Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YHh2RGz3mEKeMVxcuXQjJKbDA1o.roa
File: YHh2RGz3mEKeMVxcuXQjJKbDA1o.roa (raw, json)
Hash identifier: MNHiYdriQpMevUOMuVN1KGrqGDwcP8Hirw6zZAKG7wk=
Subject key identifier: 60:78:76:44:6C:F7:98:42:9E:31:5C:5C:B9:74:23:24:A6:C3:03:5A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F8D3F2D125903088F6805D8A8BEC3
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YHh2RGz3mEKeMVxcuXQjJKbDA1o.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50835
IP address blocks: 37.97.120.0/24 maxlen: 24
37.97.121.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
46.173.254.0/23 maxlen: 23
64.43.120.0/22 maxlen: 24
77.36.58.0/24 maxlen: 24
77.36.66.0/23 maxlen: 23
81.161.8.0/22 maxlen: 22
81.161.48.0/22 maxlen: 22
91.193.30.0/23 maxlen: 23
91.200.134.0/23 maxlen: 23
91.224.212.0/24 maxlen: 24
91.232.19.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
91.232.226.0/24 maxlen: 24
91.233.200.0/24 maxlen: 24
91.236.76.0/24 maxlen: 24
91.238.39.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.246.192.0/22 maxlen: 24
91.246.203.0/24 maxlen: 24
93.120.34.0/23 maxlen: 23
93.120.40.0/23 maxlen: 23
109.207.128.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
176.115.236.0/22 maxlen: 24
176.116.228.0/24 maxlen: 24
176.116.236.0/24 maxlen: 24
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
194.33.66.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 22 Jan 2025 13:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8d:3f:2d:12:59:03:08:8f:68:05:d8:a8:be:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=607876446cf798429e315c5cb9742324a6c3035a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8d:25:fc:a5:ba:9b:88:fc:c3:12:48:bf:a4:
68:76:f5:84:c2:8d:68:fa:b2:f0:8c:e4:4c:21:19:
6d:c6:cd:d7:48:bd:0a:94:67:8b:d0:ed:fe:fa:0d:
ca:86:5a:b8:26:0a:34:c2:56:f7:27:f8:18:4c:f7:
a0:9e:17:dd:40:15:0d:c1:85:86:af:c3:ee:1c:91:
0f:79:37:d6:1d:5f:ba:79:56:d9:08:5e:5b:85:1e:
bd:aa:f7:0a:8e:5c:34:aa:c1:6c:ca:c0:09:c9:82:
61:73:db:89:47:71:17:3a:4a:ae:82:f9:1d:16:08:
51:e5:d0:b5:67:6f:70:a8:13:00:36:d2:91:b2:6f:
b9:b4:17:cd:8d:5a:a2:65:97:70:80:82:d9:2e:b6:
30:ca:3b:a8:b8:de:14:1d:7e:8c:e3:14:e4:62:9d:
54:a1:08:6f:16:43:05:80:73:a3:68:3b:21:37:1d:
19:bd:92:42:fe:e2:80:ae:b7:84:79:57:da:e7:c2:
91:b4:b8:b1:9a:fb:5c:cc:96:29:28:93:79:60:da:
99:d9:66:04:e3:46:9d:ba:cd:c0:ce:da:42:a9:cb:
ab:94:2f:6a:93:ad:9d:eb:7d:f3:7a:af:d1:2a:55:
95:33:4a:9b:ce:d0:19:50:9b:8b:71:b1:bd:02:36:
ae:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:78:76:44:6C:F7:98:42:9E:31:5C:5C:B9:74:23:24:A6:C3:03:5A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YHh2RGz3mEKeMVxcuXQjJKbDA1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
46.173.254.0/23
64.43.120.0/22
77.36.58.0/24
