Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/c6oKKSPHklg2OxChFa18bYOltDo.roa
File: c6oKKSPHklg2OxChFa18bYOltDo.roa (raw, json)
Hash identifier: ltekHN2W6XyUtMfMUJHOO533SztDdcxmigCliEkdKJc=
Subject key identifier: 73:AA:0A:29:23:C7:92:58:36:3B:10:A1:15:AD:7C:6D:83:A5:B4:3A
Certificate issuer: /CN=021b3ea35edfdd138c15506d74a76022dd37694b
Certificate serial: 0193C0D5E16DE32D8B212A9125C717A8CAEE
Authority key identifier: 02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/c6oKKSPHklg2OxChFa18bYOltDo.roa
Signing time: Fri 13 Dec 2024 16:24:22 +0000
ROA not before: Fri 13 Dec 2024 16:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 129.69.0.0/16 maxlen: 16
129.143.0.0/16 maxlen: 16
141.58.0.0/16 maxlen: 16
141.70.0.0/16 maxlen: 16
141.70.128.0/17 maxlen: 17
192.67.189.0/24 maxlen: 24
192.67.208.0/24 maxlen: 24
192.108.35.0/24 maxlen: 24
192.108.36.0/22 maxlen: 22
192.108.40.0/22 maxlen: 22
192.108.44.0/24 maxlen: 24
193.196.0.0/15 maxlen: 15
193.196.0.0/21 maxlen: 21
193.196.9.0/24 maxlen: 24
193.196.13.0/24 maxlen: 24
193.196.16.0/20 maxlen: 20
193.196.64.0/18 maxlen: 18
193.196.129.0/24 maxlen: 24
193.196.130.0/23 maxlen: 23
193.196.132.0/22 maxlen: 22
193.196.136.0/21 maxlen: 21
193.196.144.0/21 maxlen: 21
193.196.152.0/24 maxlen: 24
193.196.154.0/23 maxlen: 23
193.196.156.0/22 maxlen: 22
193.196.160.0/22 maxlen: 22
193.196.165.0/24 maxlen: 24
193.196.166.0/23 maxlen: 23
193.196.168.0/21 maxlen: 21
193.196.176.0/20 maxlen: 20
193.196.192.0/18 maxlen: 18
193.197.0.0/24 maxlen: 24
193.197.4.0/23 maxlen: 23
193.197.8.0/22 maxlen: 22
193.197.20.0/23 maxlen: 23
193.197.28.0/22 maxlen: 22
193.197.32.0/19 maxlen: 19
193.197.64.0/22 maxlen: 22
193.197.68.0/23 maxlen: 23
193.197.70.0/24 maxlen: 24
193.197.80.0/22 maxlen: 22
193.197.85.0/24 maxlen: 24
193.197.86.0/23 maxlen: 23
193.197.94.0/24 maxlen: 24
193.197.112.0/22 maxlen: 22
193.197.120.0/21 maxlen: 21
193.197.130.0/24 maxlen: 24
193.197.132.0/22 maxlen: 22
193.197.136.0/21 maxlen: 21
193.197.149.0/24 maxlen: 24
193.197.152.0/22 maxlen: 22
193.197.157.0/24 maxlen: 24
193.197.160.0/22 maxlen: 22
193.197.168.0/21 maxlen: 21
193.197.180.0/22 maxlen: 22
193.197.200.0/21 maxlen: 21
193.197.212.0/24 maxlen: 24
193.197.224.0/19 maxlen: 19
2001:7c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:d5:e1:6d:e3:2d:8b:21:2a:91:25:c7:17:a8:ca:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=021b3ea35edfdd138c15506d74a76022dd37694b
Validity
Not Before: Dec 13 16:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73aa0a2923c79258363b10a115ad7c6d83a5b43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:df:7e:03:84:2e:bc:c6:90:c6:ef:fc:ab:
0a:58:be:60:39:5b:08:2a:43:62:13:ab:74:d6:7a:
72:c9:3d:83:51:e5:96:20:c5:c4:eb:0a:3a:3c:b8:
24:6d:8a:df:6c:cc:ec:76:73:c5:ff:3b:a9:8e:40:
6d:d1:b8:36:96:ee:0b:b0:74:89:e2:3e:3d:82:d0:
e7:c3:a5:d0:0b:99:ba:d1:62:e7:90:8e:35:3a:5c:
cf:63:8e:23:1e:99:fd:8b:53:0f:5a:f3:b9:ee:6f:
b4:7d:61:9f:79:82:69:44:c5:c9:21:39:c0:d9:28:
44:80:4b:e7:ab:90:ff:06:b1:1a:a3:21:2c:03:bc:
18:78:37:95:64:91:e8:22:e5:f6:9c:80:27:d3:e0:
56:e5:45:b3:3d:b4:5e:76:b9:2c:99:b2:fe:e5:40:
56:9a:93:46:e7:59:0f:fb:85:6d:81:c5:f8:2a:a5:
