Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/pvDcithzFoT0lQLKWXY9u1Yn5rc.roa
File: pvDcithzFoT0lQLKWXY9u1Yn5rc.roa (raw, json)
Hash identifier: m1rMKLlfvYbDbh72TZqyUMYkwtIUKDcwnTYRmGJwCLE=
Subject key identifier: A6:F0:DC:8A:D8:73:16:84:F4:95:02:CA:59:76:3D:BB:56:27:E6:B7
Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Certificate serial: 0193D3E4BA10F9DEB7DF1AF0E66128711EDB
Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/pvDcithzFoT0lQLKWXY9u1Yn5rc.roa
Signing time: Tue 17 Dec 2024 09:13:22 +0000
ROA not before: Tue 17 Dec 2024 09:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 23.19.56.0/21 maxlen: 24
23.19.56.0/24 maxlen: 24
23.19.59.0/24 maxlen: 24
23.19.62.0/24 maxlen: 24
23.81.32.0/21 maxlen: 21
23.106.32.0/21 maxlen: 21
23.106.56.0/21 maxlen: 21
23.106.232.0/21 maxlen: 21
81.17.56.0/21 maxlen: 24
81.17.56.0/22 maxlen: 22
81.17.60.0/24 maxlen: 24
81.17.61.0/24 maxlen: 24
81.17.62.0/24 maxlen: 24
81.17.63.0/24 maxlen: 24
95.168.176.0/20 maxlen: 24
95.168.176.0/21 maxlen: 21
95.168.184.0/24 maxlen: 24
95.168.185.0/24 maxlen: 24
95.168.186.0/23 maxlen: 23
95.168.186.0/24 maxlen: 24
95.168.187.0/24 maxlen: 24
95.168.188.0/22 maxlen: 22
173.208.48.0/21 maxlen: 21
173.234.16.0/21 maxlen: 24
173.234.16.0/24 maxlen: 24
173.234.17.0/24 maxlen: 24
173.234.18.0/23 maxlen: 23
173.234.18.0/24 maxlen: 24
173.234.19.0/24 maxlen: 24
173.234.20.0/23 maxlen: 23
173.234.22.0/23 maxlen: 23
173.234.72.0/21 maxlen: 21
173.234.136.0/21 maxlen: 21
185.222.24.0/22 maxlen: 24
185.222.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d3:e4:ba:10:f9:de:b7:df:1a:f0:e6:61:28:71:1e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Validity
Not Before: Dec 17 09:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6f0dc8ad8731684f49502ca59763dbb5627e6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:30:84:6f:bd:37:38:a7:e9:d8:14:fa:97:ad:
cb:13:cf:8b:1c:78:99:8b:ac:fc:52:bf:9a:f6:e0:
45:90:55:ad:80:89:10:3e:f8:0a:ea:bf:5a:5b:c1:
ee:f1:90:4e:f8:8a:4f:1f:6e:74:c1:4f:d2:b3:78:
43:b8:49:1b:e2:88:58:28:e6:d2:9c:33:ee:e7:67:
e9:22:67:5a:d9:d0:d3:a3:92:dc:f1:9b:30:1a:1f:
55:ef:2f:0c:0a:e7:e2:4d:65:b3:40:90:8d:75:0a:
02:39:72:10:de:51:cb:0f:ff:46:fd:33:3d:81:59:
ac:e0:e5:70:02:ff:9f:d2:3e:fe:22:fa:32:eb:3c:
15:0c:0d:d7:fc:2f:8f:4f:c3:f1:84:fc:30:2b:a8:
e0:3a:bb:6d:57:dd:37:ea:2e:31:4f:22:87:ff:91:
70:54:e5:8b:85:81:38:c6:83:8c:02:3e:92:e6:52:
e6:b1:b8:00:a4:26:e0:12:d0:cf:4f:d5:8d:f6:e3:
c7:63:96:c7:45:99:0b:7c:35:1c:b5:21:e4:00:28:
e1:7b:0d:06:13:53:d3:5d:40:5e:41:3c:a1:70:d4:
63:17:31:8c:f5:11:7c:13:2d:cd:50:a9:22:c8:4d:
f2:58:f6:d7:5d:56:21:20:7b:fa:18:2f:24:07:c4:
7f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F0:DC:8A:D8:73:16:84:F4:95:02:CA:59:76:3D:BB:56:27:E6:B7
