: Wed 01 Jan 2025 13:48:13 +0000
ROA not before: Wed 01 Jan 2025 13:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5607
IP address blocks: 2.120.0.0/13 maxlen: 13
2.216.0.0/13 maxlen: 13
5.64.0.0/13 maxlen: 13
46.64.0.0/15 maxlen: 15
51.19.0.0/16 maxlen: 16
51.146.0.0/16 maxlen: 16
51.182.0.0/15 maxlen: 15
51.186.0.0/15 maxlen: 15
51.186.0.0/18 maxlen: 18
51.186.64.0/18 maxlen: 18
51.186.128.0/18 maxlen: 18
51.186.192.0/18 maxlen: 18
51.187.0.0/18 maxlen: 18
51.187.64.0/18 maxlen: 18
51.187.128.0/18 maxlen: 18
51.187.192.0/18 maxlen: 18
51.190.0.0/15 maxlen: 15
51.194.0.0/16 maxlen: 16
51.198.0.0/18 maxlen: 18
51.198.72.0/21 maxlen: 21
51.198.80.0/20 maxlen: 20
51.198.96.0/19 maxlen: 19
51.198.128.0/17 maxlen: 17
51.199.0.0/17 maxlen: 17
51.199.128.0/18 maxlen: 18
51.199.192.0/19 maxlen: 19
51.199.224.0/20 maxlen: 20
51.199.240.0/21 maxlen: 21
51.199.248.0/22 maxlen: 22
51.241.0.0/16 maxlen: 16
78.86.0.0/16 maxlen: 16
78.105.0.0/16 maxlen: 16
87.80.0.0/15 maxlen: 15
90.192.0.0/11 maxlen: 11
93.96.0.0/17 maxlen: 17
93.96.128.0/18 maxlen: 18
93.96.224.0/19 maxlen: 19
93.96.224.0/23 maxlen: 23
93.96.228.0/23 maxlen: 23
94.0.0.0/12 maxlen: 12
94.192.0.0/14 maxlen: 14
149.241.0.0/16 maxlen: 16
151.224.0.0/13 maxlen: 13
176.24.0.0/14 maxlen: 14
176.248.0.0/13 maxlen: 13
176.255.240.0/24 maxlen: 24
176.255.241.0/24 maxlen: 24
176.255.242.0/24 maxlen: 24
188.220.0.0/14 maxlen: 14
2a02:c78::/29 maxlen: 29
2a02:c7a::/32 maxlen: 32
2a02:c7a:1200::/48 maxlen: 48
2a02:c7a:1202::/48 maxlen: 48
2a02:c7b::/32 maxlen: 32
2a02:c7c::/30 maxlen: 30
2a02:c7c::/33 maxlen: 33
2a02:c7c:8000::/33 maxlen: 33
2a02:c7d::/33 maxlen: 33
2a02:c7d:8000::/33 maxlen: 33
2a02:c7e::/33 maxlen: 33
2a02:c7e:8000::/33 maxlen: 33
2a02:c7f::/33 maxlen: 33
2a02:c7f:8000::/33 maxlen: 33
2a06:5900::/32 maxlen: 32
2a06:5900::/34 maxlen: 34
2a06:5900:4000::/34 maxlen: 34
2a06:5900:8000::/34 maxlen: 34
2a06:5900:c000::/34 maxlen: 34
2a06:5901::/33 maxlen: 33
2a06:5902::/31 maxlen: 31
2a06:5904::/31 maxlen: 31
2a06:5906::/31 maxlen: 31
Validation: Failed, certificate revoked on Tue 14 Jan 2025 18:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:bf:cc:46:5c:3d:93:d4:71:c3:3e:1a:ad:e6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Jan 1 13:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4fbefcab2a355f819dc550dfd2e146d5dc6540f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e3:1b:07:2e:4b:40:70:45:d3:12:2d:fb:86:
39:61:15:a9:96:5c:33:06:b2:07:b0:85:fb:19:e3:
30:4a:3f:fb:3b:f0:70:90:1b:74:ad:55:8e:da:8a:
ba:bb:47:de:30:1d:be:61:d8:91:66:58:de:03:2c:
ae:06:91:cc:b6:ff:fb:0a:d7:32:6d:a7:b9:4d:73:
96:83:98:db:47:ed:05:3e:c4:58:fa:5f:85:2f:07:
2a:3c:1e:36:2d:84:85:c3:bb:9f:99:cb:7e:d5:87:
89:95:c5:34:d8:17:14:a1:b5:83:fc:e9:62:85:53:
02:c6:58:44:c5:2c:1c:ce:b0:64:f5:3a:95:3c:14:
29:5b:ae:54:ac:a4:fe:2b:22:b1:d7:fe:85:c8:b7:
f3:6b:de:83:76:69:af:46:13:79:20:44:2e:7f:ff:
fe:7c:ac:b5:87:1e:ed:05:ff:de:c3:e9:92:60:69:
eb:f5:13:7c:91:95:da:17:10:2b:76:c0:79:2c:3a:
01:05:91:95:8a:ea:13:03:45:3a:31:38:65:ac:e8:
9d:4b:89:53:79:42:7f:3a:f5:dc:cf:9e:22:d4:ef:
6b:2a:6c:67:70:9d:03:d9:ee:37:35:9c:55:2d:2b:
7e:f7:4f:ab:6e:bd:af:75:72:7a:6a:d2:41:6b:3b:
