Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/ky5nuBDs-rGKBwGR8OHqVIbnVaI.roa
File: ky5nuBDs-rGKBwGR8OHqVIbnVaI.roa (raw, json)
Hash identifier: hf7vVlkwya9UBPqKOT1pfGgCyQAHFFY7cjX/mtpD9aM=
Subject key identifier: 93:2E:67:B8:10:EC:FA:B1:8A:07:01:91:F0:E1:EA:54:86:E7:55:A2
Certificate issuer: /CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Certificate serial: 0193EE7AB732F9699B38FBFAF7B620B0F657
Authority key identifier: 24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/ky5nuBDs-rGKBwGR8OHqVIbnVaI.roa
Signing time: Sun 22 Dec 2024 13:07:19 +0000
ROA not before: Sun 22 Dec 2024 13:07:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8781
IP address blocks: 37.208.128.0/17 maxlen: 24
37.210.0.0/15 maxlen: 24
37.211.96.0/22 maxlen: 24
37.211.100.0/22 maxlen: 24
37.211.104.0/22 maxlen: 24
37.211.108.0/22 maxlen: 24
37.211.112.0/22 maxlen: 24
37.211.116.0/22 maxlen: 24
37.211.120.0/22 maxlen: 24
37.211.124.0/22 maxlen: 24
37.211.192.0/20 maxlen: 24
37.211.208.0/22 maxlen: 24
37.211.212.0/22 maxlen: 24
37.211.216.0/22 maxlen: 24
37.211.224.0/22 maxlen: 24
37.211.228.0/22 maxlen: 24
37.211.232.0/22 maxlen: 24
37.211.236.0/22 maxlen: 24
37.211.240.0/20 maxlen: 24
78.100.0.0/15 maxlen: 24
78.100.2.0/24 maxlen: 24
78.100.3.0/24 maxlen: 24
78.100.6.0/24 maxlen: 24
78.100.32.0/20 maxlen: 24
78.100.32.0/24 maxlen: 24
78.100.48.0/20 maxlen: 24
78.100.48.0/24 maxlen: 24
78.100.53.0/24 maxlen: 24
78.100.59.0/24 maxlen: 24
78.100.64.0/20 maxlen: 24
78.100.80.0/20 maxlen: 24
78.100.112.0/20 maxlen: 24
78.100.128.0/19 maxlen: 24
78.100.155.0/24 maxlen: 24
78.101.0.0/22 maxlen: 24
82.148.96.0/19 maxlen: 24
82.148.96.0/24 maxlen: 24
86.62.192.0/18 maxlen: 24
86.62.241.0/24 maxlen: 24
89.211.0.0/16 maxlen: 24
89.211.3.0/24 maxlen: 24
89.211.4.0/24 maxlen: 24
89.211.5.0/24 maxlen: 24
89.211.6.0/24 maxlen: 24
89.211.7.0/24 maxlen: 24
89.211.16.0/21 maxlen: 24
89.211.24.0/21 maxlen: 24
89.211.32.0/20 maxlen: 24
89.211.48.0/20 maxlen: 24
176.202.0.0/15 maxlen: 24
176.202.240.0/20 maxlen: 20
178.152.0.0/15 maxlen: 24
185.96.224.0/22 maxlen: 24
212.77.192.0/19 maxlen: 24
212.77.192.0/24 maxlen: 24
212.77.199.0/24 maxlen: 24
212.77.202.0/24 maxlen: 24
212.77.204.0/24 maxlen: 24
212.77.207.0/24 maxlen: 24
212.77.209.0/24 maxlen: 24
212.77.210.0/24 maxlen: 24
212.77.211.0/24 maxlen: 24
212.77.217.0/24 maxlen: 24
