Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/1-NZgf_RTpymZx8akgpXxEEThz2Y.roa
File: 1-NZgf_RTpymZx8akgpXxEEThz2Y.roa (raw, json)
Hash identifier: KYhoRGGN9WjLIFK4fpqj8Yc95FyfWhdNoQQH6XGJY/I=
Subject key identifier: F8:D6:60:7F:F4:53:A7:29:99:C7:C6:A4:82:95:F1:10:44:E1:CF:66
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 018CC801D89C203D1598DC4667EC21BE1715
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/1-NZgf_RTpymZx8akgpXxEEThz2Y.roa
Signing time: Tue 02 Jan 2024 02:30:13 +0000
ROA not before: Tue 02 Jan 2024 02:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13193
IP address blocks: 213.41.128.0/17 maxlen: 24
213.215.0.0/18 maxlen: 24
185.33.40.0/22 maxlen: 24
185.43.68.0/22 maxlen: 24
194.146.224.0/22 maxlen: 24
194.79.128.0/18 maxlen: 24
80.248.208.0/20 maxlen: 24
62.212.96.0/19 maxlen: 24
80.65.224.0/20 maxlen: 24
178.132.16.0/20 maxlen: 24
79.170.216.0/21 maxlen: 24
194.242.112.0/22 maxlen: 24
5.23.40.0/21 maxlen: 24
93.184.32.0/20 maxlen: 24
171.25.208.0/22 maxlen: 24
78.40.48.0/21 maxlen: 24
2001:7a8::/32 maxlen: 32
2a01:68::/32 maxlen: 32
2001:7a8:3440::/44 maxlen: 44
2a01:6460::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 28 Feb 2024 10:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d8:9c:20:3d:15:98:dc:46:67:ec:21:be:17:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 2 02:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8d6607ff453a72999c7c6a48295f11044e1cf66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ac:4a:1a:b8:35:05:ac:3d:ff:48:cd:26:52:
58:67:ac:2f:27:07:bb:03:60:f1:1b:4b:cb:94:9b:
3a:84:cb:e3:4d:d9:b7:58:45:24:08:4d:ad:5a:2c:
e1:31:97:df:0f:a5:30:44:69:ab:db:f1:09:a8:8c:
4a:12:92:d5:7e:51:2e:54:41:7c:3f:1f:1e:fc:af:
c4:de:42:f6:08:1e:d2:a2:60:0f:3d:ee:c5:9f:8e:
dd:6e:22:fa:ac:26:2f:91:c0:73:9a:77:12:55:02:
b9:61:23:17:95:53:7a:ea:92:e4:d2:6c:bb:af:2a:
f4:e9:e9:26:f8:0e:00:41:21:d9:0d:a6:20:16:71:
1e:39:36:fa:c5:49:0c:0e:61:02:33:ab:55:9e:22:
6f:ce:e2:f7:fb:3f:21:23:44:c4:ac:ed:e9:02:1a:
23:1c:41:e1:ed:b2:12:5e:e3:4f:fb:50:93:50:fc:
7f:44:2b:f1:0b:f9:65:a5:42:55:6e:e8:75:21:0b:
e3:53:c2:ee:ac:c2:15:7a:89:b4:a6:2a:5d:4a:de:
3b:13:2c:2e:33:2e:41:64:72:fa:cf:b9:2f:fc:92:
b5:4a:3d:f1:84:e4:1e:f2:9a:a5:8e:84:7d:74:8a:
16:e2:af:9c:0e:07:21:b9:98:00:9f:39:76:16:71:
fa:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D6:60:7F:F4:53:A7:29:99:C7:C6:A4:82:95:F1:10:44:E1:CF:66
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/1-NZgf_RTpymZx8akgpXxEEThz2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.40.0/21
62.212.96.0/19
78.40.48.0/21
79.170.216.0/21
80.65.224.0/20
80.248.208.0/20
93.184.32.0/20
171.25.208.0/22
178.132.16.0/20
