Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_Xpg7MCSRKBsSHliQ3dpruwtdw0.roa
File: _Xpg7MCSRKBsSHliQ3dpruwtdw0.roa (raw, json)
Hash identifier: Cx3pR5YTXVlmIDcJx1hEMNCe5jCADMUxFm5uvmTrRBE=
Subject key identifier: FD:7A:60:EC:C0:92:44:A0:6C:48:79:62:43:77:69:AE:EC:2D:77:0D
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0193922665AF0BE827AB663FB8D41A34EFC4
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_Xpg7MCSRKBsSHliQ3dpruwtdw0.roa
Signing time: Wed 04 Dec 2024 14:50:10 +0000
ROA not before: Wed 04 Dec 2024 14:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
95.164.12.0/23 maxlen: 23
95.164.15.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.120.0/24 maxlen: 24
95.164.121.0/24 maxlen: 24
95.164.122.0/24 maxlen: 24
95.164.123.0/24 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/23 maxlen: 23
95.164.251.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 08 Dec 2024 23:51:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:92:26:65:af:0b:e8:27:ab:66:3f:b8:d4:1a:34:ef:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Dec 4 14:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd7a60ecc09244a06c487962437769aeec2d770d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5c:15:0d:de:22:94:00:b3:57:57:24:3b:47:
8e:d3:ba:e7:05:ac:53:4f:c1:29:98:c1:7a:a7:9d:
97:85:d9:a2:eb:b6:7d:32:1f:c6:47:07:1e:23:32:
59:2c:1f:4d:06:e0:73:4e:67:fb:f1:bb:96:f4:0e:
ea:2c:ba:d2:1f:11:33:2b:cc:23:45:33:2e:67:d5:
dc:ee:a6:58:39:33:a7:fa:19:28:69:66:0c:de:72:
3b:51:ac:03:a8:04:2f:eb:3d:cb:17:d3:c6:fa:1b:
78:bb:5d:cd:d6:30:c8:2f:95:90:1e:15:20:88:40:
0b:8e:43:eb:f6:8d:a3:92:e6:90:10:92:a9:74:e7:
90:0c:30:7b:37:ae:e0:2b:c6:8c:b1:8b:21:66:04:
d9:42:ef:3b:c7:39:fb:3b:35:21:42:d8:d1:32:b5:
29:0f:bf:49:3f:32:92:92:07:67:2a:a7:e1:bf:d8:
02:ed:43:18:fe:e9:5a:b5:33:5e:58:59:c2:67:b4:
58:de:64:26:64:ff:67:b1:33:b7:f7:2c:bf:d0:8b:
13:4b:59:08:db:e2:e8:88:ae:79:80:d6:82:60:f7:
d1:b8:2c:8f:af:48:7f:eb:3d:81:5d:fa:3d:e0:e9:
fb:d5:cc:92:0c:fe:31:8b:8b:c8:a3:f1:fe:00:5e:
cb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7A:60:EC:C0:92:44:A0:6C:48:79:62:43:77:69:AE:EC:2D:77:0D
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_Xpg7MCSRKBsSHliQ3dpruwtdw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.124.0/24
94.131.127.0/24
95.164.12.0/23
95.164.15.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.120.0/22
95.164.170.0-95.164.175.255
95.164.248.0/23
95.164.251.0/24
195.214.212.0/22
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
20:1f:2d:44:cc:98:ba:0f:a7:31:9d:4b:76:15:67:b5:43:f2:
19:c8:43:5b:4b:3e:1d:53:1e:63:7c:81:c3:03:5a:c1:b8:98:
01:2c:75:c1:09:81:7d:de:2b:70:4f:e0:94:22:6e:d8:02:0e:
18:7e:6f:29:b1:d5:b8:fb:aa:29:f7:07:ea:62:af:8c:72:d9:
fc:fd:34:9b:ed:2b:38:5b:a5:4e:c4:3a:c3:49:51:c5:67:1e:
6b:3c:7d:e2:a3:bb:47:31:15:d0:c8:4e:2c:84:70:ab:1a:79:
d5:a4:6c:13:40:92:18:5a:ba:c3:bd:53:45:99:78:4b:ae:09:
00:bb:19:3e:0d:97:ea:41:fd:be:51:94:72:65:1e:dd:26:af:
38:bc:ab:3d:13:d8:28:4c:1b:88:a1:b2:dd:0f:e6:54:67:73:
56:40:e3:b4:6d:ea:09:e5:ad:f2:8c:c4:77:c2:5b:92:8d:8d:
ed:e2:9d:73:7a:55:ea:e0:50:4a:27:9b:77:2f:6c:3c:95:b8:
f6:3a:42:e4:86:af:4d:3b:0d:a2:50:09:4f:7c:d8:e1:0b:91:
3b:98:70:d5:fa:8d:13:e9:54:de:ef:1d:f8:2b:32:bf:48:4b:
19:ad:5a:a3:59:4e:eb:c3:6a:a8:d3:e2:86:81:2f:74:24:e2:
33:99:f9:49
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZOSJmWvC+gnq2Y/uNQaNO/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMjA0MTQ1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdhNjBlY2MwOTI0NGEwNmM0ODc5NjI0Mzc3NjlhZWVjMmQ3NzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlwVDd4ilACzV1ckO0eO07rnBaxT
T8EpmMF6p52Xhdmi67Z9Mh/GRwceIzJZLB9NBuBzTmf78buW9A7qLLrSHxEzK8wj
RTMuZ9Xc7qZYOTOn+hkoaWYM3nI7UawDqAQv6z3LF9PG+ht4u13N1jDIL5WQHhUg
iEALjkPr9o2jkuaQEJKpdOeQDDB7N67gK8aMsYshZgTZQu87xzn7OzUhQtjRMrUp
D79JPzKSkgdnKqfhv9gC7UMY/ulatTNeWFnCZ7RY3mQmZP9nsTO39yy/0IsTS1kI
2+LoiK55gNaCYPfRuCyPr0h/6z2BXfo94On71cySDP4xi4vIo/H+AF7LkQIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFP16YOzAkkSgbEh5YkN3aa7sLXcNMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvX1hwZzdNQ1NSS0JzU0hsaVEzZHBydXd0ZHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAU+
zYADBAFegwADBABegwQDBAFegwYDBABeg3wDBABeg38DBAFfpAwDBABfpA8DBABf
pBQDBAJfpCgwDAMEAF+kMQMEAF+kMjAMAwQCX6Q0AwQCX6Q4MAwDBANfpEgDBABf
pEwDBAJfpFADBAJfpHgwDAMEAV+kqgMEBF+koAMEAV+k+AMEAF+k+wMEAsPW1DAN
BAIAAjAHAwUAKgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAIB8tRMyYug+nMZ1LdhVn
tUPyGchDW0s+HVMeY3yBwwNawbiYASx1wQmBfd4rcE/glCJu2AIOGH5vKbHVuPuq
KfcH6mKvjHLZ/P00m+0rOFulTsQ6w0lRxWceazx94qO7RzEV0MhOLIRwqxp51aRs
E0CSGFq6w71TRZl4S64JALsZPg2X6kH9vlGUcmUe3SavOLyrPRPYKEwbiKGy3Q/m
VGdzVkDjtG3qCeWt8ozEd8Jbko2N7eKdc3pV6uBQSiebdy9sPJW49jpC5IavTTsN
olAJT3zY4QuRO5hw1fqNE+lU3u8d+Csyv0hLGa1ao1lO68NqqNPihoEvdCTiM5n5
SQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:12 2025 by rpki-client