Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/6gP4hVYsyzZooBniKfTx5wzV5D8.roa
File: 6gP4hVYsyzZooBniKfTx5wzV5D8.roa (raw, json)
Hash identifier: up+4i/yj2DsZ7CV/rogKQo30uo5SjJdu9fgen6uEwX0=
Subject key identifier: EA:03:F8:85:56:2C:CB:36:68:A0:19:E2:29:F4:F1:E7:0C:D5:E4:3F
Certificate issuer: /CN=1763214280055a47deb554fe9cb28dc0c1792302
Certificate serial: 019371DC18CE689BAB58BC43AEF8B2156D32
Authority key identifier: 17:63:21:42:80:05:5A:47:DE:B5:54:FE:9C:B2:8D:C0:C1:79:23:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F2MhQoAFWkfetVT-nLKNwMF5IwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/6gP4hVYsyzZooBniKfTx5wzV5D8.roa
Signing time: Thu 28 Nov 2024 08:21:09 +0000
ROA not before: Thu 28 Nov 2024 08:21:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12997
IP address blocks: 31.29.0.0/19 maxlen: 19
31.29.0.0/20 maxlen: 20
31.29.16.0/20 maxlen: 20
37.218.128.0/18 maxlen: 18
37.218.128.0/19 maxlen: 19
37.218.160.0/19 maxlen: 19
80.72.176.0/20 maxlen: 20
80.72.176.0/21 maxlen: 21
80.72.184.0/21 maxlen: 21
85.113.0.0/19 maxlen: 19
85.113.0.0/20 maxlen: 20
85.113.16.0/20 maxlen: 20
89.237.192.0/18 maxlen: 18
89.237.192.0/19 maxlen: 19
89.237.224.0/19 maxlen: 19
185.66.252.0/22 maxlen: 22
185.66.252.0/23 maxlen: 23
185.66.254.0/23 maxlen: 23
195.114.240.0/20 maxlen: 20
195.114.240.0/21 maxlen: 21
195.114.248.0/21 maxlen: 21
212.97.0.0/19 maxlen: 19
212.97.0.0/20 maxlen: 20
212.97.16.0/20 maxlen: 20
212.241.0.0/19 maxlen: 19
212.241.0.0/20 maxlen: 20
212.241.16.0/20 maxlen: 20
213.145.128.0/19 maxlen: 19
213.145.128.0/20 maxlen: 20
213.145.128.0/24 maxlen: 24
213.145.129.0/24 maxlen: 24
213.145.130.0/24 maxlen: 24
213.145.140.0/24 maxlen: 24
213.145.144.0/20 maxlen: 20
2a01:9d00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:71:dc:18:ce:68:9b:ab:58:bc:43:ae:f8:b2:15:6d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1763214280055a47deb554fe9cb28dc0c1792302
Validity
Not Before: Nov 28 08:21:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea03f885562ccb3668a019e229f4f1e70cd5e43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cc:82:c2:90:27:a0:e9:99:8a:eb:ee:f5:e1:
3f:07:a7:0c:8d:0b:4e:a3:e8:1b:ff:76:a2:73:d6:
e1:78:61:de:5a:f0:de:d8:69:be:c4:36:c6:e7:a6:
67:d9:66:4a:de:7c:31:60:b9:1c:75:87:a3:66:ef:
91:17:3b:ae:69:00:a0:36:aa:4c:4a:e7:68:42:78:
d4:24:75:22:61:ab:2c:2c:59:d8:27:92:9a:78:c9:
4c:05:70:c1:25:be:68:93:31:45:d5:0d:0e:62:fe:
3f:8a:13:54:4f:02:5c:8e:c9:d4:7d:9f:e5:dc:45:
51:78:ce:0b:fe:9b:24:37:f6:6c:bf:6f:2a:19:aa:
f3:63:70:5e:06:62:e6:21:df:56:d4:41:31:6d:7a:
39:69:a3:d3:ec:2c:11:53:c9:79:a3:c3:18:31:54:
66:96:d1:be:88:21:d0:5f:82:7e:4f:21:74:46:ca:
a2:f5:78:a2:83:fe:89:49:27:c8:8c:90:5a:2a:b0:
11:ed:93:4c:96:2b:1f:99:84:72:23:2d:7e:06:65:
69:17:31:59:53:08:aa:2b:c7:37:b1:75:e2:92:2b:
99:c5:0c:4b:79:ad:83:ec:fa:2b:e4:fc:cc:5e:69:
7b:b0:49:f9:4f:81:5c:32:c3:c5:7e:c9:9d:90:b3:
2c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:03:F8:85:56:2C:CB:36:68:A0:19:E2:29:F4:F1:E7:0C:D5:E4:3F
X509v3 Authority Key Identifier:
keyid:17:63:21:42:80:05:5A:47:DE:B5:54:FE:9C:B2:8D:C0:C1:79:23:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F2MhQoAFWkfetVT-nLKNwMF5IwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/6gP4hVYsyzZooBniKfTx5wzV5D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/F2MhQoAFWkfetVT-nLKNwMF5IwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.0.0/19
37.218.128.0/18
80.72.176.0/20
85.113.0.0/19
89.237.192.0/18
185.66.252.0/22
195.114.240.0/20
212.97.0.0/19
212.241.0.0/19
213.145.128.0/19
IPv6:
2a01:9d00::/32
Signature Algorithm: sha256WithRSAEncryption
74:81:b1:1e:d3:c7:0f:90:58:4b:91:82:5e:70:35:d0:dc:c1:
0f:e9:a2:08:e5:f7:30:d7:64:82:da:4d:f9:18:e3:d9:2e:24:
c4:02:95:fb:9c:31:5a:c3:48:48:c7:a7:e9:9c:01:1b:78:1c:
6f:d6:ff:26:6b:b6:e0:60:70:58:41:2e:20:ff:31:df:e7:96:
30:33:e9:8f:65:b2:04:bb:ff:f4:08:cd:2d:ee:93:16:38:c6:
55:d5:7b:9c:f6:4c:4c:f2:07:75:21:fc:56:26:df:5c:f4:1e:
63:3e:66:8f:ee:0b:2a:95:66:d0:1d:64:32:f7:52:65:e9:37:
65:9d:8e:e8:25:47:c9:ce:ee:62:90:a3:f0:9b:2d:28:76:2e:
10:4e:88:80:57:17:3c:19:2e:03:41:04:9b:de:d6:5f:f9:b6:
47:cd:4e:c1:92:f6:eb:7c:4b:2f:fd:dd:85:ab:76:74:3f:a5:
f6:c5:5a:be:1d:12:80:83:f0:3f:dc:64:5e:f7:b6:d9:e9:25:
ba:60:02:23:cd:d0:73:01:84:a2:22:ec:d1:49:26:e0:42:19:
60:92:68:95:de:48:11:77:ab:3d:d8:87:e9:2d:ea:fd:f0:ce:
3c:cc:bc:4b:8a:8f:5f:2f:ff:1f:90:42:5d:7b:63:a4:36:19:
c8:fd:7d:94
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZNx3BjOaJurWLxDrviyFW0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NjMyMTQyODAwNTVhNDdkZWI1NTRmZTljYjI4ZGMwYzE3
OTIzMDIwHhcNMjQxMTI4MDgyMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTAzZjg4NTU2MmNjYjM2NjhhMDE5ZTIyOWY0ZjFlNzBjZDVlNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcyCwpAnoOmZiuvu9eE/B6cMjQtO
o+gb/3aic9bheGHeWvDe2Gm+xDbG56Zn2WZK3nwxYLkcdYejZu+RFzuuaQCgNqpM
SudoQnjUJHUiYassLFnYJ5KaeMlMBXDBJb5okzFF1Q0OYv4/ihNUTwJcjsnUfZ/l
3EVReM4L/pskN/Zsv28qGarzY3BeBmLmId9W1EExbXo5aaPT7CwRU8l5o8MYMVRm
ltG+iCHQX4J+TyF0Rsqi9Xiig/6JSSfIjJBaKrAR7ZNMlisfmYRyIy1+BmVpFzFZ
UwiqK8c3sXXikiuZxQxLea2D7Por5PzMXml7sEn5T4FcMsPFfsmdkLMsKwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFOoD+IVWLMs2aKAZ4in08ecM1eQ/MB8GA1UdIwQY
MBaAFBdjIUKABVpH3rVU/pyyjcDBeSMCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjJNaFFvQUZXa2ZldFZULW5MS053TUY1SXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jZmJjZmEtODhkYS00ODhlLWFjZTEt
Nzk2Nzk2MmU3Yzc1LzEvNmdQNGhWWXN5elpvb0JuaUtmVHg1d3pWNUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jZmJjZmEtODhkYS00ODhlLWFjZTEtNzk2Nzk2MmU3Yzc1
LzEvRjJNaFFvQUZXa2ZldFZULW5MS053TUY1SXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFHx0AAwQG
JdqAAwQEUEiwAwQFVXEAAwQGWe3AAwQCuUL8AwQEw3LwAwQF1GEAAwQF1PEAAwQF
1ZGAMA0EAgACMAcDBQAqAZ0AMA0GCSqGSIb3DQEBCwUAA4IBAQB0gbEe08cPkFhL
kYJecDXQ3MEP6aII5fcw12SC2k35GOPZLiTEApX7nDFaw0hIx6fpnAEbeBxv1v8m
a7bgYHBYQS4g/zHf55YwM+mPZbIEu//0CM0t7pMWOMZV1Xuc9kxM8gd1IfxWJt9c
9B5jPmaP7gsqlWbQHWQy91Jl6TdlnY7oJUfJzu5ikKPwmy0odi4QToiAVxc8GS4D
QQSb3tZf+bZHzU7BkvbrfEsv/d2Fq3Z0P6X2xVq+HRKAg/A/3GRe97bZ6SW6YAIj
zdBzAYSiIuzRSSbgQhlgkmiV3kgRd6s92IfpLer98M48zLxLio9fL/8fkEJde2Ok
NhnI/X2U
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:22:51 2025 by rpki-client