Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/6nZAbJVgG-idiy7T_p020AXznpY.roa
File: 6nZAbJVgG-idiy7T_p020AXznpY.roa (raw, json)
Hash identifier: HCo4T6bAlFmQFY4RRZYM+8TGP6yuv+NJHChYjsJ3m1A=
Subject key identifier: EA:76:40:6C:95:60:1B:E8:9D:8B:2E:D3:FE:9D:36:D0:05:F3:9E:96
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 0193B02088C9EFD77D824E65B46E0C38FC69
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/6nZAbJVgG-idiy7T_p020AXznpY.roa
Signing time: Tue 10 Dec 2024 10:32:22 +0000
ROA not before: Tue 10 Dec 2024 10:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6810
IP address blocks: 147.235.0.0/16 maxlen: 24
147.235.31.0/24 maxlen: 24
147.235.59.0/24 maxlen: 24
147.235.70.0/23 maxlen: 23
147.235.70.0/24 maxlen: 24
147.235.71.0/24 maxlen: 24
147.235.96.0/22 maxlen: 22
147.235.96.0/23 maxlen: 23
147.235.96.0/24 maxlen: 24
147.235.97.0/24 maxlen: 24
147.235.98.0/23 maxlen: 23
147.235.98.0/24 maxlen: 24
147.235.99.0/24 maxlen: 24
147.235.111.0/24 maxlen: 24
147.235.144.0/21 maxlen: 24
147.235.154.0/24 maxlen: 24
147.235.182.0/23 maxlen: 23
147.235.182.0/24 maxlen: 24
147.235.183.0/24 maxlen: 24
147.235.192.0/19 maxlen: 24
147.235.192.0/22 maxlen: 22
147.235.192.0/24 maxlen: 24
147.235.193.0/24 maxlen: 24
147.235.194.0/23 maxlen: 24
147.235.194.0/24 maxlen: 24
147.235.195.0/24 maxlen: 24
147.235.196.0/22 maxlen: 22
147.235.196.0/23 maxlen: 24
147.235.196.0/24 maxlen: 24
147.235.197.0/24 maxlen: 24
147.235.198.0/23 maxlen: 24
147.235.198.0/24 maxlen: 24
147.235.199.0/24 maxlen: 24
147.235.200.0/21 maxlen: 21
147.235.200.0/22 maxlen: 22
147.235.200.0/23 maxlen: 24
147.235.200.0/24 maxlen: 24
147.235.201.0/24 maxlen: 24
147.235.202.0/23 maxlen: 24
147.235.202.0/24 maxlen: 24
147.235.203.0/24 maxlen: 24
147.235.204.0/22 maxlen: 22
147.235.204.0/23 maxlen: 24
147.235.204.0/24 maxlen: 24
147.235.205.0/24 maxlen: 24
147.235.206.0/23 maxlen: 24
147.235.206.0/24 maxlen: 24
147.235.207.0/24 maxlen: 24
147.235.208.0/22 maxlen: 23
147.235.208.0/24 maxlen: 24
147.235.209.0/24 maxlen: 24
147.235.210.0/24 maxlen: 24
147.235.211.0/24 maxlen: 24
147.235.212.0/22 maxlen: 23
147.235.212.0/23 maxlen: 23
147.235.212.0/24 maxlen: 24
147.235.213.0/24 maxlen: 24
147.235.214.0/24 maxlen: 24
147.235.215.0/24 maxlen: 24
147.235.216.0/21 maxlen: 21
147.235.216.0/22 maxlen: 23
147.235.216.0/24 maxlen: 24
147.235.217.0/24 maxlen: 24
147.235.218.0/23 maxlen: 23
147.235.218.0/24 maxlen: 24
147.235.219.0/24 maxlen: 24
147.235.220.0/22 maxlen: 22
147.235.220.0/23 maxlen: 23
147.235.220.0/24 maxlen: 24
147.235.221.0/24 maxlen: 24
147.235.222.0/23 maxlen: 23
147.235.222.0/24 maxlen: 24
147.235.223.0/24 maxlen: 24
147.235.226.0/24 maxlen: 24
147.235.228.0/22 maxlen: 24
147.235.253.0/24 maxlen: 24
147.235.254.0/23 maxlen: 24
149.106.128.0/19 maxlen: 24
149.106.224.0/19 maxlen: 24
2a06:c700::/29 maxlen: 48
2a06:c700::/32 maxlen: 48
2a06:c700::/44 maxlen: 44
2a06:c700:2000::/36 maxlen: 36
2a06:c701::/32 maxlen: 32
2a06:c701:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 11 Dec 2024 12:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:20:88:c9:ef:d7:7d:82:4e:65:b4:6e:0c:38:fc:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Dec 10 10:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea76406c95601be89d8b2ed3fe9d36d005f39e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fc:76:43:a1:da:b6:88:85:be:bc:84:8d:37:
e5:b3:12:a6:11:3b:db:70:f8:ea:9e:80:fa:42:c7:
99:c4:51:71:90:ee:59:eb:84:34:0a:91:32:09:e4:
3b:e3:bb:48:0f:b7:2f:9a:57:8d:be:09:6b:03:36:
76:81:1d:4a:a0:56:e5:a3:bc:7d:9b:97:70:bc:28:
b1:90:bb:a1:38:d8:03:fb:84:d8:e2:81:86:45:e5:
2e:a9:8b:15:ce:df:ae:e6:88:59:ef:b8:6a:91:48:
f8:da:fb:3b:48:5a:e7:5b:50:48:f0:e8:b1:d6:69:
e1:a8:7b:49:35:3e:68:a2:b4:ab:6f:fd:5b:aa:ba:
0c:10:06:59:75:85:cf:77:fa:76:04:08:f8:4c:97:
1b:93:81:b6:a9:4c:59:96:73:a8:63:4b:3e:85:13:
0f:29:4f:b1:7d:1d:f5:78:9e:0d:fd:c5:72:82:33:
d8:aa:ca:fa:cb:ef:08:b8:82:fe:07:58:10:57:a6:
c5:1f:6e:0c:43:89:0a:70:16:05:82:87:05:63:28:
1a:f3:c7:8b:39:64:2f:51:b0:99:b1:93:ae:4d:22:
76:61:4b:7f:b9:b8:d5:7d:fe:03:c9:3d:9d:b4:02:
1c:bb:43:f6:55:44:b7:f5:38:4c:71:ec:cb:a0:80:
aa:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:76:40:6C:95:60:1B:E8:9D:8B:2E:D3:FE:9D:36:D0:05:F3:9E:96
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/6nZAbJVgG-idiy7T_p020AXznpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.0.0/16
149.106.128.0/19
149.106.224.0/19
IPv6:
2a06:c700::/29
Signature Algorithm: sha256WithRSAEncryption
24:7b:13:ef:29:17:aa:99:bb:d2:05:8a:dd:df:a9:c5:d2:8e:
81:c4:ad:a9:0c:79:05:cd:67:7c:a7:89:78:9a:af:2e:b6:36:
41:5d:17:b7:60:6d:be:2e:95:06:51:b6:50:c7:01:4d:39:c0:
4b:14:20:b6:e0:c5:79:5b:74:06:37:01:92:ae:eb:c6:36:dc:
74:41:33:62:e2:7e:19:a0:b0:da:ba:e7:58:a6:5c:54:81:7d:
05:d5:1c:0d:54:53:cd:10:44:b5:f0:93:e5:31:99:b9:6c:86:
52:cb:4c:f0:44:98:30:c1:0f:6f:8e:f2:f3:c0:f1:32:0d:b0:
d5:25:3a:d1:31:b2:a0:9b:db:a2:93:4c:02:4b:70:2f:4e:e0:
75:36:6b:5d:01:ba:e2:32:a6:d6:f6:cb:1b:5c:26:82:83:00:
7b:6b:09:6b:9c:10:86:7c:08:ba:d3:d3:77:f6:87:98:fa:af:
8b:e1:28:e9:bc:5c:43:f8:da:24:44:e1:f5:4c:4b:9f:80:b9:
48:cc:49:95:63:1b:b6:eb:4d:d3:32:3f:47:46:b2:74:7a:7f:
03:25:8e:bf:f3:9b:29:a6:7d:fc:d2:1e:20:4b:88:b7:ef:32:
71:9c:de:3c:25:5b:70:f3:98:4c:0e:02:dd:c2:f6:b9:5d:fb:
56:3f:8d:6c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZOwIIjJ79d9gk5ltG4MOPxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjQxMjEwMTAzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTc2NDA2Yzk1NjAxYmU4OWQ4YjJlZDNmZTlkMzZkMDA1ZjM5ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPx2Q6HatoiFvryEjTflsxKmETvb
cPjqnoD6QseZxFFxkO5Z64Q0CpEyCeQ747tID7cvmleNvglrAzZ2gR1KoFblo7x9
m5dwvCixkLuhONgD+4TY4oGGReUuqYsVzt+u5ohZ77hqkUj42vs7SFrnW1BI8Oix
1mnhqHtJNT5oorSrb/1bqroMEAZZdYXPd/p2BAj4TJcbk4G2qUxZlnOoY0s+hRMP
KU+xfR31eJ4N/cVygjPYqsr6y+8IuIL+B1gQV6bFH24MQ4kKcBYFgocFYyga88eL
OWQvUbCZsZOuTSJ2YUt/ubjVff4DyT2dtAIcu0P2VUS39ThMcezLoICq9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOp2QGyVYBvonYsu0/6dNtAF856WMB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvNm5aQWJKVmdHLWlkaXk3VF9wMDIwQVh6bnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAk+sDBAWV
aoADBAWVauAwDQQCAAIwBwMFAyoGxwAwDQYJKoZIhvcNAQELBQADggEBACR7E+8p
F6qZu9IFit3fqcXSjoHErakMeQXNZ3yniXiary62NkFdF7dgbb4ulQZRtlDHAU05
wEsUILbgxXlbdAY3AZKu68Y23HRBM2LifhmgsNq651imXFSBfQXVHA1UU80QRLXw
k+UxmblshlLLTPBEmDDBD2+O8vPA8TINsNUlOtExsqCb26KTTAJLcC9O4HU2a10B
uuIyptb2yxtcJoKDAHtrCWucEIZ8CLrT03f2h5j6r4vhKOm8XEP42iRE4fVMS5+A
uUjMSZVjG7brTdMyP0dGsnR6fwMljr/zmymmffzSHiBLiLfvMnGc3jwlW3DzmEwO
At3C9rld+1Y/jWw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:16:52 2025 by rpki-client