Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Iu9XsRZHe6Z9tkNOrM5Xp-ywLx4.roa
File: Iu9XsRZHe6Z9tkNOrM5Xp-ywLx4.roa (raw, json)
Hash identifier: OQjp+x7B0NEVcUQ41kBkx6uXuwVmHPPv0EIbaBNfGbE=
Subject key identifier: 22:EF:57:B1:16:47:7B:A6:7D:B6:43:4E:AC:CE:57:A7:EC:B0:2F:1E
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0194F9F4936AE66C9EF3E669839D7A14288B
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Iu9XsRZHe6Z9tkNOrM5Xp-ywLx4.roa
Signing time: Wed 12 Feb 2025 11:39:02 +0000
ROA not before: Wed 12 Feb 2025 11:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Feb 2025 12:23:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:f4:93:6a:e6:6c:9e:f3:e6:69:83:9d:7a:14:28:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Feb 12 11:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22ef57b116477ba67db6434eacce57a7ecb02f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:10:9e:e1:61:b5:74:0e:61:73:b9:a0:7c:e4:
b2:88:ac:85:41:b5:8f:ea:d0:6c:94:cd:96:73:7b:
14:ae:67:a3:02:28:a6:b2:00:8d:9e:66:53:02:f2:
76:88:14:80:72:7e:60:0f:7b:de:13:53:16:41:02:
2a:73:d5:aa:c5:4f:be:5f:69:8a:dc:68:05:5e:86:
e9:76:d3:7d:61:9a:fc:0b:5a:13:b6:e2:60:c6:b9:
b3:68:f1:38:15:46:b3:b9:73:bf:8d:c3:d8:a4:db:
60:1f:32:ef:59:d4:4a:7d:bb:e7:c6:1c:db:2d:bd:
d3:bd:0a:99:4c:ba:9a:17:0c:cd:d8:fa:4a:2c:cb:
23:11:fc:02:25:78:79:07:aa:8b:7b:f5:dd:e0:ba:
9e:73:b5:99:04:ed:50:0b:09:53:5e:0c:a5:fd:7c:
ec:5f:a3:6c:24:de:a5:5f:67:01:55:91:58:02:63:
12:84:ab:d9:11:aa:de:22:90:04:b9:98:0f:be:88:
6f:c5:53:94:51:78:5a:2d:47:75:4e:68:25:e8:b2:
42:ba:19:82:e6:ef:ce:3e:4d:11:55:c1:2c:c7:1f:
bf:82:0f:e2:bf:10:85:66:55:ad:ca:dc:53:51:95:
a3:0e:ac:16:9e:d2:cd:55:e4:b2:e2:e6:9a:b1:d3:
58:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EF:57:B1:16:47:7B:A6:7D:B6:43:4E:AC:CE:57:A7:EC:B0:2F:1E
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Iu9XsRZHe6Z9tkNOrM5Xp-ywLx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:7f:e1:b1:34:22:4e:9d:8c:4b:21:7f:57:e0:be:5a:ae:1f:
b2:1a:66:c2:2f:fc:91:b8:08:8c:86:36:71:61:cd:24:7d:ea:
b8:f4:e3:20:88:71:90:c9:ab:b2:88:15:35:22:63:ec:8d:d0:
c8:ec:4b:d1:4f:7e:50:1c:e5:ec:4d:79:11:7b:df:c3:4e:13:
8d:80:2b:d3:d2:c8:73:e2:01:1d:e3:2b:23:ce:63:fd:bd:89:
09:d9:d1:b0:d2:29:4f:85:fb:e8:4f:45:9b:7a:72:ac:e8:3c:
0c:36:c7:86:3c:5f:b6:b5:06:c2:2c:93:c3:30:f7:1f:81:c2:
b7:45:cf:af:93:8a:79:b2:c3:2c:87:dc:d1:7d:0e:50:7f:c9:
18:9e:50:dd:bd:64:ae:3d:7b:d7:14:ed:ad:3d:e5:8c:5b:f4:
8b:c4:84:42:d3:33:1e:ac:a0:c7:ba:4a:6f:c6:00:40:1e:67:
59:b9:3e:c8:77:c3:d2:3d:fd:6d:02:89:1c:cd:bc:18:82:41:
1d:36:48:eb:a6:7c:38:98:c0:4f:5c:b9:9a:53:8d:c4:5d:85:
53:91:d6:08:4c:e3:dd:89:72:6a:61:ff:d7:75:de:d8:82:23:
97:2a:7e:cd:78:a5:35:bb:e0:37:5b:6c:f1:d9:1f:14:e4:ac:
e1:d4:03:75
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZT59JNq5mye8+Zpg516FCiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMjEyMTEzOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmVmNTdiMTE2NDc3YmE2N2RiNjQzNGVhY2NlNTdhN2VjYjAyZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRCe4WG1dA5hc7mgfOSyiKyFQbWP
6tBslM2Wc3sUrmejAiimsgCNnmZTAvJ2iBSAcn5gD3veE1MWQQIqc9WqxU++X2mK
3GgFXobpdtN9YZr8C1oTtuJgxrmzaPE4FUazuXO/jcPYpNtgHzLvWdRKfbvnxhzb
Lb3TvQqZTLqaFwzN2PpKLMsjEfwCJXh5B6qLe/Xd4Lqec7WZBO1QCwlTXgyl/Xzs
X6NsJN6lX2cBVZFYAmMShKvZEareIpAEuZgPvohvxVOUUXhaLUd1Tmgl6LJCuhmC
5u/OPk0RVcEsxx+/gg/ivxCFZlWtytxTUZWjDqwWntLNVeSy4uaasdNYTwIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFCLvV7EWR3umfbZDTqzOV6fssC8eMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSXU5WHNSWkhlNlo5dGtOT3JNNVhwLXl3THg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgYQEAgABMH4DBAIC
OKQDBAAFtjADBAItURQDBAItjNwDBAJNU/ADBABObNkDBAJTj3QDBAJVyqADBAJZ
vpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uADBADBHx4DBALB
IkwDBALB3cADBALCMhADBALCOOADBALUawwwcQQCAAIwawMHBCoLC4IAADAPAwUC
KgsLhAMGASoLC4YAAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//SAwcAKgsLh//a
AwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQMqDXfAMA0G
CSqGSIb3DQEBCwUAA4IBAQAJf+GxNCJOnYxLIX9X4L5arh+yGmbCL/yRuAiMhjZx
Yc0kfeq49OMgiHGQyauyiBU1ImPsjdDI7EvRT35QHOXsTXkRe9/DThONgCvT0shz
4gEd4ysjzmP9vYkJ2dGw0ilPhfvoT0WbenKs6DwMNseGPF+2tQbCLJPDMPcfgcK3
Rc+vk4p5ssMsh9zRfQ5Qf8kYnlDdvWSuPXvXFO2tPeWMW/SLxIRC0zMerKDHukpv
xgBAHmdZuT7Id8PSPf1tAokczbwYgkEdNkjrpnw4mMBPXLmaU43EXYVTkdYITOPd
iXJqYf/Xdd7YgiOXKn7NeKU1u+A3W2zx2R8U5Kzh1AN1
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:11:08 2025 by rpki-client