Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/l-xUn_zf_7YVpuwly5_IWBnyHQg.roa
File: l-xUn_zf_7YVpuwly5_IWBnyHQg.roa (raw, json)
Hash identifier: yx7GIdnvaJe/IrmhsLF5Pt2k1NT6ci9SoPRuesgVc/E=
Subject key identifier: 97:EC:54:9F:FC:DF:FF:B6:15:A6:EC:25:CB:9F:C8:58:19:F2:1D:08
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 0192B3C593EB2E87B79FBD002F04BD3F59ED
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/l-xUn_zf_7YVpuwly5_IWBnyHQg.roa
Signing time: Tue 22 Oct 2024 10:28:42 +0000
ROA not before: Tue 22 Oct 2024 10:28:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
88.98.192.0/18 maxlen: 18
88.98.200.0/22 maxlen: 22
88.98.204.0/22 maxlen: 22
88.98.216.0/23 maxlen: 23
88.98.218.0/23 maxlen: 23
88.98.240.0/20 maxlen: 20
88.98.240.0/22 maxlen: 22
89.32.120.0/22 maxlen: 22
89.34.164.0/22 maxlen: 22
89.35.196.0/22 maxlen: 22
89.36.64.0/21 maxlen: 21
89.39.136.0/21 maxlen: 21
89.44.40.0/22 maxlen: 22
93.115.192.0/22 maxlen: 22
137.220.64.0/18 maxlen: 18
137.220.68.0/22 maxlen: 22
137.220.72.0/21 maxlen: 21
137.220.80.0/22 maxlen: 22
137.220.84.0/22 maxlen: 22
137.220.88.0/22 maxlen: 22
137.220.92.0/22 maxlen: 22
137.220.96.0/22 maxlen: 22
137.220.100.0/22 maxlen: 22
137.220.104.0/22 maxlen: 22
137.220.108.0/22 maxlen: 22
137.220.112.0/23 maxlen: 23
137.220.114.0/23 maxlen: 23
137.220.116.0/23 maxlen: 23
137.220.118.0/23 maxlen: 23
137.220.120.0/23 maxlen: 23
137.220.122.0/23 maxlen: 23
137.220.124.0/22 maxlen: 22
140.228.32.0/19 maxlen: 19
140.228.40.0/22 maxlen: 22
140.228.44.0/22 maxlen: 22
140.228.48.0/22 maxlen: 22
140.228.52.0/22 maxlen: 22
140.228.56.0/22 maxlen: 22
140.228.64.0/19 maxlen: 19
140.228.88.0/22 maxlen: 22
141.0.144.0/21 maxlen: 21
141.0.152.0/21 maxlen: 21
143.58.128.0/18 maxlen: 18
143.58.128.0/21 maxlen: 21
143.58.136.0/21 maxlen: 21
143.58.144.0/22 maxlen: 22
143.58.148.0/22 maxlen: 22
143.58.152.0/21 maxlen: 21
143.58.160.0/21 maxlen: 21
143.58.192.0/18 maxlen: 18
143.58.212.0/22 maxlen: 22
143.58.216.0/21 maxlen: 21
143.58.216.0/22 maxlen: 22
143.58.220.0/22 maxlen: 22
143.58.224.0/21 maxlen: 21
143.58.224.0/22 maxlen: 22
143.58.228.0/22 maxlen: 22
143.58.236.0/22 maxlen: 22
152.37.64.0/18 maxlen: 18
152.37.64.0/22 maxlen: 22
152.37.68.0/22 maxlen: 22
152.37.72.0/22 maxlen: 22
152.37.76.0/22 maxlen: 22
152.37.80.0/22 maxlen: 22
152.37.84.0/22 maxlen: 22
152.37.88.0/22 maxlen: 22
152.37.92.0/22 maxlen: 22
152.37.96.0/22 maxlen: 22
152.37.100.0/23 maxlen: 23
