Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/1fdf04-8b4e-4332-a4de-7793b9efb1bd/1/d16u2xRq_X5hZCERB1e61dcDSoc.roa
File: d16u2xRq_X5hZCERB1e61dcDSoc.roa (raw, json)
Hash identifier: BxsLs0/S23vVdEl1K1TW3kMiEXM7uR7fwRQuXoxvYiM=
Subject key identifier: 77:5E:AE:DB:14:6A:FD:7E:61:64:21:11:07:57:BA:D5:D7:03:4A:87
Certificate issuer: /CN=ae1eb280d1722846a44124c4c62d0059f61af242
Certificate serial: 018D06DAD33F2DFAE2355FD50FE6786BC9D4
Authority key identifier: AE:1E:B2:80:D1:72:28:46:A4:41:24:C4:C6:2D:00:59:F6:1A:F2:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rh6ygNFyKEakQSTExi0AWfYa8kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/1fdf04-8b4e-4332-a4de-7793b9efb1bd/1/d16u2xRq_X5hZCERB1e61dcDSoc.roa
Signing time: Sun 14 Jan 2024 07:23:40 +0000
ROA not before: Sun 14 Jan 2024 07:23:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42428
IP address blocks: 212.11.164.0/24 maxlen: 24
212.11.165.0/24 maxlen: 24
212.11.162.0/24 maxlen: 24
212.11.163.0/24 maxlen: 24
212.11.166.0/24 maxlen: 24
212.11.160.0/23 maxlen: 23
212.11.167.0/24 maxlen: 24
212.11.168.0/23 maxlen: 23
212.11.171.0/24 maxlen: 24
212.11.172.0/24 maxlen: 24
212.11.170.0/24 maxlen: 24
212.11.178.0/23 maxlen: 23
212.11.176.0/24 maxlen: 24
212.11.177.0/24 maxlen: 24
212.11.174.0/23 maxlen: 23
212.11.173.0/24 maxlen: 24
87.230.160.0/19 maxlen: 19
212.11.181.0/24 maxlen: 24
212.11.182.0/24 maxlen: 24
212.11.180.0/24 maxlen: 24
212.11.185.0/24 maxlen: 24
212.11.186.0/23 maxlen: 23
212.11.183.0/24 maxlen: 24
212.11.184.0/24 maxlen: 24
212.11.188.0/22 maxlen: 22
87.230.128.0/19 maxlen: 19
88.84.112.0/20 maxlen: 20
87.230.192.0/18 maxlen: 18
88.84.96.0/22 maxlen: 22
88.84.96.0/19 maxlen: 19
88.84.96.0/20 maxlen: 20
88.84.100.0/22 maxlen: 22
88.84.104.0/21 maxlen: 21
185.90.16.0/22 maxlen: 22
2a02:fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:06:da:d3:3f:2d:fa:e2:35:5f:d5:0f:e6:78:6b:c9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae1eb280d1722846a44124c4c62d0059f61af242
Validity
Not Before: Jan 14 07:23:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=775eaedb146afd7e616421110757bad5d7034a87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:36:f2:3e:61:e1:ad:e4:52:96:52:00:af:22:
d8:36:95:00:f5:96:ee:4d:36:4a:05:6a:d1:41:e6:
c7:8b:95:84:8c:93:1c:1c:82:69:60:52:c2:cc:d0:
01:19:0f:50:04:df:18:3f:a9:f4:60:6f:b6:e7:1a:
14:6f:01:38:7e:90:df:0f:9c:ed:23:15:a3:2a:0c:
bd:37:65:a4:28:cb:f1:96:0e:5c:85:e8:f0:81:fc:
61:6e:1c:4f:83:a3:96:ab:7f:d8:5b:25:0a:e9:60:
f5:3e:7d:d9:9b:0c:55:ae:24:9c:03:b9:02:1e:b6:
78:04:dd:c5:ec:03:1a:a6:bd:bd:27:ef:38:0a:85:
3e:ae:7b:71:b5:19:ef:70:d2:70:fa:57:9b:b0:fb:
20:bd:f0:fa:72:97:bb:78:d4:6c:0a:dc:6d:04:74:
8f:94:b3:38:42:c3:83:ef:eb:92:75:95:3e:1d:b7:
71:c9:a0:9c:60:68:70:74:ba:bc:04:d3:7c:0d:9f:
86:b4:68:62:11:5a:dd:f6:1a:2c:df:af:7c:a7:8f:
c7:71:59:2a:01:89:10:af:57:73:5f:c4:29:e1:93:
17:13:8f:cd:ea:65:57:20:4d:e3:28:f7:1f:91:df:
a9:fb:cb:c1:8f:77:d9:8b:6c:b7:d9:56:5d:e2:7f:
16:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5E:AE:DB:14:6A:FD:7E:61:64:21:11:07:57:BA:D5:D7:03:4A:87
X509v3 Authority Key Identifier:
