Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/P3duXCf_SU-ruF-0SM0xP3hJrbg.roa
File: P3duXCf_SU-ruF-0SM0xP3hJrbg.roa (raw, json)
Hash identifier: Wz0gx8sci2TKNjiAPM4+y/n4dasu0DT/P/nk1GKM2eo=
Subject key identifier: 3F:77:6E:5C:27:FF:49:4F:AB:B8:5F:B4:48:CD:31:3F:78:49:AD:B8
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 019427B6143BB34D9696353686FF9A1E6DED
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/P3duXCf_SU-ruF-0SM0xP3hJrbg.roa
Signing time: Thu 02 Jan 2025 15:50:31 +0000
ROA not before: Thu 02 Jan 2025 15:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1680
IP address blocks: 37.26.144.0/21 maxlen: 21
37.26.145.0/24 maxlen: 24
37.26.146.0/24 maxlen: 24
37.26.147.0/24 maxlen: 24
37.26.148.0/24 maxlen: 24
37.26.149.0/24 maxlen: 24
37.26.150.0/24 maxlen: 24
37.26.151.0/24 maxlen: 24
46.116.0.0/16 maxlen: 16
46.117.0.0/16 maxlen: 16
46.210.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.88.0/22 maxlen: 24
62.0.92.0/23 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.116.0/22 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
62.90.0.0/16 maxlen: 24
62.90.135.0/24 maxlen: 24
62.90.143.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
82.166.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
82.166.201.128/25 maxlen: 25
85.64.0.0/16 maxlen: 16
85.65.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
89.138.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
93.172.0.0/16 maxlen: 16
93.173.0.0/16 maxlen: 16
95.35.0.0/16 maxlen: 24
109.186.0.0/16 maxlen: 16
109.253.0.0/16 maxlen: 24
141.226.132.0/24 maxlen: 24
141.226.134.0/24 maxlen: 24
147.161.8.0/21 maxlen: 24
147.234.17.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
147.234.28.0/24 maxlen: 24
147.234.43.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
176.12.128.0/17 maxlen: 24
176.13.0.0/16 maxlen: 24
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
192.118.30.0/23 maxlen: 23
194.90.0.0/16 maxlen: 24
194.90.1.0/24 maxlen: 24
194.90.229.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.21.0/24 maxlen: 24
199.203.76.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
207.232.0.0/18 maxlen: 18
207.232.50.0/24 maxlen: 24
212.29.192.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
212.143.0.0/16 maxlen: 24
212.143.194.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
217.132.0.0/16 maxlen: 16
2001:4df0::/29 maxlen: 32
2001:4df0::/32 maxlen: 32
2001:4df1::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2a03:c5c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 30 Mar 2025 12:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:14:3b:b3:4d:96:96:35:36:86:ff:9a:1e:6d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f776e5c27ff494fabb85fb448cd313f7849adb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:67:fd:29:4a:62:15:16:ed:0c:bf:1f:e1:64:
00:2c:a5:8d:78:8e:29:97:e2:31:36:ba:04:64:74:
02:be:55:1e:50:cd:cc:b5:67:58:63:d3:bc:e7:5a:
55:b9:89:a7:41:c4:d5:b1:dc:a2:6c:8f:79:70:dd:
ff:51:39:ae:1f:f2:31:72:55:4c:b8:89:28:db:82:
e8:78:bc:3f:97:3e:a1:e3:d3:01:c4:05:d5:b6:62:
db:5b:1c:84:13:21:33:43:e9:cc:66:35:6b:66:94:
ce:15:6a:19:51:b2:a1:17:12:cb:5e:81:d9:55:47:
f7:c9:dd:98:a7:b8:10:2d:68:13:c9:76:96:c6:b3:
81:52:6b:35:d7:1f:87:18:b0:e5:3d:ce:8c:22:44:
b7:f9:f5:3e:c5:6f:40:d9:9e:e5:72:2a:45:e2:48:
84:3d:0c:31:e9:c9:14:56:23:cc:c4:cd:6b:f1:08:
25:5d:34:f9:13:cb:2a:cb:68:5a:a5:fa:ae:ce:56:
3d:40:10:27:ee:f4:ac:7e:81:5f:70:83:ab:c6:44:
1b:3d:a8:76:68:e7:31:7c:22:6f:db:75:2c:f2:d4:
17:62:1d:5b:39:1b:8e:81:70:6c:56:a4:9f:32:72:
bb:aa:7f:ca:44:f9:48:61:f2:a1:d5:23:d4:38:5a:
a6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:77:6E:5C:27:FF:49:4F:AB:B8:5F:B4:48:CD:31:3F:78:49:AD:B8
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/P3duXCf_SU-ruF-0SM0xP3hJrbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
147.234.17.0/24
147.234.22.0/24
147.234.27.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
21:9c:c9:78:39:82:a9:a9:d4:44:61:63:31:2f:b7:3d:b9:4f:
49:a3:80:03:14:07:33:b5:2b:56:c8:f2:a4:3f:a5:3e:fd:b2:
df:28:44:cf:41:ab:6f:fc:ff:1c:e5:68:bb:33:70:18:ce:bb:
e9:8f:b1:f1:1a:91:c0:7e:e1:34:6a:9c:0a:f0:49:6d:12:37:
f5:72:a9:63:b0:47:8b:f5:4e:c0:e3:66:18:33:23:98:db:4a:
6b:80:0a:c3:1b:5d:bc:cd:94:48:72:a9:a5:03:f5:01:fe:e3:
9b:59:2a:4d:12:ad:ca:16:4f:75:59:f9:33:51:ea:7f:b7:e6:
8c:b9:84:9d:5c:2c:3f:af:8d:2e:1d:05:e6:ab:0b:de:09:03:
79:21:93:54:97:91:43:b4:d7:a9:6d:54:48:b5:52:4f:86:b8:
a6:a9:26:58:39:e3:5a:9e:c5:43:0b:00:3b:9c:98:e1:66:bd:
c0:3e:71:9c:69:d1:7e:57:50:e2:b2:50:59:48:07:c5:93:94:
d0:33:09:ed:a4:89:1e:a7:bd:cb:f9:b9:07:6d:d0:46:8f:48:
34:5b:73:ec:c6:ef:71:0e:ea:65:3f:ca:e3:ef:2b:53:4d:4d:
4b:27:a1:64:e1:74:aa:14:85:73:fa:77:2c:dc:e8:16:e7:a9:
76:7a:2d:3e
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAZQnthQ7s02WljU2hv+aHm3tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwMTAyMTU1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjc3NmU1YzI3ZmY0OTRmYWJiODVmYjQ0OGNkMzEzZjc4NDlhZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2f9KUpiFRbtDL8f4WQALKWNeI4p
l+IxNroEZHQCvlUeUM3MtWdYY9O851pVuYmnQcTVsdyibI95cN3/UTmuH/IxclVM
uIko24LoeLw/lz6h49MBxAXVtmLbWxyEEyEzQ+nMZjVrZpTOFWoZUbKhFxLLXoHZ
VUf3yd2Yp7gQLWgTyXaWxrOBUms11x+HGLDlPc6MIkS3+fU+xW9A2Z7lcipF4kiE
PQwx6ckUViPMxM1r8QglXTT5E8sqy2hapfquzlY9QBAn7vSsfoFfcIOrxkQbPah2
aOcxfCJv23Us8tQXYh1bORuOgXBsVqSfMnK7qn/KRPlIYfKh1SPUOFqmCwIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFD93blwn/0lPq7hftEjNMT94Sa24MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvUDNkdVhDZl9TVS1ydUYtMFNNMHhQM2hKcmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdMEAgABMIHMAwQD
JRqQAwMBLnQDAwAu0gMDAD4AAwMAPloDBARQ+pADAwBSpgMDAVVAAwMAVfoDAwFZ
igMDAV2sAwMAXyMDAwBtugMDAG39AwQAjeKEAwQAjeKGAwQDk6EIAwQAk+oRAwQA
k+oWMAwDBACT6hsDBACT6hwDBACT6iswDAMEAJPqUwMEAJPqVAMEAJPqVjALAwQH
sAyAAwMBsAwDBALAdhwDAwDCWgMDAMfLAwQGz+gAAwQG1B3AAwMA1I8DAwDUlgME
B9TrAAMDANmEMBsEAgACMBUDBQMgAU3wAwUDKgIBSAMFACoDxcAwDQYJKoZIhvcN
AQELBQADggEBACGcyXg5gqmp1ERhYzEvtz25T0mjgAMUBzO1K1bI8qQ/pT79st8o
RM9Bq2/8/xzlaLszcBjOu+mPsfEakcB+4TRqnArwSW0SN/VyqWOwR4v1TsDjZhgz
I5jbSmuACsMbXbzNlEhyqaUD9QH+45tZKk0SrcoWT3VZ+TNR6n+35oy5hJ1cLD+v
jS4dBearC94JA3khk1SXkUO016ltVEi1Uk+GuKapJlg541qexUMLADucmOFmvcA+
cZxp0X5XUOKyUFlIB8WTlNAzCe2kiR6nvcv5uQdt0EaPSDRbc+zG73EO6mU/yuPv
K1NNTUsnoWThdKoUhXP6dyzc6BbnqXZ6LT4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:42:58 2025 by rpki-client