Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/YIwLTk24aHTcQtI9BKA-2kTfU0U.roa
File: YIwLTk24aHTcQtI9BKA-2kTfU0U.roa (raw, json)
Hash identifier: +juSZxVBoTFQEYA3awMQjaOFdBgXAXw9boHUMKfuh28=
Subject key identifier: 60:8C:0B:4E:4D:B8:68:74:DC:42:D2:3D:04:A0:3E:DA:44:DF:53:45
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0193D4E9A682599DF9C7D9032EBFC73B2908
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/YIwLTk24aHTcQtI9BKA-2kTfU0U.roa
Signing time: Tue 17 Dec 2024 13:58:22 +0000
ROA not before: Tue 17 Dec 2024 13:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1680
IP address blocks: 37.26.144.0/21 maxlen: 21
37.26.145.0/24 maxlen: 24
37.26.146.0/24 maxlen: 24
37.26.147.0/24 maxlen: 24
37.26.148.0/24 maxlen: 24
37.26.149.0/24 maxlen: 24
37.26.150.0/24 maxlen: 24
37.26.151.0/24 maxlen: 24
46.116.0.0/16 maxlen: 16
46.117.0.0/16 maxlen: 16
46.210.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.88.0/22 maxlen: 24
62.0.92.0/23 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.116.0/22 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
62.90.0.0/16 maxlen: 24
62.90.3.0/24 maxlen: 24
62.90.135.0/24 maxlen: 24
62.90.143.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
82.166.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
82.166.201.128/25 maxlen: 25
85.64.0.0/16 maxlen: 16
85.65.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
89.138.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
93.172.0.0/16 maxlen: 16
93.173.0.0/16 maxlen: 16
95.35.0.0/16 maxlen: 24
109.186.0.0/16 maxlen: 16
109.253.0.0/16 maxlen: 24
141.226.132.0/24 maxlen: 24
141.226.134.0/24 maxlen: 24
147.161.8.0/21 maxlen: 24
147.234.17.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
147.234.28.0/24 maxlen: 24
147.234.43.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
176.12.128.0/17 maxlen: 24
176.13.0.0/16 maxlen: 24
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
192.118.30.0/23 maxlen: 23
194.90.0.0/16 maxlen: 24
194.90.1.0/24 maxlen: 24
194.90.229.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.21.0/24 maxlen: 24
199.203.76.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
207.232.0.0/18 maxlen: 18
212.29.192.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
212.143.0.0/16 maxlen: 24
212.143.194.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
217.132.0.0/16 maxlen: 16
2001:4df0::/29 maxlen: 32
2001:4df0::/32 maxlen: 32
2001:4df1::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2a03:c5c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 22 Dec 2024 09:56:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:e9:a6:82:59:9d:f9:c7:d9:03:2e:bf:c7:3b:29:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Dec 17 13:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=608c0b4e4db86874dc42d23d04a03eda44df5345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:22:82:4d:8e:74:6c:ac:26:31:bd:40:bc:
d8:8f:fc:9f:92:30:0b:e1:02:56:90:08:39:48:05:
29:12:8e:8a:a9:0a:61:e9:e2:cb:5c:dd:6c:b0:35:
ec:4a:77:9c:28:cf:f3:2b:e6:24:1d:51:5a:c4:fc:
6b:7a:fa:44:10:fa:d6:eb:74:bb:db:df:c4:b8:cc:
f7:00:1d:9c:fe:37:07:ee:6c:ae:13:20:81:4d:3f:
f8:00:c6:f3:09:f4:51:14:63:35:0a:17:41:7f:c7:
a7:86:07:bc:bd:71:60:43:94:36:3a:e3:4e:05:d8:
ae:8a:42:de:c1:5f:1f:76:3d:38:ff:5d:78:f2:a5:
11:55:bc:99:a5:c9:21:1f:cd:dc:11:de:b7:bb:f3:
93:e6:56:ff:16:54:0c:a2:67:50:7c:e7:11:f3:b9:
b9:4d:03:29:d5:d1:eb:3e:8d:28:3a:d1:e8:cb:e2:
00:73:eb:54:15:1f:59:0d:04:0a:39:b7:cf:69:06:
e8:bb:90:c0:a6:8e:29:18:e7:4e:b3:31:66:ac:be:
e8:d4:43:ff:e7:95:13:99:5c:fe:40:3b:2b:bb:ae:
12:40:2f:64:2e:6b:40:58:d4:1a:0e:6e:52:4a:3a:
8e:0b:5f:19:2d:fc:88:28:59:bd:32:83:a1:22:e5:
93:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8C:0B:4E:4D:B8:68:74:DC:42:D2:3D:04:A0:3E:DA:44:DF:53:45
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/YIwLTk24aHTcQtI9BKA-2kTfU0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
147.234.17.0/24
147.234.22.0/24
147.234.27.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:dd:98:21:af:26:c4:cd:e9:89:63:b6:a8:16:e0:2b:17:61:
1e:18:0b:64:68:5b:f7:f5:8f:f1:4f:7a:f4:d0:4d:d0:8e:67:
86:bd:71:5e:4e:c6:ff:11:e0:ee:2f:6f:f1:33:6c:31:39:4f:
5a:06:b8:2f:46:53:f6:04:ae:6c:28:0b:f3:0f:d4:95:50:27:
b0:bc:5c:5a:fe:21:71:d4:99:de:4e:0f:f3:d7:ee:f8:74:66:
b1:2d:33:c6:64:b1:d0:88:ca:dd:a9:6b:10:01:4e:ff:ff:f6:
e3:96:e7:19:ee:3e:52:f8:dc:42:32:49:a0:84:6d:6c:e0:21:
5b:e4:45:8a:c6:22:90:e3:2c:37:a3:06:30:b7:c2:bd:d5:b6:
50:76:cb:2e:f9:83:98:b8:f3:51:c9:d2:a7:e1:39:04:60:0e:
72:7e:7b:d4:9f:ef:dc:46:93:b1:55:e5:ac:64:4b:4e:8c:8d:
af:ec:e7:d1:c2:ea:10:46:43:c7:c4:67:0f:ea:1f:fb:69:b3:
51:0c:14:d0:37:5b:b2:b7:ac:73:d3:29:fc:a6:ae:a0:fe:2f:
c9:a2:18:52:45:bc:73:37:01:a0:12:03:46:87:30:0f:73:20:
9b:98:e9:35:60:5c:5f:76:c8:c6:6e:03:7f:ca:3a:34:ba:29:
36:90:bb:cf
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAZPU6aaCWZ35x9kDLr/HOykIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQxMjE3MTM1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhjMGI0ZTRkYjg2ODc0ZGM0MmQyM2QwNGEwM2VkYTQ0ZGY1MzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8Iigk2OdGysJjG9QLzYj/yfkjAL
4QJWkAg5SAUpEo6KqQph6eLLXN1ssDXsSnecKM/zK+YkHVFaxPxrevpEEPrW63S7
29/EuMz3AB2c/jcH7myuEyCBTT/4AMbzCfRRFGM1ChdBf8enhge8vXFgQ5Q2OuNO
BdiuikLewV8fdj04/1148qURVbyZpckhH83cEd63u/OT5lb/FlQMomdQfOcR87m5
TQMp1dHrPo0oOtHoy+IAc+tUFR9ZDQQKObfPaQbou5DApo4pGOdOszFmrL7o1EP/
55UTmVz+QDsru64SQC9kLmtAWNQaDm5SSjqOC18ZLfyIKFm9MoOhIuWT6wIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFGCMC05NuGh03ELSPQSgPtpE31NFMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvWUl3TFRrMjRhSFRjUXRJOUJLQS0ya1RmVTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdMEAgABMIHMAwQD
JRqQAwMBLnQDAwAu0gMDAD4AAwMAPloDBARQ+pADAwBSpgMDAVVAAwMAVfoDAwFZ
igMDAV2sAwMAXyMDAwBtugMDAG39AwQAjeKEAwQAjeKGAwQDk6EIAwQAk+oRAwQA
k+oWMAwDBACT6hsDBACT6hwDBACT6iswDAMEAJPqUwMEAJPqVAMEAJPqVjALAwQH
sAyAAwMBsAwDBALAdhwDAwDCWgMDAMfLAwQGz+gAAwQG1B3AAwMA1I8DAwDUlgME
B9TrAAMDANmEMBsEAgACMBUDBQMgAU3wAwUDKgIBSAMFACoDxcAwDQYJKoZIhvcN
AQELBQADggEBAHrdmCGvJsTN6YljtqgW4CsXYR4YC2RoW/f1j/FPevTQTdCOZ4a9
cV5Oxv8R4O4vb/EzbDE5T1oGuC9GU/YErmwoC/MP1JVQJ7C8XFr+IXHUmd5OD/PX
7vh0ZrEtM8ZksdCIyt2paxABTv//9uOW5xnuPlL43EIySaCEbWzgIVvkRYrGIpDj
LDejBjC3wr3VtlB2yy75g5i481HJ0qfhOQRgDnJ+e9Sf79xGk7FV5axkS06Mja/s
59HC6hBGQ8fEZw/qH/tps1EMFNA3W7K3rHPTKfymrqD+L8miGFJFvHM3AaASA0aH
MA9zIJuY6TVgXF92yMZuA3/KOjS6KTaQu88=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:16:45 2025 by rpki-client