Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/9xbG0H12dhu7h066F47FUB_ze4U.roa
File: 9xbG0H12dhu7h066F47FUB_ze4U.roa (raw, json)
Hash identifier: 90A6nmeDGl7kGnCHxXqdF/1MNHYxbrRjREjzS6FoF8o=
Subject key identifier: F7:16:C6:D0:7D:76:76:1B:BB:87:4E:BA:17:8E:C5:50:1F:F3:7B:85
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0195630F44F2392B5B6751A132423D9C6CED
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/9xbG0H12dhu7h066F47FUB_ze4U.roa
Signing time: Tue 04 Mar 2025 21:28:19 +0000
ROA not before: Tue 04 Mar 2025 21:28:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
37.97.96.0/20 maxlen: 20
37.139.120.0/21 maxlen: 21
65.39.64.0/19 maxlen: 19
80.251.96.0/20 maxlen: 20
81.93.0.0/19 maxlen: 19
88.213.224.0/19 maxlen: 19
155.2.128.0/19 maxlen: 19
157.143.128.0/17 maxlen: 17
178.157.32.0/20 maxlen: 20
178.174.96.0/20 maxlen: 23
178.255.160.0/21 maxlen: 21
185.6.92.0/22 maxlen: 22
185.8.252.0/22 maxlen: 22
185.24.140.0/22 maxlen: 22
185.32.208.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
185.65.248.0/22 maxlen: 22
185.76.216.0/22 maxlen: 22
185.218.208.0/22 maxlen: 22
185.249.20.0/22 maxlen: 22
195.135.0.0/17 maxlen: 17
195.135.0.0/18 maxlen: 18
195.135.12.0/23 maxlen: 23
195.135.48.0/20 maxlen: 20
195.135.48.0/24 maxlen: 24
217.74.96.0/20 maxlen: 20
217.181.128.0/17 maxlen: 17
2a02:6e8::/32 maxlen: 32
2a02:c440::/29 maxlen: 29
2a05:5cc0::/29 maxlen: 29
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 28 Mar 2025 09:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:63:0f:44:f2:39:2b:5b:67:51:a1:32:42:3d:9c:6c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Mar 4 21:28:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f716c6d07d76761bbb874eba178ec5501ff37b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6b:94:21:ef:ce:f4:17:70:af:cc:b6:a6:dc:
d8:27:ad:08:4e:48:50:15:83:26:fb:d7:ec:a5:0c:
63:e6:4e:5a:4a:d6:f3:f5:76:fd:14:66:48:d4:a6:
13:f1:3a:d5:3b:4e:dc:a6:36:ea:28:3f:dc:87:48:
e8:82:6f:5b:7c:3f:b6:cd:c1:5c:87:8f:dc:84:92:
50:75:22:68:61:af:23:6a:dc:69:17:b0:23:b5:58:
33:b7:f0:6e:e4:4b:1d:e0:45:8d:cd:5e:79:5f:e0:
51:5f:fb:cc:30:81:9a:cc:89:ba:09:2e:16:33:de:
81:56:74:87:bb:f7:56:1c:9f:25:9d:1f:87:db:18:
ac:c3:1c:4c:fa:a8:e4:a2:fe:91:13:ea:89:31:b0:
d6:3e:82:ed:83:24:49:58:22:8e:62:63:ca:8f:e3:
9e:46:74:58:3e:42:5e:de:9f:68:9d:a7:f2:70:a6:
b6:f5:37:34:b3:81:be:66:34:6b:b9:e1:ce:d8:99:
a0:23:b2:4d:71:f5:db:67:21:28:7e:c2:1d:e1:4c:
24:c3:f0:13:36:f3:6e:b1:e4:fb:f7:1c:cf:75:79:
2e:00:c6:5b:ba:60:94:51:e8:79:2c:41:18:a6:82:
b5:38:43:3e:64:d7:f0:0c:c7:1e:9b:4a:19:f1:68:
3c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:16:C6:D0:7D:76:76:1B:BB:87:4E:BA:17:8E:C5:50:1F:F3:7B:85
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/9xbG0H12dhu7h066F47FUB_ze4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
