Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XgLxZFFIsfs6T-n7OTYa5JMn4jg.roa
File: XgLxZFFIsfs6T-n7OTYa5JMn4jg.roa (raw, json)
Hash identifier: gaLIN6GbWjm1/w/M2apytSplDoLeM3D1iz98IvsMtqo=
Subject key identifier: 5E:02:F1:64:51:48:B1:FB:3A:4F:E9:FB:39:36:1A:E4:93:27:E2:38
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0195AEF24D6F7BF33803C871F193D8D3B853
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XgLxZFFIsfs6T-n7OTYa5JMn4jg.roa
Signing time: Wed 19 Mar 2025 15:07:49 +0000
ROA not before: Wed 19 Mar 2025 15:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
79.172.196.0/24 maxlen: 24
79.172.199.0/24 maxlen: 24
79.172.203.0/24 maxlen: 24
79.172.209.0/24 maxlen: 24
79.172.211.0/24 maxlen: 24
79.172.213.0/24 maxlen: 24
79.172.216.0/24 maxlen: 24
79.172.225.0/24 maxlen: 24
79.172.236.0/24 maxlen: 24
79.172.238.0/24 maxlen: 24
79.172.240.0/24 maxlen: 24
79.172.241.0/24 maxlen: 24
79.172.243.0/24 maxlen: 24
79.172.248.0/24 maxlen: 24
79.172.253.0/24 maxlen: 24
79.172.255.0/24 maxlen: 24
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.15.0/24 maxlen: 24
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.59.0/24 maxlen: 24
87.229.65.0/24 maxlen: 24
87.229.66.0/24 maxlen: 24
87.229.73.0/24 maxlen: 24
87.229.74.0/23 maxlen: 23
87.229.78.0/24 maxlen: 24
87.229.83.0/24 maxlen: 24
87.229.93.0/24 maxlen: 24
87.229.94.0/24 maxlen: 24
87.229.96.0/24 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.113.0/24 maxlen: 24
87.229.114.0/24 maxlen: 24
87.229.116.0/24 maxlen: 24
87.229.118.0/24 maxlen: 24
87.229.121.0/24 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.214.0/24 maxlen: 24
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.52.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.59.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
217.144.62.0/24 maxlen: 24
2a02:730::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Mar 2025 14:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:f2:4d:6f:7b:f3:38:03:c8:71:f1:93:d8:d3:b8:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Mar 19 15:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e02f1645148b1fb3a4fe9fb39361ae49327e238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c7:19:b8:1d:3d:89:b8:9e:db:de:ea:46:9c:
7a:82:f3:2a:7a:14:06:14:9a:f8:bd:ba:f7:d2:c4:
c9:e2:ee:12:68:96:5d:02:bd:f7:e0:87:85:07:d4:
98:a4:ea:1b:55:9e:a8:ff:17:84:79:2f:66:62:68:
dd:bd:25:24:c0:6a:7a:b9:4c:d2:7d:6c:c0:e1:1d:
18:18:32:f1:6f:47:4d:e7:30:04:6b:36:0f:5b:f2:
e9:9e:91:6b:84:3a:4d:f4:db:70:b5:f1:42:40:34:
ab:66:8e:23:fb:e5:c3:39:f5:d7:cb:27:29:2a:fe:
1f:be:8b:4a:c0:af:c0:35:13:ab:85:58:c1:4c:bf:
22:bf:61:b3:ce:06:1b:1e:ca:c3:7a:3a:70:52:6c:
aa:e2:de:6c:b2:0f:52:6a:eb:4a:73:82:fc:33:2e:
12:d6:79:74:aa:89:04:5e:fd:ee:74:84:0f:8d:76:
c9:c4:74:23:e3:80:3b:ab:4b:20:e5:40:4a:bf:77:
c7:ee:a7:4e:43:58:9b:05:03:e9:56:9c:c6:87:03:
21:25:94:a9:c4:ee:0d:df:c0:74:82:1c:80:42:0f:
e4:44:85:c9:6e:61:59:2d:23:07:54:9e:fc:a0:c7:
e6:32:7a:c4:0d:4c:8b:b5:d1:7f:5e:cd:ae:70:28:
9f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:02:F1:64:51:48:B1:FB:3A:4F:E9:FB:39:36:1A:E4:93:27:E2:38
