Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/7szsfYO0SUQYkLhs0jrh-yeNlAM.roa
File: 7szsfYO0SUQYkLhs0jrh-yeNlAM.roa (raw, json)
Hash identifier: zGjokQUfWcSOTjUY4LFxs2Uj9ykGIbc7lPRbou7INJQ=
Subject key identifier: EE:CC:EC:7D:83:B4:49:44:18:90:B8:6C:D2:3A:E1:FB:27:8D:94:03
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 019425FDB4D80E721C55B861FB369643BECE
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/7szsfYO0SUQYkLhs0jrh-yeNlAM.roa
Signing time: Thu 02 Jan 2025 07:49:31 +0000
ROA not before: Thu 02 Jan 2025 07:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
45.129.22.0/24 maxlen: 24
45.129.23.0/24 maxlen: 24
77.83.124.0/22 maxlen: 22
92.114.56.0/22 maxlen: 22
93.114.240.0/22 maxlen: 22
109.230.216.0/23 maxlen: 23
109.230.222.0/24 maxlen: 24
134.255.215.0/24 maxlen: 24
176.100.208.0/22 maxlen: 22
176.100.212.0/22 maxlen: 22
176.100.224.0/20 maxlen: 20
176.100.224.0/24 maxlen: 24
176.100.225.0/24 maxlen: 24
185.97.168.0/22 maxlen: 22
185.159.252.0/22 maxlen: 22
185.170.147.0/24 maxlen: 24
188.215.8.0/22 maxlen: 22
193.26.148.0/22 maxlen: 22
193.31.36.0/22 maxlen: 22
193.35.14.0/23 maxlen: 23
193.35.26.0/23 maxlen: 23
2a06:6c0::/48 maxlen: 48
2a06:6c0:1::/48 maxlen: 48
2a06:6c0:2::/48 maxlen: 48
2a06:6c0:3::/48 maxlen: 48
2a06:6c0:11::/48 maxlen: 48
2a06:6c0:22::/48 maxlen: 48
2a06:6c0:23::/48 maxlen: 48
2a06:6c0:24::/48 maxlen: 48
2a06:6c0:25::/48 maxlen: 48
2a06:6c0:26::/48 maxlen: 48
2a06:6c0:254::/48 maxlen: 48
2a06:6c0:255::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 Jan 2025 08:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b4:d8:0e:72:1c:55:b8:61:fb:36:96:43:be:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Jan 2 07:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eeccec7d83b449441890b86cd23ae1fb278d9403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:64:4d:14:d4:c5:68:e5:fa:1c:3a:b9:aa:43:
72:65:4c:9c:a2:ee:76:c6:02:83:77:9e:26:1c:48:
b3:93:31:6b:ec:99:af:0c:a7:18:be:87:47:60:d4:
7d:6b:06:02:7f:d3:6d:7c:74:38:68:21:d7:ea:45:
45:18:2d:20:aa:32:16:7a:86:67:17:23:d9:36:1b:
ea:45:9e:6e:6e:3a:f8:f1:46:2c:a5:d8:89:cf:ca:
3d:cd:8d:6c:1b:f3:cb:be:0d:7c:61:d8:73:cd:8e:
0d:20:ad:51:79:48:3e:e8:d5:25:b5:d9:ef:d4:e3:
03:4f:1e:6c:7c:2e:61:62:47:ff:b7:b5:1e:c0:1b:
a1:38:b5:2a:ac:52:76:ef:92:ad:44:02:8c:07:85:
74:63:cd:82:3a:2a:df:0d:52:fb:33:e2:26:b0:b8:
59:b1:b7:9c:27:05:ec:af:51:01:9e:1a:a6:9f:27:
14:db:56:ac:e9:55:37:b0:3d:2f:09:74:b7:a1:69:
5a:97:aa:94:5f:30:53:c8:fc:e5:12:67:e5:5c:2d:
12:39:26:95:8a:9d:78:83:8b:86:a8:fe:4c:25:48:
20:41:cf:42:94:e9:e4:97:4d:bf:65:9c:84:13:a5:
aa:fd:76:06:de:f8:8e:12:e4:d8:f0:cf:b1:24:e0:
87:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:CC:EC:7D:83:B4:49:44:18:90:B8:6C:D2:3A:E1:FB:27:8D:94:03
