Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/K9XBOwJk6awXZPKiYLtiLpYGyKg.roa
File: K9XBOwJk6awXZPKiYLtiLpYGyKg.roa (raw, json)
Hash identifier: A+/El0hJzxqjGEglyGTxaSE+TMY5MCNcKSKB59H0uD8=
Subject key identifier: 2B:D5:C1:3B:02:64:E9:AC:17:64:F2:A2:60:BB:62:2E:96:06:C8:A8
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 018CC4248F348A3BBB8744214F2B953E3CE9
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/K9XBOwJk6awXZPKiYLtiLpYGyKg.roa
Signing time: Mon 01 Jan 2024 08:29:39 +0000
ROA not before: Mon 01 Jan 2024 08:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9125
IP address blocks: 93.93.192.0/21 maxlen: 21
92.42.253.0/24 maxlen: 24
92.42.252.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.145.0/24 maxlen: 24
178.254.140.0/22 maxlen: 22
178.254.165.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.116.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
178.254.187.0/24 maxlen: 24
185.157.44.0/24 maxlen: 24
109.111.254.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.216.0/22 maxlen: 22
217.169.220.0/22 maxlen: 22
5.172.34.0/24 maxlen: 24
5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.36.0/23 maxlen: 23
5.172.36.0/22 maxlen: 22
109.111.226.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.232.0/22 maxlen: 22
109.111.229.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.227.0/24 maxlen: 24
109.111.240.0/24 maxlen: 24
109.111.236.0/22 maxlen: 22
109.111.246.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 Feb 2024 09:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:8f:34:8a:3b:bb:87:44:21:4f:2b:95:3e:3c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 1 08:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bd5c13b0264e9ac1764f2a260bb622e9606c8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2e:77:aa:c2:41:ac:c1:99:b4:43:bd:38:a6:
5d:bb:05:bc:6c:ff:6e:38:9b:a0:77:e7:a5:e4:bd:
e4:eb:5f:15:a2:2f:17:7c:3b:1b:16:b6:ba:5a:9e:
89:66:7e:2d:9f:60:16:1d:81:59:28:da:58:30:e0:
a0:1b:40:b0:7d:67:24:80:a3:25:25:92:bf:9e:2b:
0d:81:dc:17:97:90:4f:7f:c1:a3:01:2d:f3:9b:a9:
22:20:3f:1c:c2:f7:23:67:0c:00:92:62:e9:b1:70:
9f:33:9d:45:e8:5d:37:c7:38:1d:a0:6b:a8:5e:c3:
23:38:58:fd:55:3b:d3:3f:9e:1e:ac:a1:b4:8d:a3:
f3:4f:94:71:44:b1:30:f6:71:cc:66:62:37:57:7e:
31:d8:a1:be:aa:cc:58:5d:24:f3:17:63:aa:28:8d:
f3:48:21:54:5d:42:8f:de:cf:de:45:0c:74:6d:34:
63:d2:43:e0:d7:5c:c9:6d:36:8d:b3:a7:15:42:50:
68:99:c9:41:75:11:e1:a9:fe:5d:08:40:cd:c5:5e:
54:00:d0:cc:f2:a9:14:00:81:d4:0d:0f:1c:c0:89:
46:05:63:89:d7:4b:05:23:4e:6c:c3:52:12:60:c9:
15:73:2b:f3:7b:b7:a1:96:d3:a1:44:59:51:5a:d3:
13:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D5:C1:3B:02:64:E9:AC:17:64:F2:A2:60:BB:62:2E:96:06:C8:A8
