Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/a4Jnr0vAD65Y32NSugUw0_vNi7s.roa
File: a4Jnr0vAD65Y32NSugUw0_vNi7s.roa (raw, json)
Hash identifier: DgsTHvHMZKcLZ/QEcoL3WqPXWupF8iebQzbuXR36Ks8=
Subject key identifier: 6B:82:67:AF:4B:C0:0F:AE:58:DF:63:52:BA:05:30:D3:FB:CD:8B:BB
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 019428237B00F818A161F88A4505BC823A81
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/a4Jnr0vAD65Y32NSugUw0_vNi7s.roa
Signing time: Thu 02 Jan 2025 17:50:01 +0000
ROA not before: Thu 02 Jan 2025 17:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25124
IP address blocks: 81.91.128.0/20 maxlen: 20
81.91.128.0/21 maxlen: 21
81.91.128.0/22 maxlen: 22
81.91.128.0/23 maxlen: 23
81.91.130.0/23 maxlen: 23
81.91.130.0/24 maxlen: 24
81.91.132.0/22 maxlen: 22
81.91.132.0/23 maxlen: 23
81.91.134.0/23 maxlen: 23
81.91.136.0/22 maxlen: 22
81.91.136.0/23 maxlen: 23
81.91.138.0/23 maxlen: 23
81.91.138.0/24 maxlen: 24
81.91.138.40/29 maxlen: 29
81.91.138.48/28 maxlen: 28
81.91.138.80/28 maxlen: 28
81.91.138.112/28 maxlen: 28
81.91.139.0/24 maxlen: 24
81.91.140.0/22 maxlen: 22
81.91.140.0/23 maxlen: 23
81.91.142.0/23 maxlen: 23
91.184.80.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
109.162.144.0/20 maxlen: 20
109.162.144.0/21 maxlen: 21
109.162.160.0/20 maxlen: 20
109.162.176.0/20 maxlen: 20
109.162.176.0/24 maxlen: 24
109.162.192.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
213.207.232.0/21 maxlen: 21
213.207.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 13 Jan 2025 13:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:7b:00:f8:18:a1:61:f8:8a:45:05:bc:82:3a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 2 17:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b8267af4bc00fae58df6352ba0530d3fbcd8bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:49:78:dc:40:56:65:9e:e5:94:7a:cd:c5:
c0:06:79:d2:05:79:b4:94:06:f8:35:fd:ed:9c:35:
8e:d2:98:18:97:55:7b:e6:ed:01:e8:fe:98:5f:ca:
02:94:52:1f:2f:63:65:44:4a:a5:c4:22:e2:93:eb:
37:c8:45:a2:f6:98:e3:a0:2e:f1:ef:ba:26:00:fe:
89:9b:86:17:ab:65:15:99:d9:56:af:43:24:57:cd:
ed:38:4c:26:4a:9c:75:9c:11:f5:41:98:33:1a:34:
f5:7b:4f:58:71:88:e2:33:3e:68:25:1d:55:8c:74:
14:0f:d1:48:7a:c3:6f:a2:6f:b3:f1:68:92:d1:64:
e9:7e:0c:09:d1:f7:5e:b8:88:83:35:01:3d:e1:1d:
8f:34:38:fc:05:c1:74:27:14:33:70:e4:89:e8:55:
cf:71:53:4d:0e:b9:45:a5:9c:46:d3:2f:80:a9:53:
e7:28:a8:29:d3:ee:fb:21:7a:f5:3a:44:4f:7a:bc:
f0:fe:be:24:9f:67:44:97:3e:65:6f:55:a2:4f:d7:
a9:c6:4f:c1:ae:6d:3e:df:b2:70:dc:2f:9c:c8:ae:
e4:bb:a5:a2:b6:06:4e:4a:79:b9:b9:aa:f1:06:b6:
cc:01:1a:8c:13:66:dd:60:fe:2f:4f:a6:f9:0d:d7:
5e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:82:67:AF:4B:C0:0F:AE:58:DF:63:52:BA:05:30:D3:FB:CD:8B:BB
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/a4Jnr0vAD65Y32NSugUw0_vNi7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
Signature Algorithm: sha256WithRSAEncryption
76:2c:26:fc:de:5d:80:2f:75:b7:e0:e4:01:e8:9b:fb:a1:68:
fc:07:07:92:50:34:ea:20:0e:c2:1e:55:2b:88:6e:1c:05:a1:
c7:02:4e:f3:3b:19:3e:c2:20:c8:b5:e0:f3:86:b4:f5:dc:d7:
50:b9:13:06:71:df:10:48:44:59:4f:09:30:ab:6b:3f:30:9b:
9b:c6:68:b8:11:df:52:b5:90:0f:a3:aa:49:ab:e4:83:58:72:
b7:c0:6e:5d:cb:e2:32:bf:7c:1d:84:33:5e:e6:9d:9a:2e:e6:
57:46:00:5a:d3:13:09:33:ba:bb:0f:15:12:95:0b:f5:30:b4:
2a:28:92:44:28:9e:8b:a8:93:8d:a9:2e:71:05:3b:2f:be:2d:
3c:5f:d7:5a:2a:3b:28:b9:f3:02:5f:7f:8d:1e:a0:75:f4:01:
24:02:1d:29:03:30:d5:6c:9f:19:39:5f:f9:8e:35:85:d6:6e:
f5:38:2c:37:fe:50:7f:23:30:6e:37:10:4a:e4:f8:33:f2:07:
e0:02:d1:67:8a:05:d7:d8:09:02:b6:bf:48:86:8c:52:d6:3b:
14:6b:51:bb:ea:3f:0c:98:47:83:62:25:74:ae:9b:e8:ae:99:
ad:fb:7b:73:c1:f5:48:f7:95:60:6f:68:2a:50:78:87:d5:43:
ae:0e:74:f4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQoI3sA+BihYfiKRQW8gjqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjUwMTAyMTc1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjgyNjdhZjRiYzAwZmFlNThkZjYzNTJiYTA1MzBkM2ZiY2Q4YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOdJeNxAVmWe5ZR6zcXABnnSBXm0
lAb4Nf3tnDWO0pgYl1V75u0B6P6YX8oClFIfL2NlREqlxCLik+s3yEWi9pjjoC7x
77omAP6Jm4YXq2UVmdlWr0MkV83tOEwmSpx1nBH1QZgzGjT1e09YcYjiMz5oJR1V
jHQUD9FIesNvom+z8WiS0WTpfgwJ0fdeuIiDNQE94R2PNDj8BcF0JxQzcOSJ6FXP
cVNNDrlFpZxG0y+AqVPnKKgp0+77IXr1OkRPerzw/r4kn2dElz5lb1WiT9epxk/B
rm0+37Jw3C+cyK7ku6WitgZOSnm5uarxBrbMARqME2bdYP4vT6b5DddeCwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGuCZ69LwA+uWN9jUroFMNP7zYu7MB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvYTRKbnIwdkFENjVZMzJOU3VnVXcwX3ZOaTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQEUVuAAwQE
W7hQMAwDBAdtooADBARtouAwCwMEBNXP0AMDBNXAMA0GCSqGSIb3DQEBCwUAA4IB
AQB2LCb83l2AL3W34OQB6Jv7oWj8BweSUDTqIA7CHlUriG4cBaHHAk7zOxk+wiDI
teDzhrT13NdQuRMGcd8QSERZTwkwq2s/MJubxmi4Ed9StZAPo6pJq+SDWHK3wG5d
y+Iyv3wdhDNe5p2aLuZXRgBa0xMJM7q7DxUSlQv1MLQqKJJEKJ6LqJONqS5xBTsv
vi08X9daKjsoufMCX3+NHqB19AEkAh0pAzDVbJ8ZOV/5jjWF1m71OCw3/lB/IzBu
NxBK5Pgz8gfgAtFnigXX2AkCtr9IhoxS1jsUa1G76j8MmEeDYiV0rpvorpmt+3tz
wfVI95Vgb2gqUHiH1UOuDnT0
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:52:55 2025 by rpki-client