Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/gKq3CdmFtwxTMUHdjpGDgewADUQ.roa
File: gKq3CdmFtwxTMUHdjpGDgewADUQ.roa (raw, json)
Hash identifier: gI1rWFiU45rsvAr9DTOLV18bZr9l9X1T6H/cVmV9WSA=
Subject key identifier: 80:AA:B7:09:D9:85:B7:0C:53:31:41:DD:8E:91:83:81:EC:00:0D:44
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019364E46627A3CD7F69FF0BAADCDB2F79EF
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/gKq3CdmFtwxTMUHdjpGDgewADUQ.roa
Signing time: Mon 25 Nov 2024 19:55:10 +0000
ROA not before: Mon 25 Nov 2024 19:55:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
46.16.131.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Dec 2024 23:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:64:e4:66:27:a3:cd:7f:69:ff:0b:aa:dc:db:2f:79:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Nov 25 19:55:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80aab709d985b70c533141dd8e918381ec000d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:76:47:dc:25:b8:59:c6:83:0a:c3:8c:d7:19:
f7:b4:86:9b:55:16:d0:2e:99:6f:38:af:04:0e:15:
7a:89:4f:71:d2:e8:91:25:8c:ed:8f:00:20:8d:e8:
50:fb:9f:9d:9c:09:be:63:34:95:bd:f7:b9:cd:93:
d9:c4:83:d1:c1:b8:f5:d6:3f:4b:99:4b:b1:8c:27:
c8:77:cb:2a:bb:b1:8c:49:e9:c6:55:b3:b3:60:6f:
67:c8:26:db:8c:18:53:68:97:cc:0c:3c:5f:26:51:
59:17:32:08:9f:82:39:12:16:75:8c:a3:c1:fe:5a:
2e:f8:46:c4:90:e5:23:63:ab:d9:0f:a7:f9:f4:24:
d0:8f:c7:27:c3:c0:22:4c:40:5b:23:d0:fa:a6:03:
09:fd:df:55:43:23:30:90:22:fc:6d:b3:cd:0b:86:
cf:ef:f6:10:21:50:42:b0:07:5c:5e:f7:90:b6:4c:
49:a2:08:97:45:10:cd:55:01:9f:7f:f0:4f:80:63:
1c:80:25:94:fb:72:81:1c:a7:a8:aa:5c:df:c3:42:
25:2c:97:10:cf:9a:0f:29:0a:d7:93:54:fc:9b:57:
ed:a7:83:03:ff:66:4d:c5:d8:7c:8c:e8:cc:f2:81:
f4:1f:d8:8a:30:59:35:04:4c:c9:76:8e:2c:16:19:
e2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:AA:B7:09:D9:85:B7:0C:53:31:41:DD:8E:91:83:81:EC:00:0D:44
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/gKq3CdmFtwxTMUHdjpGDgewADUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/22
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.237.0-185.126.239.255
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:1::/48
2a11:840:3::/48
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/47
Signature Algorithm: sha256WithRSAEncryption
57:56:75:bf:fd:65:bb:66:4d:51:8b:4a:6c:21:b1:f8:93:c7:
1c:a2:7b:22:d3:09:5b:88:11:e3:e0:88:47:ab:24:48:ad:bb:
dc:dc:b2:a4:e2:f4:89:f4:c0:85:75:a4:62:61:1c:b4:58:7e:
e4:b5:04:17:81:e2:48:fc:af:74:d4:a2:7c:fc:51:ae:b9:ae:
70:d9:56:85:85:b9:32:7e:6a:b6:51:5c:21:59:b3:2e:ce:63:
39:77:55:80:bf:af:16:99:95:63:26:59:24:de:08:51:33:96:
b9:4d:ff:99:db:b2:f1:d6:0a:c9:40:fb:d3:2a:6c:dc:6f:9a:
55:f3:13:2d:e8:ff:11:20:be:54:36:ec:11:4f:6a:b8:ae:4b:
e0:e7:28:75:68:e4:27:86:7a:41:12:99:f9:bf:97:05:40:4e:
ad:40:9c:5e:80:60:ba:51:13:45:b1:98:8b:52:af:5b:32:f1:
e0:47:a5:22:c1:3e:24:1e:1c:e0:6e:a6:cf:25:4f:6b:b4:33:
00:b9:8a:d7:40:f0:4c:b6:8d:0a:a9:c6:65:96:9f:96:f9:93:
2c:6c:eb:0c:5a:19:0a:46:e3:1c:a6:7c:d1:1d:19:d3:7a:cf:
45:da:54:20:fd:15:c9:ec:95:7f:35:90:0c:c8:4b:9f:29:aa:
ea:9b:88:bf
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAZNk5GYno81/af8LqtzbL3nvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQxMTI1MTk1NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGFhYjcwOWQ5ODViNzBjNTMzMTQxZGQ4ZTkxODM4MWVjMDAwZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3ZH3CW4WcaDCsOM1xn3tIabVRbQ
LplvOK8EDhV6iU9x0uiRJYztjwAgjehQ+5+dnAm+YzSVvfe5zZPZxIPRwbj11j9L
mUuxjCfId8squ7GMSenGVbOzYG9nyCbbjBhTaJfMDDxfJlFZFzIIn4I5EhZ1jKPB
/lou+EbEkOUjY6vZD6f59CTQj8cnw8AiTEBbI9D6pgMJ/d9VQyMwkCL8bbPNC4bP
7/YQIVBCsAdcXveQtkxJogiXRRDNVQGff/BPgGMcgCWU+3KBHKeoqlzfw0IlLJcQ
z5oPKQrXk1T8m1ftp4MD/2ZNxdh8jOjM8oH0H9iKMFk1BEzJdo4sFhninQIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFICqtwnZhbcMUzFB3Y6Rg4HsAA1EMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvZ0txM0NkbUZ0d3hUTVVIZGpwR0RnZXdBRFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDA4BAIAATAyAwQC
LhCAAwQBbWiYAwQAbWibAwQCk04AMAwDBAC5fu0DBAS5fuADBAG51RQDBAC51Rcw
gccEAgACMIHAAwcAKhEIQAABAwcAKhEIQAADMBIDBwEqEQhAAAYDBwAqEQhAAAgw
EgMHBCoRCEAAEAMHACoRCEAAFDASAwcAKhEIQAAXAwcBKhEIQAAYMBIDBwUqEQhA
ACADBwAqEQhAACYDBwAqEQhAADADBwAqEQhAADMDBwEqEQhAAEAwEgMHACoRCEAA
RwMHACoRCEAASAMHACoRCEAAVAMHACoRCEAAVzASAwcFKhEIQABgAwcBKhEIQABo
AwcBKhEIQABwMA0GCSqGSIb3DQEBCwUAA4IBAQBXVnW//WW7Zk1Ri0psIbH4k8cc
onsi0wlbiBHj4IhHqyRIrbvc3LKk4vSJ9MCFdaRiYRy0WH7ktQQXgeJI/K901KJ8
/FGuua5w2VaFhbkyfmq2UVwhWbMuzmM5d1WAv68WmZVjJlkk3ghRM5a5Tf+Z27Lx
1grJQPvTKmzcb5pV8xMt6P8RIL5UNuwRT2q4rkvg5yh1aOQnhnpBEpn5v5cFQE6t
QJxegGC6URNFsZiLUq9bMvHgR6UiwT4kHhzgbqbPJU9rtDMAuYrXQPBMto0KqcZl
lp+W+ZMsbOsMWhkKRuMcpnzRHRnTes9F2lQg/RXJ7JV/NZAMyEufKarqm4i/
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:31:51 2025 by rpki-client