77.36.66.0/23
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.134.0/23
91.224.212.0/24
91.232.19.0/24
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.238.39.0/24
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
93.120.34.0/23
93.120.40.0/23
109.207.128.0/24
109.207.130.0/24
109.207.132.0/24
176.96.94.0/24
176.113.180.0/22
176.115.236.0/22
176.116.228.0/24
176.116.236.0/24
176.121.108.0/22
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:97:39:6f:1b:49:72:66:e7:ac:f6:93:79:6f:15:18:93:7d:
44:a7:91:d7:5e:c3:02:ac:75:bc:29:32:55:bf:ff:8f:3a:06:
79:52:8b:28:e7:a5:3e:b8:13:3e:33:a6:90:0a:4d:6d:35:69:
42:d6:78:24:88:74:b9:c7:03:44:df:1d:ea:b5:82:e5:f8:c5:
8d:32:8d:c6:9d:e3:3e:83:c7:c2:55:c6:e8:c2:52:27:2c:19:
9c:6b:be:60:f0:ec:9f:fe:13:0d:f7:01:4f:ba:0d:ed:79:2c:
00:2a:e6:d6:92:5d:ad:5c:7b:6e:ab:e2:e8:75:ce:86:e7:9b:
46:6f:40:50:e5:0f:99:38:82:05:39:38:6c:ab:2f:08:3a:0f:
56:72:30:16:3a:0a:ec:57:47:30:0a:47:c2:b8:7b:c8:e2:bf:
d8:42:e4:c5:ac:0d:32:91:f6:b8:ca:2a:3a:2e:99:1e:2f:2b:
e7:e9:f7:2f:e3:6b:2d:a6:44:db:e0:c1:8c:5d:f7:13:62:24:
16:fd:56:fd:56:c7:fa:41:2a:30:89:64:2f:64:53:5f:58:6f:
f4:12:e9:11:b8:0c:44:e7:67:8c:bb:91:0f:fc:ed:eb:fa:cb:
e3:2f:d4:e5:05:ef:7b:46:5d:3f:fb:2b:80:b6:fb:2b:02:44:
2d:f0:d2:b8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZQlj40/LRJZAwiPaAXYqL7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDc4NzY0NDZjZjc5ODQyOWUzMTVjNWNiOTc0MjMyNGE2YzMwMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm40l/KW6m4j8wxJIv6RodvWEwo1o
+rLwjORMIRltxs3XSL0KlGeL0O3++g3Khlq4Jgo0wlb3J/gYTPegnhfdQBUNwYWG
r8PuHJEPeTfWHV+6eVbZCF5bhR69qvcKjlw0qsFsysAJyYJhc9uJR3EXOkqugvkd
FghR5dC1Z29wqBMANtKRsm+5tBfNjVqiZZdwgILZLrYwyjuouN4UHX6M4xTkYp1U
oQhvFkMFgHOjaDshNx0ZvZJC/uKArreEeVfa58KRtLixmvtczJYpKJN5YNqZ2WYE
40adus3AztpCqcurlC9qk62d633zeq/RKlWVM0qbztAZUJuLcbG9AjauiQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFGB4dkRs95hCnjFcXLl0IySmwwNaMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWUhoMlJHejNtRUtlTVZ4Y3VYUWpKS2JEQTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAEl
YXgDBAIurfgDBAEurf4DBAJAK3gDBABNJDoDBAFNJEIDBAJRoQgDBAJRoTADBAFb
wR4DBAFbyIYDBABb4NQDBABb6BMDBAFb6DgDBABb6OIDBABb6cgDBABb7EwDBABb
7icDBABb7+IDBAJb9sADBABb9ssDBAFdeCIDBAFdeCgDBABtz4ADBABtz4IDBABt
z4QDBACwYF4DBAKwcbQDBAKwc+wDBACwdOQDBACwdOwDBAKweWwDBAHCIUIwDQYJ
KoZIhvcNAQELBQADggEBAF6XOW8bSXJm56z2k3lvFRiTfUSnkddewwKsdbwpMlW/
/486BnlSiyjnpT64Ez4zppAKTW01aULWeCSIdLnHA0TfHeq1guX4xY0yjcad4z6D
x8JVxujCUicsGZxrvmDw7J/+Ew33AU+6De15LAAq5taSXa1ce26r4uh1zobnm0Zv
QFDlD5k4ggU5OGyrLwg6D1ZyMBY6CuxXRzAKR8K4e8jiv9hC5MWsDTKR9rjKKjou
mR4vK+fp9y/jay2mRNvgwYxd9xNiJBb9Vv1Wx/pBKjCJZC9kU19Yb/QS6RG4DETn
Z4y7kQ/87ev6y+Mv1OUF73tGXT/7K4C2+ysCRC3w0rg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:29:16 2025 by rpki-client