Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/F6UwDSNVTf20e2R6ngogvNk0IZw.roa
File: F6UwDSNVTf20e2R6ngogvNk0IZw.roa (raw, json)
Hash identifier: ivtAPgt52xbUFEludxScho4MyyyKSiItpCtZJBBGjcw=
Subject key identifier: 17:A5:30:0D:23:55:4D:FD:B4:7B:64:7A:9E:0A:20:BC:D9:34:21:9C
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01910CA28AC7EF4DC56494D388EAEE66FA0A
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/F6UwDSNVTf20e2R6ngogvNk0IZw.roa
Signing time: Thu 01 Aug 2024 06:31:04 +0000
ROA not before: Thu 01 Aug 2024 06:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5501
IP address blocks: 129.233.0.0/17 maxlen: 17
129.233.128.0/17 maxlen: 17
129.233.163.0/24 maxlen: 24
129.233.252.0/22 maxlen: 22
129.233.252.0/24 maxlen: 24
129.233.253.0/24 maxlen: 24
129.233.254.0/24 maxlen: 24
129.233.255.0/24 maxlen: 24
137.251.0.0/16 maxlen: 16
153.96.0.0/21 maxlen: 21
153.96.8.0/23 maxlen: 23
153.96.10.0/24 maxlen: 24
153.96.12.0/22 maxlen: 22
153.96.16.0/23 maxlen: 23
153.96.18.0/24 maxlen: 24
153.96.19.0/24 maxlen: 24
153.96.24.0/24 maxlen: 24
153.96.54.0/23 maxlen: 23
153.96.112.0/23 maxlen: 23
153.96.126.0/23 maxlen: 23
153.96.144.0/23 maxlen: 23
153.96.220.0/22 maxlen: 22
153.96.248.0/23 maxlen: 23
153.96.250.0/24 maxlen: 24
153.96.253.0/24 maxlen: 24
153.96.254.0/24 maxlen: 24
192.42.63.0/24 maxlen: 24
192.42.64.0/24 maxlen: 24
192.44.0.0/22 maxlen: 22
192.44.10.0/24 maxlen: 24
192.44.13.0/24 maxlen: 24
192.44.17.0/24 maxlen: 24
192.44.24.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
192.102.165.0/24 maxlen: 24
192.102.171.0/24 maxlen: 24
192.102.172.0/23 maxlen: 23
2a03:db80:4404::/48 maxlen: 48
2a03:db80:4410::/48 maxlen: 48
2a03:db80:4414::/48 maxlen: 48
2a03:db80:4420::/48 maxlen: 48
2a03:db80:4424::/48 maxlen: 48
2a03:db80:4480::/48 maxlen: 48
2a03:db80:4484::/48 maxlen: 48
2a03:db80:4c80::/48 maxlen: 48
2a03:db80:4c84::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 30 Dec 2024 08:34:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0c:a2:8a:c7:ef:4d:c5:64:94:d3:88:ea:ee:66:fa:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Aug 1 06:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17a5300d23554dfdb47b647a9e0a20bcd934219c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:83:eb:41:3b:7c:54:7a:6a:84:1f:7e:83:2a:
7e:5b:10:75:76:62:8b:c0:fe:08:2c:c0:7b:44:8a:
78:f8:b5:74:0b:2e:cf:ff:bb:39:05:48:02:bb:7a:
9b:fb:dc:41:15:17:97:14:99:d7:9a:b2:88:7b:a9:
f5:a5:1f:00:c4:39:c9:59:59:a2:59:bb:44:6c:b1:
8d:3a:01:28:6a:54:9f:44:37:fb:06:a0:60:c4:25:
35:37:61:f3:ab:8d:2b:0b:87:0b:30:3a:55:2b:55:
9c:8c:41:7d:74:6b:e6:9b:23:f7:1b:46:0b:47:09:
fc:23:af:8e:a8:ec:ec:5c:01:00:05:a2:86:8f:f6:
b8:2e:1c:a4:74:6f:4d:a5:4b:95:82:db:9c:43:c6:
b2:4f:17:f8:00:21:bf:cb:a4:16:25:51:e4:b4:78:
0c:e6:52:7f:60:63:08:6f:f4:1b:de:fa:df:76:6b:
73:f9:c5:4f:e0:cc:e4:89:70:05:17:43:e1:6d:93:
15:10:b6:59:67:6f:33:5c:8b:ec:cf:68:45:be:2d:
3e:96:f4:2b:2f:06:06:c0:18:79:35:54:c2:26:89:
42:fe:21:25:be:45:59:e9:98:e8:c3:9e:d6:5c:92:
65:8d:cf:4a:3a:05:57:38:48:cf:ec:9a:ac:dc:9b:
38:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A5:30:0D:23:55:4D:FD:B4:7B:64:7A:9E:0A:20:BC:D9:34:21:9C