keyid:AE:1E:B2:80:D1:72:28:46:A4:41:24:C4:C6:2D:00:59:F6:1A:F2:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh6ygNFyKEakQSTExi0AWfYa8kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/1fdf04-8b4e-4332-a4de-7793b9efb1bd/1/d16u2xRq_X5hZCERB1e61dcDSoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/1fdf04-8b4e-4332-a4de-7793b9efb1bd/1/rh6ygNFyKEakQSTExi0AWfYa8kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.230.128.0/17
88.84.96.0/19
185.90.16.0/22
212.11.160.0/19
IPv6:
2a02:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:b1:0a:3a:82:cb:f2:df:f6:bb:26:8a:1a:85:11:4c:09:38:
7b:16:c9:ec:be:91:7a:51:63:dc:c1:74:4b:06:ec:a4:28:e6:
8a:f3:a4:63:f8:31:42:b2:96:ba:c0:a3:28:2c:20:2e:c9:36:
5f:bd:15:4b:56:69:c8:86:18:9e:33:a8:45:6e:b9:8b:7e:9e:
dc:e2:bd:10:46:0a:e4:4d:de:b9:04:8b:19:ad:29:5c:4b:5d:
6b:79:85:82:81:1c:f6:32:00:74:d1:25:ad:cf:2c:af:05:a9:
2e:13:0f:db:2e:f8:0f:71:0e:be:4b:fb:45:55:84:8a:a6:d4:
e7:78:0b:91:b6:f0:df:19:61:b1:a4:e4:52:78:0d:48:7b:78:
be:9e:a1:c3:77:6e:4a:14:41:ce:66:11:69:18:d5:f2:96:85:
0f:d1:30:4e:fd:24:6a:a8:07:50:ef:bb:f5:22:c3:47:b6:df:
f0:f8:b5:e6:15:e1:6e:8f:09:71:eb:f2:7c:59:1f:ed:b6:2f:
4b:c1:05:b3:99:b4:fb:ea:67:70:5b:f4:d6:51:b1:02:cd:ad:
c8:1f:33:d0:64:b9:c9:87:35:af:dc:49:d7:e4:60:9c:be:35:
12:bb:b8:1b:77:e7:01:4b:34:e5:cc:a0:ec:b2:b7:dd:d1:90:
89:42:6a:3b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY0G2tM/LfriNV/VD+Z4a8nUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWViMjgwZDE3MjI4NDZhNDQxMjRjNGM2MmQwMDU5ZjYx
YWYyNDIwHhcNMjQwMTE0MDcyMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzVlYWVkYjE0NmFmZDdlNjE2NDIxMTEwNzU3YmFkNWQ3MDM0YTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzbyPmHhreRSllIAryLYNpUA9Zbu
TTZKBWrRQebHi5WEjJMcHIJpYFLCzNABGQ9QBN8YP6n0YG+25xoUbwE4fpDfD5zt
IxWjKgy9N2WkKMvxlg5chejwgfxhbhxPg6OWq3/YWyUK6WD1Pn3ZmwxVriScA7kC
HrZ4BN3F7AMapr29J+84CoU+rntxtRnvcNJw+lebsPsgvfD6cpe7eNRsCtxtBHSP
lLM4QsOD7+uSdZU+HbdxyaCcYGhwdLq8BNN8DZ+GtGhiEVrd9hos3698p4/HcVkq
AYkQr1dzX8Qp4ZMXE4/N6mVXIE3jKPcfkd+p+8vBj3fZi2y32VZd4n8WdwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHdertsUav1+YWQhEQdXutXXA0qHMB8GA1UdIwQY
MBaAFK4esoDRcihGpEEkxMYtAFn2GvJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmg2eWdORnlLRWFrUVNURXhpMEFXZllhOGtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8xZmRmMDQtOGI0ZS00MzMyLWE0ZGUt
Nzc5M2I5ZWZiMWJkLzEvZDE2dTJ4UnFfWDVoWkNFUkIxZTYxZGNEU29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8xZmRmMDQtOGI0ZS00MzMyLWE0ZGUtNzc5M2I5ZWZiMWJk
LzEvcmg2eWdORnlLRWFrUVNURXhpMEFXZllhOGtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHV+aAAwQF
WFRgAwQCuVoQAwQF1AugMA0EAgACMAcDBQMqAg/AMA0GCSqGSIb3DQEBCwUAA4IB
AQBOsQo6gsvy3/a7JooahRFMCTh7FsnsvpF6UWPcwXRLBuykKOaK86Rj+DFCspa6
wKMoLCAuyTZfvRVLVmnIhhieM6hFbrmLfp7c4r0QRgrkTd65BIsZrSlcS11reYWC
gRz2MgB00SWtzyyvBakuEw/bLvgPcQ6+S/tFVYSKptTneAuRtvDfGWGxpORSeA1I
e3i+nqHDd25KFEHOZhFpGNXyloUP0TBO/SRqqAdQ77v1IsNHtt/w+LXmFeFujwlx
6/J8WR/tti9LwQWzmbT76mdwW/TWUbECza3IHzPQZLnJhzWv3EnX5GCcvjUSu7gb
d+cBSzTlzKDssrfd0ZCJQmo7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:14 2025 by rpki-client