Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/w59rda0bmiDO7Baw6Ln7GFG-aok.roa
File: w59rda0bmiDO7Baw6Ln7GFG-aok.roa (raw, json)
Hash identifier: /68oDs6w8i44jLz1alKZYuy4ebElrBxKv0fF3tQkzto=
Subject key identifier: C3:9F:6B:75:AD:1B:9A:20:CE:EC:16:B0:E8:B9:FB:18:51:BE:6A:89
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0194CAFC18B669E886E31C794F48A58BF688
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/w59rda0bmiDO7Baw6Ln7GFG-aok.roa
Signing time: Mon 03 Feb 2025 08:45:06 +0000
ROA not before: Mon 03 Feb 2025 08:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/19 maxlen: 19
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/19 maxlen: 19
171.25.218.0/23 maxlen: 23
176.103.184.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
176.106.96.0/21 maxlen: 21
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
185.220.196.0/22 maxlen: 22
185.220.196.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/19 maxlen: 19
2a01:8ca0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Feb 2025 11:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ca:fc:18:b6:69:e8:86:e3:1c:79:4f:48:a5:8b:f6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Feb 3 08:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c39f6b75ad1b9a20ceec16b0e8b9fb1851be6a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a4:23:50:cd:f4:22:cd:44:c7:2b:a3:b7:d1:
2e:23:7e:13:e2:ce:45:68:68:12:a6:88:3f:c8:42:
10:7d:7d:78:e7:9b:a1:9b:d5:74:bb:31:75:2f:98:
87:02:7b:b4:63:bf:bf:d8:67:dc:e4:62:73:32:a7:
aa:bc:47:71:86:7f:a5:cc:e2:70:d6:db:95:16:f8:
71:da:57:94:bf:59:bf:99:c7:7f:66:38:7d:0c:ea:
ff:8e:a4:e0:3a:79:cf:ac:3c:e9:4b:ca:ce:3d:d3:
6d:17:52:44:83:02:0b:21:e6:c9:ab:59:81:88:32:
34:4e:04:43:ba:00:58:3c:a7:1c:d3:54:f1:0b:45:
4d:f6:71:e4:ea:f9:df:7a:30:45:82:62:f6:34:cf:
04:95:5b:d4:df:37:a3:cd:b6:a9:7e:77:f9:aa:1b:
07:94:8d:f3:bf:dd:63:19:9a:e7:bf:70:26:84:82:
72:bd:c5:9b:75:88:0c:2e:df:e8:57:fe:9f:20:7a:
42:c7:8b:e9:30:15:02:8d:eb:1d:fb:3f:4d:d0:46:
fd:ff:29:a9:91:1d:64:d1:bf:8d:2f:14:a9:2d:2b:
fd:b3:b2:f0:f3:eb:ec:d7:ac:af:a7:e4:0e:c7:c2:
fa:64:e0:07:33:d7:54:c2:0e:c8:13:c1:c1:02:e7:
0f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9F:6B:75:AD:1B:9A:20:CE:EC:16:B0:E8:B9:FB:18:51:BE:6A:89
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/w59rda0bmiDO7Baw6Ln7GFG-aok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.184.0/24
176.106.48.0/20
176.106.96.0/21
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
40:d4:92:97:d0:0f:66:20:3e:e9:45:39:c1:97:a1:2e:24:14:
08:84:39:75:35:ec:ae:c6:01:4e:eb:bd:9a:ed:6e:dc:e4:39:
77:c4:84:ec:b4:74:29:5f:02:e6:ce:12:19:1f:68:8f:5b:2f:
83:46:a4:b6:58:79:3a:7c:e6:01:28:61:84:58:b0:e0:61:d7:
d3:6e:3a:74:83:b9:02:5b:db:41:f7:0e:79:a7:73:b4:cb:10:
9c:cf:5a:a4:f6:33:c6:31:1d:f2:a8:b2:9c:27:e0:c9:87:81:
9b:6a:21:a8:90:0b:44:90:4e:8b:50:a0:52:7c:2d:50:2a:7c:
ec:a8:d3:e3:21:e8:ea:3f:38:f3:45:f0:d7:a0:d1:85:44:58:
d4:f2:99:63:e2:74:a9:d5:66:0e:4d:7c:75:4f:a8:52:be:9d:
d2:ef:cc:e1:26:69:d6:2a:da:a5:bc:2a:3d:50:b7:39:7f:55:
39:63:15:01:03:9c:ce:dd:2a:6d:09:76:f7:8c:de:0b:1b:fd:
83:02:88:5a:49:34:59:c0:60:dd:64:d2:b6:23:45:e6:16:67:
9c:60:33:29:f6:4f:0b:4c:57:08:34:c0:38:46:29:a9:db:a8:
4e:67:00:81:61:cf:b2:f8:37:38:82:81:14:17:cf:e4:96:38:
8c:1b:ac:9c
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZTK/Bi2aeiG4xx5T0ili/aIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMjAzMDg0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzlmNmI3NWFkMWI5YTIwY2VlYzE2YjBlOGI5ZmIxODUxYmU2YTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaQjUM30Is1Exyujt9EuI34T4s5F
aGgSpog/yEIQfX1455uhm9V0uzF1L5iHAnu0Y7+/2Gfc5GJzMqeqvEdxhn+lzOJw
1tuVFvhx2leUv1m/mcd/Zjh9DOr/jqTgOnnPrDzpS8rOPdNtF1JEgwILIebJq1mB
iDI0TgRDugBYPKcc01TxC0VN9nHk6vnfejBFgmL2NM8ElVvU3zejzbapfnf5qhsH
lI3zv91jGZrnv3AmhIJyvcWbdYgMLt/oV/6fIHpCx4vpMBUCjesd+z9N0Eb9/ymp
kR1k0b+NLxSpLSv9s7Lw8+vs16yvp+QOx8L6ZOAHM9dUwg7IE8HBAucPlwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFMOfa3WtG5ogzuwWsOi5+xhRvmqJMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvdzU5cmRhMGJtaURPN0JhdzZMbjdHRkctYW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBlQQCAAEwgY4DBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdoDBACwZ7gDBASwajADBAOwamAwDAMEBbBqoAMEA7BqsAMEAbkvCgME
ArncxAMEAsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQF1W5AMA0EAgAC
MAcDBQAqAYygMA0GCSqGSIb3DQEBCwUAA4IBAQBA1JKX0A9mID7pRTnBl6EuJBQI
hDl1NeyuxgFO672a7W7c5Dl3xITstHQpXwLmzhIZH2iPWy+DRqS2WHk6fOYBKGGE
WLDgYdfTbjp0g7kCW9tB9w55p3O0yxCcz1qk9jPGMR3yqLKcJ+DJh4GbaiGokAtE
kE6LUKBSfC1QKnzsqNPjIejqPzjzRfDXoNGFRFjU8plj4nSp1WYOTXx1T6hSvp3S
78zhJmnWKtqlvCo9ULc5f1U5YxUBA5zO3SptCXb3jN4LG/2DAohaSTRZwGDdZNK2
I0XmFmecYDMp9k8LTFcINMA4Rimp26hOZwCBYc+y+Dc4goEUF8/kljiMG6yc
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:08:51 2025 by rpki-client