Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EvTKxoXRLmhConEW-bOU2su-yNw.roa
File: EvTKxoXRLmhConEW-bOU2su-yNw.roa (raw, json)
Hash identifier: hkiGeMh3Ggb31bcs/qtWvhZ+2TUNivyFUTUh0PgkvUQ=
Subject key identifier: 12:F4:CA:C6:85:D1:2E:68:42:A2:71:16:F9:B3:94:DA:CB:BE:C8:DC
Certificate issuer: /CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Certificate serial: 018CC9BBFB3CD0D2C1815FF99CD16BAD81E8
Authority key identifier: 10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EvTKxoXRLmhConEW-bOU2su-yNw.roa
Signing time: Tue 02 Jan 2024 10:33:09 +0000
ROA not before: Tue 02 Jan 2024 10:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8685
IP address blocks: 212.2.192.0/21 maxlen: 21
212.2.192.0/19 maxlen: 24
212.2.192.0/24 maxlen: 24
212.2.194.0/24 maxlen: 24
212.2.193.0/24 maxlen: 24
212.2.199.0/24 maxlen: 24
212.2.198.0/24 maxlen: 24
212.2.197.0/24 maxlen: 24
212.2.196.0/24 maxlen: 24
212.2.195.0/24 maxlen: 24
212.2.206.0/24 maxlen: 24
212.2.204.0/22 maxlen: 22
212.2.204.0/23 maxlen: 23
212.2.205.0/24 maxlen: 24
212.2.204.0/24 maxlen: 24
212.2.213.0/24 maxlen: 24
212.2.212.0/24 maxlen: 24
212.2.211.0/24 maxlen: 24
212.2.212.0/23 maxlen: 23
212.2.210.0/24 maxlen: 24
212.2.209.0/24 maxlen: 24
212.2.208.0/24 maxlen: 24
212.2.216.0/21 maxlen: 21
212.2.217.0/24 maxlen: 24
212.2.216.0/24 maxlen: 24
212.2.215.0/24 maxlen: 24
212.2.222.0/24 maxlen: 24
82.151.131.0/24 maxlen: 24
82.151.128.0/19 maxlen: 24
82.151.128.0/20 maxlen: 20
82.151.132.0/24 maxlen: 24
82.151.138.0/24 maxlen: 24
82.151.134.0/24 maxlen: 24
82.151.133.0/24 maxlen: 24
82.151.144.0/20 maxlen: 20
82.151.144.0/24 maxlen: 24
82.151.143.0/24 maxlen: 24
82.151.142.0/24 maxlen: 24
82.151.140.0/24 maxlen: 24
185.58.244.0/22 maxlen: 24
94.102.64.0/20 maxlen: 24
94.102.64.0/21 maxlen: 21
94.102.70.0/23 maxlen: 24
94.102.72.0/21 maxlen: 24
94.102.76.0/24 maxlen: 24
212.58.31.0/24 maxlen: 24
212.58.28.0/24 maxlen: 24
81.21.174.0/24 maxlen: 24
81.21.166.0/24 maxlen: 24
81.21.164.0/22 maxlen: 22
81.21.161.0/24 maxlen: 24
81.21.160.0/20 maxlen: 24
81.21.160.0/21 maxlen: 21
81.21.170.0/23 maxlen: 23
81.21.170.0/24 maxlen: 24
81.21.169.0/24 maxlen: 24
81.21.168.0/21 maxlen: 24
81.21.167.0/24 maxlen: 24
82.151.154.0/23 maxlen: 24
212.58.0.0/19 maxlen: 24
212.58.0.0/24 maxlen: 24
212.58.0.0/21 maxlen: 21
212.58.8.0/21 maxlen: 24
212.58.16.0/24 maxlen: 24
212.58.16.0/21 maxlen: 24
212.58.13.0/24 maxlen: 24
212.58.24.0/21 maxlen: 24
212.58.18.0/24 maxlen: 24
213.155.96.0/21 maxlen: 21
213.155.96.0/19 maxlen: 24
213.155.104.0/21 maxlen: 24
213.155.103.0/24 maxlen: 24
213.155.99.0/24 maxlen: 24
213.155.112.0/21 maxlen: 24
213.155.124.0/22 maxlen: 24
213.155.122.0/23 maxlen: 24
213.155.121.0/24 maxlen: 24
213.155.120.0/23 maxlen: 24
2a02:480::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jan 2024 08:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:fb:3c:d0:d2:c1:81:5f:f9:9c:d1:6b:ad:81:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Validity
Not Before: Jan 2 10:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12f4cac685d12e6842a27116f9b394dacbbec8dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ce:9d:f2:c7:b0:ab:1a:2a:28:0d:3e:a3:4d:
f1:19:5f:f8:0f:1a:70:b4:80:e8:27:8c:4b:9a:16:
ac:39:40:71:c0:81:40:53:1d:9e:d1:52:e4:51:78:
50:55:9d:57:73:bf:68:8a:d6:8f:74:f5:23:b1:eb:
fe:28:06:2e:0e:84:a6:31:c0:bf:c2:64:dc:db:7d:
