Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/eRQq7xdAF71WNxYwFEqj0VQq7OI.roa
File: eRQq7xdAF71WNxYwFEqj0VQq7OI.roa (raw, json)
Hash identifier: TI4SCrAwR2nfidiEalk8VtvkciAJLMg2lfIRktNOCB0=
Subject key identifier: 79:14:2A:EF:17:40:17:BD:56:37:16:30:14:4A:A3:D1:54:2A:EC:E2
Certificate issuer: /CN=e0c8a390dde5e1519a4bd3da754a93e988492d67
Certificate serial: 018CC794914F32B823825E7DFF8E4DA4752F
Authority key identifier: E0:C8:A3:90:DD:E5:E1:51:9A:4B:D3:DA:75:4A:93:E9:88:49:2D:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/eRQq7xdAF71WNxYwFEqj0VQq7OI.roa
Signing time: Tue 02 Jan 2024 00:30:51 +0000
ROA not before: Tue 02 Jan 2024 00:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61323
IP address blocks: 81.201.128.0/20 maxlen: 20
80.66.200.0/22 maxlen: 22
185.241.248.0/22 maxlen: 24
185.221.204.0/22 maxlen: 22
193.39.252.0/22 maxlen: 22
194.39.164.0/22 maxlen: 22
185.160.252.0/22 maxlen: 24
78.137.112.0/20 maxlen: 20
178.238.128.0/20 maxlen: 20
45.84.20.0/22 maxlen: 24
185.181.196.0/22 maxlen: 22
176.124.52.0/22 maxlen: 24
185.210.196.0/22 maxlen: 22
185.207.108.0/22 maxlen: 22
195.69.102.0/24 maxlen: 24
185.234.36.0/22 maxlen: 22
78.109.160.0/20 maxlen: 20
185.197.60.0/22 maxlen: 22
185.160.180.0/22 maxlen: 22
80.244.176.0/20 maxlen: 20
45.157.40.0/22 maxlen: 22
192.166.44.0/24 maxlen: 24
192.166.45.0/24 maxlen: 24
192.166.46.0/23 maxlen: 23
159.253.208.0/21 maxlen: 21
185.226.220.0/22 maxlen: 22
185.162.224.0/22 maxlen: 22
31.193.0.0/20 maxlen: 20
185.217.40.0/22 maxlen: 22
185.220.60.0/22 maxlen: 22
185.156.64.0/24 maxlen: 24
185.156.65.0/24 maxlen: 24
185.156.66.0/23 maxlen: 23
37.220.88.0/21 maxlen: 21
185.55.78.0/23 maxlen: 23
185.55.77.0/24 maxlen: 24
185.166.128.0/22 maxlen: 22
45.131.136.0/22 maxlen: 22
109.108.128.0/19 maxlen: 19
185.216.76.0/22 maxlen: 22
78.24.89.0/24 maxlen: 24
78.24.90.0/23 maxlen: 23
78.24.88.0/24 maxlen: 24
185.182.88.0/22 maxlen: 22
45.145.100.0/22 maxlen: 22
46.37.160.0/19 maxlen: 19
94.229.160.0/20 maxlen: 20
2a02:22d0::/32 maxlen: 32
2a09:b600:5::/48 maxlen: 48
2a09:ba00:4::/48 maxlen: 48
2a02:22d0:c::/48 maxlen: 48
2a09:b200:6::/48 maxlen: 48
2a0c:3dc0::/29 maxlen: 29
2a02:21a8::/48 maxlen: 48
2a02:21a8:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 May 2024 06:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:91:4f:32:b8:23:82:5e:7d:ff:8e:4d:a4:75:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0c8a390dde5e1519a4bd3da754a93e988492d67
Validity
