Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/lTowCxTaDHqJCTuznWZMjJY9Y84.roa
File: lTowCxTaDHqJCTuznWZMjJY9Y84.roa (raw, json)
Hash identifier: g+9q/FWWHOKHdXk5UkvWMUdpA9qfkzT90Hx6LKdBiaY=
Subject key identifier: 95:3A:30:0B:14:DA:0C:7A:89:09:3B:B3:9D:66:4C:8C:96:3D:63:CE
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 01944558DD47B49AAF842D81FF5B68473CC6
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/lTowCxTaDHqJCTuznWZMjJY9Y84.roa
Signing time: Wed 08 Jan 2025 09:57:19 +0000
ROA not before: Wed 08 Jan 2025 09:57:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/19 maxlen: 19
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/19 maxlen: 19
171.25.218.0/23 maxlen: 23
176.103.176.0/20 maxlen: 20
176.103.184.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
176.106.96.0/21 maxlen: 21
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
185.220.196.0/22 maxlen: 22
185.220.196.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/19 maxlen: 19
2a01:8ca0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Feb 2025 08:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:58:dd:47:b4:9a:af:84:2d:81:ff:5b:68:47:3c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 8 09:57:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=953a300b14da0c7a89093bb39d664c8c963d63ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:84:c8:63:45:1f:c6:6a:c2:da:4d:87:8c:74:
1b:4b:1f:b9:ac:57:3f:43:41:b9:e1:6f:a1:4e:e0:
fa:56:1b:86:a1:8a:8d:7b:59:ed:43:bd:46:c2:40:
7a:d0:94:b3:91:a2:3d:ce:97:3f:4f:ef:d4:03:ab:
8a:a0:fc:d6:a5:18:3c:bc:cc:7a:ed:ab:76:8f:53:
59:f3:31:8f:23:b5:66:b0:00:e1:78:d3:98:8d:7e:
04:7e:8c:b6:f6:7d:27:0e:d8:b7:5e:68:22:51:db:
10:96:7b:e6:bd:85:26:66:bd:70:b7:0f:47:bd:d0:
90:50:fc:83:7f:ed:81:ea:0f:f2:58:11:8c:3c:c2:
cd:07:12:8d:a8:fa:b9:ca:c1:61:54:49:23:82:3a:
df:dc:92:fc:f1:68:fd:38:8b:48:78:cf:83:c2:00:
08:47:7e:19:5c:3f:c5:93:a8:e7:d1:19:1d:2e:e2:
d3:e7:3f:6b:bc:8d:21:4a:b8:4c:5d:c3:b9:94:4b:
09:e1:3f:4b:d7:d2:4c:7c:b6:3e:ec:46:fd:d0:f9:
d0:06:d7:09:e8:1a:bb:d0:96:74:d2:96:78:6c:af:
4f:6b:92:66:70:3c:c5:c8:3b:37:67:ec:66:00:ed:
d0:44:a8:71:87:c5:3a:44:88:a9:0d:46:6f:4c:4c:
d9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:3A:30:0B:14:DA:0C:7A:89:09:3B:B3:9D:66:4C:8C:96:3D:63:CE
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/lTowCxTaDHqJCTuznWZMjJY9Y84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0/20
176.106.48.0/20
176.106.96.0/21
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
17:59:51:04:90:bd:a8:60:66:23:4f:25:34:a5:b0:88:d2:e8:
ba:f2:bb:9f:7d:d2:09:6f:4b:c7:9a:47:24:23:11:b7:5e:19:
f8:fc:94:72:25:4f:b0:69:80:92:01:c3:a9:0c:06:a3:de:7b:
f1:cb:43:fa:61:e8:66:cb:d8:ba:2a:72:e2:18:a4:e9:32:01:
4c:49:2b:e0:6a:38:d4:12:49:db:bd:a0:90:58:da:ae:c9:6d:
97:44:2e:85:5f:83:ed:52:7c:a8:76:61:97:4f:0c:a5:10:18:
06:71:57:97:dc:1a:aa:07:89:70:a9:b1:f4:ca:d1:59:73:65:
91:a1:4d:47:b0:14:1a:fe:82:78:76:23:3e:cf:b5:cb:5c:60:
58:7e:35:56:47:c6:5a:f2:48:38:13:f1:24:4f:f2:e8:19:21:
6d:cb:01:17:23:f8:be:b5:e7:2b:91:34:54:0a:00:50:d8:36:
93:4c:2c:42:98:e4:6d:15:97:8f:7f:32:ca:21:84:85:0e:1b:
76:28:dd:ca:ce:7d:c1:b1:59:7d:29:9a:9f:37:9d:bd:2a:a7:
a7:3c:f1:a3:bd:a6:ac:08:8f:b8:f3:d3:08:64:61:03:a4:fc:
f6:31:47:7e:08:a1:c6:a3:7b:65:d2:6b:3b:fe:1a:44:cd:9e:
94:dd:f1:f1
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZRFWN1HtJqvhC2B/1toRzzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMTA4MDk1NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTNhMzAwYjE0ZGEwYzdhODkwOTNiYjM5ZDY2NGM4Yzk2M2Q2M2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oTIY0UfxmrC2k2HjHQbSx+5rFc/
Q0G54W+hTuD6VhuGoYqNe1ntQ71GwkB60JSzkaI9zpc/T+/UA6uKoPzWpRg8vMx6
7at2j1NZ8zGPI7VmsADheNOYjX4Efoy29n0nDti3XmgiUdsQlnvmvYUmZr1wtw9H
vdCQUPyDf+2B6g/yWBGMPMLNBxKNqPq5ysFhVEkjgjrf3JL88Wj9OItIeM+DwgAI
R34ZXD/Fk6jn0RkdLuLT5z9rvI0hSrhMXcO5lEsJ4T9L19JMfLY+7Eb90PnQBtcJ
6Bq70JZ00pZ4bK9Pa5JmcDzFyDs3Z+xmAO3QRKhxh8U6RIipDUZvTEzZOQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFJU6MAsU2gx6iQk7s51mTIyWPWPOMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvbFRvd0N4VGFESHFKQ1R1em5XWk1qSlk5WTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBlQQCAAEwgY4DBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdoDBASwZ7ADBASwajADBAOwamAwDAMEBbBqoAMEA7BqsAMEAbkvCgME
ArncxAMEAsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQF1W5AMA0EAgAC
MAcDBQAqAYygMA0GCSqGSIb3DQEBCwUAA4IBAQAXWVEEkL2oYGYjTyU0pbCI0ui6
8ruffdIJb0vHmkckIxG3Xhn4/JRyJU+waYCSAcOpDAaj3nvxy0P6Yehmy9i6KnLi
GKTpMgFMSSvgajjUEknbvaCQWNquyW2XRC6FX4PtUnyodmGXTwylEBgGcVeX3Bqq
B4lwqbH0ytFZc2WRoU1HsBQa/oJ4diM+z7XLXGBYfjVWR8Za8kg4E/EkT/LoGSFt
ywEXI/i+tecrkTRUCgBQ2DaTTCxCmORtFZePfzLKIYSFDht2KN3Kzn3BsVl9KZqf
N529KqenPPGjvaasCI+489MIZGEDpPz2MUd+CKHGo3tl0ms7/hpEzZ6U3fHx
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:05 2025 by rpki-client