Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/T_lFAh3R89O_l5v3A8Psq5SwgAM.roa
File: T_lFAh3R89O_l5v3A8Psq5SwgAM.roa (raw, json)
Hash identifier: mJ1fo2qN2l509xmqhw2+SgP0DEB3C8//wMuMn2OaKUQ=
Subject key identifier: 4F:F9:45:02:1D:D1:F3:D3:BF:97:9B:F7:03:C3:EC:AB:94:B0:80:03
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019426D9ADAA7D7F4FBB69BD51CE99040F17
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/T_lFAh3R89O_l5v3A8Psq5SwgAM.roa
Signing time: Thu 02 Jan 2025 11:49:47 +0000
ROA not before: Thu 02 Jan 2025 11:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8359
IP address blocks: 5.144.96.0/19 maxlen: 19
31.40.112.0/20 maxlen: 20
37.208.120.0/21 maxlen: 21
62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
79.171.115.0/24 maxlen: 24
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
92.43.184.0/21 maxlen: 21
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
95.153.136.0/22 maxlen: 22
95.169.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
178.159.16.0/20 maxlen: 20
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.98.0/23 maxlen: 23
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.210.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa1::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 06 Jan 2025 17:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ad:aa:7d:7f:4f:bb:69:bd:51:ce:99:04:0f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 11:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ff945021dd1f3d3bf979bf703c3ecab94b08003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:12:fd:86:b0:ad:e7:92:25:03:82:df:f9:
02:e9:ba:ef:ba:04:66:a6:db:74:55:df:51:04:9e:
50:02:ff:f0:e6:0c:2f:15:e4:59:7d:48:14:ff:52:
e9:28:6a:69:5e:6c:45:e3:a5:8c:3a:ee:20:cd:c5:
cf:c5:bd:23:cb:08:b0:bb:13:73:46:f5:ba:90:dc:
35:60:62:b1:4d:f9:70:47:d9:bd:0a:77:af:9a:a8:
a7:73:78:b4:8c:b0:5c:75:8b:49:8a:7e:f2:bd:cb:
63:6a:4e:7b:1a:6b:31:e0:8e:3d:cb:32:bf:18:bc:
1d:a0:62:1c:50:07:44:e2:37:09:db:8b:28:13:b4:
71:62:0d:f7:e0:be:78:94:7b:f0:c1:da:bc:04:4e:
44:ce:84:ff:7a:f5:40:03:cf:7e:96:5f:ac:53:83:
54:8d:aa:80:75:86:77:1d:3e:c9:ab:82:67:7a:b4:
4d:96:b5:f2:85:6e:fb:db:39:51:02:f2:d8:ec:21:
8e:4b:32:c0:a9:45:2b:80:c0:c3:0a:ef:5a:e9:cd:
da:4b:ff:b2:51:2c:d9:fb:ff:4a:67:cf:85:ff:8c:
18:9f:1f:d1:e3:33:28:5c:b2:39:a8:44:15:b8:3b:
b7:80:4f:6e:9a:ad:31:9a:e6:bb:69:3a:7b:5e:66:
67:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F9:45:02:1D:D1:F3:D3:BF:97:9B:F7:03:C3:EC:AB:94:B0:80:03
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/T_lFAh3R89O_l5v3A8Psq5SwgAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.96.0/19
31.40.112.0/20
37.208.120.0/21
62.118.0.0/16
62.168.224.0/19
79.171.115.0/24
