Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/H2mBgxLxokDp1yql7V0BqDstFmg.roa
File: H2mBgxLxokDp1yql7V0BqDstFmg.roa (raw, json)
Hash identifier: DQHlxdyHWR0Vkb2mwTBUXsl2sxaB9jXwaCjvUIbsBl0=
Subject key identifier: 1F:69:81:83:12:F1:A2:40:E9:D7:2A:A5:ED:5D:01:A8:3B:2D:16:68
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019416B3A42DD65A09C108829137ED441EE1
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/H2mBgxLxokDp1yql7V0BqDstFmg.roa
Signing time: Mon 30 Dec 2024 08:34:19 +0000
ROA not before: Mon 30 Dec 2024 08:34:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5501
IP address blocks: 129.233.0.0/17 maxlen: 17
129.233.128.0/17 maxlen: 17
129.233.163.0/24 maxlen: 24
129.233.252.0/22 maxlen: 22
129.233.252.0/24 maxlen: 24
129.233.253.0/24 maxlen: 24
129.233.254.0/24 maxlen: 24
129.233.255.0/24 maxlen: 24
137.251.0.0/16 maxlen: 16
153.96.0.0/21 maxlen: 21
153.96.8.0/23 maxlen: 23
153.96.10.0/24 maxlen: 24
153.96.12.0/22 maxlen: 22
153.96.16.0/23 maxlen: 23
153.96.18.0/24 maxlen: 24
153.96.19.0/24 maxlen: 24
153.96.24.0/24 maxlen: 24
153.96.54.0/23 maxlen: 23
153.96.112.0/23 maxlen: 23
153.96.126.0/23 maxlen: 23
153.96.144.0/23 maxlen: 23
153.96.220.0/22 maxlen: 22
153.96.248.0/23 maxlen: 23
153.96.250.0/24 maxlen: 24
153.96.253.0/24 maxlen: 24
153.96.254.0/24 maxlen: 24
192.42.63.0/24 maxlen: 24
192.42.64.0/24 maxlen: 24
192.44.0.0/22 maxlen: 22
192.44.0.0/24 maxlen: 24
192.44.1.0/24 maxlen: 24
192.44.2.0/23 maxlen: 23
192.44.10.0/24 maxlen: 24
192.44.13.0/24 maxlen: 24
192.44.17.0/24 maxlen: 24
192.44.24.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
192.102.165.0/24 maxlen: 24
192.102.171.0/24 maxlen: 24
192.102.172.0/23 maxlen: 23
2a03:db80:4404::/48 maxlen: 48
2a03:db80:4410::/48 maxlen: 48
2a03:db80:4414::/48 maxlen: 48
2a03:db80:4415::/48 maxlen: 48
2a03:db80:4416::/48 maxlen: 48
2a03:db80:4420::/48 maxlen: 48
2a03:db80:4424::/48 maxlen: 48
2a03:db80:4434::/48 maxlen: 48
2a03:db80:4460::/48 maxlen: 48
2a03:db80:4470::/48 maxlen: 48
2a03:db80:4480::/48 maxlen: 48
2a03:db80:4484::/48 maxlen: 48
2a03:db80:4494::/48 maxlen: 48
2a03:db80:4c80::/48 maxlen: 48
2a03:db80:4c84::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:16:b3:a4:2d:d6:5a:09:c1:08:82:91:37:ed:44:1e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Dec 30 08:34:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f69818312f1a240e9d72aa5ed5d01a83b2d1668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c7:32:75:08:ed:d2:8c:13:8b:6d:41:26:5c:
6a:6a:d9:16:8f:18:f7:7d:c3:b0:6f:cc:67:e2:08:
cf:42:52:cc:04:d2:68:67:4c:13:d6:49:91:93:aa:
83:db:45:5b:9a:d0:7a:28:22:b3:ed:02:03:83:70:
ae:3c:c3:90:5e:b3:59:21:77:b2:20:a5:2d:79:fd:
f1:f4:25:36:8c:76:1f:d6:22:50:84:56:15:30:4c:
18:3a:bf:b1:41:7b:e7:df:7c:64:34:30:83:c9:a1:
87:78:8b:d3:66:2e:11:75:c8:bd:5b:9f:fa:ca:6b:
77:d2:13:a8:26:44:63:c8:9c:f3:70:5b:81:4d:1b:
28:5a:27:07:6e:2f:a5:5c:c1:9c:02:1d:16:3c:ab:
07:20:df:ed:b2:71:6c:fa:94:e6:4b:d8:58:53:7e:
37:d0:80:dc:9a:0e:24:96:ea:c6:7f:e3:41:f2:72:
48:8b:02:27:b1:ea:e1:76:95:53:3f:89:e6:35:ef:
ef:01:23:c2:b1:63:01:6f:d7:f5:b0:43:bb:d6:4b:
6d:4a:6e:cc:1b:0f:79:e8:9f:34:be:e5:b4:f9:38:
89:48:b9:54:c7:5b:70:e3:e6:e1:6a:29:e3:8b:84:
95:e7:3b:f3:8e:5f:3a:6d:1e:02:5d:ad:a0:f9:f2:
d0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:69:81:83:12:F1:A2:40:E9:D7:2A:A5:ED:5D:01:A8:3B:2D:16:68
