Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/IhdzJGm-jPEU1U49UNVbqh66nZo.roa
File: IhdzJGm-jPEU1U49UNVbqh66nZo.roa (raw, json)
Hash identifier: PQQVvZFx1BV2rsH9WjBNxsBMWI+PS+N9v804L8KMgME=
Subject key identifier: 22:17:73:24:69:BE:8C:F1:14:D5:4E:3D:50:D5:5B:AA:1E:BA:9D:9A
Certificate issuer: /CN=662f55d377127f28ce26b78fd83becf41becad4b
Certificate serial: 019371C0A1948A7CEF6AF97CB769B65F5AA3
Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/IhdzJGm-jPEU1U49UNVbqh66nZo.roa
Signing time: Thu 28 Nov 2024 07:51:09 +0000
ROA not before: Thu 28 Nov 2024 07:51:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49683
IP address blocks: 31.25.234.0/24 maxlen: 24
171.22.172.0/24 maxlen: 24
171.22.173.0/24 maxlen: 24
185.44.64.0/24 maxlen: 24
185.44.65.0/24 maxlen: 24
185.44.66.0/24 maxlen: 24
185.44.67.0/24 maxlen: 24
185.85.240.0/24 maxlen: 24
185.85.241.0/24 maxlen: 24
185.85.242.0/24 maxlen: 24
185.85.243.0/24 maxlen: 24
185.116.236.0/24 maxlen: 24
185.116.237.0/24 maxlen: 24
185.116.239.0/24 maxlen: 24
185.122.164.0/24 maxlen: 24
185.122.165.0/24 maxlen: 24
185.122.166.0/24 maxlen: 24
185.122.167.0/24 maxlen: 24
185.168.192.0/24 maxlen: 24
185.168.193.0/24 maxlen: 24
185.168.194.0/24 maxlen: 24
185.168.195.0/24 maxlen: 24
185.184.68.0/24 maxlen: 24
185.184.69.0/24 maxlen: 24
185.184.70.0/24 maxlen: 24
185.184.71.0/24 maxlen: 24
185.189.56.0/24 maxlen: 24
185.189.57.0/24 maxlen: 24
185.189.58.0/24 maxlen: 24
185.189.59.0/24 maxlen: 24
2a0a:2f00:1::/48 maxlen: 48
2a0a:2f00:2::/48 maxlen: 48
2a0a:2f00:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Dec 2024 10:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:71:c0:a1:94:8a:7c:ef:6a:f9:7c:b7:69:b6:5f:5a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b
Validity
Not Before: Nov 28 07:51:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2217732469be8cf114d54e3d50d55baa1eba9d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:93:88:88:8c:5c:7e:61:3c:b0:cb:0c:94:ed:
36:bf:9f:18:ad:9e:91:b1:b6:fa:ea:8b:cb:ae:e4:
c3:86:6b:6b:0f:22:77:09:29:27:15:e6:55:7d:aa:
38:cb:67:f2:8a:bc:8b:b9:2c:49:19:83:c6:eb:f1:
df:86:77:07:14:2c:a7:b6:72:32:a6:e9:03:ae:ce:
3e:b0:8b:58:ee:a0:c8:11:6e:5b:e3:3d:fe:f1:2c:
9d:66:91:12:31:1e:d0:a7:73:94:48:68:19:af:40:
fb:48:d0:3b:90:ed:62:00:52:f1:c6:56:8c:cf:4e:
38:ba:e3:78:d4:7b:db:ae:91:5c:22:8b:6e:21:2a:
b4:ce:73:b4:57:1c:f2:4c:18:83:76:68:ad:1a:6b:
48:7a:24:03:a7:ce:7b:5a:9b:4b:30:7c:25:c8:79:
e8:e7:72:a7:f9:5a:bc:78:8b:cb:2f:79:2f:bb:c2:
ee:f8:d8:2a:b4:dd:5c:fa:37:ca:47:a3:7e:10:72:
73:e9:5f:8e:96:56:6a:2a:64:6a:68:4f:22:7e:2e:
b6:f8:39:91:db:dc:59:6d:1e:09:36:c8:ae:22:8f:
ed:24:20:d2:26:c2:a0:db:37:13:a3:7d:19:4a:b9:
7e:07:40:8e:10:24:bd:82:2a:5b:cc:49:d3:0a:02:
57:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:17:73:24:69:BE:8C:F1:14:D5:4E:3D:50:D5:5B:AA:1E:BA:9D:9A
