Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tALWYszQJ0QcpH1aDqzv2ERm4Kw.roa
File: tALWYszQJ0QcpH1aDqzv2ERm4Kw.roa (raw, json)
Hash identifier: /8HbpmIrFmvCwdi/wKSIq301ORZd0ZiY37C21mRfrTk=
Subject key identifier: B4:02:D6:62:CC:D0:27:44:1C:A4:7D:5A:0E:AC:EF:D8:44:66:E0:AC
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 01945A49287EED7734B1C7C3070867760701
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tALWYszQJ0QcpH1aDqzv2ERm4Kw.roa
Signing time: Sun 12 Jan 2025 11:32:11 +0000
ROA not before: Sun 12 Jan 2025 11:32:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.70.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.172.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.177.0/25 maxlen: 25
31.219.177.128/25 maxlen: 25
31.219.179.0/24 maxlen: 24
31.219.180.0/24 maxlen: 24
194.170.165.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.2.0/24 maxlen: 24
195.229.3.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
2001:8f8:0:14::/64 maxlen: 64
2001:8f8:0:15::/64 maxlen: 64
2001:8f8:0:121::/64 maxlen: 64
2001:8f8:0:122::/64 maxlen: 64
2001:8f8:0:124::/64 maxlen: 64
2001:8f8:0:125::/64 maxlen: 64
2001:8f8:0:126::/64 maxlen: 64
2001:8f8:0:127::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 14 Jan 2025 15:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:49:28:7e:ed:77:34:b1:c7:c3:07:08:67:76:07:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 12 11:32:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b402d662ccd027441ca47d5a0eacefd84466e0ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2a:74:78:68:8c:54:04:7b:27:fe:85:01:a4:
b9:5d:47:b5:91:b7:2c:55:01:0f:89:e5:c0:07:2b:
eb:0f:1d:69:1d:1c:74:de:03:17:b5:a9:3a:06:26:
50:7c:86:5a:c6:fb:10:e8:69:9e:60:64:70:ae:43:
0f:46:d7:82:e1:65:5a:29:f1:46:c6:6f:2b:f1:0f:
1f:eb:4d:48:8c:6b:7f:5a:fd:6d:da:0b:4f:9f:7c:
f1:68:23:9e:42:87:ad:20:c5:e4:de:25:1e:e2:d1:
e2:28:bd:94:37:e9:38:1c:a0:7b:71:83:3c:03:8b:
6c:ac:34:ae:e4:37:3d:4a:47:f3:e9:81:af:0e:81:
13:c7:31:d0:a1:e1:bf:15:c1:46:39:62:52:42:31:
8c:5c:44:44:63:60:59:e0:94:8c:fc:57:94:15:cd:
30:f6:f4:9d:2c:47:10:e0:fe:08:64:bf:83:15:7e:
31:c0:8b:7f:cf:22:03:f1:eb:24:80:b9:3f:40:8c:
f1:ab:24:0b:a1:d0:0d:4f:fa:06:3a:67:e6:d1:fe:
49:10:1e:e0:91:a6:34:95:74:0e:fe:77:d8:a3:c8:
a3:50:7d:91:26:44:9f:fd:ef:ca:3a:5d:04:ef:08:
9c:17:35:1c:93:57:b6:8b:d0:d9:a2:9b:02:6a:f2:
29:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:02:D6:62:CC:D0:27:44:1C:A4:7D:5A:0E:AC:EF:D8:44:66:E0:AC
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tALWYszQJ0QcpH1aDqzv2ERm4Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.70.0/24
5.195.166.0/23
5.195.172.0/22
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.165.0/24
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
75:0e:8e:43:a5:41:79:4a:e4:a3:e7:d0:a5:21:c8:ae:ac:c2:
79:4e:1c:b3:a5:a5:db:aa:7c:97:58:a5:a7:28:e0:67:76:08:
72:fb:e0:3c:d7:fb:b6:53:f5:24:03:47:98:34:ee:3d:b7:3e:
c0:63:c3:50:84:59:c1:bc:41:c7:58:d5:a7:77:67:db:13:ca:
9f:d5:65:6d:86:e3:11:c7:bc:6d:ad:8c:9e:62:cd:2f:1b:65:
56:f3:ae:9c:cb:3a:56:d9:ed:cc:63:ba:76:7a:14:4e:88:f3:
ac:73:f2:75:5c:bf:a1:63:01:c2:b6:7b:be:81:d1:5a:23:c0:
de:54:0c:c4:91:30:b9:0a:57:c9:9a:62:83:f7:f2:dc:e8:a3:
e7:16:e4:46:3b:1e:e5:aa:4f:01:a7:0b:c4:d4:76:fe:7a:83:
f8:44:fa:b3:69:3e:e5:f8:e8:4d:4f:2c:d5:86:ac:e1:b3:e1:
4e:4d:e1:7a:1d:8e:a2:25:00:75:28:7d:2c:a2:cd:ff:27:01:
f7:8d:64:80:d4:8c:8e:0b:30:09:0d:17:2d:e5:5c:5f:7e:bb:
f2:bc:08:fa:56:d9:98:e3:1f:4c:20:ed:b1:1b:fc:1a:b8:27:
20:15:7a:f2:02:ad:93:0f:65:18:92:f8:76:8a:0c:01:a5:3e:
fa:a2:13:40
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZRaSSh+7Xc0scfDBwhndgcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwMTEyMTEzMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDAyZDY2MmNjZDAyNzQ0MWNhNDdkNWEwZWFjZWZkODQ0NjZlMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlip0eGiMVAR7J/6FAaS5XUe1kbcs
VQEPieXAByvrDx1pHRx03gMXtak6BiZQfIZaxvsQ6GmeYGRwrkMPRteC4WVaKfFG
xm8r8Q8f601IjGt/Wv1t2gtPn3zxaCOeQoetIMXk3iUe4tHiKL2UN+k4HKB7cYM8
A4tsrDSu5Dc9Skfz6YGvDoETxzHQoeG/FcFGOWJSQjGMXEREY2BZ4JSM/FeUFc0w
9vSdLEcQ4P4IZL+DFX4xwIt/zyID8eskgLk/QIzxqyQLodANT/oGOmfm0f5JEB7g
kaY0lXQO/nfYo8ijUH2RJkSf/e/KOl0E7wicFzUck1e2i9DZopsCavIpgQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFLQC1mLM0CdEHKR9Wg6s79hEZuCsMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvdEFMV1lzelFKMFFjcEgxYURxenYyRVJtNEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQABcNGAwQB
BcOmAwQCBcOsAwQABcPQAwQABcPfAwQAH9uxMAwDBAAf27MDBAAf27QDBADCqqUD
BADCqroDBAXD5QADBADD5SIwDQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQAD
ggEBAHUOjkOlQXlK5KPn0KUhyK6swnlOHLOlpduqfJdYpaco4Gd2CHL74DzX+7ZT
9SQDR5g07j23PsBjw1CEWcG8QcdY1ad3Z9sTyp/VZW2G4xHHvG2tjJ5izS8bZVbz
rpzLOlbZ7cxjunZ6FE6I86xz8nVcv6FjAcK2e76B0VojwN5UDMSRMLkKV8maYoP3
8tzoo+cW5EY7HuWqTwGnC8TUdv56g/hE+rNpPuX46E1PLNWGrOGz4U5N4XodjqIl
AHUofSyizf8nAfeNZIDUjI4LMAkNFy3lXF9+u/K8CPpW2ZjjH0wg7bEb/Bq4JyAV
evICrZMPZRiS+HaKDAGlPvqiE0A=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:19:48 2025 by rpki-client