e5:40:90:66:aa:d1:88:65:1f:5c:a2:ba:09:13:31:
9d:29:93:a4:e0:fa:ee:37:a0:0c:4f:7d:01:85:28:
fe:0e:2c:dd:31:67:3c:b3:86:5d:16:75:57:fe:e3:
f2:06:d3:d1:8c:13:8b:32:92:ea:93:fb:60:dd:b2:
7d:cd:bb:04:8a:00:3e:7e:3e:a8:ef:1d:75:dd:4c:
81:48:94:cd:b3:80:f4:71:a1:05:db:40:80:8a:1a:
92:fd:3d:a1:4b:8d:e8:88:01:2e:bb:78:c6:32:8b:
ad:e6:d2:ea:fe:98:9c:b1:52:7f:35:10:8e:7b:1c:
69:77:4e:2f:e9:bb:0f:7b:6d:36:21:22:a0:40:ed:
e2:d1:fc:60:8c:4f:ab:21:d6:85:81:60:71:62:b0:
13:f0:77:8a:a6:4e:30:d1:0b:68:e5:9a:f3:72:53:
44:c7:18:bf:c2:a8:54:a5:20:37:04:f7:da:2e:f4:
97:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F4:CA:C6:85:D1:2E:68:42:A2:71:16:F9:B3:94:DA:CB:BE:C8:DC
X509v3 Authority Key Identifier:
keyid:10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EvTKxoXRLmhConEW-bOU2su-yNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.160.0/20
82.151.128.0/19
94.102.64.0/20
185.58.244.0/22
212.2.192.0/19
212.58.0.0/19
213.155.96.0/19
IPv6:
2a02:480::/32
Signature Algorithm: sha256WithRSAEncryption
72:ca:6a:d3:b1:3f:98:d9:a6:92:63:4a:1d:e1:85:ed:56:46:
d1:8b:ae:f1:ab:e5:21:c6:02:fa:e5:24:73:c2:df:db:e5:fd:
0d:87:b6:78:d3:f6:4d:75:d2:93:c0:71:8a:15:d6:73:c7:30:
0f:01:e4:b6:a4:57:54:33:64:5d:ee:7f:81:88:79:81:86:08:
31:c4:e7:2d:b7:8b:57:86:e2:90:e6:5d:fd:8a:0c:2a:c3:e6:
08:e2:01:ba:72:ba:5f:b5:b5:48:4a:08:2e:9c:10:5c:47:0d:
70:9a:73:e8:a8:56:e0:36:95:7c:1d:b0:c3:57:53:78:ea:f8:
26:41:ef:0e:c4:2e:8e:27:fc:cc:af:a4:ee:7a:dc:3a:2e:60:
1f:49:9f:f4:a7:31:00:59:9b:43:2a:41:20:05:db:85:04:76:
94:87:c6:e3:48:26:4d:ed:be:c1:da:97:36:98:8e:34:3a:32:
c2:aa:2d:24:f6:43:3e:f4:1e:d6:8f:5c:5e:c4:62:68:61:4e:
3a:3e:63:9f:ea:45:c8:a5:fb:85:8d:78:63:14:24:4b:30:40:
95:a9:32:42:d7:ac:e4:01:51:5a:60:88:73:37:bf:b0:bd:a3:
13:cd:2e:d1:77:ca:62:e4:94:af:55:07:e6:36:24:48:91:f3:
b3:68:3b:3a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzJu/s80NLBgV/5nNFrrYHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzRkYjk2NDAyZmY1Y2YxODc1NjQ1NjBlYThmMTNlZWVi
NWZmZWIwHhcNMjQwMTAyMTAzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmY0Y2FjNjg1ZDEyZTY4NDJhMjcxMTZmOWIzOTRkYWNiYmVjOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt86d8sewqxoqKA0+o03xGV/4Dxpw
tIDoJ4xLmhasOUBxwIFAUx2e0VLkUXhQVZ1Xc79oitaPdPUjsev+KAYuDoSmMcC/
wmTc233lQJBmqtGIZR9coroJEzGdKZOk4PruN6AMT30BhSj+DizdMWc8s4ZdFnVX
/uPyBtPRjBOLMpLqk/tg3bJ9zbsEigA+fj6o7x113UyBSJTNs4D0caEF20CAihqS
/T2hS43oiAEuu3jGMout5tLq/picsVJ/NRCOexxpd04v6bsPe202ISKgQO3i0fxg
jE+rIdaFgWBxYrAT8HeKpk4w0Qto5ZrzclNExxi/wqhUpSA3BPfaLvSXCQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBL0ysaF0S5oQqJxFvmzlNrLvsjcMB8GA1UdIwQY
MBaAFBB025ZAL/XPGHVkVg6o8T7utf/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEt
YWI0MGI1OGEyODkyLzEvRXZUS3hvWFJMbWhDb25FVy1iT1Uyc3UteU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEtYWI0MGI1OGEyODky
LzEvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEURWgAwQF
UpeAAwQEXmZAAwQCuTr0AwQF1ALAAwQF1DoAAwQF1ZtgMA0EAgACMAcDBQAqAgSA
MA0GCSqGSIb3DQEBCwUAA4IBAQByymrTsT+Y2aaSY0od4YXtVkbRi67xq+UhxgL6
5SRzwt/b5f0Nh7Z40/ZNddKTwHGKFdZzxzAPAeS2pFdUM2Rd7n+BiHmBhggxxOct
t4tXhuKQ5l39igwqw+YI4gG6crpftbVISggunBBcRw1wmnPoqFbgNpV8HbDDV1N4
6vgmQe8OxC6OJ/zMr6Tuetw6LmAfSZ/0pzEAWZtDKkEgBduFBHaUh8bjSCZN7b7B
2pc2mI40OjLCqi0k9kM+9B7Wj1xexGJoYU46PmOf6kXIpfuFjXhjFCRLMECVqTJC
16zkAVFaYIhzN7+wvaMTzS7Rd8pi5JSvVQfmNiRIkfOzaDs6
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:43 2025 by rpki-client