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XgLxZFFIsfs6T-n7OTYa5JMn4jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.15.0/24
87.229.26.0/24
87.229.32.0/23
87.229.45.0/24
87.229.53.0-87.229.55.255
87.229.58.0/23
87.229.65.0-87.229.66.255
87.229.73.0-87.229.75.255
87.229.78.0/24
87.229.83.0/24
87.229.93.0-87.229.94.255
87.229.96.0/24
87.229.105.0/24
87.229.113.0-87.229.114.255
87.229.116.0/24
87.229.118.0/24
87.229.121.0/24
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/24
213.181.207.0/24
213.181.210.0/24
213.181.219.0/24
213.181.221.0/24
217.113.50.0-217.113.53.255
217.113.59.0/24
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
7a:cc:ff:b7:fb:b3:79:97:6d:27:1f:e8:73:b9:64:a9:25:d6:
8e:d0:fd:9f:24:24:02:81:8a:e3:7d:28:87:53:79:76:9b:bb:
34:16:f0:3e:da:d6:f1:fe:e9:8e:f3:2f:7c:0d:e3:96:88:dc:
55:e0:d1:7b:51:97:60:2c:7c:98:e1:ec:2c:a2:3e:f1:09:06:
93:ac:ed:5d:2d:9e:9e:e6:e7:ef:6f:c0:c1:74:13:a5:d0:6d:
6f:be:eb:89:8e:6b:83:47:19:76:47:10:46:c1:2c:de:b6:24:
a5:8f:aa:87:95:9d:1a:77:13:b2:5a:51:6b:32:8e:8e:07:d3:
75:74:1e:3c:81:88:14:4a:e8:d0:7d:67:3b:62:0e:aa:32:aa:
c4:bd:38:cc:40:b1:02:2d:78:0a:c8:3c:2b:bd:28:02:99:53:
8a:66:dd:f0:3e:c7:d3:09:bd:2f:83:ed:45:6a:62:bd:97:d3:
59:bf:f8:6e:e3:10:d5:e7:f6:4d:a7:08:a3:6b:0c:98:52:f7:
5a:b4:5f:3c:5d:af:03:80:05:02:b4:eb:39:32:45:df:a0:93:
da:70:00:7d:29:51:9f:02:97:46:31:ac:80:ed:20:9e:aa:07:
69:65:84:6e:c7:94:27:8f:0b:db:57:72:56:77:37:81:89:dc:
b7:60:48:9d
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZWu8k1ve/M4A8hx8ZPY07hTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMzE5MTUwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAyZjE2NDUxNDhiMWZiM2E0ZmU5ZmIzOTM2MWFlNDkzMjdlMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ccZuB09ibie297qRpx6gvMqehQG
FJr4vbr30sTJ4u4SaJZdAr334IeFB9SYpOobVZ6o/xeEeS9mYmjdvSUkwGp6uUzS
fWzA4R0YGDLxb0dN5zAEazYPW/LpnpFrhDpN9NtwtfFCQDSrZo4j++XDOfXXyycp
Kv4fvotKwK/ANROrhVjBTL8iv2GzzgYbHsrDejpwUmyq4t5ssg9SautKc4L8My4S
1nl0qokEXv3udIQPjXbJxHQj44A7q0sg5UBKv3fH7qdOQ1ibBQPpVpzGhwMhJZSp
xO4N38B0ghyAQg/kRIXJbmFZLSMHVJ78oMfmMnrEDUyLtdF/Xs2ucCifdQIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFF4C8WRRSLH7Ok/p+zk2GuSTJ+I4MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWGdMeFpGRklzZnM2VC1uN09UWWE1Sk1uNGpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCAQUEAgABMIH+
AwQGT6zAAwQFVBUAAwQAV+UPAwQAV+UaAwQBV+UgAwQAV+UtMAwDBABX5TUDBANX
5TADBAFX5TowDAMEAFflQQMEAFflQjAMAwQAV+VJAwQCV+VIAwQAV+VOAwQAV+VT
MAwDBABX5V0DBABX5V4DBABX5WADBABX5WkwDAMEAFflcQMEAFflcgMEAFfldAME
AFfldgMEAFfleQMEA1+KwAMEBLLu0AMEANW1yAMEANW1zAMEANW1zwMEANW10gME
ANW12wMEANW13TAMAwQB2XEyAwQB2XE0AwQA2XE7AwQA2XE9AwQA2XE/MAwDBATZ
kDADBADZkDIDBAPZkDgwDQQCAAIwBwMFACoCBzAwDQYJKoZIhvcNAQELBQADggEB
AHrM/7f7s3mXbScf6HO5ZKkl1o7Q/Z8kJAKBiuN9KIdTeXabuzQW8D7a1vH+6Y7z
L3wN45aI3FXg0XtRl2AsfJjh7CyiPvEJBpOs7V0tnp7m5+9vwMF0E6XQbW++64mO
a4NHGXZHEEbBLN62JKWPqoeVnRp3E7JaUWsyjo4H03V0HjyBiBRK6NB9ZztiDqoy
qsS9OMxAsQIteArIPCu9KAKZU4pm3fA+x9MJvS+D7UVqYr2X01m/+G7jENXn9k2n
CKNrDJhS91q0XzxdrwOABQK06zkyRd+gk9pwAH0pUZ8Cl0YxrIDtIJ6qB2llhG7H
lCePC9tXclZ3N4GJ3LdgSJ0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:12 2025 by rpki-client