ac:50:ba:aa:9e:a2:c8:b2:79:26:97:fe:33:6f:13:
6a:13:3f:4c:0f:40:73:fe:8a:82:58:c9:85:89:33:
a4:e5:d9:c0:49:c8:2e:34:77:04:da:89:b2:e6:43:
8c:3d:e8:85:d9:f9:59:74:fc:b5:72:34:f7:c9:f1:
d2:75:82:68:1b:3e:8c:f9:ef:50:20:ca:c0:c5:5b:
02:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:AA:0A:29:23:C7:92:58:36:3B:10:A1:15:AD:7C:6D:83:A5:B4:3A
X509v3 Authority Key Identifier:
keyid:02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/c6oKKSPHklg2OxChFa18bYOltDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/Ahs-o17f3ROMFVBtdKdgIt03aUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.69.0.0/16
129.143.0.0/16
141.58.0.0/16
141.70.0.0/16
192.67.189.0/24
192.67.208.0/24
192.108.35.0-192.108.44.255
193.196.0.0/15
IPv6:
2001:7c0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:b5:97:6d:13:6d:15:7e:91:d2:6e:4a:ff:01:8f:79:88:14:
1d:4c:af:2e:e2:3a:87:2c:d3:0c:ac:2e:c2:86:4e:04:23:a0:
ca:c1:89:12:5d:08:d6:9b:58:f2:e7:ef:98:f6:58:c1:16:46:
73:af:e4:df:a9:60:1e:2b:1d:45:cf:1f:6f:fe:d7:09:4e:db:
b8:1b:7f:21:90:50:14:9a:0d:8d:6f:88:cd:36:26:78:51:a5:
84:84:83:6f:82:22:3f:59:0d:da:74:cf:58:76:aa:9f:dc:ea:
33:b0:01:0f:b9:bc:0f:2c:dc:8e:52:ad:2a:0c:f3:e1:26:35:
40:67:6a:cf:ec:da:96:00:e2:45:28:61:ce:84:2c:53:66:11:
4f:e0:c6:05:43:93:ed:d5:a1:05:58:4d:66:19:18:74:3e:3d:
f6:35:76:f9:41:62:65:61:c2:f0:5d:78:79:e2:c9:17:bc:37:
f3:0c:e9:24:95:2c:9b:40:0c:48:eb:4e:79:9b:b1:b1:1d:d3:
f7:26:e5:03:5d:3a:f6:f7:d8:6f:62:a5:c1:eb:b5:c5:d9:c4:
34:f4:0a:37:db:4a:0a:d3:91:2f:da:b1:3c:32:6e:91:36:7a:
67:c0:d4:a0:56:37:8a:cc:ff:58:9e:26:a0:1a:65:8d:36:89:
db:cd:8e:70
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZPA1eFt4y2LISqRJccXqMruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMWIzZWEzNWVkZmRkMTM4YzE1NTA2ZDc0YTc2MDIyZGQz
NzY5NGIwHhcNMjQxMjEzMTYyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2FhMGEyOTIzYzc5MjU4MzYzYjEwYTExNWFkN2M2ZDgzYTViNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut7ffgOELrzGkMbv/KsKWL5gOVsI
KkNiE6t01npyyT2DUeWWIMXE6wo6PLgkbYrfbMzsdnPF/zupjkBt0bg2lu4LsHSJ
4j49gtDnw6XQC5m60WLnkI41OlzPY44jHpn9i1MPWvO57m+0fWGfeYJpRMXJITnA
2ShEgEvnq5D/BrEaoyEsA7wYeDeVZJHoIuX2nIAn0+BW5UWzPbRedrksmbL+5UBW
mpNG51kP+4VtgcX4KqWsULqqnqLIsnkml/4zbxNqEz9MD0Bz/oqCWMmFiTOk5dnA
ScguNHcE2omy5kOMPeiF2flZdPy1cjT3yfHSdYJoGz6M+e9QIMrAxVsCDQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFHOqCikjx5JYNjsQoRWtfG2DpbQ6MB8GA1UdIwQY
MBaAFAIbPqNe390TjBVQbXSnYCLdN2lLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAt
YzMyMDRiZGU3NzczLzEvYzZvS0tTUEhrbGcyT3hDaEZhMThiWU9sdERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAtYzMyMDRiZGU3Nzcz
LzEvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA5BAIAATAzAwMAgUUDAwCB
jwMDAI06AwMAjUYDBADAQ70DBADAQ9AwDAMEAMBsIwMEAMBsLAMDAcHEMA0EAgAC
MAcDBQMgAQfAMA0GCSqGSIb3DQEBCwUAA4IBAQBdtZdtE20VfpHSbkr/AY95iBQd
TK8u4jqHLNMMrC7Chk4EI6DKwYkSXQjWm1jy5++Y9ljBFkZzr+TfqWAeKx1Fzx9v
/tcJTtu4G38hkFAUmg2Nb4jNNiZ4UaWEhINvgiI/WQ3adM9Ydqqf3OozsAEPubwP
LNyOUq0qDPPhJjVAZ2rP7NqWAOJFKGHOhCxTZhFP4MYFQ5Pt1aEFWE1mGRh0Pj32
NXb5QWJlYcLwXXh54skXvDfzDOkklSybQAxI6055m7GxHdP3JuUDXTr299hvYqXB
67XF2cQ09Ao320oK05Ev2rE8Mm6RNnpnwNSgVjeKzP9YniagGmWNNonbzY5w
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:13:30 2025 by rpki-client