Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/cgUFgozajaf7AxfjZCOu5QWELkE.roa
File: cgUFgozajaf7AxfjZCOu5QWELkE.roa (raw, json)
Hash identifier: lbbTO2lnTnyxIuftR73Z6TZR/V6ZvtXL4KHpv60HE/c=
Subject key identifier: 72:05:05:82:8C:DA:8D:A7:FB:03:17:E3:64:23:AE:E5:05:84:2E:41
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0192C3BED88799901C5C01E8501B77A00D46
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/cgUFgozajaf7AxfjZCOu5QWELkE.roa
Signing time: Fri 25 Oct 2024 12:55:17 +0000
ROA not before: Fri 25 Oct 2024 12:55:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
79.172.211.0/24 maxlen: 24
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.16.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.0.0/24 maxlen: 24
87.229.12.0/24 maxlen: 24
87.229.15.0/24 maxlen: 24
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.59.0/24 maxlen: 24
87.229.65.0/24 maxlen: 24
87.229.66.0/24 maxlen: 24
87.229.73.0/24 maxlen: 24
87.229.74.0/23 maxlen: 23
87.229.78.0/24 maxlen: 24
87.229.83.0/24 maxlen: 24
87.229.93.0/24 maxlen: 24
87.229.94.0/24 maxlen: 24
87.229.96.0/24 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.113.0/24 maxlen: 24
87.229.114.0/24 maxlen: 24
87.229.116.0/24 maxlen: 24
87.229.118.0/24 maxlen: 24
87.229.121.0/24 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.205.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.211.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.52.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
2a02:730::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:13:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:be:d8:87:99:90:1c:5c:01:e8:50:1b:77:a0:0d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Oct 25 12:55:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=720505828cda8da7fb0317e36423aee505842e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:84:89:be:ef:a5:37:01:a7:5e:c1:6b:4b:e9:
2f:cc:06:14:16:0b:a9:5d:ff:7b:c2:69:9b:f8:b3:
7c:39:04:46:8b:32:d6:ea:17:d2:ab:90:0e:de:e6:
f2:b4:6c:48:76:91:86:21:e0:28:bb:27:e2:db:19:
8e:1a:f3:35:d9:1a:65:af:42:70:b5:89:7f:50:e9:
f1:09:9d:8e:47:88:e0:87:76:58:ff:d0:f3:b7:15:
7b:42:15:0d:a7:3b:d5:57:fb:8c:08:c5:8c:e0:ea:
85:b0:e4:da:95:d0:67:eb:f8:1e:e8:24:42:5e:98:
23:e4:45:89:b6:ff:44:b1:f1:8a:38:3c:f0:af:38:
83:d1:73:3e:38:f8:44:b1:44:41:9b:84:32:e4:5a:
df:a7:5c:0a:00:2e:54:8c:eb:40:57:8b:df:f7:12:
1b:45:b2:06:9e:cc:1e:47:b0:fc:c4:7f:f6:e9:c5:
33:c7:de:6f:f9:1f:6a:af:ea:11:81:b7:c0:26:47:
b9:a2:88:b3:ed:44:05:c2:75:dd:e5:4e:25:13:71:
a5:79:4a:69:e1:cb:da:f8:c1:8d:8e:03:c2:ef:5c:
b5:5c:59:85:4d:4f:dc:05:02:45:b6:e3:50:01:14:
49:fe:e2:e5:27:be:24:25:25:f4:21:48:25:8f:ee:
01:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:05:05:82:8C:DA:8D:A7:FB:03:17:E3:64:23:AE:E5:05:84:2E:41
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/cgUFgozajaf7AxfjZCOu5QWELkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.0.0/24
87.229.12.0/24
87.229.15.0/24
87.229.26.0/24
87.229.32.0/23
87.229.45.0/24