X509v3 Authority Key Identifier:
keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/IhdzJGm-jPEU1U49UNVbqh66nZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.234.0/24
171.22.172.0/23
185.44.64.0/22
185.85.240.0/22
185.116.236.0/23
185.116.239.0/24
185.122.164.0/22
185.168.192.0/22
185.184.68.0/22
185.189.56.0/22
IPv6:
2a0a:2f00:1::-2a0a:2f00:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
99:ff:76:31:39:a1:db:50:1e:90:19:d5:d6:19:4a:5a:c2:b1:
e8:d2:d1:a2:a4:63:cc:25:e1:02:d7:5f:72:e8:33:6e:41:a6:
23:85:7a:dd:a2:57:b7:e0:08:c2:36:76:55:b4:c7:c7:e5:1b:
ae:ca:24:4e:a0:80:b2:a6:fd:38:34:17:68:ec:43:6b:d8:fb:
1c:29:07:85:f5:c6:ab:e6:da:76:b0:9f:d6:b5:8a:53:2c:2f:
a4:9a:bc:96:c6:4c:89:98:3e:ad:b7:22:d1:ff:83:7d:a0:23:
43:6f:50:15:47:d9:c7:22:f0:ad:1a:28:d5:20:a5:ed:f4:f2:
15:96:3a:ec:5d:f3:2b:72:96:a3:93:5d:74:ee:26:98:f9:d7:
7c:a8:99:b2:e6:58:bf:04:3d:ef:65:5c:4f:1d:20:ab:a1:a7:
8f:cf:10:49:5d:26:7c:68:ee:c9:82:12:0d:b6:bb:ff:31:be:
22:3a:3e:65:fb:a3:13:c6:c8:c4:ca:e7:88:bd:94:b1:a8:a3:
99:15:c5:63:20:d0:37:e4:23:47:40:f4:85:1e:a8:6f:eb:67:
2d:2a:67:9d:e8:30:17:4c:ef:2d:17:24:a5:96:f1:11:c0:46:
a1:3d:20:79:35:bd:0e:af:cc:99:6b:27:68:f9:76:ad:11:4b:
6a:23:99:43
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZNxwKGUinzvavl8t2m2X1qjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmY1NWQzNzcxMjdmMjhjZTI2Yjc4ZmQ4M2JlY2Y0MWJl
Y2FkNGIwHhcNMjQxMTI4MDc1MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE3NzMyNDY5YmU4Y2YxMTRkNTRlM2Q1MGQ1NWJhYTFlYmE5ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZOIiIxcfmE8sMsMlO02v58YrZ6R
sbb66ovLruTDhmtrDyJ3CSknFeZVfao4y2fyiryLuSxJGYPG6/HfhncHFCyntnIy
pukDrs4+sItY7qDIEW5b4z3+8SydZpESMR7Qp3OUSGgZr0D7SNA7kO1iAFLxxlaM
z044uuN41HvbrpFcIotuISq0znO0VxzyTBiDdmitGmtIeiQDp857WptLMHwlyHno
53Kn+Vq8eIvLL3kvu8Lu+NgqtN1c+jfKR6N+EHJz6V+OllZqKmRqaE8ifi62+DmR
29xZbR4JNsiuIo/tJCDSJsKg2zcTo30ZSrl+B0COECS9gipbzEnTCgJXxwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFCIXcyRpvozxFNVOPVDVW6oeup2aMB8GA1UdIwQY
MBaAFGYvVdN3En8ozia3j9g77PQb7K1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgt
OGJlMTQ2MjUzMzU2LzEvSWhkekpHbS1qUEVVMVU0OVVOVmJxaDY2blpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgtOGJlMTQ2MjUzMzU2
LzEvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBCBAIAATA8AwQAHxnqAwQB
qxasAwQCuSxAAwQCuVXwAwQBuXTsAwQAuXTvAwQCuXqkAwQCuajAAwQCubhEAwQC
ub04MBoEAgACMBQwEgMHACoKLwAAAQMHAioKLwAAADANBgkqhkiG9w0BAQsFAAOC
AQEAmf92MTmh21AekBnV1hlKWsKx6NLRoqRjzCXhAtdfcugzbkGmI4V63aJXt+AI
wjZ2VbTHx+UbrsokTqCAsqb9ODQXaOxDa9j7HCkHhfXGq+badrCf1rWKUywvpJq8
lsZMiZg+rbci0f+DfaAjQ29QFUfZxyLwrRoo1SCl7fTyFZY67F3zK3KWo5NddO4m
mPnXfKiZsuZYvwQ972VcTx0gq6Gnj88QSV0mfGjuyYISDba7/zG+Ijo+ZfujE8bI
xMrniL2UsaijmRXFYyDQN+QjR0D0hR6ob+tnLSpnnegwF0zvLRckpZbxEcBGoT0g
eTW9Dq/MmWsnaPl2rRFLaiOZQw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:46:26 2025 by rpki-client