Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/l2XyrGa2RugpHIKECpxmeaE7wM4.roa
File: l2XyrGa2RugpHIKECpxmeaE7wM4.roa (raw, json)
Hash identifier: /wG0TKm7CBXBKobF8UqBXlGo366uUiNEomwA3rAAVTA=
Subject key identifier: 97:65:F2:AC:66:B6:46:E8:29:1C:82:84:0A:9C:66:79:A1:3B:C0:CE
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 01949422A6C403EED1403E74ACC6B541A77F
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/l2XyrGa2RugpHIKECpxmeaE7wM4.roa
Signing time: Thu 23 Jan 2025 17:08:06 +0000
ROA not before: Thu 23 Jan 2025 17:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6134
IP address blocks: 45.128.146.0/24 maxlen: 24
45.128.147.0/24 maxlen: 24
45.131.179.0/24 maxlen: 24
45.132.238.0/24 maxlen: 24
45.132.239.0/24 maxlen: 24
45.133.238.0/24 maxlen: 24
45.133.239.0/24 maxlen: 24
45.134.82.0/24 maxlen: 24
45.134.83.0/24 maxlen: 24
45.135.118.0/24 maxlen: 24
45.135.119.0/24 maxlen: 24
45.137.10.0/24 maxlen: 24
45.137.11.0/24 maxlen: 24
45.140.90.0/24 maxlen: 24
45.140.91.0/24 maxlen: 24
91.238.203.0/24 maxlen: 24
91.238.207.0/24 maxlen: 24
185.106.177.0/24 maxlen: 24
185.106.178.0/24 maxlen: 24
185.106.179.0/24 maxlen: 24
193.200.130.0/24 maxlen: 24
193.200.134.0/24 maxlen: 24
193.200.149.0/24 maxlen: 24
193.200.152.0/24 maxlen: 24
193.227.103.0/24 maxlen: 24
193.227.109.0/24 maxlen: 24
193.227.114.0/24 maxlen: 24
2a06:5040:21::/48 maxlen: 48
2a06:5040:22::/48 maxlen: 48
2a06:5040:23::/48 maxlen: 48
2a06:5040:24::/48 maxlen: 48
2a06:5040:25::/48 maxlen: 48
2a06:5040:30::/45 maxlen: 45
Validation: Failed, certificate revoked on Sat 08 Feb 2025 02:40:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:94:22:a6:c4:03:ee:d1:40:3e:74:ac:c6:b5:41:a7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Jan 23 17:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9765f2ac66b646e8291c82840a9c6679a13bc0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:14:28:5e:1f:ba:6f:dc:a7:6b:a8:e6:48:bf:
f2:02:c2:32:20:36:f8:12:94:f8:cf:bc:ff:a4:20:
89:c6:e7:17:ef:0b:80:03:7e:6a:6f:16:73:aa:49:
84:99:9a:34:2c:3a:a0:3b:7c:c9:9f:e1:28:d9:73:
86:31:09:dc:4c:22:49:47:e6:57:c0:bc:d7:0a:3c:
37:43:4f:88:9d:f2:54:20:cd:8d:2e:05:cc:49:23:
e3:c7:d6:7e:37:a2:06:0f:2d:79:71:a8:d1:2a:21:
24:4f:94:43:9a:a9:31:92:c7:25:17:c8:77:04:72:
c5:fa:da:a2:6a:a3:58:d8:f7:d2:08:40:da:92:4a:
b6:0e:81:15:c5:0d:17:38:f5:db:e0:6c:55:e4:92:
73:9f:a6:ff:03:ff:0e:43:ea:b8:36:2c:e8:5e:ab:
5a:09:1a:ae:93:a7:6d:e3:de:67:8e:99:b1:43:0c:
29:49:dc:83:95:da:c9:c0:8a:4c:d9:75:16:1c:cc:
3e:22:b7:06:11:62:d2:75:68:36:c3:d2:b0:3c:3e:
d6:15:bc:cb:02:e1:8d:a5:66:5a:d0:c1:4a:62:5b:
60:49:37:39:a7:b4:5e:c8:07:81:81:72:af:f6:78:
67:77:3e:8d:56:ea:a1:f9:bb:bd:45:a9:95:6a:9b:
10:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:65:F2:AC:66:B6:46:E8:29:1C:82:84:0A:9C:66:79:A1:3B:C0:CE