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
92.43.184.0/21
93.90.224.0/20
94.140.128.0/19
95.153.136.0/22
95.169.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
178.159.16.0/20
185.168.236.0/22
193.104.128.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
88:09:2d:8c:60:0b:ab:f5:3b:9c:34:5a:bd:f4:b6:e3:b2:42:
2f:12:b0:65:f9:a2:b5:bc:df:b5:db:9e:ab:94:0b:b2:ed:4e:
77:d1:5d:81:b7:10:bb:f0:4e:13:1d:da:3c:26:a9:44:8f:54:
18:87:20:9f:3e:31:8d:33:be:e2:45:34:6d:26:27:5c:83:63:
61:a7:08:90:ab:26:dd:6f:55:01:39:4d:a8:51:1f:41:5e:76:
da:86:56:1d:16:7a:14:51:9a:cd:01:a4:26:97:7d:13:97:40:
90:1a:5d:70:c0:95:93:f2:f2:74:dc:1b:dc:b6:d4:e2:a2:af:
5d:22:40:5b:52:94:0b:38:c8:cb:09:c5:59:85:84:77:4d:ed:
5f:23:22:ea:4f:db:2a:8f:c1:e5:6b:ca:dd:6a:27:84:53:22:
d0:06:1c:0f:1f:c0:dd:37:1b:6c:be:9c:88:0f:60:9d:8e:0d:
29:50:d9:12:62:e0:8b:4f:bb:fb:b2:06:b3:26:46:b5:bf:29:
32:37:58:f7:9d:e2:20:86:4e:d6:61:68:45:58:6c:a6:20:5c:
38:29:51:9d:ed:b5:8e:c0:a1:1c:e4:3c:de:36:27:f0:ac:fc:
7e:04:2a:0c:e3:0c:81:d1:2a:19:e1:47:9e:f0:45:e2:a3:e4:
bf:75:d6:49
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAZQm2a2qfX9Pu2m9Uc6ZBA8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTAyMTE0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmY5NDUwMjFkZDFmM2QzYmY5NzliZjcwM2MzZWNhYjk0YjA4MDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR8S/YawreeSJQOC3/kC6brvugRm
ptt0Vd9RBJ5QAv/w5gwvFeRZfUgU/1LpKGppXmxF46WMOu4gzcXPxb0jywiwuxNz
RvW6kNw1YGKxTflwR9m9Cnevmqinc3i0jLBcdYtJin7yvctjak57Gmsx4I49yzK/
GLwdoGIcUAdE4jcJ24soE7RxYg334L54lHvwwdq8BE5EzoT/evVAA89+ll+sU4NU
jaqAdYZ3HT7Jq4JnerRNlrXyhW772zlRAvLY7CGOSzLAqUUrgMDDCu9a6c3aS/+y
USzZ+/9KZ8+F/4wYnx/R4zMoXLI5qEQVuDu3gE9umq0xmua7aTp7XmZn/QIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFE/5RQId0fPTv5eb9wPD7KuUsIADMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvVF9sRkFoM1I4OU9fbDV2M0E4UHNxNVN3Z0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zCB0gQCAAEwgcsDBAUF
kGADBAQfKHADBAMl0HgDAwA+dgMEBT6o4AMEAE+rcwMEAFBT7QMEBVFbIAMDAFHD
AwQGUmDAAwMAU+0DAwFVjAMEBVXrIAMDAFmvAwMCW0wDBANcK7gDBARdWuADBAVe
jIADBAJfmYgDBAVfqYADBAVtxuADBAONaRgDBACw3hEDAwCyjQMEB7KbAAMEBLKf
EAMEArmo7AMEAMFogAMEBsMiAAMEB9S8AAMDANVXAwQF1ZMgAwQC1bDkMAsDBALZ
SvQDAwDZSjAUBAIAAjAOAwUDKgAfoAMFAyoCACgwDQYJKoZIhvcNAQELBQADggEB
AIgJLYxgC6v1O5w0Wr30tuOyQi8SsGX5orW837XbnquUC7LtTnfRXYG3ELvwThMd
2jwmqUSPVBiHIJ8+MY0zvuJFNG0mJ1yDY2GnCJCrJt1vVQE5TahRH0FedtqGVh0W
ehRRms0BpCaXfROXQJAaXXDAlZPy8nTcG9y21OKir10iQFtSlAs4yMsJxVmFhHdN
7V8jIupP2yqPweVryt1qJ4RTItAGHA8fwN03G2y+nIgPYJ2ODSlQ2RJi4ItPu/uy
BrMmRrW/KTI3WPed4iCGTtZhaEVYbKYgXDgpUZ3ttY7AoRzkPN42J/Cs/H4EKgzj
DIHRKhnhR57wReKj5L911kk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:38 2025 by rpki-client