ee:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:FB:EF:CA:B2:A3:55:F8:19:DC:55:0D:FD:2E:14:6D:5D:C6:54:0F
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9PvvyrKjVfgZ3FUN_S4UbV3GVA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.120.0.0/13
2.216.0.0/13
5.64.0.0/13
46.64.0.0/15
51.19.0.0/16
51.146.0.0/16
51.182.0.0/15
51.186.0.0/15
51.190.0.0/15
51.194.0.0/16
51.198.0.0/18
51.198.72.0-51.199.251.255
51.241.0.0/16
78.86.0.0/16
78.105.0.0/16
87.80.0.0/15
90.192.0.0/11
93.96.0.0-93.96.191.255
93.96.224.0/19
94.0.0.0/12
94.192.0.0/14
149.241.0.0/16
151.224.0.0/13
176.24.0.0/14
176.248.0.0/13
188.220.0.0/14
IPv6:
2a02:c78::/29
2a06:5900::-2a06:5901:7fff:ffff:ffff:ffff:ffff:ffff
2a06:5902::-2a06:5907:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5b:ce:68:ff:33:89:ca:5a:5d:6a:da:3a:bc:bf:c5:44:54:c7:
a3:db:b9:b1:52:7d:9f:6f:b1:f1:11:20:5e:70:53:06:9c:eb:
ed:06:d9:09:bd:5a:70:9c:9e:95:d3:f2:52:e1:a5:e7:08:45:
6c:3c:b4:d9:91:cf:02:86:b4:84:e1:43:ca:5f:6e:f7:88:d1:
74:84:26:9f:94:c1:ab:52:c6:e6:65:75:5b:3b:2e:69:a3:de:
05:e6:ae:5a:f8:df:31:80:89:3a:4b:80:56:97:35:96:60:42:
c2:b5:de:d2:50:7e:28:4c:5f:48:a5:95:ce:71:1b:37:83:06:
a1:62:ff:d5:2c:a0:6c:ce:7d:4a:cf:2f:38:03:4f:a6:f9:e7:
cd:95:e6:15:14:7c:a6:d7:ba:d5:5f:02:5c:d5:d5:8b:f3:e7:
9b:91:b0:cb:9c:5e:8c:5c:a7:91:ab:d6:59:c4:5c:8f:ac:67:
0e:ab:6f:3e:ed:4e:f4:64:85:8d:08:85:84:9d:72:85:69:aa:
2d:05:b3:88:9b:69:66:62:13:e3:74:07:1e:35:f6:fd:ff:89:
4c:03:3e:9c:88:09:d6:b5:a3:28:79:c0:27:94:eb:39:f1:0b:
b7:4a:23:7f:a4:77:18:c8:42:a7:28:a3:ae:e4:e6:21:1c:8a:
ea:2c:a8:c0
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZQiH7/MRlw9k9Rxwz4arebUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjUwMTAxMTM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGZiZWZjYWIyYTM1NWY4MTlkYzU1MGRmZDJlMTQ2ZDVkYzY1NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeMbBy5LQHBF0xIt+4Y5YRWpllwz
BrIHsIX7GeMwSj/7O/BwkBt0rVWO2oq6u0feMB2+YdiRZljeAyyuBpHMtv/7Ctcy
bae5TXOWg5jbR+0FPsRY+l+FLwcqPB42LYSFw7ufmct+1YeJlcU02BcUobWD/Oli
hVMCxlhExSwczrBk9TqVPBQpW65UrKT+KyKx1/6FyLfza96DdmmvRhN5IEQuf//+
fKy1hx7tBf/ew+mSYGnr9RN8kZXaFxArdsB5LDoBBZGViuoTA0U6MThlrOidS4lT
eUJ/OvXcz54i1O9rKmxncJ0D2e43NZxVLSt+90+rbr2vdXJ6atJBazvuJwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFPT778qyo1X4GdxVDf0uFG1dxlQPMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvOVB2dnlyS2pWZmdaM0ZVTl9TNFViVjNHVkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBnAQCAAEwgZUDAwMC
eAMDAwLYAwMDBUADAwEuQAMDADMTAwMAM5IDAwEztgMDATO6AwMBM74DAwAzwgME
BjPGADAMAwQDM8ZIAwQCM8f4AwMAM/EDAwBOVgMDAE5pAwMBV1ADAwVawDALAwMF
XWADBAZdYIADBAVdYOADAwReAAMDAl7AAwMAlfEDAwOX4AMDArAYAwMDsPgDAwK8
3DAtBAIAAjAnAwUDKgIMeDAOAwQAKgZZAwYHKgZZAQAwDgMFASoGWQIDBQMqBlkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbzmj/M4nKWl1q2jq8v8VEVMej27mxUn2fb7Hx
ESBecFMGnOvtBtkJvVpwnJ6V0/JS4aXnCEVsPLTZkc8ChrSE4UPKX273iNF0hCaf
lMGrUsbmZXVbOy5po94F5q5a+N8xgIk6S4BWlzWWYELCtd7SUH4oTF9IpZXOcRs3
gwahYv/VLKBszn1Kzy84A0+m+efNleYVFHym17rVXwJc1dWL8+ebkbDLnF6MXKeR
q9ZZxFyPrGcOq28+7U70ZIWNCIWEnXKFaaotBbOIm2lmYhPjdAceNfb9/4lMAz6c
iAnWtaMoecAnlOs58Qu3SiN/pHcYyEKnKKOu5OYhHIrqLKjA
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:59:33 2025 by rpki-client