87.229.53.0-87.229.55.255
87.229.58.0/23
87.229.65.0-87.229.66.255
87.229.73.0-87.229.75.255
87.229.78.0/24
87.229.83.0/24
87.229.93.0-87.229.94.255
87.229.96.0/24
87.229.105.0/24
87.229.113.0-87.229.114.255
87.229.116.0/24
87.229.118.0/24
87.229.121.0/24
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/23
213.181.207.0/24
213.181.210.0/23
213.181.219.0/24
213.181.221.0/24
217.113.50.0-217.113.53.255
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
7c:3a:cc:04:e0:12:8e:de:93:08:3e:75:2e:64:6b:59:fa:fa:
2a:5e:82:39:17:da:db:b2:05:64:60:e0:07:cb:8a:bd:be:68:
48:ed:a7:e6:02:0d:56:fd:db:a6:d1:34:52:c3:fa:97:e1:8f:
47:be:49:14:00:4e:95:88:d7:de:a4:38:6d:85:75:31:3c:ba:
02:10:ce:d0:bd:9f:60:a6:9d:b8:47:65:94:c8:58:ba:d0:bc:
c4:cc:c2:e6:f7:63:9a:36:33:43:99:a8:61:90:53:34:90:0e:
51:06:9e:ba:b1:3f:c7:21:82:b2:a4:db:32:74:54:3a:4b:6e:
fd:3e:74:2d:97:c7:48:19:56:67:a7:b4:4a:ad:9f:b2:43:18:
7d:4b:cc:67:fb:28:27:dc:86:ec:27:04:85:7f:b3:a9:cc:ca:
e2:14:ba:41:7d:ad:70:e9:de:b0:5c:f6:69:5c:d5:06:79:60:
d4:d1:4e:e6:58:60:ea:54:4b:1c:98:09:d7:71:6c:a7:eb:0a:
09:1c:b1:a9:15:01:c4:f5:d4:e8:cf:b1:dd:ec:8f:04:9f:a0:
e1:d6:e1:9f:83:09:59:29:1b:fa:cd:c3:89:23:52:12:d0:a8:
a0:d9:18:7b:e0:21:12:b4:18:7b:ea:7e:7d:48:97:fd:02:d1:
6a:32:37:20
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAZLDvtiHmZAcXAHoUBt3oA1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQxMDI1MTI1NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjA1MDU4MjhjZGE4ZGE3ZmIwMzE3ZTM2NDIzYWVlNTA1ODQyZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4SJvu+lNwGnXsFrS+kvzAYUFgup
Xf97wmmb+LN8OQRGizLW6hfSq5AO3ubytGxIdpGGIeAouyfi2xmOGvM12Rplr0Jw
tYl/UOnxCZ2OR4jgh3ZY/9DztxV7QhUNpzvVV/uMCMWM4OqFsOTaldBn6/ge6CRC
Xpgj5EWJtv9EsfGKODzwrziD0XM+OPhEsURBm4Qy5Frfp1wKAC5UjOtAV4vf9xIb
RbIGnsweR7D8xH/26cUzx95v+R9qr+oRgbfAJke5ooiz7UQFwnXd5U4lE3GleUpp
4cva+MGNjgPC71y1XFmFTU/cBQJFtuNQARRJ/uLlJ74kJSX0IUglj+4BHQIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFHIFBYKM2o2n+wMX42QjruUFhC5BMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvY2dVRmdvemFqYWY3QXhmalpDT3U1UVdFTGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNAYIKwYBBQUHAQcBAf8EggEjMIIBHzCCAQwEAgABMIIB
BAMEBk+swAMEBVQVAAMEAFflAAMEAFflDAMEAFflDwMEAFflGgMEAVflIAMEAFfl
LTAMAwQAV+U1AwQDV+UwAwQBV+U6MAwDBABX5UEDBABX5UIwDAMEAFflSQMEAlfl
SAMEAFflTgMEAFflUzAMAwQAV+VdAwQAV+VeAwQAV+VgAwQAV+VpMAwDBABX5XED
BABX5XIDBABX5XQDBABX5XYDBABX5XkDBANfisADBASy7tADBADVtcgDBAHVtcwD
BADVtc8DBAHVtdIDBADVtdsDBADVtd0wDAMEAdlxMgMEAdlxNAMEANlxPQMEANlx
PzAMAwQE2ZAwAwQA2ZAyAwQD2ZA4MA0EAgACMAcDBQAqAgcwMA0GCSqGSIb3DQEB
CwUAA4IBAQB8OswE4BKO3pMIPnUuZGtZ+voqXoI5F9rbsgVkYOAHy4q9vmhI7afm
Ag1W/dum0TRSw/qX4Y9HvkkUAE6ViNfepDhthXUxPLoCEM7QvZ9gpp24R2WUyFi6
0LzEzMLm92OaNjNDmahhkFM0kA5RBp66sT/HIYKypNsydFQ6S279PnQtl8dIGVZn
p7RKrZ+yQxh9S8xn+ygn3IbsJwSFf7OpzMriFLpBfa1w6d6wXPZpXNUGeWDU0U7m
WGDqVEscmAnXcWyn6woJHLGpFQHE9dToz7Hd7I8En6Dh1uGfgwlZKRv6zcOJI1IS
0Kig2Rh74CEStBh76n59SJf9AtFqMjcg
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:18 2025 by rpki-client