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/7szsfYO0SUQYkLhs0jrh-yeNlAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/22
77.83.124.0/22
92.114.56.0/22
93.114.240.0/22
109.230.216.0/23
109.230.222.0/24
134.255.215.0/24
176.100.208.0/21
176.100.224.0/20
185.97.168.0/22
185.159.252.0/22
185.170.147.0/24
188.215.8.0/22
193.26.148.0/22
193.31.36.0/22
193.35.14.0/23
193.35.26.0/23
IPv6:
2a06:6c0::/46
2a06:6c0:11::/48
2a06:6c0:22::-2a06:6c0:26:ffff:ffff:ffff:ffff:ffff
2a06:6c0:254::/47
Signature Algorithm: sha256WithRSAEncryption
42:8c:66:51:f0:6a:d4:10:95:ef:d8:67:08:34:79:e1:12:b0:
55:9b:c3:a7:3f:b0:f8:cc:e7:2e:ab:e5:a4:04:45:e5:35:03:
b3:bd:00:8f:49:e7:65:68:76:0f:4c:99:4c:13:10:9f:7c:c4:
c4:48:85:e6:dc:5a:90:1b:0b:b7:2e:02:d0:03:33:26:e6:65:
8d:93:63:0a:1a:7e:f5:ac:6e:12:27:d1:e1:fd:d7:70:c2:aa:
08:d6:67:bc:de:21:85:47:a8:92:83:50:a4:67:b8:80:91:22:
9d:12:81:c8:5c:05:80:3a:1b:11:5f:46:b6:33:ad:ec:f8:73:
2b:c5:90:54:e2:65:5e:8d:59:dd:7a:0c:a1:eb:a2:8a:c2:6e:
4b:d0:02:52:f2:00:50:1b:5c:ca:ce:b2:98:96:5e:22:ef:eb:
de:b2:7e:2a:92:56:bf:c1:ae:6f:ff:d8:05:f0:d2:96:20:3f:
7a:c1:a1:2a:a1:98:45:f8:69:b4:0a:35:44:78:c6:88:af:42:
b9:9a:39:ef:7d:d3:59:26:42:f5:94:6b:10:9c:b2:b1:d7:dc:
84:0f:e0:f4:44:ea:0f:30:d3:18:b1:61:e2:e9:cc:c3:0a:b2:
b8:4b:ca:d0:3d:b3:39:21:fc:20:6c:4b:b9:08:0e:6f:44:73:
e2:b7:79:a5
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZQl/bTYDnIcVbhh+zaWQ77OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjUwMTAyMDc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWNjZWM3ZDgzYjQ0OTQ0MTg5MGI4NmNkMjNhZTFmYjI3OGQ5NDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GRNFNTFaOX6HDq5qkNyZUycou52
xgKDd54mHEizkzFr7JmvDKcYvodHYNR9awYCf9NtfHQ4aCHX6kVFGC0gqjIWeoZn
FyPZNhvqRZ5ubjr48UYspdiJz8o9zY1sG/PLvg18YdhzzY4NIK1ReUg+6NUltdnv
1OMDTx5sfC5hYkf/t7UewBuhOLUqrFJ275KtRAKMB4V0Y82COirfDVL7M+ImsLhZ
sbecJwXsr1EBnhqmnycU21as6VU3sD0vCXS3oWlal6qUXzBTyPzlEmflXC0SOSaV
ip14g4uGqP5MJUggQc9ClOnkl02/ZZyEE6Wq/XYG3viOEuTY8M+xJOCHLwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFO7M7H2DtElEGJC4bNI64fsnjZQDMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvN3N6c2ZZTzBTVVFZa0xoczBqcmgteWVObEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTBsBAIAATBmAwQCLYEU
AwQCTVN8AwQCXHI4AwQCXXLwAwQBbebYAwQAbebeAwQAhv/XAwQDsGTQAwQEsGTg
AwQCuWGoAwQCuZ/8AwQAuaqTAwQCvNcIAwQCwRqUAwQCwR8kAwQBwSMOAwQBwSMa
MDUEAgACMC8DBwIqBgbAAAADBwAqBgbAABEwEgMHASoGBsAAIgMHACoGBsAAJgMH
ASoGBsACVDANBgkqhkiG9w0BAQsFAAOCAQEAQoxmUfBq1BCV79hnCDR54RKwVZvD
pz+w+MznLqvlpARF5TUDs70Aj0nnZWh2D0yZTBMQn3zExEiF5txakBsLty4C0AMz
JuZljZNjChp+9axuEifR4f3XcMKqCNZnvN4hhUeokoNQpGe4gJEinRKByFwFgDob
EV9GtjOt7PhzK8WQVOJlXo1Z3XoMoeuiisJuS9ACUvIAUBtcys6ymJZeIu/r3rJ+
KpJWv8Gub//YBfDSliA/esGhKqGYRfhptAo1RHjGiK9CuZo5733TWSZC9ZRrEJyy
sdfchA/g9ETqDzDTGLFh4unMwwqyuEvK0D2zOSH8IGxLuQgOb0Rz4rd5pQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:50:56 2025 by rpki-client