Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/z9qfinnAJi7IyC_pbmjR276h36c.roa
File: z9qfinnAJi7IyC_pbmjR276h36c.roa (raw, json)
Hash identifier: +NXNh8kg11YZ7hX097mQEEDnW7SmJcwhjWDSUcVIMOw=
Subject key identifier: CF:DA:9F:8A:79:C0:26:2E:C8:C8:2F:E9:6E:68:D1:DB:BE:A1:DF:A7
Certificate issuer: /CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Certificate serial: 018CC793531C4EC5A84FDF6300E21C201CA0
Authority key identifier: 9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/z9qfinnAJi7IyC_pbmjR276h36c.roa
Signing time: Tue 02 Jan 2024 00:29:30 +0000
ROA not before: Tue 02 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29170
IP address blocks: 185.67.177.201/32 maxlen: 32
178.132.216.0/24 maxlen: 24
82.114.81.0/24 maxlen: 24
178.132.217.0/24 maxlen: 24
82.114.84.0/24 maxlen: 24
82.114.79.0/24 maxlen: 24
178.132.216.0/21 maxlen: 21
178.132.220.0/24 maxlen: 24
82.114.88.0/24 maxlen: 24
46.19.224.0/24 maxlen: 24
46.19.224.0/21 maxlen: 24
46.19.225.0/24 maxlen: 24
46.19.230.0/24 maxlen: 24
82.114.64.0/19 maxlen: 19
82.114.64.0/24 maxlen: 24
82.114.70.0/24 maxlen: 24
82.114.65.0/24 maxlen: 24
82.114.66.0/24 maxlen: 24
82.114.67.0/24 maxlen: 24
82.114.74.0/24 maxlen: 24
82.114.77.0/24 maxlen: 24
82.114.78.0/24 maxlen: 24
82.114.85.19/32 maxlen: 32
185.67.176.0/22 maxlen: 22
185.67.176.0/24 maxlen: 24
185.67.177.0/24 maxlen: 24
185.67.178.0/24 maxlen: 24
185.67.179.0/24 maxlen: 24
185.67.177.175/32 maxlen: 32
185.190.132.0/22 maxlen: 22
185.190.132.0/24 maxlen: 24
185.67.177.176/32 maxlen: 32
2a04:3080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Jan 2024 21:23:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:53:1c:4e:c5:a8:4f:df:63:00:e2:1c:20:1c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Validity
Not Before: Jan 2 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfda9f8a79c0262ec8c82fe96e68d1dbbea1dfa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f9:1b:42:27:08:ae:ac:e8:07:3f:df:1e:72:
52:9f:78:cd:19:31:1b:58:b3:c6:45:d3:70:b1:24:
38:8c:f9:f3:ac:71:52:13:e0:6d:80:0c:c4:dc:6d:
28:58:60:7f:d6:c5:bc:e5:9f:9f:fb:7d:12:b5:27:
89:75:78:d4:d8:f1:b8:b5:7a:05:3b:7b:9e:ed:09:
0c:ef:e6:7d:05:c7:60:89:7d:50:fa:1b:ff:d1:ac:
99:25:50:0e:77:a3:43:7e:fc:0e:d9:f7:85:60:06:
69:62:01:9d:52:7c:ed:c9:08:cb:75:39:e8:fa:2d:
1b:cb:7a:4d:2b:1e:05:07:38:a9:93:5a:b4:8a:44:
8c:41:6f:8e:e2:af:1f:dd:59:c0:51:74:3f:e5:95:
3f:7f:bb:18:82:98:5d:85:bd:72:f6:e5:18:00:63:
b9:df:17:0c:44:f7:a7:5b:67:5e:af:d2:b4:72:33:
af:88:d4:ff:80:ab:3d:f2:bb:81:2b:16:5a:a9:a6:
7b:e6:bb:ce:eb:c5:cf:d5:f0:cc:f5:f5:f2:8c:a0:
fb:6e:39:5d:8b:4c:44:b4:96:6a:52:ce:ba:1a:9e:
b7:5a:f1:fd:3f:67:ce:27:b5:87:a7:ee:43:a8:ba:
85:c0:c0:64:1b:69:42:8b:a3:62:33:b8:32:2e:93:
ba:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DA:9F:8A:79:C0:26:2E:C8:C8:2F:E9:6E:68:D1:DB:BE:A1:DF:A7
X509v3 Authority Key Identifier:
keyid:9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/z9qfinnAJi7IyC_pbmjR276h36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/mpLTBwi51OjHwoyX-AN8gCcUTEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.224.0/21
82.114.64.0/19
178.132.216.0/21
185.67.176.0/22
185.190.132.0/22
IPv6:
2a04:3080::/29
Signature Algorithm: sha256WithRSAEncryption
4a:41:e6:8e:f5:8f:51:54:df:79:c8:8c:ca:ba:89:88:6a:80:
cd:fc:00:79:c4:d4:2d:1f:44:45:9b:fb:8e:f7:e3:64:97:7b:
99:f5:f6:a3:4a:7b:d2:1c:56:4f:6c:5c:7f:19:e8:cc:ac:e3:
9f:eb:a9:40:e1:c8:c2:3b:35:05:2d:f6:ef:e5:0d:49:8e:ae:
5c:42:b8:1a:bd:a2:cb:0d:31:0b:bf:43:84:a2:a3:37:02:ea:
a4:b2:38:56:f7:bf:45:9d:16:7c:81:53:cd:5d:2a:f6:a0:df:
04:48:86:37:f1:12:9f:3d:60:c2:4a:83:20:a9:e6:b3:b9:3c:
1a:72:10:ff:c9:ee:aa:2b:fa:19:70:88:30:bf:0c:df:99:87:
65:04:7d:9f:0e:12:98:5b:4e:aa:3b:bb:ea:bc:62:e1:59:d8:
07:2a:2e:80:b2:d3:8c:79:49:6e:17:d2:65:06:a2:d0:62:40:
44:47:06:7f:b9:08:03:13:f1:53:f3:20:98:bd:49:66:11:c0:
cc:c7:aa:01:b9:d4:b0:1b:c5:a5:10:39:5c:53:57:9c:6d:c7:
31:74:ad:a7:dc:67:a6:1c:45:ad:de:62:1c:56:40:1e:a2:c4:
d0:b4:ac:a4:f6:15:ff:3f:3b:d4:07:d6:22:55:49:93:3f:28:
72:d7:79:b4
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHk1McTsWoT99jAOIcIBygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTJkMzA3MDhiOWQ0ZThjN2MyOGM5N2Y4MDM3YzgwMjcx
NDRjNDcwHhcNMjQwMTAyMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRhOWY4YTc5YzAyNjJlYzhjODJmZTk2ZTY4ZDFkYmJlYTFkZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPkbQicIrqzoBz/fHnJSn3jNGTEb
WLPGRdNwsSQ4jPnzrHFSE+BtgAzE3G0oWGB/1sW85Z+f+30StSeJdXjU2PG4tXoF
O3ue7QkM7+Z9BcdgiX1Q+hv/0ayZJVAOd6NDfvwO2feFYAZpYgGdUnztyQjLdTno
+i0by3pNKx4FBzipk1q0ikSMQW+O4q8f3VnAUXQ/5ZU/f7sYgphdhb1y9uUYAGO5
3xcMRPenW2der9K0cjOviNT/gKs98ruBKxZaqaZ75rvO68XP1fDM9fXyjKD7bjld
i0xEtJZqUs66Gp63WvH9P2fOJ7WHp+5DqLqFwMBkG2lCi6NiM7gyLpO6+wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM/an4p5wCYuyMgv6W5o0du+od+nMB8GA1UdIwQY
MBaAFJqS0wcIudTox8KMl/gDfIAnFExHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBMVEJ3aTUxT2pId295WC1BTjhnQ2NVVEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jOTM3YmUtZjViMS00M2M2LTk1ODct
NGUwNjYyMWJkOThhLzEvejlxZmlubkFKaTdJeUNfcGJtalIyNzZoMzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jOTM3YmUtZjViMS00M2M2LTk1ODctNGUwNjYyMWJkOThh
LzEvbXBMVEJ3aTUxT2pId295WC1BTjhnQ2NVVEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLhPgAwQF
UnJAAwQDsoTYAwQCuUOwAwQCub6EMA0EAgACMAcDBQMqBDCAMA0GCSqGSIb3DQEB
CwUAA4IBAQBKQeaO9Y9RVN95yIzKuomIaoDN/AB5xNQtH0RFm/uO9+Nkl3uZ9faj
SnvSHFZPbFx/GejMrOOf66lA4cjCOzUFLfbv5Q1Jjq5cQrgavaLLDTELv0OEoqM3
AuqksjhW979FnRZ8gVPNXSr2oN8ESIY38RKfPWDCSoMgqeazuTwachD/ye6qK/oZ
cIgwvwzfmYdlBH2fDhKYW06qO7vqvGLhWdgHKi6AstOMeUluF9JlBqLQYkBERwZ/
uQgDE/FT8yCYvUlmEcDMx6oBudSwG8WlEDlcU1ecbccxdK2n3GemHEWt3mIcVkAe
osTQtKyk9hX/PzvUB9YiVUmTPyhy13m0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:35 2025 by rpki-client