185.33.40.0/22
185.43.68.0/22
194.79.128.0/18
194.146.224.0/22
194.242.112.0/22
213.41.128.0/17
213.215.0.0/18
IPv6:
2001:7a8::/32
2a01:68::/32
2a01:6460::/32
Signature Algorithm: sha256WithRSAEncryption
96:e2:71:70:b0:f2:7d:96:d3:6c:72:4e:35:17:6a:b3:e6:45:
82:79:ca:f1:8f:0a:7d:35:bf:c1:e7:2b:e4:f7:a9:2a:5f:33:
dd:7a:86:f2:1b:79:fc:77:d5:95:c2:b3:1a:a1:2d:7e:13:34:
78:1e:64:e1:08:fb:e1:86:b6:47:ef:3f:8f:ef:e8:9e:dc:f0:
c3:89:be:6d:7d:c1:c6:3d:01:ea:a1:b5:83:96:d8:19:e8:65:
58:55:9a:ae:b9:6d:de:b8:8b:9d:00:a1:94:e9:27:1c:7b:de:
af:92:e7:c4:98:1d:3b:d3:08:51:f2:2e:50:f2:eb:a9:d7:e2:
99:83:9e:2e:8a:99:ca:4a:b5:19:a4:b7:fe:b7:1f:26:83:19:
58:be:cf:f3:3d:f2:d2:da:fc:04:11:9c:7f:bd:1a:f1:3c:02:
2b:be:7a:a3:62:27:a4:13:df:62:c2:92:15:13:6e:b3:0f:61:
7c:ad:2d:21:e5:f9:ab:83:b7:01:78:c5:0c:4e:4d:82:26:0b:
91:78:67:0c:c1:26:ac:8b:d6:b4:69:c8:07:f9:02:ca:24:8f:
e7:3e:92:cf:aa:0c:49:a3:d4:ba:f2:cd:48:e6:68:d4:ee:99:
a8:ff:77:41:0c:1f:0c:27:c1:d7:db:f6:66:05:ee:2e:0f:db:
dc:6d:68:9b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzIAdicID0VmNxGZ+whvhcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjQwMTAyMDIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGQ2NjA3ZmY0NTNhNzI5OTljN2M2YTQ4Mjk1ZjExMDQ0ZTFjZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6xKGrg1Baw9/0jNJlJYZ6wvJwe7
A2DxG0vLlJs6hMvjTdm3WEUkCE2tWizhMZffD6UwRGmr2/EJqIxKEpLVflEuVEF8
Px8e/K/E3kL2CB7SomAPPe7Fn47dbiL6rCYvkcBzmncSVQK5YSMXlVN66pLk0my7
ryr06ekm+A4AQSHZDaYgFnEeOTb6xUkMDmECM6tVniJvzuL3+z8hI0TErO3pAhoj
HEHh7bISXuNP+1CTUPx/RCvxC/llpUJVbuh1IQvjU8LurMIVeom0pipdSt47Eywu
My5BZHL6z7kv/JK1Sj3xhOQe8pqljoR9dIoW4q+cDgchuZgAnzl2FnH6tQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFPjWYH/0U6cpmcfGpIKV8RBE4c9mMB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvMS1OWmdmX1JUcHltWng4YWtncFh4RUVUaHoyWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvYjYxYWRkLTMyZjAtNDJmNC1hMzAxLTc4MThhODk0NTZj
Yi8xL3AtTE9NUWxJQ3U1N1A5S0Vic2o0WkdpRnpiby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBmAYIKwYBBQUHAQcBAf8EgYgwgYUwZgQCAAEwYAMEAwUX
KAMEBT7UYAMEA04oMAMEA0+q2AMEBFBB4AMEBFD40AMEBF24IAMEAqsZ0AMEBLKE
EAMEArkhKAMEArkrRAMEBsJPgAMEAsKS4AMEAsLycAMEB9UpgAMEBtXXADAbBAIA
AjAVAwUAIAEHqAMFACoBAGgDBQAqAWRgMA0GCSqGSIb3DQEBCwUAA4IBAQCW4nFw
sPJ9ltNsck41F2qz5kWCecrxjwp9Nb/B5yvk96kqXzPdeobyG3n8d9WVwrMaoS1+
EzR4HmThCPvhhrZH7z+P7+ie3PDDib5tfcHGPQHqobWDltgZ6GVYVZquuW3euIud
AKGU6Scce96vkufEmB070whR8i5Q8uup1+KZg54uipnKSrUZpLf+tx8mgxlYvs/z
PfLS2vwEEZx/vRrxPAIrvnqjYiekE99iwpIVE26zD2F8rS0h5fmrg7cBeMUMTk2C
JguReGcMwSasi9a0acgH+QLKJI/nPpLPqgxJo9S68s1I5mjU7pmo/3dBDB8MJ8HX
2/ZmBe4uD9vcbWib
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:44 2025 by rpki-client