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/K9XBOwJk6awXZPKiYLtiLpYGyKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.77.0/24
89.23.84.0/24
89.23.90.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.248.255
109.111.250.0/24
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
8a:26:07:8c:07:ae:4d:ae:c7:e5:29:a6:d0:7c:e5:1a:4a:68:
e1:5a:ef:cf:10:12:09:e2:de:3e:9d:75:7a:83:b5:c1:be:47:
a9:87:bc:42:6e:b1:a7:4b:02:dd:95:e8:f6:03:2b:a4:07:45:
3f:05:fa:4a:5e:aa:6f:b8:b3:27:d8:55:17:94:1b:52:a8:05:
5f:a2:a1:d3:58:a9:db:a6:a9:b0:36:cc:3d:b6:cf:e6:43:99:
9a:ba:5c:44:95:3b:48:de:10:c7:24:1b:6f:9f:55:02:de:0e:
75:b4:47:2a:ac:55:91:81:ab:f5:19:a5:40:d7:a1:48:44:14:
b5:9b:75:93:d7:39:38:c9:0a:09:c8:1a:b3:75:24:e9:75:5c:
67:15:da:49:36:b1:a4:06:75:ca:e4:45:b5:99:61:69:f0:c9:
26:b6:07:01:bf:c6:a6:14:98:ff:f6:f6:47:81:8d:41:16:48:
2b:40:c6:e8:27:ff:9e:2d:0b:c3:58:8f:65:15:0d:69:d3:67:
cf:81:7e:ee:ab:6e:be:2b:ad:ac:17:17:fa:dc:f4:a3:96:ab:
b0:94:a2:d3:cc:f7:cd:50:55:0b:8b:26:37:79:70:6e:e4:a9:
63:93:ea:2d:1d:f5:fc:90:38:3b:2f:fb:ed:11:18:a1:e6:0e:
d5:81:fa:1c
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAYzEJI80iju7h0QhTyuVPjzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQwMTAxMDgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ1YzEzYjAyNjRlOWFjMTc2NGYyYTI2MGJiNjIyZTk2MDZjOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy53qsJBrMGZtEO9OKZduwW8bP9u
OJugd+el5L3k618Voi8XfDsbFra6Wp6JZn4tn2AWHYFZKNpYMOCgG0CwfWckgKMl
JZK/nisNgdwXl5BPf8GjAS3zm6kiID8cwvcjZwwAkmLpsXCfM51F6F03xzgdoGuo
XsMjOFj9VTvTP54erKG0jaPzT5RxRLEw9nHMZmI3V34x2KG+qsxYXSTzF2OqKI3z
SCFUXUKP3s/eRQx0bTRj0kPg11zJbTaNs6cVQlBomclBdRHhqf5dCEDNxV5UANDM
8qkUAIHUDQ8cwIlGBWOJ10sFI05sw1ISYMkVcyvze7ehltOhRFlRWtMTLQIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFCvVwTsCZOmsF2TyomC7Yi6WBsioMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvSzlYQk93Sms2YXdYWlBLaVlMdGlMcFlHeUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgekEAgABMIHiMAwD
BAAFrCEDBAMFrCAwDAMEAFkXQQMEAFkXRgMEAVkXSgMEAFkXTQMEAFkXVAMEAFkX
WgMEAFkXXQMEA1wq+AMEA11dwDAMAwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+AD
BABtb/AwDAMEAG1v8wMEAG1v+AMEAG1v+jAMAwQCbW/8AwQAbW/+AwQFsv6AAwQA
sv6jAwQAsv6lAwQAsv6pAwQAsv6sAwQAsv6vAwQAsv6xMAwDBAGy/rYDBACy/rgw
DAMEALL+uwMEBrL+gAMEALmdLAMEAMFoRAMEBNmp0DANBAIAAjAHAwUAKgILWDAN
BgkqhkiG9w0BAQsFAAOCAQEAiiYHjAeuTa7H5Smm0HzlGkpo4VrvzxASCeLePp11
eoO1wb5HqYe8Qm6xp0sC3ZXo9gMrpAdFPwX6Sl6qb7izJ9hVF5QbUqgFX6Kh01ip
26apsDbMPbbP5kOZmrpcRJU7SN4QxyQbb59VAt4OdbRHKqxVkYGr9RmlQNehSEQU
tZt1k9c5OMkKCcgas3Uk6XVcZxXaSTaxpAZ1yuRFtZlhafDJJrYHAb/GphSY//b2
R4GNQRZIK0DG6Cf/ni0Lw1iPZRUNadNnz4F+7qtuviutrBcX+tz0o5arsJSi08z3
zVBVC4smN3lwbuSpY5PqLR31/JA4Oy/77REYoeYO1YH6HA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org