Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/CKGt7IgTG-esO2MAhYkyz7_5YxU.roa
File: CKGt7IgTG-esO2MAhYkyz7_5YxU.roa (raw, json)
Hash identifier: fkU+ACNYh0r1EEoncsjQsF7gVwGICOAn1gGDD+qLs2k=
Subject key identifier: 08:A1:AD:EC:88:13:1B:E7:AC:3B:63:00:85:89:32:CF:BF:F9:63:15
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 01941F8C07B2DA1759AA030DA79FF4E9C362
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/CKGt7IgTG-esO2MAhYkyz7_5YxU.roa
Signing time: Wed 01 Jan 2025 01:47:38 +0000
ROA not before: Wed 01 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60032
IP address blocks: 2.59.68.0/22 maxlen: 22
2.59.72.0/22 maxlen: 22
5.252.60.0/22 maxlen: 22
5.252.88.0/22 maxlen: 22
45.11.148.0/22 maxlen: 22
45.65.104.0/21 maxlen: 21
45.85.176.0/22 maxlen: 22
45.90.224.0/22 maxlen: 22
45.129.48.0/22 maxlen: 22
45.152.184.0/22 maxlen: 22
80.240.176.0/21 maxlen: 21
80.240.184.0/21 maxlen: 21
80.240.184.0/22 maxlen: 22
80.240.188.0/22 maxlen: 22
91.92.18.0/23 maxlen: 23
95.214.44.0/22 maxlen: 22
109.70.16.0/21 maxlen: 22
128.127.16.0/21 maxlen: 22
185.13.180.0/22 maxlen: 22
185.61.144.0/22 maxlen: 22
185.107.84.0/22 maxlen: 24
185.128.140.0/22 maxlen: 23
185.163.60.0/22 maxlen: 22
185.189.20.0/22 maxlen: 24
185.203.180.0/22 maxlen: 22
185.229.176.0/22 maxlen: 22
185.253.36.0/22 maxlen: 22
188.92.64.0/21 maxlen: 22
193.8.116.0/22 maxlen: 22
193.56.168.0/22 maxlen: 22
194.36.137.0/24 maxlen: 24
194.36.167.0/24 maxlen: 24
194.36.169.0/24 maxlen: 24
194.36.221.0/24 maxlen: 24
194.182.112.0/20 maxlen: 22
212.104.240.0/20 maxlen: 20
2a02:79e0::/32 maxlen: 32
2a02:cfc0::/29 maxlen: 32
2a06:4280::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 09 Jan 2025 11:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:07:b2:da:17:59:aa:03:0d:a7:9f:f4:e9:c3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Jan 1 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08a1adec88131be7ac3b6300858932cfbff96315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bd:ad:a2:21:0f:3b:18:c4:83:36:a1:5e:28:
94:de:c5:48:da:e9:44:f2:8f:16:87:4e:62:1e:d8:
34:52:59:1a:14:5b:82:ca:16:3c:12:65:9c:6b:06:
2d:09:80:bc:11:82:78:54:f1:27:5b:58:8a:8e:a1:
40:ff:57:ca:0d:4d:56:f1:83:b1:cc:63:2f:54:ec:
48:80:27:8a:21:49:d5:84:d6:4f:e4:f0:73:55:12:
33:e2:07:3f:bb:fc:3d:c0:35:78:17:a9:03:74:b5:
9b:52:05:49:55:07:65:f6:09:0b:6d:c7:5b:87:6a:
d4:87:eb:b3:68:e5:da:b5:45:09:0a:3e:4f:df:41:
cf:45:47:d0:15:a5:ca:8a:d5:cd:91:b4:95:15:0a:
ea:5e:68:9d:74:f6:3e:d0:db:75:2e:27:70:82:f3:
70:8f:ff:a1:cd:3f:91:80:60:79:a5:ba:83:4b:ad:
74:62:f6:1c:3e:5c:40:ad:21:b7:01:fd:0d:38:dc:
d9:ce:fd:ba:d9:ea:74:f7:b9:e4:49:fa:6b:0d:13:
f3:22:e0:90:e8:d0:b0:65:42:01:2c:e7:1d:09:11:
b1:89:b4:44:dc:36:e7:ca:17:a9:0c:19:19:34:32:
10:d1:3c:49:76:9f:b6:c4:4c:2b:ab:4d:5f:6e:88:
c3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A1:AD:EC:88:13:1B:E7:AC:3B:63:00:85:89:32:CF:BF:F9:63:15