152.37.102.0/23 maxlen: 23
152.37.104.0/22 maxlen: 22
152.37.108.0/22 maxlen: 22
152.37.114.0/23 maxlen: 23
152.37.124.0/23 maxlen: 23
185.24.120.0/22 maxlen: 22
188.172.144.0/20 maxlen: 20
188.210.208.0/21 maxlen: 21
188.210.208.0/22 maxlen: 22
188.210.212.0/22 maxlen: 22
188.210.212.0/23 maxlen: 23
188.210.214.0/23 maxlen: 23
188.211.160.0/22 maxlen: 22
188.213.136.0/22 maxlen: 22
188.214.8.0/21 maxlen: 21
209.35.64.0/19 maxlen: 19
209.35.72.0/22 maxlen: 22
209.35.76.0/22 maxlen: 22
209.35.80.0/21 maxlen: 21
209.35.80.0/22 maxlen: 22
209.35.84.0/22 maxlen: 22
209.35.88.0/21 maxlen: 21
209.35.88.0/22 maxlen: 22
209.35.92.0/22 maxlen: 22
2a01:4b00::/32 maxlen: 32
2a01:4b00:d000::/36 maxlen: 36
2a01:4b00:e000::/35 maxlen: 35
Validation: Failed, certificate revoked on Thu 24 Oct 2024 07:52:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:c5:93:eb:2e:87:b7:9f:bd:00:2f:04:bd:3f:59:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Oct 22 10:28:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97ec549ffcdfffb615a6ec25cb9fc85819f21d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:71:a4:90:39:e8:9b:a1:20:a0:c1:7b:1f:eb:
8c:75:13:4a:fa:33:bd:e0:f9:67:b1:c7:f4:2b:1b:
ad:8b:5b:c0:2d:48:79:18:b4:c8:6c:6f:2f:17:43:
f0:39:be:5f:33:84:b0:01:2d:bb:97:90:04:32:1f:
dc:98:7e:65:20:a5:5b:c7:08:69:98:31:78:21:74:
8d:ec:11:c0:a7:45:8f:22:ab:41:42:0b:e8:14:4d:
c3:e5:34:02:47:6d:cf:46:d6:1c:df:45:08:c8:ba:
da:55:6c:05:7f:57:2a:3b:78:73:1f:2e:54:74:60:
93:1a:7c:6e:27:1d:f0:0c:b0:68:6d:30:88:0c:67:
94:36:48:c4:65:5f:6b:01:f5:62:08:cf:ca:6a:22:
84:79:d9:c3:c2:ab:7f:ae:61:b2:c7:27:8a:b4:0b:
71:0f:c2:3d:4f:2a:5c:8a:bc:9a:61:86:46:ec:f9:
49:83:ed:eb:77:67:c5:5b:d4:32:c6:d6:34:4a:99:
e8:64:f6:d6:a0:d8:8f:b0:26:b5:7f:28:22:87:dd:
99:cb:9f:d5:2b:e1:55:e9:01:c5:c9:bf:29:49:1f:
8a:c4:62:4b:f1:50:e1:32:ae:02:da:d2:30:1a:fd:
0d:28:dd:2a:e6:a2:71:da:9b:4d:d6:22:a5:5d:78:
f4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EC:54:9F:FC:DF:FF:B6:15:A6:EC:25:CB:9F:C8:58:19:F2:1D:08
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/l-xUn_zf_7YVpuwly5_IWBnyHQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
88.98.192.0/18
89.32.120.0/22
89.34.164.0/22
89.35.196.0/22
89.36.64.0/21
89.39.136.0/21
89.44.40.0/22
93.115.192.0/22
137.220.64.0/18
140.228.32.0-140.228.95.255
141.0.144.0/20
143.58.128.0/17
152.37.64.0/18
185.24.120.0/22
188.172.144.0/20
188.210.208.0/21
188.211.160.0/22
188.213.136.0/22
188.214.8.0/21