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/F6UwDSNVTf20e2R6ngogvNk0IZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.0.0/16
137.251.0.0/16
153.96.0.0-153.96.10.255
153.96.12.0-153.96.19.255
153.96.24.0/24
153.96.54.0/23
153.96.112.0/23
153.96.126.0/23
153.96.144.0/23
153.96.220.0/22
153.96.248.0-153.96.250.255
153.96.253.0-153.96.254.255
192.42.63.0-192.42.64.255
192.44.0.0/22
192.44.10.0/24
192.44.13.0/24
192.44.17.0/24
192.44.24.0/24
192.44.37.0/24
192.102.165.0/24
192.102.171.0-192.102.173.255
IPv6:
2a03:db80:4404::/48
2a03:db80:4410::/48
2a03:db80:4414::/48
2a03:db80:4420::/48
2a03:db80:4424::/48
2a03:db80:4480::/48
2a03:db80:4484::/48
2a03:db80:4c80::/48
2a03:db80:4c84::/48
Signature Algorithm: sha256WithRSAEncryption
00:b0:5b:72:d2:79:fc:82:76:b9:e6:34:88:b9:9b:0b:f9:63:
94:fd:6c:1d:73:a5:d3:26:34:43:d0:d1:53:c6:34:a8:ba:e3:
88:dd:f7:03:64:85:4d:0e:3c:ba:84:a0:91:cc:df:56:81:57:
7f:00:f6:ac:03:02:f1:33:df:26:a4:f7:9d:8b:00:76:a5:e2:
92:ac:07:71:ac:b1:a3:5e:1f:97:a2:b6:6c:c7:c2:0d:f5:38:
58:35:ca:8c:b2:16:43:ed:63:d6:90:57:94:e2:5b:b0:23:65:
34:cc:c6:d9:ad:5e:1a:c5:fb:12:ea:3e:73:3b:bd:5b:d3:8b:
f3:5f:e9:46:72:19:22:f1:af:73:3c:4b:22:3a:c6:83:96:43:
b7:ab:e1:d0:ba:0d:d9:42:c3:7d:41:f6:12:59:da:d7:2a:ab:
35:0a:64:7f:3d:e1:85:e2:41:ec:76:e9:f9:29:3f:05:20:a7:
52:e6:12:3a:27:e0:c6:ea:b4:b0:cd:f5:69:65:45:14:b2:63:
c3:eb:17:52:15:b3:22:92:55:b0:75:36:b3:ff:2a:ff:c6:2c:
ea:68:46:9d:78:61:3d:c7:fb:c0:8a:be:80:e3:e1:9a:df:9e:
e4:df:eb:f0:53:8c:f2:bc:7a:8f:6a:1e:27:0d:48:77:47:aa:
1b:58:14:f3
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZEMoorH703FZJTTiOruZvoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjQwODAxMDYzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2E1MzAwZDIzNTU0ZGZkYjQ3YjY0N2E5ZTBhMjBiY2Q5MzQyMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoPrQTt8VHpqhB9+gyp+WxB1dmKL
wP4ILMB7RIp4+LV0Cy7P/7s5BUgCu3qb+9xBFReXFJnXmrKIe6n1pR8AxDnJWVmi
WbtEbLGNOgEoalSfRDf7BqBgxCU1N2Hzq40rC4cLMDpVK1WcjEF9dGvmmyP3G0YL
Rwn8I6+OqOzsXAEABaKGj/a4LhykdG9NpUuVgtucQ8ayTxf4ACG/y6QWJVHktHgM
5lJ/YGMIb/Qb3vrfdmtz+cVP4MzkiXAFF0PhbZMVELZZZ28zXIvsz2hFvi0+lvQr
LwYGwBh5NVTCJolC/iElvkVZ6Zjow57WXJJljc9KOgVXOEjP7Jqs3Js4zwIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFBelMA0jVU39tHtkep4KILzZNCGcMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvRjZVd0RTTlZUZjIwZTJSNm5nb2d2TmswSVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCBsgQCAAEwgasD
AwCB6QMDAIn7MAsDAwWZYAMEAJlgCjAMAwQCmWAMAwQCmWAQAwQAmWAYAwQBmWA2
AwQBmWBwAwQBmWB+AwQBmWCQAwQCmWDcMAwDBAOZYPgDBACZYPowDAMEAJlg/QME
AJlg/jAMAwQAwCo/AwQAwCpAAwQCwCwAAwQAwCwKAwQAwCwNAwQAwCwRAwQAwCwY
AwQAwCwlAwQAwGalMAwDBADAZqsDBAHAZqwwVwQCAAIwUQMHACoD24BEBAMHACoD
24BEEAMHACoD24BEFAMHACoD24BEIAMHACoD24BEJAMHACoD24BEgAMHACoD24BE
hAMHACoD24BMgAMHACoD24BMhDANBgkqhkiG9w0BAQsFAAOCAQEAALBbctJ5/IJ2
ueY0iLmbC/ljlP1sHXOl0yY0Q9DRU8Y0qLrjiN33A2SFTQ48uoSgkczfVoFXfwD2
rAMC8TPfJqT3nYsAdqXikqwHcayxo14fl6K2bMfCDfU4WDXKjLIWQ+1j1pBXlOJb
sCNlNMzG2a1eGsX7Euo+czu9W9OL81/pRnIZIvGvczxLIjrGg5ZDt6vh0LoN2ULD
fUH2Elna1yqrNQpkfz3hheJB7Hbp+Sk/BSCnUuYSOifgxuq0sM31aWVFFLJjw+sX
UhWzIpJVsHU2s/8q/8Ys6mhGnXhhPcf7wIq+gOPhmt+e5N/r8FOM8rx6j2oeJw1I
d0eqG1gU8w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:54:36 2025 by rpki-client