Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/ZraCt9rw4rZB9JyRU3cNDOCETz4.roa
File: ZraCt9rw4rZB9JyRU3cNDOCETz4.roa (raw, json)
Hash identifier: xGAJ+IyVzPvcLg19he0kfxZQeDI08JeM2n9Zt7eL7/4=
Subject key identifier: 66:B6:82:B7:DA:F0:E2:B6:41:F4:9C:91:53:77:0D:0C:E0:84:4F:3E
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 018CC7950C3D0C6AF7BE3CFF56CB8402BC50
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/ZraCt9rw4rZB9JyRU3cNDOCETz4.roa
Signing time: Tue 02 Jan 2024 00:31:23 +0000
ROA not before: Tue 02 Jan 2024 00:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 83.144.64.0/19 maxlen: 19
83.144.64.0/18 maxlen: 18
31.178.0.0/16 maxlen: 16
83.144.96.0/19 maxlen: 19
31.178.0.0/15 maxlen: 15
91.150.192.0/20 maxlen: 20
91.150.192.0/19 maxlen: 19
91.150.208.0/20 maxlen: 20
188.93.164.0/22 maxlen: 22
188.93.160.0/21 maxlen: 21
188.93.160.0/22 maxlen: 22
84.10.0.0/17 maxlen: 17
213.134.160.0/20 maxlen: 20
213.134.160.0/19 maxlen: 19
84.10.0.0/16 maxlen: 16
213.134.176.0/20 maxlen: 20
95.158.64.0/18 maxlen: 18
85.222.64.0/18 maxlen: 18
85.222.0.0/18 maxlen: 18
85.222.0.0/17 maxlen: 17
81.18.192.0/20 maxlen: 20
81.18.192.0/21 maxlen: 21
194.187.40.0/22 maxlen: 22
81.18.200.0/21 maxlen: 21
81.18.208.0/21 maxlen: 21
81.18.208.0/20 maxlen: 20
81.18.216.0/21 maxlen: 21
212.76.32.0/20 maxlen: 20
212.76.32.0/19 maxlen: 19
212.76.48.0/20 maxlen: 20
31.187.0.0/18 maxlen: 18
31.187.0.0/19 maxlen: 19
31.187.32.0/19 maxlen: 19
178.73.32.0/19 maxlen: 19
178.73.0.0/18 maxlen: 18
178.73.0.0/19 maxlen: 19
94.75.64.0/19 maxlen: 19
195.34.208.0/22 maxlen: 22
94.75.64.0/18 maxlen: 18
89.72.0.0/13 maxlen: 13
31.186.192.0/19 maxlen: 19
87.207.0.0/16 maxlen: 16
92.244.32.0/20 maxlen: 20
92.244.32.0/19 maxlen: 19
92.244.48.0/20 maxlen: 20
94.75.96.0/19 maxlen: 19
94.172.0.0/17 maxlen: 17
77.236.0.0/20 maxlen: 20
77.236.0.0/19 maxlen: 19
89.64.0.0/13 maxlen: 13
94.172.0.0/16 maxlen: 16
77.236.16.0/20 maxlen: 20
84.10.128.0/17 maxlen: 17
94.172.128.0/17 maxlen: 17
89.64.0.0/12 maxlen: 12
193.47.158.0/23 maxlen: 23
193.47.160.0/24 maxlen: 24
31.179.0.0/16 maxlen: 16
83.175.176.0/20 maxlen: 20
83.175.176.0/21 maxlen: 21
83.175.184.0/21 maxlen: 21
87.206.0.0/16 maxlen: 16
87.206.0.0/15 maxlen: 15
2001:4050::/32 maxlen: 32
2001:4050::/33 maxlen: 33
2001:4050:8000::/33 maxlen: 33
2a02:a300::/28 maxlen: 28
2a02:a310::/28 maxlen: 28
2a02:a300::/27 maxlen: 27
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:0c:3d:0c:6a:f7:be:3c:ff:56:cb:84:02:bc:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Jan 2 00:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66b682b7daf0e2b641f49c9153770d0ce0844f3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:96:12:21:a5:82:83:d8:20:0d:6d:4f:5b:5f:
65:da:31:bb:13:12:c8:0a:f9:78:fe:2d:99:64:64:
7f:a9:3f:3e:3d:03:f4:72:76:63:5f:73:01:6a:86:
e5:6b:3a:25:6e:81:3c:05:26:96:10:18:10:0b:91:
39:f5:f7:85:c7:50:cd:dc:69:2a:f2:0b:46:68:4f:
c4:60:1d:4d:23:33:fb:e9:97:6d:44:8a:e3:3f:b2:
a1:e5:30:fb:19:fc:f6:55:0b:4c:86:29:7c:a3:13:
13:54:3e:e7:da:5a:ee:34:45:c0:b6:e1:fd:c6:83:
46:fe:8a:6a:e1:a8:9c:0f:7a:e2:47:72:e0:ff:91:
ef:b3:10:7b:9e:f9:4e:3e:a5:30:f3:b6:99:57:41:
05:72:79:11:bc:ce:fe:11:e8:2d:9e:97:32:df:89:
a4:2e:c6:e0:30:9f:ef:4d:29:d5:a7:0d:61:00:b7:
2c:45:53:0a:43:6d:b9:3c:4e:fa:99:87:4e:1b:37:
93:29:89:77:33:d6:67:d6:27:c4:04:42:49:84:45:
c5:eb:45:7b:4f:b5:3f:c4:87:a0:e3:2e:0c:61:47:
09:c5:d0:a9:f3:7e:c2:c5:92:ca:af:4d:1c:ac:db:
08:72:1b:1e:2c:dd:41:d0:7c:08:52:c7:9f:28:b2:
45:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B6:82:B7:DA:F0:E2:B6:41:F4:9C:91:53:77:0D:0C:E0:84:4F:3E
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/ZraCt9rw4rZB9JyRU3cNDOCETz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
31.187.0.0/18
77.236.0.0/19
81.18.192.0/19
83.144.64.0/18
83.175.176.0/20
84.10.0.0/16
85.222.0.0/17
87.206.0.0/15
89.64.0.0/12
91.150.192.0/19
92.244.32.0/19
94.75.64.0/18
94.172.0.0/16
95.158.64.0/18
178.73.0.0/18
188.93.160.0/21
193.47.158.0-193.47.160.255
194.187.40.0/22
195.34.208.0/22
212.76.32.0/19
213.134.160.0/19
IPv6:
2001:4050::/32
2a02:a300::/27
Signature Algorithm: sha256WithRSAEncryption
03:e1:b9:a0:08:b6:a9:58:39:b1:e3:12:0c:a3:0f:88:c0:7e:
36:39:48:c9:94:74:f7:99:c1:cf:c5:2b:9a:3a:fb:6a:f9:53:
c4:f1:ff:c9:06:94:0c:92:35:4a:f8:10:62:7f:7f:c7:c6:d5:
30:0f:e8:cb:54:36:8e:0c:f8:f4:0e:cb:ee:c8:99:04:ef:d2:
8e:b4:7e:41:73:d1:68:74:95:8d:ea:12:45:ed:e1:81:d5:1e:
75:ba:9d:f9:77:be:ac:c8:41:f9:dd:ed:74:82:d2:f6:22:aa:
a3:d1:3c:2c:c5:b2:e5:7f:f7:e1:4f:6f:cd:58:94:11:b0:f2:
fa:d5:fc:c1:ec:a3:6d:e1:00:15:36:5b:e2:25:23:10:6e:ae:
b0:ac:4c:d2:c4:f5:4d:36:06:43:66:58:7a:d6:a7:87:65:40:
d3:ec:06:8b:97:db:21:0e:d4:ec:4f:a7:f3:a2:b0:76:fb:01:
4d:39:a2:c9:2c:77:a7:d6:92:51:a4:69:7e:89:02:66:3f:13:
5e:33:c4:45:bf:8e:09:9c:e8:2c:47:e1:64:e3:f6:8c:bf:0c:
2a:6c:ae:ad:e1:02:ee:d7:e0:bf:0e:74:d1:ec:7b:01:c5:37:
25:9a:90:6d:49:ff:0d:79:b8:2d:9c:24:76:c1:4a:d3:50:b9:
4b:51:01:bd
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYzHlQw9DGr3vjz/VsuEArxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjQwMTAyMDAzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmI2ODJiN2RhZjBlMmI2NDFmNDljOTE1Mzc3MGQwY2UwODQ0ZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5YSIaWCg9ggDW1PW19l2jG7ExLI
Cvl4/i2ZZGR/qT8+PQP0cnZjX3MBaoblazolboE8BSaWEBgQC5E59feFx1DN3Gkq
8gtGaE/EYB1NIzP76ZdtRIrjP7Kh5TD7Gfz2VQtMhil8oxMTVD7n2lruNEXAtuH9
xoNG/opq4aicD3riR3Lg/5HvsxB7nvlOPqUw87aZV0EFcnkRvM7+Eegtnpcy34mk
LsbgMJ/vTSnVpw1hALcsRVMKQ225PE76mYdOGzeTKYl3M9Zn1ifEBEJJhEXF60V7
T7U/xIeg4y4MYUcJxdCp837CxZLKr00crNsIchseLN1B0HwIUsefKLJFhQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFGa2grfa8OK2QfSckVN3DQzghE8+MB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvWnJhQ3Q5cnc0clpCOUp5UlUzY05ET0NFVHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBlAQCAAEwgY0DAwEf
sgMEBR+6wAMEBh+7AAMEBU3sAAMEBVESwAMEBlOQQAMEBFOvsAMDAFQKAwQHVd4A
AwMBV84DAwRZQAMEBVuWwAMEBVz0IAMEBl5LQAMDAF6sAwQGX55AAwQGskkAAwQD
vF2gMAwDBAHBL54DBADBL6ADBALCuygDBALDItADBAXUTCADBAXVhqAwFAQCAAIw
DgMFACABQFADBQUqAqMAMA0GCSqGSIb3DQEBCwUAA4IBAQAD4bmgCLapWDmx4xIM
ow+IwH42OUjJlHT3mcHPxSuaOvtq+VPE8f/JBpQMkjVK+BBif3/HxtUwD+jLVDaO
DPj0DsvuyJkE79KOtH5Bc9FodJWN6hJF7eGB1R51up35d76syEH53e10gtL2Iqqj
0TwsxbLlf/fhT2/NWJQRsPL61fzB7KNt4QAVNlviJSMQbq6wrEzSxPVNNgZDZlh6
1qeHZUDT7AaLl9shDtTsT6fzorB2+wFNOaLJLHen1pJRpGl+iQJmPxNeM8RFv44J
nOgsR+Fk4/aMvwwqbK6t4QLu1+C/DnTR7HsBxTclmpBtSf8NebgtnCR2wUrTULlL
UQG9
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:14:39 2025 by rpki-client