Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/kxFMO4Euo81m0hymA2nb7MxQNvA.roa
File: kxFMO4Euo81m0hymA2nb7MxQNvA.roa (raw, json)
Hash identifier: lOCkW0dKToJfemI45FzQchFDiM1hdgWM1hzwL+xYaRw=
Subject key identifier: 93:11:4C:3B:81:2E:A3:CD:66:D2:1C:A6:03:69:DB:EC:CC:50:36:F0
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01917AB7A9E0991CCB3628A014CB0E4665BC
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/kxFMO4Euo81m0hymA2nb7MxQNvA.roa
Signing time: Thu 22 Aug 2024 15:32:22 +0000
ROA not before: Thu 22 Aug 2024 15:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
79.172.211.0/24 maxlen: 24
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.16.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.0.0/17 maxlen: 17
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.64.0/19 maxlen: 24
87.229.96.0/24 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.112.0/20 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.205.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.211.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.52.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
2a02:730::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 26 Sep 2024 12:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7a:b7:a9:e0:99:1c:cb:36:28:a0:14:cb:0e:46:65:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Aug 22 15:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93114c3b812ea3cd66d21ca60369dbeccc5036f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:97:5c:1f:19:77:00:22:0e:b3:ff:81:25:74:
bd:34:bb:37:ed:53:e4:72:57:94:df:0a:9b:05:16:
1e:72:3a:07:b1:69:8a:58:ba:4d:33:16:bd:57:a9:
5c:d6:07:c1:52:fd:a2:b4:de:7e:d8:e8:5c:08:d0:
76:03:cf:21:20:a7:11:0b:ef:53:c5:02:09:d4:e6:
c7:3f:53:4e:1f:ec:7a:fc:1e:67:50:2a:c3:db:f2:
a8:5c:cb:45:32:08:a6:a5:38:a7:75:44:4c:59:c5:
86:4d:b7:31:3c:fe:d3:6b:4e:5d:f2:d8:f7:31:23:
18:4b:3c:93:21:7c:0d:79:4a:b1:ed:58:21:40:04:
89:92:0a:0b:b5:43:fd:1a:0d:96:65:43:8f:02:80:
e3:ca:27:f3:90:c7:8a:d2:08:cb:93:03:08:cf:ea:
20:e9:4a:9f:c7:55:ff:f9:84:3a:5b:21:03:6b:62:
c6:68:89:05:67:e8:2c:76:5d:0c:17:37:b6:ca:c1:
36:48:1d:f6:42:2e:61:55:2b:a5:7a:60:58:52:d7:
19:a5:b2:41:41:00:43:97:81:61:80:0e:80:01:4f:
86:5c:61:34:48:6e:94:d5:0a:8c:e3:be:a1:4b:b3:
15:54:ef:4f:2a:77:e6:9e:59:09:d4:96:fa:78:42:
a2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:11:4C:3B:81:2E:A3:CD:66:D2:1C:A6:03:69:DB:EC:CC:50:36:F0
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/kxFMO4Euo81m0hymA2nb7MxQNvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.0.0/17
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/23
213.181.207.0/24
213.181.210.0/23
213.181.219.0/24
213.181.221.0/24
217.113.50.0-217.113.53.255
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
64:a9:b2:1e:fb:a2:c8:65:ed:09:ab:ff:53:f6:53:26:83:5a:
24:41:d3:e6:17:71:fa:88:2a:42:cc:b1:21:f4:02:e5:c0:16:
90:6c:a0:61:dc:9c:17:5d:08:44:b8:1d:db:90:4a:54:ec:e1:
7b:5a:fc:97:65:e8:e5:8d:6a:7f:9b:04:1d:1b:52:74:59:07:
89:e7:41:23:90:a9:10:c3:34:46:97:75:c4:b8:53:eb:9b:9d:
a4:46:5f:ae:08:d2:6f:92:6c:23:a3:42:94:f9:a4:03:b8:c6:
23:94:50:b5:d3:b8:8f:93:a2:e5:b5:20:9b:59:61:f8:9f:1d:
4e:6e:9a:5f:5e:95:22:5d:22:6c:23:3a:8c:1f:43:b2:3a:fb:
b4:66:ca:8e:0b:b5:0f:df:80:7a:48:27:de:96:7e:a4:a2:72:
21:65:61:0a:20:04:f8:5f:d2:2f:77:d6:0a:cf:dc:91:e4:3d:
13:ef:cb:0f:ed:f8:2f:34:49:d7:c1:dc:b2:5d:bf:0e:a5:6d:
ec:7a:d0:99:d8:27:08:69:73:72:a3:94:8f:0a:79:07:c2:cd:
0d:f0:62:0a:e4:6f:54:32:2a:c5:fc:2e:00:94:b8:1b:9b:5f:
42:8e:25:71:57:47:86:bf:b7:0f:00:f6:0e:46:ed:c8:ae:ba:
a9:6f:27:e9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZF6t6ngmRzLNiigFMsORmW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwODIyMTUzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzExNGMzYjgxMmVhM2NkNjZkMjFjYTYwMzY5ZGJlY2NjNTAzNmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JdcHxl3ACIOs/+BJXS9NLs37VPk
cleU3wqbBRYecjoHsWmKWLpNMxa9V6lc1gfBUv2itN5+2OhcCNB2A88hIKcRC+9T
xQIJ1ObHP1NOH+x6/B5nUCrD2/KoXMtFMgimpTindURMWcWGTbcxPP7Ta05d8tj3
MSMYSzyTIXwNeUqx7VghQASJkgoLtUP9Gg2WZUOPAoDjyifzkMeK0gjLkwMIz+og
6Uqfx1X/+YQ6WyEDa2LGaIkFZ+gsdl0MFze2ysE2SB32Qi5hVSulemBYUtcZpbJB
QQBDl4FhgA6AAU+GXGE0SG6U1QqM476hS7MVVO9PKnfmnlkJ1Jb6eEKiWQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJMRTDuBLqPNZtIcpgNp2+zMUDbwMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEva3hGTU80RXVvODFtMGh5bUEybmI3TXhRTnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQGT6zA
AwQFVBUAAwQHV+UAAwQDX4rAAwQEsu7QAwQA1bXIAwQB1bXMAwQA1bXPAwQB1bXS
AwQA1bXbAwQA1bXdMAwDBAHZcTIDBAHZcTQDBADZcT0DBADZcT8wDAMEBNmQMAME
ANmQMgMEA9mQODANBAIAAjAHAwUAKgIHMDANBgkqhkiG9w0BAQsFAAOCAQEAZKmy
HvuiyGXtCav/U/ZTJoNaJEHT5hdx+ogqQsyxIfQC5cAWkGygYdycF10IRLgd25BK
VOzhe1r8l2Xo5Y1qf5sEHRtSdFkHiedBI5CpEMM0Rpd1xLhT65udpEZfrgjSb5Js
I6NClPmkA7jGI5RQtdO4j5Oi5bUgm1lh+J8dTm6aX16VIl0ibCM6jB9Dsjr7tGbK
jgu1D9+Aekgn3pZ+pKJyIWVhCiAE+F/SL3fWCs/ckeQ9E+/LD+34LzRJ18Hcsl2/
DqVt7HrQmdgnCGlzcqOUjwp5B8LNDfBiCuRvVDIqxfwuAJS4G5tfQo4lcVdHhr+3
DwD2DkbtyK66qW8n6Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:53 2025 by rpki-client