Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/S9Ic-2sljLMODxoOc0_s1ZGplIA.roa
File: S9Ic-2sljLMODxoOc0_s1ZGplIA.roa (raw, json)
Hash identifier: Caf4BpDwd8pzvxLyqKoGu805wWI0Lwa8bHnxQr8ZvDU=
Subject key identifier: 4B:D2:1C:FB:6B:25:8C:B3:0E:0F:1A:0E:73:4F:EC:D5:91:A9:94:80
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019422FC3E06663CC2B660F61D8305059AF7
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/S9Ic-2sljLMODxoOc0_s1ZGplIA.roa
Signing time: Wed 01 Jan 2025 17:49:03 +0000
ROA not before: Wed 01 Jan 2025 17:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205209
IP address blocks: 80.74.96.0/24 maxlen: 24
80.74.97.0/24 maxlen: 24
80.74.99.0/24 maxlen: 24
80.74.123.0/24 maxlen: 24
92.61.224.0/24 maxlen: 24
92.61.225.0/24 maxlen: 24
92.61.226.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
92.61.234.0/23 maxlen: 23
92.61.234.0/24 maxlen: 24
92.61.235.0/24 maxlen: 24
94.188.136.0/24 maxlen: 24
94.188.138.0/24 maxlen: 24
94.188.140.0/24 maxlen: 24
94.188.142.0/24 maxlen: 24
94.188.161.0/24 maxlen: 24
94.188.162.0/24 maxlen: 24
94.188.165.0/24 maxlen: 24
94.188.166.0/24 maxlen: 24
94.188.167.0/24 maxlen: 24
94.188.169.0/24 maxlen: 24
94.188.171.0/24 maxlen: 24
94.188.175.0/24 maxlen: 24
94.188.178.0/24 maxlen: 24
94.188.179.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
94.188.188.0/23 maxlen: 23
94.188.191.0/24 maxlen: 24
94.188.196.0/24 maxlen: 24
94.188.197.0/24 maxlen: 24
94.188.200.0/24 maxlen: 24
94.188.242.0/24 maxlen: 24
94.188.243.0/24 maxlen: 24
94.188.251.0/24 maxlen: 24
2a02:23b8:2::/52 maxlen: 52
2a02:23b8:1a00::/56 maxlen: 56
Validation: Failed, certificate revoked on Mon 17 Feb 2025 03:41:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3e:06:66:3c:c2:b6:60:f6:1d:83:05:05:9a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4bd21cfb6b258cb30e0f1a0e734fecd591a99480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3f:c0:69:cf:7f:0b:fc:bf:0a:19:f6:35:2f:
d2:06:44:ac:c5:ae:15:71:39:e6:ca:2e:51:a3:21:
72:45:c0:3e:9e:84:1a:66:81:d5:9b:17:2d:9b:88:
ee:9c:3f:55:88:ee:94:44:e3:d3:8a:11:e4:06:37:
6f:b2:3f:72:61:a7:d0:f7:9c:1b:8a:18:73:89:d7:
37:b8:f3:1e:b1:ce:a1:77:31:83:c5:33:50:c0:95:
9c:88:ed:48:62:de:77:cc:44:2e:89:6c:0e:74:47:
43:f5:71:3a:2a:f7:21:a9:02:bf:c4:2f:e7:7b:6d:
02:4b:ec:0d:c4:e7:39:c6:00:cb:c9:7b:ed:0d:7d:
39:13:20:54:4c:bf:c7:5c:8f:46:0f:9d:58:2a:5a:
7c:40:9c:79:f2:3a:18:3d:e2:6b:97:85:a2:e2:22:
4d:44:e2:6f:9e:a7:00:04:9f:88:52:e5:1c:61:29:
c5:3f:df:d3:c2:13:f5:78:1e:e7:6c:47:73:e0:10:
76:54:e7:7b:d5:74:e7:86:6f:de:cb:07:91:1a:ba:
98:c3:90:69:d5:cf:1a:23:3f:12:78:fd:96:2e:29:
9b:6b:a4:85:32:17:1e:b6:fa:2f:cb:cc:3b:7f:17:
7b:18:5e:b1:77:dc:42:08:22:9b:0d:7f:cc:2f:ed:
cf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D2:1C:FB:6B:25:8C:B3:0E:0F:1A:0E:73:4F:EC:D5:91:A9:94:80
