Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/Ry-dcS3de-_ky3A0xwUP9g7TehU.roa
File: Ry-dcS3de-_ky3A0xwUP9g7TehU.roa (raw, json)
Hash identifier: 5MsTs51KQIRUAxDXNFVZXM/DpF/BcoExXyc3NYLQX2o=
Subject key identifier: 47:2F:9D:71:2D:DD:7B:EF:E4:CB:70:34:C7:05:0F:F6:0E:D3:7A:15
Certificate issuer: /CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Certificate serial: 0191972272DD0BFD3EACF581F6070196B7E1
Authority key identifier: 57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/Ry-dcS3de-_ky3A0xwUP9g7TehU.roa
Signing time: Wed 28 Aug 2024 03:58:22 +0000
ROA not before: Wed 28 Aug 2024 03:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12365
IP address blocks: 81.95.224.0/20 maxlen: 20
82.215.66.0/23 maxlen: 23
82.215.68.0/23 maxlen: 23
82.215.72.0/22 maxlen: 22
82.215.77.0/24 maxlen: 24
82.215.78.0/23 maxlen: 23
82.215.80.0/22 maxlen: 22
82.215.85.0/24 maxlen: 24
82.215.86.0/23 maxlen: 23
82.215.88.0/21 maxlen: 21
82.215.88.0/22 maxlen: 22
82.215.92.0/22 maxlen: 22
82.215.112.0/22 maxlen: 22
82.215.116.0/22 maxlen: 22
82.215.120.0/22 maxlen: 22
82.215.124.0/22 maxlen: 22
89.146.64.0/18 maxlen: 18
89.146.64.0/22 maxlen: 22
89.146.68.0/22 maxlen: 22
89.146.72.0/22 maxlen: 22
89.146.76.0/22 maxlen: 22
89.146.80.0/22 maxlen: 22
89.146.84.0/22 maxlen: 22
89.146.88.0/22 maxlen: 22
89.146.92.0/22 maxlen: 22
89.146.96.0/22 maxlen: 22
89.146.100.0/22 maxlen: 22
89.146.104.0/22 maxlen: 22
89.146.108.0/22 maxlen: 22
89.146.112.0/22 maxlen: 22
89.146.116.0/22 maxlen: 22
89.146.120.0/22 maxlen: 22
89.146.124.0/22 maxlen: 22
185.78.136.0/22 maxlen: 22
2a00:8840::/32 maxlen: 32
2a00:8840:e000::/36 maxlen: 36
2a00:8840:f000::/36 maxlen: 36
2a00:8841::/32 maxlen: 32
2a00:8842::/32 maxlen: 32
2a00:8843::/32 maxlen: 32
2a00:8844::/32 maxlen: 32
2a00:8845::/32 maxlen: 32
2a00:8846::/32 maxlen: 32
2a00:8847::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 Aug 2024 18:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:97:22:72:dd:0b:fd:3e:ac:f5:81:f6:07:01:96:b7:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Validity
Not Before: Aug 28 03:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=472f9d712ddd7befe4cb7034c7050ff60ed37a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8a:0b:fe:03:b4:0d:28:8c:4c:bc:b5:cc:f3:
3d:b6:b4:fe:c7:61:24:a0:83:de:a6:7f:59:9f:fe:
78:e5:38:e8:77:24:ff:64:86:75:31:f8:bc:e4:95:
3f:de:3a:75:0e:7b:c9:2b:df:19:1d:0f:2b:7a:02:
51:f6:e3:24:86:46:2a:a9:3e:60:82:2b:3e:99:0a:
a0:92:3b:d2:6a:f4:fe:ae:72:41:6a:96:2e:72:69:
6f:ac:69:8c:53:22:5a:bd:1e:38:e1:23:9a:72:d6:
a9:2f:e6:b4:df:87:91:f4:b6:60:dd:f2:22:bc:51:
ee:f5:e7:1e:39:91:6f:b1:58:c1:3c:e3:9d:5d:bf:
62:a9:c5:06:2c:1a:92:7a:b7:55:4b:0b:71:95:be:
e2:eb:41:e4:d4:aa:a6:c1:7d:79:2c:9d:39:25:9a:
3c:51:b4:71:e2:68:26:e3:8d:6d:0c:dc:0f:93:05:
7b:d3:19:42:9f:3f:49:01:ea:92:6b:18:d1:6f:41:
7f:6f:ee:0f:66:2e:c6:ed:f6:5d:cd:94:64:25:65:
a3:d1:16:9b:40:12:f5:25:7e:fb:fa:8b:bb:2d:3f:
74:1a:6e:e0:2d:36:36:ee:5c:ab:16:e4:1a:c1:13:
c3:aa:20:7f:0f:b3:ad:d7:86:71:60:37:7f:98:d5:
16:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2F:9D:71:2D:DD:7B:EF:E4:CB:70:34:C7:05:0F:F6:0E:D3:7A:15
X509v3 Authority Key Identifier:
keyid:57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/Ry-dcS3de-_ky3A0xwUP9g7TehU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/V0zKiZ71v0I38Pa90XeSIbIAUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.224.0/20
82.215.66.0-82.215.69.255
82.215.72.0/22
82.215.77.0-82.215.83.255
82.215.85.0-82.215.95.255
82.215.112.0/20
89.146.64.0/18
185.78.136.0/22
IPv6:
2a00:8840::/29
Signature Algorithm: sha256WithRSAEncryption
b9:7f:f4:ea:e6:cf:f2:76:ad:6d:63:b3:7d:1d:3a:1e:8e:2f:
43:ba:b1:ad:b8:1a:5a:66:8a:79:db:09:97:75:4f:03:64:95:
c7:a6:30:89:9f:ea:52:3a:46:cf:fb:93:23:dc:17:6d:4b:32:
00:29:34:34:ce:b2:e4:45:2c:2c:67:49:f4:9e:10:f8:33:57:
67:9c:f6:ed:59:f7:31:bd:3c:0a:5a:65:2d:95:e4:4b:59:51:
c2:aa:58:fe:e4:30:4e:96:62:d6:f6:20:87:63:2f:fe:d6:06:
45:7d:3d:50:c7:2f:cd:c7:4a:e6:bf:e1:c9:5d:2c:4b:a0:0d:
f6:0b:c1:be:17:de:74:b8:3c:39:d7:08:0c:4f:22:76:61:22:
44:06:07:3e:d2:04:8e:c7:ef:44:37:36:58:45:7e:22:88:cf:
8c:12:ff:83:cb:4c:fc:4c:b9:51:2c:f5:de:0e:a1:3c:2e:3f:
1a:95:dd:c6:96:e5:fb:21:77:7e:34:26:d3:78:4b:a0:5a:15:
1b:de:f7:47:f5:a8:ab:9d:3e:59:b0:c4:22:6e:9a:f9:96:6b:
91:f7:a3:95:65:ce:b7:ee:ce:48:8b:29:d3:18:f2:db:67:41:
ba:20:bb:1d:90:86:0c:dc:78:b9:bc:12:17:a8:48:ef:1e:6b:
ad:a7:12:91
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZGXInLdC/0+rPWB9gcBlrfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGNjYTg5OWVmNWJmNDIzN2YwZjZiZGQxNzc5MjIxYjIw
MDUyZjMwHhcNMjQwODI4MDM1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJmOWQ3MTJkZGQ3YmVmZTRjYjcwMzRjNzA1MGZmNjBlZDM3YTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYoL/gO0DSiMTLy1zPM9trT+x2Ek
oIPepn9Zn/545TjodyT/ZIZ1Mfi85JU/3jp1DnvJK98ZHQ8regJR9uMkhkYqqT5g
gis+mQqgkjvSavT+rnJBapYucmlvrGmMUyJavR444SOactapL+a034eR9LZg3fIi
vFHu9eceOZFvsVjBPOOdXb9iqcUGLBqSerdVSwtxlb7i60Hk1KqmwX15LJ05JZo8
UbRx4mgm441tDNwPkwV70xlCnz9JAeqSaxjRb0F/b+4PZi7G7fZdzZRkJWWj0Rab
QBL1JX77+ou7LT90Gm7gLTY27lyrFuQawRPDqiB/D7Ot14ZxYDd/mNUWxwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFEcvnXEt3Xvv5MtwNMcFD/YO03oVMB8GA1UdIwQY
MBaAFFdMyome9b9CN/D2vdF3kiGyAFLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODIt
ZWUxMTI2YTI4MTk1LzEvUnktZGNTM2RlLV9reTNBMHh3VVA5ZzdUZWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODItZWUxMTI2YTI4MTk1
LzEvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQEUV/gMAwD
BAFS10IDBAFS10QDBAJS10gwDAMEAFLXTQMEAlLXUDAMAwQAUtdVAwQFUtdAAwQE
UtdwAwQGWZJAAwQCuU6IMA0EAgACMAcDBQMqAIhAMA0GCSqGSIb3DQEBCwUAA4IB
AQC5f/Tq5s/ydq1tY7N9HToeji9DurGtuBpaZop52wmXdU8DZJXHpjCJn+pSOkbP
+5Mj3BdtSzIAKTQ0zrLkRSwsZ0n0nhD4M1dnnPbtWfcxvTwKWmUtleRLWVHCqlj+
5DBOlmLW9iCHYy/+1gZFfT1Qxy/Nx0rmv+HJXSxLoA32C8G+F950uDw51wgMTyJ2
YSJEBgc+0gSOx+9ENzZYRX4iiM+MEv+Dy0z8TLlRLPXeDqE8Lj8ald3GluX7IXd+
NCbTeEugWhUb3vdH9airnT5ZsMQibpr5lmuR96OVZc637s5IiynTGPLbZ0G6ILsd
kIYM3Hi5vBIXqEjvHmutpxKR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:13 2025 by rpki-client