Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/RWKG2fMr12XJXUD0piLO4RAdlUA.roa
File: RWKG2fMr12XJXUD0piLO4RAdlUA.roa (raw, json)
Hash identifier: aNCAjWh7veuBrErXS8aA5N3vvFUywSg4Cqyimdcb1rM=
Subject key identifier: 45:62:86:D9:F3:2B:D7:65:C9:5D:40:F4:A6:22:CE:E1:10:1D:95:40
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0194468C7AD49662ECD921036F769A1FFAB3
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/RWKG2fMr12XJXUD0piLO4RAdlUA.roa
Signing time: Wed 08 Jan 2025 15:33:19 +0000
ROA not before: Wed 08 Jan 2025 15:33:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
79.172.211.0/24 maxlen: 24
79.172.213.0/24 maxlen: 24
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.15.0/24 maxlen: 24
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.59.0/24 maxlen: 24
87.229.65.0/24 maxlen: 24
87.229.66.0/24 maxlen: 24
87.229.73.0/24 maxlen: 24
87.229.74.0/23 maxlen: 23
87.229.78.0/24 maxlen: 24
87.229.83.0/24 maxlen: 24
87.229.93.0/24 maxlen: 24
87.229.94.0/24 maxlen: 24
87.229.96.0/24 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.113.0/24 maxlen: 24
87.229.114.0/24 maxlen: 24
87.229.116.0/24 maxlen: 24
87.229.118.0/24 maxlen: 24
87.229.121.0/24 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.52.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
2a02:730::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 05 Feb 2025 07:59:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:46:8c:7a:d4:96:62:ec:d9:21:03:6f:76:9a:1f:fa:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 15:33:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=456286d9f32bd765c95d40f4a622cee1101d9540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:67:4a:06:9a:fa:03:0a:5d:95:e7:d3:fc:39:
2a:15:ed:5d:eb:5a:d0:14:ef:90:f4:3d:26:3f:92:
b5:fa:ef:c6:6e:39:5e:5f:58:b6:ea:08:f0:34:43:
3d:bb:dc:0e:a9:e8:12:b5:1f:03:ac:b8:a0:fa:fc:
b3:04:60:28:bd:7f:66:64:87:7c:fd:98:b9:bc:68:
10:ee:a0:7d:ee:3d:29:1b:b2:76:de:b9:14:cd:7f:
d5:54:4a:cd:31:16:e2:48:f5:b4:20:54:23:bc:27:
73:32:0d:a8:22:f9:b2:f3:65:87:f0:ed:9f:7c:51:
af:0a:96:fb:9a:29:2d:c5:44:43:d0:59:27:2a:53:
dd:5c:11:ef:be:60:75:cd:20:ca:8a:d7:b1:54:6d:
50:bb:93:e9:58:e2:59:c0:ef:c4:be:d6:e1:44:e7:
d1:20:63:fb:60:18:53:7d:90:4f:c1:de:15:6f:47:
dc:0b:32:41:85:1a:8e:0d:00:c1:2b:5b:5b:ea:35:
53:56:70:b6:3d:4f:3e:81:dd:98:3c:3b:e6:3f:8d:
47:77:42:1e:d0:6e:65:58:80:96:45:d3:75:e4:b8:
be:3a:49:bd:e6:ca:92:a3:1c:6a:e5:6e:a7:02:c4:
f1:5d:d0:7a:63:8b:84:ea:da:3d:ba:1d:f8:1c:15:
e0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:62:86:D9:F3:2B:D7:65:C9:5D:40:F4:A6:22:CE:E1:10:1D:95:40
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/RWKG2fMr12XJXUD0piLO4RAdlUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.15.0/24
87.229.26.0/24
87.229.32.0/23
87.229.45.0/24
87.229.53.0-87.229.55.255
87.229.58.0/23
87.229.65.0-87.229.66.255
87.229.73.0-87.229.75.255