37.139.120.0/21
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
155.2.128.0/19
157.143.128.0/17
178.157.32.0/20
178.174.96.0/20
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
185.76.216.0/22
185.218.208.0/22
185.249.20.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a05:5cc0::/29
2a0b:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:22:55:30:d5:d6:36:71:92:ad:3d:9c:cf:d1:6d:bc:90:fc:
e7:8e:14:01:a7:f9:72:85:e8:58:5e:14:51:8d:40:2c:bf:d9:
94:1a:02:89:cb:88:21:52:6a:25:23:12:ae:61:d0:95:bb:c0:
1f:5c:59:44:b4:89:c3:ed:4d:07:54:48:7a:c6:45:bf:1f:65:
80:9a:cd:62:84:43:78:91:00:83:64:e2:f6:ca:87:2c:34:34:
5b:90:be:17:64:c0:28:55:0d:31:97:62:e0:ef:00:6d:eb:bb:
65:4d:4c:a7:71:e7:dc:79:cd:3c:3c:71:4c:38:46:b6:70:97:
18:01:5d:68:d3:92:65:71:5a:60:dd:47:8f:35:0c:bc:89:88:
48:4f:20:96:d5:44:2c:a3:8b:ce:e0:a4:35:7f:7a:32:e9:1c:
d6:ba:4d:9a:20:0b:32:20:d1:31:76:0d:b6:7e:e7:f1:a9:6b:
88:2d:66:15:31:6c:7f:c5:1d:c2:46:63:7d:a4:4b:df:88:6d:
0d:aa:ce:b1:f1:78:56:ea:55:39:5f:fa:8d:5c:c9:e8:b0:94:
24:31:0e:fc:44:ce:83:9f:9c:e9:49:f0:8c:60:87:43:d4:25:
d1:e8:f6:a2:23:a7:2c:ae:f1:c2:3f:e0:56:8f:41:23:ac:0c:
eb:df:4c:33
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZVjD0TyOStbZ1GhMkI9nGztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjUwMzA0MjEyODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzE2YzZkMDdkNzY3NjFiYmI4NzRlYmExNzhlYzU1MDFmZjM3Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2uUIe/O9Bdwr8y2ptzYJ60ITkhQ
FYMm+9fspQxj5k5aStbz9Xb9FGZI1KYT8TrVO07cpjbqKD/ch0jogm9bfD+2zcFc
h4/chJJQdSJoYa8jatxpF7AjtVgzt/Bu5Esd4EWNzV55X+BRX/vMMIGazIm6CS4W
M96BVnSHu/dWHJ8lnR+H2xiswxxM+qjkov6RE+qJMbDWPoLtgyRJWCKOYmPKj+Oe
RnRYPkJe3p9onafycKa29Tc0s4G+ZjRrueHO2JmgI7JNcfXbZyEofsId4Uwkw/AT
NvNuseT79xzPdXkuAMZbumCUUeh5LEEYpoK1OEM+ZNfwDMcem0oZ8Wg8TQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFPcWxtB9dnYbu4dOuheOxVAf83uFMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvOXhiRzBIMTJkaHU3aDA2NkY0N0ZVQl96ZTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBmQQCAAEwgZIwDAME
BiVhQAMEBCVhYAMEAyWLeAMEBUEnQAMEBFD7YAMEBVFdAAMEBVjV4AMEBZsCgAME
B52PgAMEBLKdIAMEBLKuYAMEA7L/oAMEArkGXAMEArkI/AMEArkYjAMEArkg0AME
ArkqsAMEArlB+AMEArlM2AMEArna0AMEArn5FAMEB8OHAAMEBNlKYAMEB9m1gDAi
BAIAAjAcAwUAKgIG6AMFAyoCxEADBQMqBVzAAwUDKgvjwDANBgkqhkiG9w0BAQsF
AAOCAQEAqSJVMNXWNnGSrT2cz9FtvJD8544UAaf5coXoWF4UUY1ALL/ZlBoCicuI
IVJqJSMSrmHQlbvAH1xZRLSJw+1NB1RIesZFvx9lgJrNYoRDeJEAg2Ti9sqHLDQ0
W5C+F2TAKFUNMZdi4O8Abeu7ZU1Mp3Hn3HnNPDxxTDhGtnCXGAFdaNOSZXFaYN1H
jzUMvImISE8gltVELKOLzuCkNX96Mukc1rpNmiALMiDRMXYNtn7n8alriC1mFTFs
f8UdwkZjfaRL34htDarOsfF4VupVOV/6jVzJ6LCUJDEO/ETOg5+c6UnwjGCHQ9Ql
0ej2oiOnLK7xwj/gVo9BI6wM699MMw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:49:56 2025 by rpki-client