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/CKGt7IgTG-esO2MAhYkyz7_5YxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.65.104.0/21
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/20
91.92.18.0/23
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.189.20.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.36.137.0/24
194.36.167.0/24
194.36.169.0/24
194.36.221.0/24
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
91:8a:da:8a:c5:91:c1:ba:46:0f:b2:6e:ce:b8:e8:a2:4a:c5:
c4:39:e7:c7:c4:dc:46:0e:7f:d4:ab:57:f0:ba:bc:f6:38:0e:
a8:d2:90:f6:a3:ca:5d:18:7d:40:08:de:74:d3:f8:ab:ff:cc:
26:df:52:0b:cb:be:c1:0a:74:7f:8c:03:b0:f0:c1:d0:92:10:
1b:34:8c:5a:97:cf:55:46:df:67:ed:a8:dc:9a:45:7b:63:5f:
3f:8b:d5:e8:df:ec:33:b7:ba:92:55:5e:9e:af:c0:6b:2a:17:
a0:2e:ef:0f:1d:e9:4b:d1:15:4f:19:d8:29:43:26:08:f1:83:
ea:cb:88:59:17:51:3a:37:3d:21:b3:6d:3a:d8:31:87:c1:18:
79:b6:de:1f:d3:64:66:64:fa:bd:5d:d0:1d:4e:a7:f5:85:59:
20:4f:ff:22:00:48:41:35:09:10:7d:51:48:6f:0a:74:df:4b:
14:b4:33:24:52:28:29:b7:2b:df:20:a2:97:e1:33:a9:42:1d:
a2:9c:ff:36:e6:43:c8:e6:74:74:b1:c9:ba:e8:e0:80:71:c6:
a1:2d:6a:01:44:23:1d:f8:40:4f:fc:c0:28:35:3d:9b:82:f3:
20:da:32:23:dc:b7:c5:e5:2d:77:95:5f:7f:66:f4:c9:f4:5d:
3c:b6:d9:7e
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZQfjAey2hdZqgMNp5/06cNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjUwMTAxMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGExYWRlYzg4MTMxYmU3YWMzYjYzMDA4NTg5MzJjZmJmZjk2MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1b2toiEPOxjEgzahXiiU3sVI2ulE
8o8Wh05iHtg0UlkaFFuCyhY8EmWcawYtCYC8EYJ4VPEnW1iKjqFA/1fKDU1W8YOx
zGMvVOxIgCeKIUnVhNZP5PBzVRIz4gc/u/w9wDV4F6kDdLWbUgVJVQdl9gkLbcdb
h2rUh+uzaOXatUUJCj5P30HPRUfQFaXKitXNkbSVFQrqXmiddPY+0Nt1LidwgvNw
j/+hzT+RgGB5pbqDS610YvYcPlxArSG3Af0NONzZzv262ep097nkSfprDRPzIuCQ
6NCwZUIBLOcdCRGxibRE3DbnyhepDBkZNDIQ0TxJdp+2xEwrq01fbojDVwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFAihreyIExvnrDtjAIWJMs+/+WMVMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvQ0tHdDdJZ1RHLWVzTzJNQWhZa3l6N181WXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgc8EAgABMIHIMAwD
BAICO0QDBAICO0gDBAIF/DwDBAIF/FgDBAItC5QDBAMtQWgDBAItVbADBAItWuAD
BAItgTADBAItmLgDBARQ8LADBAFbXBIDBAJf1iwDBANtRhADBAOAfxADBAK5DbQD
BAK5PZADBAK5a1QDBAK5gIwDBAK5ozwDBAK5vRQDBAK5y7QDBAK55bADBAK5/SQD
BAO8XEADBALBCHQDBALBOKgDBADCJIkDBADCJKcDBADCJKkDBADCJN0DBATCtnAD
BATUaPAwGwQCAAIwFQMFACoCeeADBQMqAs/AAwUDKgZCgDANBgkqhkiG9w0BAQsF
AAOCAQEAkYraisWRwbpGD7JuzrjookrFxDnnx8TcRg5/1KtX8Lq89jgOqNKQ9qPK
XRh9QAjedNP4q//MJt9SC8u+wQp0f4wDsPDB0JIQGzSMWpfPVUbfZ+2o3JpFe2Nf
P4vV6N/sM7e6klVenq/AayoXoC7vDx3pS9EVTxnYKUMmCPGD6suIWRdROjc9IbNt
Otgxh8EYebbeH9NkZmT6vV3QHU6n9YVZIE//IgBIQTUJEH1RSG8KdN9LFLQzJFIo
Kbcr3yCil+EzqUIdopz/NuZDyOZ0dLHJuujggHHGoS1qAUQjHfhAT/zAKDU9m4Lz
INoyI9y3xeUtd5Vff2b0yfRdPLbZfg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:06:06 2025 by rpki-client