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/S9Ic-2sljLMODxoOc0_s1ZGplIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.96.0/23
80.74.99.0/24
80.74.123.0/24
92.61.224.0-92.61.226.255
92.61.230.0/23
92.61.234.0/23
94.188.136.0/24
94.188.138.0/24
94.188.140.0/24
94.188.142.0/24
94.188.161.0-94.188.162.255
94.188.165.0-94.188.167.255
94.188.169.0/24
94.188.171.0/24
94.188.175.0/24
94.188.178.0/23
94.188.186.0-94.188.189.255
94.188.191.0/24
94.188.196.0/23
94.188.200.0/24
94.188.242.0/23
94.188.251.0/24
IPv6:
2a02:23b8:2::/52
2a02:23b8:1a00::/56
Signature Algorithm: sha256WithRSAEncryption
52:ce:49:34:33:12:a3:3c:24:61:c0:df:41:33:26:ca:b9:fe:
18:33:0c:d8:8f:c0:07:9c:6d:99:93:47:d9:c3:af:1d:a6:b8:
e4:03:04:b5:56:82:c4:82:a2:08:4e:90:67:05:e0:4b:e2:50:
d7:b8:a8:db:04:00:84:1f:4a:d7:49:30:75:4e:09:45:b7:ec:
07:20:a4:17:5e:78:c0:3a:8a:15:5a:ef:51:da:df:b5:49:97:
cd:04:44:ba:29:28:1f:ec:ac:54:71:25:23:ce:2d:83:b9:8a:
dc:7c:8d:bf:e2:99:c8:97:94:45:be:90:ff:2e:97:31:f3:0e:
13:a9:93:78:5a:26:77:7a:b8:a4:f9:25:d6:8c:59:4a:43:93:
df:cd:7e:ca:79:d2:f9:de:2f:d5:81:8a:f8:80:e4:5d:2e:6b:
9d:43:83:a7:3e:f8:6a:69:0a:a4:8a:cc:c4:d3:b9:f2:b7:74:
8f:f2:22:14:83:d8:3c:42:bf:9c:36:e8:e2:53:b5:fc:72:4b:
bf:94:d9:21:e4:2f:10:b5:f0:9a:86:b5:c8:a0:b0:77:d5:d5:
74:38:b3:f1:d5:7c:08:31:ff:e2:90:f3:2b:2a:9a:a4:dd:3c:
c4:df:f7:1b:04:09:51:81:29:f3:25:4a:0b:15:d3:63:ba:df:
ed:26:36:2c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZQi/D4GZjzCtmD2HYMFBZr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQyMWNmYjZiMjU4Y2IzMGUwZjFhMGU3MzRmZWNkNTkxYTk5NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT/Aac9/C/y/Chn2NS/SBkSsxa4V
cTnmyi5RoyFyRcA+noQaZoHVmxctm4junD9ViO6UROPTihHkBjdvsj9yYafQ95wb
ihhzidc3uPMesc6hdzGDxTNQwJWciO1IYt53zEQuiWwOdEdD9XE6KvchqQK/xC/n
e20CS+wNxOc5xgDLyXvtDX05EyBUTL/HXI9GD51YKlp8QJx58joYPeJrl4Wi4iJN
ROJvnqcABJ+IUuUcYSnFP9/TwhP1eB7nbEdz4BB2VOd71XTnhm/eyweRGrqYw5Bp
1c8aIz8SeP2WLimba6SFMhcetvovy8w7fxd7GF6xd9xCCCKbDX/ML+3P3QIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFEvSHPtrJYyzDg8aDnNP7NWRqZSAMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvUzlJYy0yc2xqTE1PRHhvT2MwX3MxWkdwbElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBqwQCAAEwgaQDBAFQ
SmADBABQSmMDBABQSnswDAMEBVw94AMEAFw94gMEAVw95gMEAVw96gMEAF68iAME
AF68igMEAF68jAMEAF68jjAMAwQAXryhAwQAXryiMAwDBABevKUDBANevKADBABe
vKkDBABevKsDBABevK8DBAFevLIwDAMEAV68ugMEAV68vAMEAF68vwMEAV68xAME
AF68yAMEAV688gMEAF68+zAaBAIAAjAUAwgEKgIjuAACAAMIACoCI7gaAAAwDQYJ
KoZIhvcNAQELBQADggEBAFLOSTQzEqM8JGHA30EzJsq5/hgzDNiPwAecbZmTR9nD
rx2muOQDBLVWgsSCoghOkGcF4EviUNe4qNsEAIQfStdJMHVOCUW37AcgpBdeeMA6
ihVa71Ha37VJl80ERLopKB/srFRxJSPOLYO5itx8jb/imciXlEW+kP8ulzHzDhOp
k3haJnd6uKT5JdaMWUpDk9/Nfsp50vneL9WBiviA5F0ua51Dg6c++GppCqSKzMTT
ufK3dI/yIhSD2DxCv5w26OJTtfxyS7+U2SHkLxC18JqGtcigsHfV1XQ4s/HVfAgx
/+KQ8ysqmqTdPMTf9xsECVGBKfMlSgsV02O63+0mNiw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:26 2025 by rpki-client