209.35.64.0/19
IPv6:
2a01:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
5e:67:08:0b:5e:06:95:b4:c8:7f:66:91:47:cf:a2:e7:35:f2:
1d:2f:71:aa:d6:4f:4f:19:ca:84:0c:11:eb:4b:92:94:00:15:
b5:54:d8:bc:6f:f8:ae:2f:55:92:04:38:bc:1d:8a:ff:88:57:
c6:e5:d5:63:cc:e2:ee:f1:d8:2b:39:fd:61:5c:ce:56:53:25:
ef:b1:59:dc:11:cf:64:28:05:e8:04:77:b0:c5:de:14:43:a0:
b9:8c:9e:a9:a7:a0:24:43:e4:4f:3d:76:d1:4a:3d:e9:0e:8f:
7e:71:3e:7b:77:1e:d3:dd:42:d8:44:f5:61:b7:6b:98:0e:e4:
11:07:db:d3:25:43:bc:8b:80:fb:d9:6b:d4:7e:6e:93:9b:2d:
74:54:47:a6:18:6d:87:b6:57:cc:5a:56:6b:ce:fa:75:ba:0a:
7e:0a:ef:15:8d:c0:85:28:88:9d:b5:8b:37:13:fc:e8:2e:0c:
03:de:3e:3f:0c:7b:6c:c7:52:27:7e:6b:35:c9:ff:90:66:23:
82:6a:9b:3b:ff:f3:b3:d6:46:60:04:f0:f5:4a:7b:72:b2:da:
b0:a7:35:3b:46:e6:85:fc:9d:af:0b:d2:f2:3b:bf:c0:a8:76:
07:d8:b3:60:b4:0b:da:d3:99:01:50:23:e2:21:48:2e:04:70:
07:6d:a3:68
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZKzxZPrLoe3n70ALwS9P1ntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjQxMDIyMTAyODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VjNTQ5ZmZjZGZmZmI2MTVhNmVjMjVjYjlmYzg1ODE5ZjIxZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nGkkDnom6EgoMF7H+uMdRNK+jO9
4Plnscf0Kxuti1vALUh5GLTIbG8vF0PwOb5fM4SwAS27l5AEMh/cmH5lIKVbxwhp
mDF4IXSN7BHAp0WPIqtBQgvoFE3D5TQCR23PRtYc30UIyLraVWwFf1cqO3hzHy5U
dGCTGnxuJx3wDLBobTCIDGeUNkjEZV9rAfViCM/KaiKEednDwqt/rmGyxyeKtAtx
D8I9TypciryaYYZG7PlJg+3rd2fFW9QyxtY0SpnoZPbWoNiPsCa1fygih92Zy5/V
K+FV6QHFyb8pSR+KxGJL8VDhMq4C2tIwGv0NKN0q5qJx2ptN1iKlXXj02QIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFJfsVJ/83/+2FabsJcufyFgZ8h0IMB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvbC14VW5femZfN1lWcHV3bHk1X0lXQm55SFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAIf
DvgDBAIlnEgDBAZYYsADBAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZJ4gDBAJZ
LCgDBAJdc8ADBAaJ3EAwDAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAMEBpglQAME
ArkYeAMEBLyskAMEA7zS0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDANBAIAAjAH
AwUAKgFLADANBgkqhkiG9w0BAQsFAAOCAQEAXmcIC14GlbTIf2aRR8+i5zXyHS9x
qtZPTxnKhAwR60uSlAAVtVTYvG/4ri9VkgQ4vB2K/4hXxuXVY8zi7vHYKzn9YVzO
VlMl77FZ3BHPZCgF6AR3sMXeFEOguYyeqaegJEPkTz120Uo96Q6PfnE+e3ce091C
2ET1YbdrmA7kEQfb0yVDvIuA+9lr1H5uk5stdFRHphhth7ZXzFpWa876dboKfgrv
FY3AhSiInbWLNxP86C4MA94+Pwx7bMdSJ35rNcn/kGYjgmqbO//zs9ZGYATw9Up7
crLasKc1O0bmhfydrwvS8ju/wKh2B9izYLQL2tOZAVAj4iFILgRwB22jaA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:13 2025 by rpki-client