Not Before: Jan 2 00:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79142aef174017bd56371630144aa3d1542aece2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:39:64:ed:ae:99:99:ce:59:08:8e:47:e4:5b:
40:4a:c6:94:9c:4e:b2:ae:1a:8d:90:46:7f:df:db:
1f:c9:45:a2:ac:f4:6e:52:df:d5:f6:2b:36:49:27:
b0:d6:f9:11:55:c2:1a:85:4a:38:38:20:3a:be:b5:
ee:e9:eb:a7:39:25:e5:f8:e8:dc:5d:d0:4a:b5:36:
ce:90:b3:f6:91:ce:3c:c0:ce:59:90:17:05:c6:3d:
c1:bb:29:a4:f2:b1:3c:0b:71:46:f9:0a:3f:c9:36:
0e:18:33:7f:12:74:0b:f7:f3:3e:9a:6a:77:bf:84:
fd:61:f0:9b:48:c6:51:d3:ec:ca:e5:e2:ec:8d:37:
38:50:51:fe:d6:8f:05:c4:bc:99:91:ef:33:39:60:
77:bd:ae:14:3d:36:3a:41:ff:80:12:f1:b1:4a:3e:
e5:3b:09:c8:72:f0:1f:63:fb:5f:e5:1d:21:b7:14:
31:f1:ed:c1:6f:d8:c5:b4:79:8f:37:c1:da:8d:f2:
a1:2e:c9:df:bc:de:26:28:8c:92:28:9a:57:bc:89:
18:b2:83:69:1b:c5:c7:7e:87:97:1a:05:12:fd:9c:
83:dd:69:4d:b3:aa:be:6a:da:1b:c2:71:e1:a5:98:
01:bf:de:3d:82:a4:dc:46:f8:ea:42:7c:32:a8:a7:
9a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:14:2A:EF:17:40:17:BD:56:37:16:30:14:4A:A3:D1:54:2A:EC:E2
X509v3 Authority Key Identifier:
keyid:E0:C8:A3:90:DD:E5:E1:51:9A:4B:D3:DA:75:4A:93:E9:88:49:2D:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/eRQq7xdAF71WNxYwFEqj0VQq7OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/4MijkN3l4VGaS9PadUqT6YhJLWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.0.0/20
37.220.88.0/21
45.84.20.0/22
45.131.136.0/22
45.145.100.0/22
45.157.40.0/22
46.37.160.0/19
78.24.88.0/22
78.109.160.0/20
78.137.112.0/20
80.66.200.0/22
80.244.176.0/20
81.201.128.0/20
94.229.160.0/20
109.108.128.0/19
159.253.208.0/21
176.124.52.0/22
178.238.128.0/20
185.55.77.0-185.55.79.255
185.156.64.0/22
185.160.180.0/22
185.160.252.0/22
185.162.224.0/22
185.166.128.0/22
185.181.196.0/22
185.182.88.0/22
185.197.60.0/22
185.207.108.0/22
185.210.196.0/22
185.216.76.0/22
185.217.40.0/22
185.220.60.0/22
185.221.204.0/22
185.226.220.0/22
185.234.36.0/22
185.241.248.0/22
192.166.44.0/22
193.39.252.0/22
194.39.164.0/22
195.69.102.0/24
IPv6:
2a02:21a8::/47
2a02:22d0::/32
2a09:b200:6::/48
2a09:b600:5::/48
2a09:ba00:4::/48
2a0c:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
55:5f:b0:21:6b:d8:c5:54:09:6a:d7:f1:09:9c:d0:42:50:b5:
17:e9:c4:6c:5f:ff:60:01:3d:5e:b1:d8:5c:1f:d9:1f:0b:ad:
cb:7b:c1:04:9f:f1:7f:58:de:fe:e2:80:a6:59:9e:d8:b6:f3:
44:58:6f:55:d1:45:1f:fe:07:68:4a:7d:be:d2:c2:3f:93:4f:
4c:b2:b6:55:65:28:46:90:9d:8c:63:64:d4:e2:4f:e8:05:7d:
49:29:87:4e:4e:ca:cb:cf:af:2f:35:83:4a:ce:17:c3:bd:e9:
e5:88:e4:2a:07:e9:e5:3b:41:69:b4:a7:74:9b:1c:0a:e4:b4:
fd:db:a0:cc:86:eb:e3:c9:ee:e1:38:60:6b:8a:b9:63:b8:f4:
cc:e9:21:cb:48:c5:c9:83:aa:e1:16:90:f3:84:56:8d:fa:81:
2f:eb:51:f4:85:82:c9:3f:d0:7d:35:2c:88:c7:ef:bf:db:56:
db:95:34:1c:3b:85:cb:d9:fc:61:f2:75:1f:3d:0d:75:db:33:
29:b0:c4:84:fa:73:91:6d:36:c2:83:4a:fc:45:7c:67:ba:e6:
51:c2:b5:b7:aa:b8:17:a9:94:b1:39:02:6d:fa:14:84:46:8e:
26:6a:9f:06:cc:75:66:44:91:11:a7:fb:38:91:97:1b:4e:5b:
d7:a4:82:ff
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgISAYzHlJFPMrgjgl59/45NpHUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzhhMzkwZGRlNWUxNTE5YTRiZDNkYTc1NGE5M2U5ODg0
OTJkNjcwHhcNMjQwMTAyMDAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTE0MmFlZjE3NDAxN2JkNTYzNzE2MzAxNDRhYTNkMTU0MmFlY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzlk7a6Zmc5ZCI5H5FtASsaUnE6y
rhqNkEZ/39sfyUWirPRuUt/V9is2SSew1vkRVcIahUo4OCA6vrXu6eunOSXl+Ojc
XdBKtTbOkLP2kc48wM5ZkBcFxj3Buymk8rE8C3FG+Qo/yTYOGDN/EnQL9/M+mmp3
v4T9YfCbSMZR0+zK5eLsjTc4UFH+1o8FxLyZke8zOWB3va4UPTY6Qf+AEvGxSj7l
OwnIcvAfY/tf5R0htxQx8e3Bb9jFtHmPN8HajfKhLsnfvN4mKIySKJpXvIkYsoNp
G8XHfoeXGgUS/ZyD3WlNs6q+atobwnHhpZgBv949gqTcRvjqQnwyqKeahwIDAQAB
o4IDPTCCAzkwHQYDVR0OBBYEFHkUKu8XQBe9VjcWMBRKo9FUKuziMB8GA1UdIwQY
MBaAFODIo5Dd5eFRmkvT2nVKk+mISS1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1pamtOM2w0VkdhUzlQYWRVcVQ2WWhKTFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84NjliMzAtZmNkNi00OGRmLThkMjUt
YmVmM2JhMjFjNzE1LzEvZVJRcTd4ZEFGNzFXTnhZd0ZFcWowVlFxN09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84NjliMzAtZmNkNi00OGRmLThkMjUtYmVmM2JhMjFjNzE1
LzEvNE1pamtOM2w0VkdhUzlQYWRVcVQ2WWhKTFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUQYIKwYBBQUHAQcBAf8EggFAMIIBPDCB/wQCAAEwgfgD
BAQfwQADBAMl3FgDBAItVBQDBAItg4gDBAItkWQDBAItnSgDBAUuJaADBAJOGFgD
BARObaADBAROiXADBAJQQsgDBARQ9LADBARRyYADBARe5aADBAVtbIADBAOf/dAD
BAKwfDQDBASy7oAwDAMEALk3TQMEBLk3QAMEArmcQAMEArmgtAMEArmg/AMEArmi
4AMEArmmgAMEArm1xAMEArm2WAMEArnFPAMEArnPbAMEArnSxAMEArnYTAMEArnZ
KAMEArncPAMEArndzAMEArni3AMEArnqJAMEArnx+AMEAsCmLAMEAsEn/AMEAsIn
pAMEAMNFZjA4BAIAAjAyAwcBKgIhqAAAAwUAKgIi0AMHACoJsgAABgMHACoJtgAA
BQMHACoJugAABAMFAyoMPcAwDQYJKoZIhvcNAQELBQADggEBAFVfsCFr2MVUCWrX
8Qmc0EJQtRfpxGxf/2ABPV6x2Fwf2R8Lrct7wQSf8X9Y3v7igKZZnti280RYb1XR
RR/+B2hKfb7Swj+TT0yytlVlKEaQnYxjZNTiT+gFfUkph05OysvPry81g0rOF8O9
6eWI5CoH6eU7QWm0p3SbHArktP3boMyG6+PJ7uE4YGuKuWO49MzpIctIxcmDquEW
kPOEVo36gS/rUfSFgsk/0H01LIjH77/bVtuVNBw7hcvZ/GHydR89DXXbMymwxIT6
c5FtNsKDSvxFfGe65lHCtbequBeplLE5Am36FIRGjiZqnwbMdWZEkRGn+ziRlxtO
W9ekgv8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:42 2025 by rpki-client