Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/w8r3x1KT-QVBkDzA050W4i-aRpw.roa
File: w8r3x1KT-QVBkDzA050W4i-aRpw.roa (raw, json)
Hash identifier: wCheBWZGWj43tYw+/ghN4AR/caY7d/PyXAqDaMbDSls=
Subject key identifier: C3:CA:F7:C7:52:93:F9:05:41:90:3C:C0:D3:9D:16:E2:2F:9A:46:9C
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 01942445A0AEF1AE233DB90114D13DBB0629
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/w8r3x1KT-QVBkDzA050W4i-aRpw.roa
Signing time: Wed 01 Jan 2025 23:48:50 +0000
ROA not before: Wed 01 Jan 2025 23:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 2.96.0.0/13 maxlen: 24
62.3.192.0/18 maxlen: 24
62.24.128.0/17 maxlen: 24
62.241.160.0/19 maxlen: 24
78.144.0.0/13 maxlen: 24
79.77.0.0/16 maxlen: 24
79.78.0.0/15 maxlen: 24
80.40.0.0/13 maxlen: 24
81.1.64.0/18 maxlen: 24
81.6.192.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
81.170.0.0/17 maxlen: 24
81.178.0.0/15 maxlen: 24
82.133.0.0/17 maxlen: 24
83.67.0.0/16 maxlen: 24
84.43.0.0/17 maxlen: 24
87.242.128.0/17 maxlen: 24
89.168.128.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
91.146.112.0/21 maxlen: 24
92.10.0.0/15 maxlen: 24
92.12.0.0/14 maxlen: 24
92.16.0.0/12 maxlen: 24
145.255.240.0/21 maxlen: 24
185.24.12.0/22 maxlen: 24
185.112.212.0/22 maxlen: 24
185.173.116.0/22 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.48.0/22 maxlen: 24
185.175.144.0/22 maxlen: 24
193.218.99.0/24 maxlen: 24
194.106.32.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
195.112.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
195.149.0.0/18 maxlen: 24
212.1.128.0/19 maxlen: 24
212.67.96.0/19 maxlen: 24
212.74.96.0/19 maxlen: 24
212.139.0.0/16 maxlen: 24
212.159.128.0/18 maxlen: 24
213.78.0.0/16 maxlen: 24
213.208.64.0/18 maxlen: 24
217.8.0.0/19 maxlen: 24
217.68.128.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 13:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a0:ae:f1:ae:23:3d:b9:01:14:d1:3d:bb:06:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jan 1 23:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3caf7c75293f90541903cc0d39d16e22f9a469c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:94:b6:8c:a6:f6:40:28:0e:0f:7f:d9:d7:ba:
05:ee:5e:6f:4f:89:dd:80:31:38:13:e3:fd:48:99:
69:cd:4d:b1:27:e0:6b:aa:72:6a:9d:02:0e:7d:f9:
73:43:c4:be:c3:05:2e:d0:f1:db:54:53:5e:46:38:
06:09:fe:db:22:87:cb:49:e6:e1:17:28:8f:b8:23:
29:09:ea:f2:70:a0:d7:af:ab:18:b4:49:4e:fb:ea:
c8:92:38:07:10:c2:e4:07:4a:1d:92:96:7c:88:6d:
5e:03:fe:33:a5:e2:e8:53:85:0b:db:f6:b5:03:f5:
ba:54:25:af:4c:6f:f8:fe:1a:0e:5a:80:6b:17:5d:
e8:58:8d:97:36:8b:4d:1b:d8:4c:b8:eb:1e:78:70:
c4:c5:49:c0:e8:94:03:22:dd:78:9d:f9:43:0d:ec:
2a:50:17:b7:e5:41:c3:86:2e:67:68:eb:44:dc:bf:
ff:e6:f7:a5:2f:6d:f9:cc:f3:57:d0:14:00:a9:b2:
de:6c:1b:0f:50:4b:6e:9d:70:78:1a:d0:a3:71:83:
6e:72:2b:86:33:9e:99:f1:56:57:c9:a2:44:8b:ea:
1b:1c:69:90:40:28:0a:07:28:b0:6c:e3:10:51:ff:
ef:b8:94:e3:92:e0:97:4a:c9:c1:96:3c:4e:a6:a5:
1b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:CA:F7:C7:52:93:F9:05:41:90:3C:C0:D3:9D:16:E2:2F:9A:46:9C