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/H2mBgxLxokDp1yql7V0BqDstFmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.0.0/16
137.251.0.0/16
153.96.0.0-153.96.10.255
153.96.12.0-153.96.19.255
153.96.24.0/24
153.96.54.0/23
153.96.112.0/23
153.96.126.0/23
153.96.144.0/23
153.96.220.0/22
153.96.248.0-153.96.250.255
153.96.253.0-153.96.254.255
192.42.63.0-192.42.64.255
192.44.0.0/22
192.44.10.0/24
192.44.13.0/24
192.44.17.0/24
192.44.24.0/24
192.44.37.0/24
192.102.165.0/24
192.102.171.0-192.102.173.255
IPv6:
2a03:db80:4404::/48
2a03:db80:4410::/48
2a03:db80:4414::-2a03:db80:4416:ffff:ffff:ffff:ffff:ffff
2a03:db80:4420::/48
2a03:db80:4424::/48
2a03:db80:4434::/48
2a03:db80:4460::/48
2a03:db80:4470::/48
2a03:db80:4480::/48
2a03:db80:4484::/48
2a03:db80:4494::/48
2a03:db80:4c80::/48
2a03:db80:4c84::/48
Signature Algorithm: sha256WithRSAEncryption
b2:01:a5:75:20:a1:22:49:55:43:e6:31:1e:00:31:ca:49:67:
c4:f3:50:95:26:9f:9f:0f:bd:17:5b:ea:e4:b6:96:93:84:e8:
40:9b:85:39:3c:e0:9e:de:f8:bb:db:f6:ab:0b:f2:ea:54:49:
b9:7b:60:aa:b9:0e:fa:5e:09:14:76:98:31:d9:29:c2:89:31:
e0:30:70:5a:37:5b:74:a6:da:50:b5:63:99:13:64:57:a4:dc:
5b:fb:fc:75:98:6d:f6:33:f8:29:b8:e0:52:5d:a0:32:3a:56:
11:90:d0:20:88:d4:6a:8b:3c:52:32:58:fe:6b:ea:60:ea:5d:
6d:61:a1:a9:e4:d0:53:80:cb:55:42:2b:86:a4:da:71:5d:86:
50:ca:6b:b5:91:40:e7:c6:c1:99:72:07:3e:fc:85:f4:5b:30:
13:e4:f6:0b:29:ff:f5:9c:d4:dd:b9:c5:d2:e3:8d:60:2a:30:
fa:06:75:74:bf:e1:1e:6b:40:c6:a7:59:13:d3:b7:ad:03:3b:
49:5e:e0:c3:16:d3:57:12:39:0e:b5:7c:2b:5f:46:9c:89:9c:
fb:da:92:38:be:1d:5e:65:86:87:1e:a6:c4:88:9c:67:a3:7f:
ba:b3:a6:0b:a0:18:bc:71:9e:fd:38:9a:23:a8:11:b3:79:b6:
de:f9:c2:05
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgISAZQWs6Qt1loJwQiCkTftRB7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjQxMjMwMDgzNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY5ODE4MzEyZjFhMjQwZTlkNzJhYTVlZDVkMDFhODNiMmQxNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18cydQjt0owTi21BJlxqatkWjxj3
fcOwb8xn4gjPQlLMBNJoZ0wT1kmRk6qD20VbmtB6KCKz7QIDg3CuPMOQXrNZIXey
IKUtef3x9CU2jHYf1iJQhFYVMEwYOr+xQXvn33xkNDCDyaGHeIvTZi4Rdci9W5/6
ymt30hOoJkRjyJzzcFuBTRsoWicHbi+lXMGcAh0WPKsHIN/tsnFs+pTmS9hYU343
0IDcmg4klurGf+NB8nJIiwInserhdpVTP4nmNe/vASPCsWMBb9f1sEO71kttSm7M
Gw956J80vuW0+TiJSLlUx1tw4+bhainji4SV5zvzjl86bR4CXa2g+fLQ1QIDAQAB
o4IDQDCCAzwwHQYDVR0OBBYEFB9pgYMS8aJA6dcqpe1dAag7LRZoMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvSDJtQmd4THhva0RwMXlxbDdWMEJxRHN0Rm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVAYIKwYBBQUHAQcBAf8EggFDMIIBPzCBsgQCAAEwgasD
AwCB6QMDAIn7MAsDAwWZYAMEAJlgCjAMAwQCmWAMAwQCmWAQAwQAmWAYAwQBmWA2
AwQBmWBwAwQBmWB+AwQBmWCQAwQCmWDcMAwDBAOZYPgDBACZYPowDAMEAJlg/QME
AJlg/jAMAwQAwCo/AwQAwCpAAwQCwCwAAwQAwCwKAwQAwCwNAwQAwCwRAwQAwCwY
AwQAwCwlAwQAwGalMAwDBADAZqsDBAHAZqwwgYcEAgACMIGAAwcAKgPbgEQEAwcA
KgPbgEQQMBIDBwIqA9uARBQDBwAqA9uARBYDBwAqA9uARCADBwAqA9uARCQDBwAq
A9uARDQDBwAqA9uARGADBwAqA9uARHADBwAqA9uARIADBwAqA9uARIQDBwAqA9uA
RJQDBwAqA9uATIADBwAqA9uATIQwDQYJKoZIhvcNAQELBQADggEBALIBpXUgoSJJ
VUPmMR4AMcpJZ8TzUJUmn58PvRdb6uS2lpOE6ECbhTk84J7e+Lvb9qsL8upUSbl7
YKq5DvpeCRR2mDHZKcKJMeAwcFo3W3Sm2lC1Y5kTZFek3Fv7/HWYbfYz+Cm44FJd
oDI6VhGQ0CCI1GqLPFIyWP5r6mDqXW1hoank0FOAy1VCK4ak2nFdhlDKa7WRQOfG
wZlyBz78hfRbMBPk9gsp//Wc1N25xdLjjWAqMPoGdXS/4R5rQManWRPTt60DO0le
4MMW01cSOQ61fCtfRpyJnPvakji+HV5lhocepsSInGejf7qzpgugGLxxnv04miOo
EbN5tt75wgU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:22 2025 by rpki-client