212.77.218.0/24 maxlen: 24
212.77.220.0/24 maxlen: 24
212.77.221.0/24 maxlen: 24
213.130.96.0/19 maxlen: 24
213.130.112.0/24 maxlen: 24
213.130.113.0/24 maxlen: 24
213.130.119.0/24 maxlen: 24
213.130.121.0/24 maxlen: 24
2001:1a10::/29 maxlen: 48
2001:1a10::/32 maxlen: 64
2001:1a10::/40 maxlen: 48
2001:1a10:1::/48 maxlen: 48
2001:1a10:c1::/48 maxlen: 48
2001:1a10:cd::/48 maxlen: 64
2001:1a10:100::/40 maxlen: 40
2001:1a10:4000::/36 maxlen: 36
2001:1a11::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Dec 2024 01:51:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ee:7a:b7:32:f9:69:9b:38:fb:fa:f7:b6:20:b0:f6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Validity
Not Before: Dec 22 13:07:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=932e67b810ecfab18a070191f0e1ea5486e755a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:12:c1:96:ad:04:13:37:7c:63:c9:8f:86:e6:
74:82:93:aa:e3:b8:3d:25:30:67:7e:ac:68:24:66:
3e:41:e2:ed:9d:4e:5f:17:9c:e3:38:99:07:db:55:
be:0a:86:48:20:57:9f:fd:d8:4b:34:2f:d7:21:1b:
42:39:91:8d:73:63:fd:54:0b:3a:6d:57:be:52:3e:
7d:6f:9b:58:2b:4d:20:f4:77:a0:92:1f:11:a4:51:
6c:19:7f:07:fd:d5:f4:3a:c4:92:57:10:08:63:87:
3f:8f:40:c5:a4:c8:d9:eb:34:51:1c:ea:60:cc:e0:
fe:8e:0c:ab:2b:f1:cf:a0:9e:81:fa:96:30:bd:0c:
78:47:1e:7b:04:ef:32:68:41:87:bf:e0:59:70:0d:
21:f0:75:66:67:60:7e:50:3a:4c:a9:59:04:90:71:
a6:92:c9:66:b0:3f:f5:18:c8:64:ef:23:5c:80:7d:
39:ee:a4:c1:69:9d:43:fc:a0:d9:57:89:0d:5d:20:
37:93:c1:5e:18:6e:47:d3:6d:f8:6b:5c:7b:40:40:
19:49:9c:f2:30:fc:c3:65:fe:dc:bc:81:a2:38:bd:
5b:8d:98:72:7f:2d:3e:aa:63:23:c7:02:31:2f:18:
f1:a2:7e:a2:57:4f:56:39:d3:0a:ee:e9:71:66:16:
d5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2E:67:B8:10:EC:FA:B1:8A:07:01:91:F0:E1:EA:54:86:E7:55:A2
X509v3 Authority Key Identifier:
keyid:24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/ky5nuBDs-rGKBwGR8OHqVIbnVaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.128.0/17
37.210.0.0/15
78.100.0.0/15
82.148.96.0/19
86.62.192.0/18
89.211.0.0/16
176.202.0.0/15
178.152.0.0/15
185.96.224.0/22
212.77.192.0/19
213.130.96.0/19
IPv6:
2001:1a10::/29
Signature Algorithm: sha256WithRSAEncryption
0c:23:fa:df:89:03:84:3d:14:08:04:11:f6:5d:52:ea:e4:f0:
35:2d:c3:8d:5c:8f:83:6b:96:54:85:a0:7b:f9:ae:a7:de:95:
91:f3:7e:0b:72:ff:6f:f4:63:f3:94:0b:2e:c6:4b:c0:4e:3d:
80:1e:75:14:f3:f0:ad:66:db:3b:1a:db:db:bb:c9:2a:81:30:
c0:22:33:01:41:ee:5d:17:fc:b5:7f:0d:35:0d:5a:61:4c:ff:
2c:8d:ce:c4:88:3e:a7:82:bf:26:3b:1d:63:69:88:c5:3d:8d:
79:5f:e9:d7:e7:5d:bb:ad:74:99:00:e1:e0:e5:b8:d6:32:17:
2b:9f:1f:a1:24:eb:76:5b:ab:c8:9b:1d:1f:e2:9f:15:b2:0e:
1f:57:ec:c5:61:b6:5d:7e:16:d9:3a:9b:c7:f6:94:90:58:23:
e4:bf:f1:15:7d:ac:b2:00:cc:ea:29:fd:1c:a2:75:6b:f2:69:
ce:32:58:14:a7:0d:12:04:77:3c:24:45:96:ea:8b:ed:c8:54:
82:b6:92:cd:4c:13:2f:66:24:e7:0a:c2:b7:03:34:4e:e3:52:
09:3e:06:e5:c8:f7:90:f1:ce:dd:0d:03:7b:cd:df:72:12:36:
af:14:93:da:79:28:1e:ca:32:34:5b:e3:58:f8:88:9a:b1:d4:
a9:d4:21:9f
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZPuercy+WmbOPv697YgsPZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YmE0ZjUyYWMxYmUwNzU1ZDM0YmM1NDgzYzA2MWJkZjI5
MzQ0N2UwHhcNMjQxMjIyMTMwNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzJlNjdiODEwZWNmYWIxOGEwNzAxOTFmMGUxZWE1NDg2ZTc1NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BLBlq0EEzd8Y8mPhuZ0gpOq47g9
JTBnfqxoJGY+QeLtnU5fF5zjOJkH21W+CoZIIFef/dhLNC/XIRtCOZGNc2P9VAs6
bVe+Uj59b5tYK00g9Hegkh8RpFFsGX8H/dX0OsSSVxAIY4c/j0DFpMjZ6zRRHOpg
zOD+jgyrK/HPoJ6B+pYwvQx4Rx57BO8yaEGHv+BZcA0h8HVmZ2B+UDpMqVkEkHGm
kslmsD/1GMhk7yNcgH057qTBaZ1D/KDZV4kNXSA3k8FeGG5H0234a1x7QEAZSZzy
MPzDZf7cvIGiOL1bjZhyfy0+qmMjxwIxLxjxon6iV09WOdMK7ulxZhbVGwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFJMuZ7gQ7PqxigcBkfDh6lSG51WiMB8GA1UdIwQY
MBaAFCS6T1KsG+B1XTS8VIPAYb3yk0R+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxwUFVxd2I0SFZkTkx4VWc4Qmh2ZktUUkg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zOTc1NDYtZGM3Yi00NjYwLThhNTEt
YmY1OWZjMWNiMjZkLzEva3k1bnVCRHMtckdLQndHUjhPSHFWSWJuVmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zOTc1NDYtZGM3Yi00NjYwLThhNTEtYmY1OWZjMWNiMjZk
LzEvSkxwUFVxd2I0SFZkTkx4VWc4Qmh2ZktUUkg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBDBAIAATA9AwQHJdCAAwMB
JdIDAwFOZAMEBVKUYAMEBlY+wAMDAFnTAwMBsMoDAwGymAMEArlg4AMEBdRNwAME
BdWCYDANBAIAAjAHAwUDIAEaEDANBgkqhkiG9w0BAQsFAAOCAQEADCP634kDhD0U
CAQR9l1S6uTwNS3DjVyPg2uWVIWge/mup96VkfN+C3L/b/Rj85QLLsZLwE49gB51
FPPwrWbbOxrb27vJKoEwwCIzAUHuXRf8tX8NNQ1aYUz/LI3OxIg+p4K/JjsdY2mI
xT2NeV/p1+ddu610mQDh4OW41jIXK58foSTrdluryJsdH+KfFbIOH1fsxWG2XX4W
2Tqbx/aUkFgj5L/xFX2ssgDM6in9HKJ1a/JpzjJYFKcNEgR3PCRFluqL7chUgraS
zUwTL2Yk5wrCtwM0TuNSCT4G5cj3kPHO3Q0De83fchI2rxST2nkoHsoyNFvjWPiI
mrHUqdQhnw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:48:05 2025 by rpki-client