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/w8r3x1KT-QVBkDzA050W4i-aRpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
79.77.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.43.0.0/17
87.242.128.0/17
89.168.128.0/17
89.240.0.0/14
91.146.112.0/21
92.10.0.0-92.31.255.255
145.255.240.0/21
185.24.12.0/22
185.112.212.0/22
185.173.116.0-185.173.123.255
185.175.48.0/22
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.67.96.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.78.0.0/16
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:d5:0d:b3:97:57:a2:57:38:1e:34:d0:44:89:65:10:e5:8c:
cf:a2:6b:75:3c:af:c9:7b:94:73:11:6c:d0:8c:d6:57:83:11:
18:0d:5b:1d:29:12:4a:88:50:5d:7d:0b:68:87:b9:0b:21:0d:
cd:3f:6c:14:42:76:76:96:9b:63:3e:07:28:c7:37:14:bd:14:
dd:ee:15:3b:f3:04:63:ce:b0:d3:db:20:86:96:3d:59:a2:f8:
5c:41:74:b1:92:4b:4f:30:08:79:12:6d:24:e8:1b:0c:d1:30:
d6:a6:78:a9:91:47:7c:25:69:0f:99:22:71:d6:df:2b:ff:3f:
88:d6:1b:75:08:67:fd:7b:cc:a7:90:83:ca:57:d2:e8:d6:0a:
da:50:63:9e:9d:be:72:77:27:68:75:b9:80:67:40:c3:5b:4c:
f8:cb:2c:55:44:94:7e:68:a0:6d:a4:cf:f2:84:5d:4c:88:1c:
97:ab:dd:14:49:00:09:10:00:03:fa:f0:51:66:3d:e0:36:2c:
bb:b4:d9:41:27:d5:bd:b3:c5:f3:43:a3:9f:0c:4d:da:05:53:
a5:ac:a7:ce:97:57:72:d0:6f:7e:50:b9:39:94:ec:ec:ce:73:
56:df:8b:35:73:b5:d5:54:9e:42:55:5f:63:94:61:b5:22:ad:
63:fb:4b:a3
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAZQkRaCu8a4jPbkBFNE9uwYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjUwMTAxMjM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2NhZjdjNzUyOTNmOTA1NDE5MDNjYzBkMzlkMTZlMjJmOWE0NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJS2jKb2QCgOD3/Z17oF7l5vT4nd
gDE4E+P9SJlpzU2xJ+BrqnJqnQIOfflzQ8S+wwUu0PHbVFNeRjgGCf7bIofLSebh
FyiPuCMpCerycKDXr6sYtElO++rIkjgHEMLkB0odkpZ8iG1eA/4zpeLoU4UL2/a1
A/W6VCWvTG/4/hoOWoBrF13oWI2XNotNG9hMuOseeHDExUnA6JQDIt14nflDDewq
UBe35UHDhi5naOtE3L//5velL235zPNX0BQAqbLebBsPUEtunXB4GtCjcYNuciuG
M56Z8VZXyaJEi+obHGmQQCgKByiwbOMQUf/vuJTjkuCXSsnBljxOpqUbAwIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFMPK98dSk/kFQZA8wNOdFuIvmkacMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvdzhyM3gxS1QtUVZCa0R6QTA1MFc0aS1hUnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCCAQkEAgABMIIB
AQMDAwJgAwQGPgPAAwQHPhiAAwQFPvGgAwMDTpAwCgMDAE9NAwMET0ADAwNQKAME
BlEBQAMEBlEGwAMDAFFWAwQHUaoAAwMBUbIDBAdShQADAwBTQwMEB1QrAAMEB1fy
gAMEB1mogAMDAlnwAwQDW5JwMAoDAwFcCgMDBVwAAwQDkf/wAwQCuRgMAwQCuXDU
MAwDBAK5rXQDBAK5rXgDBAK5rzADBAK5r5ADBADB2mMDBAXCaiADBAXC9+ADBAbD
cAADBAfDiQADBAbDlQADBAXUAYADBAXUQ2ADBAXUSmADAwDUiwMEBtSfgAMDANVO
AwQG1dBAAwQF2QgAAwQE2USAMA0GCSqGSIb3DQEBCwUAA4IBAQAt1Q2zl1eiVzge
NNBEiWUQ5YzPomt1PK/Je5RzEWzQjNZXgxEYDVsdKRJKiFBdfQtoh7kLIQ3NP2wU
QnZ2lptjPgcoxzcUvRTd7hU78wRjzrDT2yCGlj1ZovhcQXSxkktPMAh5Em0k6BsM
0TDWpnipkUd8JWkPmSJx1t8r/z+I1ht1CGf9e8ynkIPKV9Lo1graUGOenb5ydydo
dbmAZ0DDW0z4yyxVRJR+aKBtpM/yhF1MiByXq90USQAJEAAD+vBRZj3gNiy7tNlB
J9W9s8XzQ6OfDE3aBVOlrKfOl1dy0G9+ULk5lOzsznNW34s1c7XVVJ5CVV9jlGG1
Iq1j+0uj
-----END CERTIFICATE-----
Generated at Tue Apr 15 01:01:55 2025 by rpki-client