87.229.78.0/24
87.229.83.0/24
87.229.93.0-87.229.94.255
87.229.96.0/24
87.229.105.0/24
87.229.113.0-87.229.114.255
87.229.116.0/24
87.229.118.0/24
87.229.121.0/24
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/24
213.181.207.0/24
213.181.210.0/24
213.181.219.0/24
213.181.221.0/24
217.113.50.0-217.113.53.255
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
38:0c:51:15:78:6a:f9:79:de:22:55:4f:4d:05:1d:5c:de:00:
e8:b1:be:02:a3:2a:42:83:d5:d4:c8:5e:8d:5a:d3:ce:ac:ee:
c7:df:0d:38:bb:d1:f8:7c:55:e8:ae:54:68:c0:00:25:5d:70:
b8:fc:45:f4:8c:2f:36:0a:bc:cb:10:74:30:73:3c:00:be:5b:
35:a1:52:c0:78:a7:a7:3e:29:f9:21:1f:92:2d:2c:05:49:4b:
ed:b8:f3:8e:74:27:fa:f2:1a:f5:f5:9a:2e:b9:3b:fb:80:45:
a5:64:b4:b3:22:ed:ac:62:ac:c3:46:28:65:ce:42:b1:9d:d4:
0a:91:98:42:d9:5e:2f:40:ae:ba:85:0b:ef:61:67:4b:1c:47:
a0:db:18:6d:e7:78:eb:25:cc:3f:df:3f:91:99:89:c3:55:29:
61:f0:7c:ec:40:19:01:30:e8:7e:e8:98:af:a0:97:c2:82:73:
9e:b1:04:01:55:b6:f9:8d:bb:74:3f:b0:84:f9:cf:c7:d6:08:
c0:a4:bb:db:a3:aa:cb:e9:cf:a0:8c:8d:2b:ad:f3:32:e5:5d:
d7:ba:2b:6e:3b:dc:57:41:4c:d9:11:ad:17:ce:4f:6c:ab:ba:
ed:80:54:1d:eb:28:f3:15:c3:39:11:7d:73:8a:9b:13:b4:74:
b1:db:d7:95
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZRGjHrUlmLs2SEDb3aaH/qzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMTA4MTUzMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTYyODZkOWYzMmJkNzY1Yzk1ZDQwZjRhNjIyY2VlMTEwMWQ5NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmdKBpr6AwpdlefT/DkqFe1d61rQ
FO+Q9D0mP5K1+u/GbjleX1i26gjwNEM9u9wOqegStR8DrLig+vyzBGAovX9mZId8
/Zi5vGgQ7qB97j0pG7J23rkUzX/VVErNMRbiSPW0IFQjvCdzMg2oIvmy82WH8O2f
fFGvCpb7miktxURD0FknKlPdXBHvvmB1zSDKitexVG1Qu5PpWOJZwO/EvtbhROfR
IGP7YBhTfZBPwd4Vb0fcCzJBhRqODQDBK1tb6jVTVnC2PU8+gd2YPDvmP41Hd0Ie
0G5lWICWRdN15Li+Okm95sqSoxxq5W6nAsTxXdB6Y4uE6to9uh34HBXgJwIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFEVihtnzK9dlyV1A9KYizuEQHZVAMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvUldLRzJmTXIxMlhKWFVEMHBpTE80UkFkbFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCB/wQCAAEwgfgD
BAZPrMADBAVUFQADBABX5Q8DBABX5RoDBAFX5SADBABX5S0wDAMEAFflNQMEA1fl
MAMEAVflOjAMAwQAV+VBAwQAV+VCMAwDBABX5UkDBAJX5UgDBABX5U4DBABX5VMw
DAMEAFflXQMEAFflXgMEAFflYAMEAFflaTAMAwQAV+VxAwQAV+VyAwQAV+V0AwQA
V+V2AwQAV+V5AwQDX4rAAwQEsu7QAwQA1bXIAwQA1bXMAwQA1bXPAwQA1bXSAwQA
1bXbAwQA1bXdMAwDBAHZcTIDBAHZcTQDBADZcT0DBADZcT8wDAMEBNmQMAMEANmQ
MgMEA9mQODANBAIAAjAHAwUAKgIHMDANBgkqhkiG9w0BAQsFAAOCAQEAOAxRFXhq
+XneIlVPTQUdXN4A6LG+AqMqQoPV1MhejVrTzqzux98NOLvR+HxV6K5UaMAAJV1w
uPxF9IwvNgq8yxB0MHM8AL5bNaFSwHinpz4p+SEfki0sBUlL7bjzjnQn+vIa9fWa
Lrk7+4BFpWS0syLtrGKsw0YoZc5CsZ3UCpGYQtleL0CuuoUL72FnSxxHoNsYbed4
6yXMP98/kZmJw1UpYfB87EAZATDofuiYr6CXwoJznrEEAVW2+Y27dD+whPnPx9YI
wKS726Oqy+nPoIyNK63zMuVd17orbjvcV0FM2RGtF85PbKu67YBUHeso8xXDORF9
c4qbE7R0sdvXlQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:25 2025 by rpki-client