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/l2XyrGa2RugpHIKECpxmeaE7wM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.146.0/23
45.131.179.0/24
45.132.238.0/23
45.133.238.0/23
45.134.82.0/23
45.135.118.0/23
45.137.10.0/23
45.140.90.0/23
91.238.203.0/24
91.238.207.0/24
185.106.177.0-185.106.179.255
193.200.130.0/24
193.200.134.0/24
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
193.227.114.0/24
IPv6:
2a06:5040:21::-2a06:5040:25:ffff:ffff:ffff:ffff:ffff
2a06:5040:30::/45
Signature Algorithm: sha256WithRSAEncryption
42:6a:8d:3f:21:e3:3b:8e:b6:aa:a3:81:0a:dd:a5:1d:51:d1:
c7:94:63:36:20:6c:a6:bc:88:72:07:e5:41:c8:d0:5f:bc:04:
47:7f:f3:10:5d:24:42:43:bc:1f:c9:9a:d7:10:32:ed:8c:21:
3e:7e:19:fd:4e:93:8a:dc:f9:9f:95:13:5a:d2:5d:e1:d9:5e:
11:c8:ba:9c:43:f2:5e:e3:31:57:f4:4b:24:23:d3:a2:99:79:
27:eb:a7:06:a6:62:7a:dd:b5:ba:e2:1b:4e:8c:ff:80:0a:53:
9a:55:e8:f5:89:44:d0:8c:91:e7:e0:44:05:1c:8b:54:88:29:
b1:06:98:c5:46:3c:43:ae:f0:b1:19:66:ca:88:04:0e:05:06:
f8:d5:c3:b5:3c:63:25:77:6e:1a:49:df:36:cd:39:88:64:23:
25:66:35:6d:a5:04:d2:2c:be:b5:98:bb:38:aa:ed:16:0f:53:
31:39:08:12:a0:e1:24:ab:ff:41:ac:3e:30:0f:05:f4:b8:fc:
29:b5:32:17:8c:b0:70:f9:ec:08:61:fa:67:92:79:4d:9d:a5:
10:0f:65:ed:0d:1f:e6:e4:e1:15:49:e2:0c:37:cd:47:8d:ae:
9d:d6:d4:a9:e6:f7:51:73:1f:c9:21:34:e2:08:a6:6b:17:cc:
f8:b1:37:65
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZSUIqbEA+7RQD50rMa1Qad/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjUwMTIzMTcwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzY1ZjJhYzY2YjY0NmU4MjkxYzgyODQwYTljNjY3OWExM2JjMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRQoXh+6b9yna6jmSL/yAsIyIDb4
EpT4z7z/pCCJxucX7wuAA35qbxZzqkmEmZo0LDqgO3zJn+Eo2XOGMQncTCJJR+ZX
wLzXCjw3Q0+InfJUIM2NLgXMSSPjx9Z+N6IGDy15cajRKiEkT5RDmqkxksclF8h3
BHLF+tqiaqNY2PfSCEDakkq2DoEVxQ0XOPXb4GxV5JJzn6b/A/8OQ+q4NizoXqta
CRquk6dt495njpmxQwwpSdyDldrJwIpM2XUWHMw+IrcGEWLSdWg2w9KwPD7WFbzL
AuGNpWZa0MFKYltgSTc5p7ReyAeBgXKv9nhndz6NVuqh+bu9RamVapsQLwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFJdl8qxmtkboKRyChAqcZnmhO8DOMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvbDJYeXJHYTJSdWdwSElLRUNweG1lYUU3d000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTB6BAIAATB0AwQBLYCS
AwQALYOzAwQBLYTuAwQBLYXuAwQBLYZSAwQBLYd2AwQBLYkKAwQBLYxaAwQAW+7L
AwQAW+7PMAwDBAC5arEDBAK5arADBADByIIDBADByIYDBADByJUDBADByJgDBADB
42cDBADB420DBADB43IwIwQCAAIwHTASAwcAKgZQQAAhAwcBKgZQQAAkAwcDKgZQ
QAAwMA0GCSqGSIb3DQEBCwUAA4IBAQBCao0/IeM7jraqo4EK3aUdUdHHlGM2IGym
vIhyB+VByNBfvARHf/MQXSRCQ7wfyZrXEDLtjCE+fhn9TpOK3PmflRNa0l3h2V4R
yLqcQ/Je4zFX9EskI9OimXkn66cGpmJ63bW64htOjP+AClOaVej1iUTQjJHn4EQF
HItUiCmxBpjFRjxDrvCxGWbKiAQOBQb41cO1PGMld24aSd82zTmIZCMlZjVtpQTS
LL61mLs4qu0WD1MxOQgSoOEkq/9BrD4wDwX0uPwptTIXjLBw+ewIYfpnknlNnaUQ
D2XtDR/m5OEVSeIMN81Hja6d1tSp5vdRcx/JITTiCKZrF8z4sTdl
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:35:03 2025 by rpki-client