Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/9wxzP42kP6GFOTzRhXzCbYFlYMc.roa
File: 9wxzP42kP6GFOTzRhXzCbYFlYMc.roa (raw, json)
Hash identifier: KRS9OC0/UD8zDdtCID/r3TNrd95WYP806t74RU/ppeo=
Subject key identifier: F7:0C:73:3F:8D:A4:3F:A1:85:39:3C:D1:85:7C:C2:6D:81:65:60:C7
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018F39A1333205A7226A073DD0452DEBADAD
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/9wxzP42kP6GFOTzRhXzCbYFlYMc.roa
Signing time: Thu 02 May 2024 14:06:56 +0000
ROA not before: Thu 02 May 2024 14:06:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.16.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.0.0/17 maxlen: 17
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.40.0/23 maxlen: 23
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.64.0/19 maxlen: 24
87.229.96.0/23 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.112.0/20 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.205.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.211.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
2a02:730::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 17 May 2024 09:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:a1:33:32:05:a7:22:6a:07:3d:d0:45:2d:eb:ad:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: May 2 14:06:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70c733f8da43fa185393cd1857cc26d816560c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:88:65:22:18:d8:b7:dd:18:76:d1:b6:85:86:
bf:63:60:0e:72:8b:f7:d7:2e:cc:b6:22:da:79:a4:
93:59:2a:da:a3:aa:d7:3f:99:fc:d2:34:5d:16:06:
63:fb:db:5f:ca:b0:c2:3f:90:63:35:38:9e:9d:42:
db:b9:63:11:a3:a2:ac:b1:d3:7d:2b:bf:d1:60:de:
34:b2:08:ff:66:3f:32:d5:83:54:75:02:14:84:cf:
92:38:ac:22:ac:06:34:2f:50:e7:d7:74:fe:a5:11:
b9:31:95:23:82:17:21:30:5f:f1:e9:1d:15:1e:42:
e5:23:cd:f1:a6:54:80:4b:e9:e5:b7:17:7a:99:a0:
7c:e5:3f:b9:a7:cd:b7:1e:e7:e2:6a:77:09:cc:0b:
28:f9:0d:41:9d:fb:a1:77:a2:c9:f2:41:a1:cf:33:
10:5f:2c:a1:32:f8:74:8e:60:68:c1:92:e4:5d:d6:
4f:93:bd:37:85:48:90:b2:91:58:af:32:a6:45:6c:
f4:78:1e:ac:1f:48:41:bb:29:03:cc:e0:22:f0:52:
99:a6:1b:3c:5b:73:d2:a6:2d:f8:e2:30:34:8a:97:
66:72:c7:bf:a1:9c:4e:78:03:c9:4e:46:01:f9:ec:
0b:ee:3d:54:2c:d1:0b:28:81:1d:1d:a2:1c:4b:ea:
36:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0C:73:3F:8D:A4:3F:A1:85:39:3C:D1:85:7C:C2:6D:81:65:60:C7
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/9wxzP42kP6GFOTzRhXzCbYFlYMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.0.0/17
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/23
213.181.207.0/24
213.181.210.0/23
213.181.219.0/24
213.181.221.0/24
217.113.50.0/23
217.113.53.0/24
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
6a:b3:ed:f9:e3:01:9e:af:89:3f:db:a5:d6:8a:5e:83:ee:b2:
a3:96:4f:ac:99:ec:ef:12:29:41:80:5a:7b:0b:a3:02:a5:31:
19:61:29:d4:6d:45:5c:65:6c:ec:b5:1e:a4:93:a5:87:e8:dc:
15:13:79:88:dd:6b:99:56:f1:8f:5c:62:30:5c:6f:28:fe:c9:
16:f0:cb:8d:f8:be:5d:fd:4d:ab:8d:2e:e4:ac:a9:50:77:d8:
b6:ee:79:d4:70:fc:db:97:9b:6b:01:68:6c:01:39:fc:0e:5a:
7c:70:71:99:99:ef:36:c5:14:01:d4:5c:a2:09:97:9a:20:b3:
70:fb:56:cb:34:d5:f4:9e:1b:d2:31:8c:ab:8b:eb:12:ce:e5:
8d:b1:b6:d8:64:9a:73:0e:2a:a3:33:1d:33:f4:18:d4:b8:67:
0b:8f:c6:13:65:9f:15:70:0e:fe:79:04:b6:7f:ec:2f:f1:09:
10:45:50:a5:79:d1:00:8c:55:a3:c6:b1:fb:3d:97:80:4e:6e:
8d:3c:64:55:4f:7d:0c:e9:0d:d5:50:b5:43:0f:5a:dc:0f:00:
09:b0:da:92:0d:66:fb:de:2f:62:d3:7f:a2:34:a2:b3:33:ff:
b8:71:a5:9d:76:45:28:e7:1d:09:8f:53:65:d4:1b:f1:c4:63:
7d:9c:2f:6b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY85oTMyBaciagc90EUt662tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwNTAyMTQwNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBjNzMzZjhkYTQzZmExODUzOTNjZDE4NTdjYzI2ZDgxNjU2MGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIhlIhjYt90YdtG2hYa/Y2AOcov3
1y7MtiLaeaSTWSrao6rXP5n80jRdFgZj+9tfyrDCP5BjNTienULbuWMRo6KssdN9
K7/RYN40sgj/Zj8y1YNUdQIUhM+SOKwirAY0L1Dn13T+pRG5MZUjghchMF/x6R0V
HkLlI83xplSAS+nltxd6maB85T+5p823HufiancJzAso+Q1Bnfuhd6LJ8kGhzzMQ
XyyhMvh0jmBowZLkXdZPk703hUiQspFYrzKmRWz0eB6sH0hBuykDzOAi8FKZphs8
W3PSpi344jA0ipdmcse/oZxOeAPJTkYB+ewL7j1ULNELKIEdHaIcS+o2IwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFPcMcz+NpD+hhTk80YV8wm2BZWDHMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvOXd4elA0MmtQNkdGT1R6UmhYekNiWUZsWU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQGT6zA
AwQFVBUAAwQHV+UAAwQDX4rAAwQEsu7QAwQA1bXIAwQB1bXMAwQA1bXPAwQB1bXS
AwQA1bXbAwQA1bXdAwQB2XEyAwQA2XE1AwQA2XE9AwQA2XE/MAwDBATZkDADBADZ
kDIDBAPZkDgwDQQCAAIwBwMFACoCBzAwDQYJKoZIhvcNAQELBQADggEBAGqz7fnj
AZ6viT/bpdaKXoPusqOWT6yZ7O8SKUGAWnsLowKlMRlhKdRtRVxlbOy1HqSTpYfo
3BUTeYjda5lW8Y9cYjBcbyj+yRbwy434vl39TauNLuSsqVB32LbuedRw/NuXm2sB
aGwBOfwOWnxwcZmZ7zbFFAHUXKIJl5ogs3D7Vss01fSeG9IxjKuL6xLO5Y2xtthk
mnMOKqMzHTP0GNS4ZwuPxhNlnxVwDv55BLZ/7C/xCRBFUKV50QCMVaPGsfs9l4BO
bo08ZFVPfQzpDdVQtUMPWtwPAAmw2pINZvveL2LTf6I0orMz/7hxpZ12RSjnHQmP
U2XUG/HEY32cL2s=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:41 2025 by rpki-client