Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/1bs2ltz0ucYPk4TAlWvt51z3FR0.roa
File: 1bs2ltz0ucYPk4TAlWvt51z3FR0.roa (raw, json)
Hash identifier: EJHEUuui61EWae6I3QEFjf9jlBEq8GJPJI3FxJTx4iM=
Subject key identifier: D5:BB:36:96:DC:F4:B9:C6:0F:93:84:C0:95:6B:ED:E7:5C:F7:15:1D
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 019072DEBD8A24DFEEC26C0A1793127E8DCF
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/1bs2ltz0ucYPk4TAlWvt51z3FR0.roa
Signing time: Tue 02 Jul 2024 09:55:18 +0000
ROA not before: Tue 02 Jul 2024 09:55:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204601
IP address blocks: 45.81.224.0/22 maxlen: 22
45.82.68.0/22 maxlen: 22
45.82.176.0/22 maxlen: 22
45.87.0.0/22 maxlen: 22
45.136.84.0/24 maxlen: 24
45.136.85.0/24 maxlen: 24
45.136.86.0/24 maxlen: 24
45.136.87.0/24 maxlen: 24
45.137.64.0/22 maxlen: 22
46.18.107.0/24 maxlen: 24
46.21.250.0/24 maxlen: 24
77.220.214.0/24 maxlen: 24
77.220.215.0/24 maxlen: 24
81.31.197.0/24 maxlen: 24
91.201.25.0/24 maxlen: 24
91.208.127.0/24 maxlen: 24
91.209.226.0/24 maxlen: 24
91.228.56.0/24 maxlen: 24
94.124.78.0/24 maxlen: 24
178.159.38.0/24 maxlen: 24
178.159.39.0/24 maxlen: 24
178.159.42.0/24 maxlen: 24
185.23.108.0/24 maxlen: 24
185.51.121.0/24 maxlen: 24
185.51.246.0/24 maxlen: 24
185.51.247.0/24 maxlen: 24
185.107.237.0/24 maxlen: 24
185.204.109.0/24 maxlen: 24
185.232.164.0/24 maxlen: 24
185.235.129.0/24 maxlen: 24
185.235.130.0/24 maxlen: 24
185.235.131.0/24 maxlen: 24
185.241.52.0/24 maxlen: 24
185.241.53.0/24 maxlen: 24
185.241.54.0/24 maxlen: 24
185.241.55.0/24 maxlen: 24
185.244.216.0/22 maxlen: 22
185.244.216.0/24 maxlen: 24
185.244.217.0/24 maxlen: 24
185.250.204.0/24 maxlen: 24
185.250.205.0/24 maxlen: 24
185.250.206.0/24 maxlen: 24
185.250.207.0/24 maxlen: 24
193.22.21.0/24 maxlen: 24
193.56.8.0/24 maxlen: 24
193.163.7.0/24 maxlen: 24
193.163.113.0/24 maxlen: 24
194.29.53.0/24 maxlen: 24
212.8.244.0/24 maxlen: 24
212.8.246.0/24 maxlen: 24
212.23.221.0/24 maxlen: 24
212.86.101.0/24 maxlen: 24
212.86.102.0/24 maxlen: 24
212.86.108.0/24 maxlen: 24
212.86.109.0/24 maxlen: 24
212.162.152.0/22 maxlen: 24
213.166.68.0/24 maxlen: 24
213.166.69.0/24 maxlen: 24
213.166.70.0/24 maxlen: 24
213.166.71.0/24 maxlen: 24
2a07:5980::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Jul 2024 10:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:72:de:bd:8a:24:df:ee:c2:6c:0a:17:93:12:7e:8d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: Jul 2 09:55:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5bb3696dcf4b9c60f9384c0956bede75cf7151d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0e:ef:ee:d0:6e:61:23:ff:68:91:b4:71:5e:
d5:42:5d:d2:60:c4:ab:bf:00:e0:5f:b5:0e:29:14:
0e:ce:31:a1:16:98:47:49:29:13:b5:2d:27:f8:0b:
23:79:aa:b1:99:11:55:15:b3:9a:8a:a4:59:e5:2c:
ed:86:0b:5a:2e:0d:5b:a6:36:f1:e2:1c:cc:c2:be:
0d:d6:dd:7d:8d:d9:91:9c:ec:4d:3c:88:58:d1:1b:
42:96:24:17:57:20:fa:c1:a4:9d:d8:ba:78:f4:68:
ce:eb:33:26:10:cf:33:4f:d1:03:80:cf:5e:0b:0e:
15:d5:6f:76:b8:86:22:d4:72:1f:8b:f2:77:f4:86:
dd:72:ed:ad:38:18:d2:9a:c1:f8:01:0c:b6:10:f3:
89:2a:fc:29:ad:a3:dd:42:63:fb:54:fb:90:45:80:
be:f5:64:9a:d9:04:6f:7d:02:fe:44:aa:fd:a5:86:
2b:57:b6:2c:4c:4a:dc:78:e0:e9:4e:3a:7d:c4:51:
f8:e8:a4:59:e8:a9:82:35:71:49:ec:5f:a6:56:b9:
ff:cb:44:ca:ff:20:1b:54:5e:d2:1c:8b:f5:db:f4:
a8:3c:f0:09:a9:29:48:f0:9f:b2:d4:8b:b9:08:67:
00:16:e1:b2:52:d5:08:da:b6:bf:7e:7c:47:f8:39:
14:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BB:36:96:DC:F4:B9:C6:0F:93:84:C0:95:6B:ED:E7:5C:F7:15:1D
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/1bs2ltz0ucYPk4TAlWvt51z3FR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.224.0/22
45.82.68.0/22
45.82.176.0/22
45.87.0.0/22
45.136.84.0/22
45.137.64.0/22
46.18.107.0/24
46.21.250.0/24
77.220.214.0/23
81.31.197.0/24
91.201.25.0/24
91.208.127.0/24
91.209.226.0/24
91.228.56.0/24
94.124.78.0/24
178.159.38.0/23
178.159.42.0/24
185.23.108.0/24
185.51.121.0/24
185.51.246.0/23
185.107.237.0/24
185.204.109.0/24
185.232.164.0/24
185.235.129.0-185.235.131.255
185.241.52.0/22
185.244.216.0/22
185.250.204.0/22
193.22.21.0/24
193.56.8.0/24
193.163.7.0/24
193.163.113.0/24
194.29.53.0/24
212.8.244.0/24
212.8.246.0/24
212.23.221.0/24
212.86.101.0-212.86.102.255
212.86.108.0/23
212.162.152.0/22
213.166.68.0/22
IPv6:
2a07:5980::/29
Signature Algorithm: sha256WithRSAEncryption
34:44:82:75:fa:2f:8c:05:ba:84:2a:d4:29:0b:51:4b:ab:49:
8e:58:07:ca:c6:e2:0c:2d:8d:4f:1b:d7:cc:d7:ac:d0:44:82:
0d:e5:ce:cd:78:be:a9:ef:cb:39:f1:a4:46:40:35:fb:9e:c5:
97:39:cc:0d:01:84:59:5f:56:d9:51:65:74:18:6e:cf:8d:e2:
8d:f4:6e:92:fa:5d:0b:19:21:d0:a0:63:79:69:82:d6:30:c6:
e1:9b:de:f2:e4:c6:e1:d9:75:64:00:20:ae:ef:0d:f4:6c:4d:
5c:ab:7a:e7:5d:46:5c:c2:b9:e4:15:d5:44:af:9a:9e:ab:76:
b5:21:22:14:27:df:39:05:40:3c:fa:5e:ed:15:48:4f:15:3a:
ee:9d:64:1c:7f:f4:3e:2a:04:23:57:80:2d:2f:ea:27:5c:85:
8e:2a:40:5f:01:21:02:1d:92:a3:08:90:a4:94:c2:3a:bf:e5:
6c:2d:00:e8:ba:e4:33:84:29:d8:4e:ff:84:19:89:22:8d:49:
1a:9d:8a:b9:a7:8e:1b:28:4b:26:e4:b8:55:54:e9:67:f4:74:
2c:2f:51:49:9a:89:0e:49:dd:38:54:0e:f7:bd:62:8e:39:e9:
9a:e2:6e:b7:41:a5:fc:fc:d6:31:11:bb:52:e9:a4:9b:3b:20:
32:68:47:bd
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZBy3r2KJN/uwmwKF5MSfo3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjQwNzAyMDk1NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJiMzY5NmRjZjRiOWM2MGY5Mzg0YzA5NTZiZWRlNzVjZjcxNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug7v7tBuYSP/aJG0cV7VQl3SYMSr
vwDgX7UOKRQOzjGhFphHSSkTtS0n+AsjeaqxmRFVFbOaiqRZ5SzthgtaLg1bpjbx
4hzMwr4N1t19jdmRnOxNPIhY0RtCliQXVyD6waSd2Lp49GjO6zMmEM8zT9EDgM9e
Cw4V1W92uIYi1HIfi/J39Ibdcu2tOBjSmsH4AQy2EPOJKvwpraPdQmP7VPuQRYC+
9WSa2QRvfQL+RKr9pYYrV7YsTErceODpTjp9xFH46KRZ6KmCNXFJ7F+mVrn/y0TK
/yAbVF7SHIv12/SoPPAJqSlI8J+y1Iu5CGcAFuGyUtUI2ra/fnxH+DkUOQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFNW7Npbc9LnGD5OEwJVr7edc9xUdMB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvMWJzMmx0ejB1Y1lQazRUQWxXdnQ1MXozRlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCAQEEAgABMIH6
AwQCLVHgAwQCLVJEAwQCLVKwAwQCLVcAAwQCLYhUAwQCLYlAAwQALhJrAwQALhX6
AwQBTdzWAwQAUR/FAwQAW8kZAwQAW9B/AwQAW9HiAwQAW+Q4AwQAXnxOAwQBsp8m
AwQAsp8qAwQAuRdsAwQAuTN5AwQBuTP2AwQAuWvtAwQAucxtAwQAueikMAwDBAC5
64EDBAK564ADBAK58TQDBAK59NgDBAK5+swDBADBFhUDBADBOAgDBADBowcDBADB
o3EDBADCHTUDBADUCPQDBADUCPYDBADUF90wDAMEANRWZQMEANRWZgMEAdRWbAME
AtSimAMEAtWmRDANBAIAAjAHAwUDKgdZgDANBgkqhkiG9w0BAQsFAAOCAQEANESC
dfovjAW6hCrUKQtRS6tJjlgHysbiDC2NTxvXzNes0ESCDeXOzXi+qe/LOfGkRkA1
+57FlznMDQGEWV9W2VFldBhuz43ijfRukvpdCxkh0KBjeWmC1jDG4Zve8uTG4dl1
ZAAgru8N9GxNXKt6511GXMK55BXVRK+anqt2tSEiFCffOQVAPPpe7RVITxU67p1k
HH/0PioEI1eALS/qJ1yFjipAXwEhAh2SowiQpJTCOr/lbC0A6LrkM4Qp2E7/hBmJ
Io1JGp2KuaeOGyhLJuS4VVTpZ/R0LC9RSZqJDkndOFQO971ijjnpmuJut0Gl/PzW
MRG7UumkmzsgMmhHvQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:46 2025 by rpki-client