Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/KAvkGGrjqCZrj5OC2a5xiHC2rng.roa
File: KAvkGGrjqCZrj5OC2a5xiHC2rng.roa (raw, json)
Hash identifier: WTAbdoIAdQyfee6ix/qPGWiaQqgI5iDhZQUtjQHeKts=
Subject key identifier: 28:0B:E4:18:6A:E3:A8:26:6B:8F:93:82:D9:AE:71:88:70:B6:AE:78
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 018EA8CE519C927B343F51B0567A07DA47AF
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/KAvkGGrjqCZrj5OC2a5xiHC2rng.roa
Signing time: Thu 04 Apr 2024 11:11:17 +0000
ROA not before: Thu 04 Apr 2024 11:11:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.145.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 19 Apr 2024 08:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:ce:51:9c:92:7b:34:3f:51:b0:56:7a:07:da:47:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Apr 4 11:11:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=280be4186ae3a8266b8f9382d9ae718870b6ae78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:36:c4:b0:1b:c8:33:da:13:33:d2:04:c1:a4:
21:e4:4b:e2:af:0e:ff:ca:56:2c:02:5c:07:04:ee:
dc:3e:4d:63:06:b8:12:0b:0a:2f:e8:f5:68:21:de:
f0:b0:90:a7:6d:29:8e:d4:e2:dd:bf:41:44:49:b5:
d7:3a:4b:12:1f:d8:1e:6d:75:be:92:cd:1c:36:17:
fc:2b:07:fe:e1:33:0f:94:88:0f:d1:37:5e:ad:cc:
8c:66:c8:7d:4e:2d:79:74:e7:45:7b:b9:aa:ff:0e:
00:69:22:c6:78:b5:ed:41:38:8a:d2:f1:9b:71:19:
99:4d:28:b1:05:29:39:95:56:59:39:7b:54:82:5f:
58:a5:0a:d8:06:04:fb:58:ff:e1:a9:dd:a2:f2:83:
e3:a2:60:9c:51:e3:9d:09:b5:59:a0:83:33:5f:94:
88:28:76:3b:39:79:6f:8e:f9:b7:70:f2:ce:19:96:
0f:8f:04:1f:a9:c3:8e:3f:c3:c9:69:4d:14:81:af:
ee:07:06:e3:cc:aa:a5:75:ad:8e:4a:87:2a:b2:84:
e9:23:ac:ac:5b:c6:25:1a:d5:df:f0:b0:9f:81:e0:
ab:f3:22:49:58:fb:4c:49:5b:de:90:39:fb:2e:31:
6f:2d:09:4c:27:90:cd:e1:9b:cd:e2:00:8b:7a:02:
1e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0B:E4:18:6A:E3:A8:26:6B:8F:93:82:D9:AE:71:88:70:B6:AE:78
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/KAvkGGrjqCZrj5OC2a5xiHC2rng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.78.255
89.23.83.0-89.23.84.255
89.23.90.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.248.255
109.111.250.0/24
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
1a:8f:bd:31:24:f0:9d:e2:6f:9a:01:92:03:68:80:f3:0e:3d:
c7:f5:fa:50:e0:e2:a5:c2:4a:0c:16:b7:64:6d:aa:19:04:b1:
ae:07:b7:b3:12:61:ea:01:d7:39:2b:b5:90:89:77:35:f0:f3:
7f:0f:18:3a:f0:10:e6:d0:1e:3d:50:51:f8:e1:18:4e:92:0a:
3f:85:13:31:42:65:70:5c:49:61:43:5c:88:2a:5e:b2:a1:13:
f2:ea:7d:04:95:a0:44:3a:ad:f9:42:b8:1e:d2:77:40:06:0f:
77:59:5b:52:f0:01:36:ee:f8:61:a2:25:54:17:88:d9:d2:a2:
0e:4b:9e:61:7c:cd:c4:93:00:ed:61:5d:2f:61:7a:9b:ce:58:
3b:02:0a:82:6f:f7:15:ec:b4:ae:43:6f:22:d4:c8:a6:38:84:
7a:29:b9:e3:f3:57:86:62:3a:ec:98:39:e5:62:43:70:80:03:
2e:98:24:1b:4c:88:52:2d:44:f1:9a:ed:33:7a:ed:ce:54:d3:
7b:08:c3:63:5d:db:a9:c3:0c:41:c7:a0:ed:b1:56:9d:61:97:
5f:5b:4a:84:91:f0:42:83:5c:5e:f9:90:d4:ed:b4:86:43:7f:
77:62:84:43:d6:0c:49:ac:79:69:d0:89:13:f7:28:e6:53:5b:
09:76:17:b0
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAY6ozlGckns0P1GwVnoH2kevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQwNDA0MTExMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBiZTQxODZhZTNhODI2NmI4ZjkzODJkOWFlNzE4ODcwYjZhZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTbEsBvIM9oTM9IEwaQh5Evirw7/
ylYsAlwHBO7cPk1jBrgSCwov6PVoId7wsJCnbSmO1OLdv0FESbXXOksSH9gebXW+
ks0cNhf8Kwf+4TMPlIgP0TdercyMZsh9Ti15dOdFe7mq/w4AaSLGeLXtQTiK0vGb
cRmZTSixBSk5lVZZOXtUgl9YpQrYBgT7WP/hqd2i8oPjomCcUeOdCbVZoIMzX5SI
KHY7OXlvjvm3cPLOGZYPjwQfqcOOP8PJaU0Uga/uBwbjzKqlda2OSocqsoTpI6ys
W8YlGtXf8LCfgeCr8yJJWPtMSVvekDn7LjFvLQlMJ5DN4ZvN4gCLegIeYwIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFCgL5Bhq46gma4+TgtmucYhwtq54MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvS0F2a0dHcmpxQ1pyajVPQzJhNXhpSEMycm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCB+QQCAAEwgfIw
DAMEAAWsIQMEAwWsIDAMAwQAWRdBAwQAWRdGAwQBWRdKMAwDBABZF00DBABZF04w
DAMEAFkXUwMEAFkXVAMEAFkXWgMEAFkXXQMEA1wq+AMEA11dwDAMAwQEX4xwAwQB
X4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v8wMEAG1v+AMEAG1v+jAMAwQC
bW/8AwQAbW/+AwQFsv6AAwQAsv6jAwQAsv6lAwQAsv6pAwQAsv6sAwQAsv6vAwQA
sv6xMAwDBAGy/rYDBACy/rgwDAMEALL+uwMEBrL+gAMEALmdLAMEAMFoRAMEBNmp
0DANBAIAAjAHAwUAKgILWDANBgkqhkiG9w0BAQsFAAOCAQEAGo+9MSTwneJvmgGS
A2iA8w49x/X6UODipcJKDBa3ZG2qGQSxrge3sxJh6gHXOSu1kIl3NfDzfw8YOvAQ
5tAePVBR+OEYTpIKP4UTMUJlcFxJYUNciCpesqET8up9BJWgRDqt+UK4HtJ3QAYP
d1lbUvABNu74YaIlVBeI2dKiDkueYXzNxJMA7WFdL2F6m85YOwIKgm/3Fey0rkNv
ItTIpjiEeim54/NXhmI67Jg55WJDcIADLpgkG0yIUi1E8ZrtM3rtzlTTewjDY13b
qcMMQceg7bFWnWGXX1tKhJHwQoNcXvmQ1O20hkN/d2KEQ9YMSax5adCJE/co5lNb
CXYXsA==
-----END CERTIFICATE-----
Generated at Fri Apr 19 10:51:39 2024 by rpki-client on console-fra.rpki-client.org