Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Scl9Dd9WmuCWJwInx9i7qQrYalk.roa
File: Scl9Dd9WmuCWJwInx9i7qQrYalk.roa (raw, json)
Hash identifier: swAHen0lN8WiButn+iETG7CGWgM1TGwFHHWvpsahPIE=
Subject key identifier: 49:C9:7D:0D:DF:56:9A:E0:96:27:02:27:C7:D8:BB:A9:0A:D8:6A:59
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 019423D747AC257D754D28D740FDBB8D7077
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Scl9Dd9WmuCWJwInx9i7qQrYalk.roa
Signing time: Wed 01 Jan 2025 21:48:18 +0000
ROA not before: Wed 01 Jan 2025 21:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.70.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.172.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.177.0/25 maxlen: 25
31.219.177.128/25 maxlen: 25
31.219.179.0/24 maxlen: 24
31.219.180.0/24 maxlen: 24
194.170.165.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.2.0/24 maxlen: 24
195.229.3.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 12 Jan 2025 11:29:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:47:ac:25:7d:75:4d:28:d7:40:fd:bb:8d:70:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 1 21:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49c97d0ddf569ae096270227c7d8bba90ad86a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6c:81:a8:49:55:cd:76:fa:63:65:e2:e2:f1:
e5:ec:72:d9:72:d8:5e:27:bd:4b:e3:bd:29:61:5e:
75:8a:f0:ed:b2:5c:e0:67:c0:9c:4f:6b:b1:da:74:
38:11:d0:d6:f6:6a:e1:b5:8c:72:d2:a2:6b:aa:20:
70:a5:4b:3c:14:b0:ce:01:f5:a0:11:6f:5b:64:7f:
8e:56:5b:9f:04:36:64:0d:38:36:d8:3b:10:23:47:
de:63:40:cf:15:99:e3:0f:67:9c:b5:bc:2f:98:a8:
3a:d9:c6:68:c2:97:13:d6:51:ab:3d:a4:d7:cf:02:
ab:ec:df:c7:a0:69:c8:d2:65:8a:b7:d4:f0:2a:25:
f9:36:5a:cd:f7:0e:fb:bc:36:f0:4f:05:d4:7c:0a:
97:67:19:ea:14:95:34:ce:5f:4e:07:68:08:67:39:
30:5c:23:5f:80:53:8c:10:f5:14:e9:a6:53:c8:3f:
8b:93:ab:7a:4d:9a:75:87:bb:5e:51:b7:ed:90:f2:
39:67:f1:17:87:31:a9:16:0d:31:0d:ae:09:8c:30:
af:e2:31:45:4f:37:59:19:9e:53:d8:08:86:1e:48:
d1:3e:b4:b0:45:84:fa:7d:be:e4:bc:d5:04:7a:5a:
a0:ce:2d:99:cb:93:98:c6:b3:64:46:04:d5:19:5a:
87:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:C9:7D:0D:DF:56:9A:E0:96:27:02:27:C7:D8:BB:A9:0A:D8:6A:59
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Scl9Dd9WmuCWJwInx9i7qQrYalk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.70.0/24
5.195.166.0/23
5.195.172.0/22
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.165.0/24
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
49:b0:1a:30:9a:b2:78:17:fc:73:29:58:03:02:e0:df:30:8d:
a0:16:6d:38:00:a4:a7:92:36:5f:f0:cf:1d:3b:cd:ce:f2:bd:
86:9e:3e:f0:99:e6:a3:42:9e:d1:10:64:0e:80:20:15:c8:9f:
03:6d:7c:92:1a:71:7e:f5:4d:ae:62:f2:83:d4:00:95:72:a0:
b3:60:02:56:bc:96:7f:7c:b2:09:96:59:5d:91:95:e2:93:1c:
88:ba:dd:03:5b:26:c7:d7:2f:0d:a3:d8:e3:f5:65:50:ff:99:
47:22:48:69:5d:0c:56:ec:b7:0e:87:c8:05:1b:00:d4:de:da:
09:f8:06:16:18:c1:c4:49:f6:cb:f7:cc:e4:6c:ed:62:92:05:
14:fd:eb:a2:f6:8a:6e:5c:66:06:56:cd:bc:76:0a:c6:66:96:
ef:b6:5d:c1:a3:77:ca:f7:75:7d:6c:31:a5:4b:48:0a:57:be:
31:7b:c5:49:b0:f5:8c:55:5f:56:b8:55:ee:d2:b5:5a:fa:9a:
eb:10:aa:7d:15:bb:86:0c:e0:65:e5:7a:48:76:8c:7e:07:f3:
63:7f:70:59:12:18:13:5d:9e:7a:a2:c3:54:5e:c9:1d:41:ed:
f0:c6:07:9e:ff:a4:3f:84:ed:10:5b:f9:13:ea:1e:47:61:ee:
30:74:ea:b7
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQj10esJX11TSjXQP27jXB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwMTAxMjE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWM5N2QwZGRmNTY5YWUwOTYyNzAyMjdjN2Q4YmJhOTBhZDg2YTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWyBqElVzXb6Y2Xi4vHl7HLZcthe
J71L470pYV51ivDtslzgZ8CcT2ux2nQ4EdDW9mrhtYxy0qJrqiBwpUs8FLDOAfWg
EW9bZH+OVlufBDZkDTg22DsQI0feY0DPFZnjD2ectbwvmKg62cZowpcT1lGrPaTX
zwKr7N/HoGnI0mWKt9TwKiX5NlrN9w77vDbwTwXUfAqXZxnqFJU0zl9OB2gIZzkw
XCNfgFOMEPUU6aZTyD+Lk6t6TZp1h7teUbftkPI5Z/EXhzGpFg0xDa4JjDCv4jFF
TzdZGZ5T2AiGHkjRPrSwRYT6fb7kvNUEelqgzi2Zy5OYxrNkRgTVGVqH9QIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFEnJfQ3fVprglicCJ8fYu6kK2GpZMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvU2NsOURkOVdtdUNXSndJbng5aTdxUXJZYWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQABcNGAwQB
BcOmAwQCBcOsAwQABcPQAwQABcPfAwQAH9uxMAwDBAAf27MDBAAf27QDBADCqqUD
BADCqroDBAXD5QADBADD5SIwDQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQAD
ggEBAEmwGjCasngX/HMpWAMC4N8wjaAWbTgApKeSNl/wzx07zc7yvYaePvCZ5qNC
ntEQZA6AIBXInwNtfJIacX71Ta5i8oPUAJVyoLNgAla8ln98sgmWWV2RleKTHIi6
3QNbJsfXLw2j2OP1ZVD/mUciSGldDFbstw6HyAUbANTe2gn4BhYYwcRJ9sv3zORs
7WKSBRT966L2im5cZgZWzbx2CsZmlu+2XcGjd8r3dX1sMaVLSApXvjF7xUmw9YxV
X1a4Ve7StVr6musQqn0Vu4YM4GXlekh2jH4H82N/cFkSGBNdnnqiw1ReyR1B7fDG
B57/pD+E7RBb+RPqHkdh7jB06rc=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:47:53 2025 by rpki-client