Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/Vl3rJ8ef6ASHkgo_QsQytDAuAGw.roa
File: Vl3rJ8ef6ASHkgo_QsQytDAuAGw.roa (raw, json)
Hash identifier: h1Nk6UA3xNQrEOr8tpw4DW4McW2zfAF3uxqqvgpDFIU=
Subject key identifier: 56:5D:EB:27:C7:9F:E8:04:87:92:0A:3F:42:C4:32:B4:30:2E:00:6C
Certificate issuer: /CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Certificate serial: 0194221FDFCBA54899EBF0DD94285117610D
Authority key identifier: 24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/Vl3rJ8ef6ASHkgo_QsQytDAuAGw.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8781
IP address blocks: 37.208.128.0/17 maxlen: 24
37.210.0.0/15 maxlen: 24
37.211.96.0/22 maxlen: 24
37.211.100.0/22 maxlen: 24
37.211.104.0/22 maxlen: 24
37.211.108.0/22 maxlen: 24
37.211.112.0/22 maxlen: 24
37.211.116.0/22 maxlen: 24
37.211.120.0/22 maxlen: 24
37.211.124.0/22 maxlen: 24
37.211.192.0/20 maxlen: 24
37.211.208.0/22 maxlen: 24
37.211.212.0/22 maxlen: 24
37.211.216.0/22 maxlen: 24
37.211.224.0/22 maxlen: 24
37.211.228.0/22 maxlen: 24
37.211.232.0/22 maxlen: 24
37.211.236.0/22 maxlen: 24
37.211.240.0/20 maxlen: 24
78.100.0.0/15 maxlen: 24
78.100.2.0/24 maxlen: 24
78.100.3.0/24 maxlen: 24
78.100.6.0/24 maxlen: 24
78.100.32.0/20 maxlen: 24
78.100.32.0/24 maxlen: 24
78.100.48.0/20 maxlen: 24
78.100.48.0/24 maxlen: 24
78.100.53.0/24 maxlen: 24
78.100.59.0/24 maxlen: 24
78.100.64.0/20 maxlen: 24
78.100.80.0/20 maxlen: 24
78.100.112.0/20 maxlen: 24
78.100.128.0/19 maxlen: 24
78.100.155.0/24 maxlen: 24
78.101.0.0/22 maxlen: 24
82.148.96.0/19 maxlen: 24
82.148.96.0/24 maxlen: 24
86.62.192.0/18 maxlen: 24
86.62.241.0/24 maxlen: 24
89.211.0.0/16 maxlen: 24
89.211.3.0/24 maxlen: 24
89.211.4.0/24 maxlen: 24
89.211.5.0/24 maxlen: 24
89.211.6.0/24 maxlen: 24
89.211.7.0/24 maxlen: 24
89.211.16.0/21 maxlen: 24
89.211.24.0/21 maxlen: 24
89.211.32.0/20 maxlen: 24
89.211.48.0/20 maxlen: 24
176.202.0.0/15 maxlen: 24
176.202.240.0/20 maxlen: 24
178.152.0.0/15 maxlen: 24
185.96.224.0/22 maxlen: 24
212.77.192.0/19 maxlen: 24
212.77.192.0/24 maxlen: 24
212.77.199.0/24 maxlen: 24
212.77.202.0/24 maxlen: 24
212.77.204.0/24 maxlen: 24
212.77.207.0/24 maxlen: 24
212.77.209.0/24 maxlen: 24
212.77.210.0/24 maxlen: 24
212.77.211.0/24 maxlen: 24
212.77.217.0/24 maxlen: 24
212.77.218.0/24 maxlen: 24
212.77.220.0/24 maxlen: 24
212.77.221.0/24 maxlen: 24
213.130.96.0/19 maxlen: 24
213.130.112.0/24 maxlen: 24
213.130.113.0/24 maxlen: 24
213.130.119.0/24 maxlen: 24
213.130.121.0/24 maxlen: 24
2001:1a10::/29 maxlen: 48
2001:1a10::/32 maxlen: 64
2001:1a10::/40 maxlen: 48
2001:1a10:1::/48 maxlen: 48
2001:1a10:c1::/48 maxlen: 48
2001:1a10:cd::/48 maxlen: 64
2001:1a10:100::/40 maxlen: 40
2001:1a10:4000::/36 maxlen: 36
2001:1a11::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 Jan 2025 11:23:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:df:cb:a5:48:99:eb:f0:dd:94:28:51:17:61:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=565deb27c79fe80487920a3f42c432b4302e006c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:90:9e:89:d9:a0:d5:00:43:db:a6:55:16:4b:
09:28:aa:9f:cf:8a:80:f7:9d:42:43:a1:73:b7:7c:
75:4f:36:9e:3a:db:c7:90:5a:b9:88:18:26:c0:8f:
7e:9f:48:ab:4c:65:27:bc:b0:c0:20:04:68:f7:8d:
11:31:05:27:16:77:92:39:df:47:15:f4:aa:61:f1:
4c:84:d8:3b:f6:51:01:3f:46:05:9d:39:77:24:f1:
7d:9d:c7:bd:26:2c:cd:28:8b:8e:b0:89:12:be:44:
c5:af:b5:83:e1:77:a2:5e:a7:f4:40:fe:62:82:35:
5d:f3:e9:29:65:1b:e0:16:14:8c:69:86:e1:f8:9a:
eb:f0:85:89:08:3c:62:93:df:e3:31:61:d9:57:81:
de:a2:9c:5b:e4:e4:e9:c3:a1:ce:d0:40:ae:cc:a0:
09:08:f7:64:12:24:9c:59:07:1d:05:3c:4e:24:dd:
78:61:27:ca:5c:8a:b4:6b:12:37:3d:7c:7d:48:b5:
8b:f4:37:4c:5f:93:35:1f:cb:59:bc:4d:ad:e7:20:
ee:20:a9:2f:05:4a:25:50:80:fa:cd:d6:ab:dd:90:
13:50:f8:01:5f:04:96:8e:3a:ee:9a:b2:94:5a:b0:
9e:ba:65:0c:4c:36:ec:a5:34:d8:33:74:c6:53:c2:
72:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:5D:EB:27:C7:9F:E8:04:87:92:0A:3F:42:C4:32:B4:30:2E:00:6C
X509v3 Authority Key Identifier:
keyid:24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/Vl3rJ8ef6ASHkgo_QsQytDAuAGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.128.0/17
37.210.0.0/15
78.100.0.0/15
82.148.96.0/19
86.62.192.0/18
89.211.0.0/16
176.202.0.0/15
178.152.0.0/15
185.96.224.0/22
212.77.192.0/19
213.130.96.0/19
IPv6:
2001:1a10::/29
Signature Algorithm: sha256WithRSAEncryption
50:03:33:22:e8:e3:12:89:d7:ae:72:95:6d:32:cc:f1:b4:3a:
ab:6d:6c:e8:f5:8c:f9:4c:eb:23:2c:5c:4e:5c:a6:c6:27:3f:
de:af:e2:da:7c:b6:d0:42:66:0f:9d:03:3c:33:95:c5:c8:73:
25:1e:dd:6a:47:b9:4c:6e:16:e6:bb:0b:8a:1e:70:68:fb:3b:
2b:e9:37:cb:d5:a0:e0:ca:e0:48:0f:3c:b7:5f:36:94:e8:3b:
08:27:22:9a:e9:1a:dc:5d:e2:47:0f:cb:eb:3b:6f:d1:23:e1:
d0:da:81:9e:eb:7f:e8:24:55:2e:ac:9c:4a:43:f0:fe:f3:17:
c3:43:d5:cf:a3:ea:fb:70:0f:a6:92:3e:ba:54:29:56:3d:6f:
c3:c7:d1:ad:7f:90:8d:48:c9:76:3d:a0:f0:9e:6d:d3:69:fe:
fe:d6:58:20:d0:58:1f:74:5c:9a:a4:0c:e4:37:3b:11:8d:2f:
19:36:e0:73:c3:6f:40:eb:34:d9:11:26:c1:68:98:9b:69:12:
e1:25:ae:87:af:74:84:40:cd:49:05:59:90:5c:df:96:3c:c8:
87:d5:2f:26:4e:78:f6:4c:97:52:59:30:d8:d5:f8:78:9c:5f:
63:af:82:85:38:ac:3b:52:af:ae:bd:8a:8b:8d:93:54:32:4f:
8c:c4:4f:6c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQiH9/LpUiZ6/DdlChRF2ENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YmE0ZjUyYWMxYmUwNzU1ZDM0YmM1NDgzYzA2MWJkZjI5
MzQ0N2UwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjVkZWIyN2M3OWZlODA0ODc5MjBhM2Y0MmM0MzJiNDMwMmUwMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJCeidmg1QBD26ZVFksJKKqfz4qA
951CQ6Fzt3x1TzaeOtvHkFq5iBgmwI9+n0irTGUnvLDAIARo940RMQUnFneSOd9H
FfSqYfFMhNg79lEBP0YFnTl3JPF9nce9JizNKIuOsIkSvkTFr7WD4XeiXqf0QP5i
gjVd8+kpZRvgFhSMaYbh+Jrr8IWJCDxik9/jMWHZV4Heopxb5OTpw6HO0ECuzKAJ
CPdkEiScWQcdBTxOJN14YSfKXIq0axI3PXx9SLWL9DdMX5M1H8tZvE2t5yDuIKkv
BUolUID6zdar3ZATUPgBXwSWjjrumrKUWrCeumUMTDbspTTYM3TGU8JyfwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFZd6yfHn+gEh5IKP0LEMrQwLgBsMB8GA1UdIwQY
MBaAFCS6T1KsG+B1XTS8VIPAYb3yk0R+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxwUFVxd2I0SFZkTkx4VWc4Qmh2ZktUUkg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zOTc1NDYtZGM3Yi00NjYwLThhNTEt
YmY1OWZjMWNiMjZkLzEvVmwzcko4ZWY2QVNIa2dvX1FzUXl0REF1QUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zOTc1NDYtZGM3Yi00NjYwLThhNTEtYmY1OWZjMWNiMjZk
LzEvSkxwUFVxd2I0SFZkTkx4VWc4Qmh2ZktUUkg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBDBAIAATA9AwQHJdCAAwMB
JdIDAwFOZAMEBVKUYAMEBlY+wAMDAFnTAwMBsMoDAwGymAMEArlg4AMEBdRNwAME
BdWCYDANBAIAAjAHAwUDIAEaEDANBgkqhkiG9w0BAQsFAAOCAQEAUAMzIujjEonX
rnKVbTLM8bQ6q21s6PWM+UzrIyxcTlymxic/3q/i2ny20EJmD50DPDOVxchzJR7d
ake5TG4W5rsLih5waPs7K+k3y9Wg4MrgSA88t182lOg7CCcimuka3F3iRw/L6ztv
0SPh0NqBnut/6CRVLqycSkPw/vMXw0PVz6Pq+3APppI+ulQpVj1vw8fRrX+QjUjJ
dj2g8J5t02n+/tZYINBYH3RcmqQM5Dc7EY0vGTbgc8NvQOs02REmwWiYm2kS4SWu
h690hEDNSQVZkFzfljzIh9UvJk549kyXUlkw2NX4eJxfY6+ChTisO1Kvrr2Ki42T
VDJPjMRPbA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:48:04 2025 by rpki-client