X509v3 Authority Key Identifier:
keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/pvDcithzFoT0lQLKWXY9u1Yn5rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.19.56.0/21
23.81.32.0/21
23.106.32.0/21
23.106.56.0/21
23.106.232.0/21
81.17.56.0/21
95.168.176.0/20
173.208.48.0/21
173.234.16.0/21
173.234.72.0/21
173.234.136.0/21
185.222.24.0/22
Signature Algorithm: sha256WithRSAEncryption
55:6b:4f:91:e8:c5:44:0e:3e:51:61:8b:31:aa:4e:e0:0d:1a:
da:05:9b:4a:bc:08:e1:e9:0a:81:ad:49:9e:f8:5d:a7:84:97:
8c:e8:b3:16:28:6a:d0:64:33:e8:1e:45:6e:91:99:8f:95:d1:
da:a6:f6:8f:04:92:00:02:67:e5:ec:80:53:0c:25:4c:5d:0e:
1e:75:fa:20:c0:0c:7a:87:92:c7:87:b9:2b:c1:3d:e3:42:78:
94:30:52:44:fc:8d:81:1b:26:ad:36:1e:23:09:78:73:3f:66:
1e:23:af:14:67:49:9f:b1:8d:48:8d:4e:eb:b5:51:56:89:d0:
f7:13:cd:56:23:7e:3f:63:d3:4f:e2:9e:37:da:dd:29:f6:a4:
49:51:68:17:22:70:03:67:e7:26:7f:1f:11:b2:92:3c:7e:61:
0e:21:d4:d2:cd:0c:2b:6e:0b:49:28:49:85:9e:fa:03:6f:a3:
71:c6:83:50:23:ce:70:f3:77:8e:55:f5:6a:9a:74:bd:a8:94:
59:6f:ae:ca:52:38:d8:f5:ea:dc:40:5f:50:12:92:fa:1c:3b:
dc:20:e1:cd:b8:bf:8d:cb:4f:69:ea:49:7f:62:44:43:6a:f2:
df:06:ee:c9:b0:12:2e:b9:df:22:c3:3f:4d:48:58:8a:a6:e7:
d2:7c:05:a1
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZPT5LoQ+d633xrw5mEocR7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk
MGIwMTIwHhcNMjQxMjE3MDkxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmYwZGM4YWQ4NzMxNjg0ZjQ5NTAyY2E1OTc2M2RiYjU2MjdlNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzCEb703OKfp2BT6l63LE8+LHHiZ
i6z8Ur+a9uBFkFWtgIkQPvgK6r9aW8Hu8ZBO+IpPH250wU/Ss3hDuEkb4ohYKObS
nDPu52fpImda2dDTo5Lc8ZswGh9V7y8MCufiTWWzQJCNdQoCOXIQ3lHLD/9G/TM9
gVms4OVwAv+f0j7+Ivoy6zwVDA3X/C+PT8PxhPwwK6jgOrttV9036i4xTyKH/5Fw
VOWLhYE4xoOMAj6S5lLmsbgApCbgEtDPT9WN9uPHY5bHRZkLfDUctSHkACjhew0G
E1PTXUBeQTyhcNRjFzGM9RF8Ey3NUKkiyE3yWPbXXVYhIHv6GC8kB8R/PwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKbw3IrYcxaE9JUCyll2PbtWJ+a3MB8GA1UdIwQY
MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt
OWYyMTRkMWJhOTM0LzEvcHZEY2l0aHpGb1QwbFFMS1dYWTl1MVluNXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0
LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDFxM4AwQD
F1EgAwQDF2ogAwQDF2o4AwQDF2roAwQDURE4AwQEX6iwAwQDrdAwAwQDreoQAwQD
repIAwQDreqIAwQCud4YMA0GCSqGSIb3DQEBCwUAA4IBAQBVa0+R6MVEDj5RYYsx
qk7gDRraBZtKvAjh6QqBrUme+F2nhJeM6LMWKGrQZDPoHkVukZmPldHapvaPBJIA
Amfl7IBTDCVMXQ4edfogwAx6h5LHh7krwT3jQniUMFJE/I2BGyatNh4jCXhzP2Ye
I68UZ0mfsY1IjU7rtVFWidD3E81WI34/Y9NP4p432t0p9qRJUWgXInADZ+cmfx8R
spI8fmEOIdTSzQwrbgtJKEmFnvoDb6NxxoNQI85w83eOVfVqmnS9qJRZb67KUjjY
9ercQF9QEpL6HDvcIOHNuL+Ny09p6kl/YkRDavLfBu7JsBIuud8iwz9NSFiKpufS
fAWh
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:41:57 2025 by rpki-client