Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/89cl1LqRZxKuBQaw8WN_82gMjZo.roa
File: 89cl1LqRZxKuBQaw8WN_82gMjZo.roa (raw, json)
Hash identifier: EifpSwsp/zx4o/NgCKEZnjduwNTq3LrSUKnVmEeWjqU=
Subject key identifier: F3:D7:25:D4:BA:91:67:12:AE:05:06:B0:F1:63:7F:F3:68:0C:8D:9A
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0193794F247AE5BB48D44EEB72CA21C2C826
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/89cl1LqRZxKuBQaw8WN_82gMjZo.roa
Signing time: Fri 29 Nov 2024 19:04:10 +0000
ROA not before: Fri 29 Nov 2024 19:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.31.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.53.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 12 Dec 2024 12:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:79:4f:24:7a:e5:bb:48:d4:4e:eb:72:ca:21:c2:c8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Nov 29 19:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3d725d4ba916712ae0506b0f1637ff3680c8d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:91:04:ff:d2:8f:61:ce:c9:42:a1:4e:49:16:
ad:a2:ef:27:bb:9e:3c:d5:70:34:4e:82:82:ba:45:
cc:d2:1c:7b:04:fd:c0:7b:c3:53:fa:85:17:2e:df:
5b:fe:18:fc:55:50:7a:ed:9e:37:1a:3b:20:31:06:
ff:fc:f6:b0:b7:56:b1:d3:bf:bc:84:0b:fb:0b:ec:
50:77:12:5a:9f:36:b6:0c:bd:a4:13:01:dd:09:01:
80:4b:48:a2:dc:ad:de:4a:94:2c:e2:1d:05:6b:e3:
64:05:0d:6b:07:0e:29:29:eb:09:56:23:a3:f2:34:
ef:c6:4e:45:32:37:bb:71:9a:2c:ca:e7:68:34:05:
81:68:b7:81:78:af:cf:f2:7d:51:ed:78:d0:20:e8:
3c:c6:a0:85:60:ee:58:1a:d1:54:a1:54:d1:e5:1a:
05:ad:fc:d9:34:96:4e:6f:b4:39:0f:ec:22:d0:50:
1a:63:ba:d9:72:a4:3f:b8:df:b4:e7:0b:2b:d9:c8:
ff:e8:86:7b:2c:05:38:86:4d:b7:74:b1:c3:5a:39:
6a:bd:02:ee:18:69:dc:a0:36:4f:35:16:54:17:05:
45:0f:76:c0:2c:6b:95:20:60:71:c7:33:eb:b4:8f:
a3:94:a3:91:f9:ba:27:e5:76:32:b8:43:69:e9:d0:
ac:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D7:25:D4:BA:91:67:12:AE:05:06:B0:F1:63:7F:F3:68:0C:8D:9A
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/89cl1LqRZxKuBQaw8WN_82gMjZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.48.0/22
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/23
185.254.31.0/24
185.254.236.0/22
193.35.152.0/23
193.35.155.0/24
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:5d:9c:23:c7:7b:09:7d:a2:b8:a1:60:6f:a9:09:15:e3:8e:
39:a8:20:3f:95:07:0b:cf:8e:60:60:f2:31:67:49:20:9d:8d:
22:d7:7d:e3:0b:ba:13:16:44:2a:af:61:30:7f:60:41:c1:27:
22:71:52:61:85:77:af:6b:dd:84:f2:e4:30:7a:a8:98:98:e7:
13:a9:33:23:5b:e5:d1:3a:f4:2d:2b:86:50:3c:8f:19:27:31:
ad:6d:38:02:2f:4a:7e:b7:d8:d7:f3:7a:5d:ff:17:8c:4a:17:
b9:10:f6:09:d5:b5:98:b4:46:61:b9:1c:4b:d1:9a:1e:3a:78:
92:08:08:0d:4f:db:6c:96:0d:ca:d5:da:83:fc:2f:46:fa:aa:
2e:5c:06:86:4b:a4:a1:b1:6a:b6:4a:02:88:71:7a:bc:e5:c1:
21:49:f2:8f:e5:98:07:55:76:7d:17:ed:10:cd:ef:55:7e:d9:
55:85:40:be:8f:00:83:66:cd:d0:e1:b8:5b:f7:81:6d:07:87:
b5:e5:93:6d:38:1b:b2:4d:c5:d8:28:ee:f8:13:0d:2a:54:62:
bf:81:67:e4:de:df:6c:e4:fb:f0:34:7a:9f:33:22:cc:24:ae:
3f:44:f5:59:2e:a5:44:56:a1:df:48:da:94:8d:42:7a:b7:59:
0a:34:55:c1
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZN5TyR65btI1E7rcsohwsgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQxMTI5MTkwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2Q3MjVkNGJhOTE2NzEyYWUwNTA2YjBmMTYzN2ZmMzY4MGM4ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5EE/9KPYc7JQqFOSRatou8nu548
1XA0ToKCukXM0hx7BP3Ae8NT+oUXLt9b/hj8VVB67Z43GjsgMQb//Pawt1ax07+8
hAv7C+xQdxJanza2DL2kEwHdCQGAS0ii3K3eSpQs4h0Fa+NkBQ1rBw4pKesJViOj
8jTvxk5FMje7cZosyudoNAWBaLeBeK/P8n1R7XjQIOg8xqCFYO5YGtFUoVTR5RoF
rfzZNJZOb7Q5D+wi0FAaY7rZcqQ/uN+05wsr2cj/6IZ7LAU4hk23dLHDWjlqvQLu
GGncoDZPNRZUFwVFD3bALGuVIGBxxzPrtI+jlKOR+bon5XYyuENp6dCsyQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFPPXJdS6kWcSrgUGsPFjf/NoDI2aMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvODljbDFMcVJaeEt1QlFhdzhXTl84MmdNalpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgccEAgABMIHAAwQA
W8I3AwQBXb4MAwQCbewwAwQBoBRsAwQAuVW8AwQAuVYEAwQBuVYGAwQAuVYMAwQB
uVYOAwQAuVaYAwQAuVabAwQAuVd4AwQCuVisMAwDBAC5Yj0DBAa5YgAwDAMEALmN
IQMEArmNIAMEArm4GDAMAwQDubnoAwQAubnqAwQCufO0AwQCufnIAwQAufrSAwQB
uf4cAwQAuf4fAwQCuf7sAwQBwSOYAwQAwSObAwQCwaCMAwQCwd9oAwQCwj40MCIE
AgACMBwDBQMqBb8AAwUDKgfnAAMFAyoLJ4ADBQMqDUnAMA0GCSqGSIb3DQEBCwUA
A4IBAQAnXZwjx3sJfaK4oWBvqQkV4445qCA/lQcLz45gYPIxZ0kgnY0i133jC7oT
FkQqr2Ewf2BBwScicVJhhXeva92E8uQweqiYmOcTqTMjW+XROvQtK4ZQPI8ZJzGt
bTgCL0p+t9jX83pd/xeMShe5EPYJ1bWYtEZhuRxL0ZoeOniSCAgNT9tslg3K1dqD
/C9G+qouXAaGS6ShsWq2SgKIcXq85cEhSfKP5ZgHVXZ9F+0Qze9VftlVhUC+jwCD
Zs3Q4bhb94FtB4e15ZNtOBuyTcXYKO74Ew0qVGK/gWfk3t9s5PvwNHqfMyLMJK4/
RPVZLqVEVqHfSNqUjUJ6t1kKNFXB
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:07:35 2025 by rpki-client