Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/H5-PezeL7UBATfhF_DVcXw0Mixs.roa
File: H5-PezeL7UBATfhF_DVcXw0Mixs.roa (raw, json)
Hash identifier: IoK/hfnroGIEMwkcujR8M1YIpZpHunG5XYD/w/pxUQw=
Subject key identifier: 1F:9F:8F:7B:37:8B:ED:40:40:4D:F8:45:FC:35:5C:5F:0D:0C:8B:1B
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 0190979B47437BED35BD68A47B0BF839F2AC
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/H5-PezeL7UBATfhF_DVcXw0Mixs.roa
Signing time: Tue 09 Jul 2024 13:07:34 +0000
ROA not before: Tue 09 Jul 2024 13:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 37.16.78.0/24 maxlen: 24
37.235.88.0/21 maxlen: 24
45.15.204.0/22 maxlen: 24
45.138.192.0/22 maxlen: 24
46.29.120.0/21 maxlen: 24
85.208.216.0/22 maxlen: 24
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 24
109.197.240.0/21 maxlen: 24
185.31.148.0/22 maxlen: 24
185.39.168.0/22 maxlen: 24
185.71.148.0/22 maxlen: 24
185.75.140.0/22 maxlen: 24
185.117.18.0/24 maxlen: 24
185.161.44.0/22 maxlen: 24
185.167.76.0/24 maxlen: 24
185.181.4.0/22 maxlen: 24
185.218.212.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.246.26.0/24 maxlen: 24
185.246.96.0/22 maxlen: 24
185.252.156.0/22 maxlen: 24
194.88.112.0/21 maxlen: 24
194.126.178.0/24 maxlen: 24
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a01:6600:2e00::/40 maxlen: 40
2a02:21c8::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 10 Jul 2024 10:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:9b:47:43:7b:ed:35:bd:68:a4:7b:0b:f8:39:f2:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jul 9 13:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f9f8f7b378bed40404df845fc355c5f0d0c8b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c0:8e:d7:d2:f6:d2:f0:c7:6d:4f:29:f5:9e:
4e:e7:71:73:e6:8e:df:a1:44:0f:1c:c9:d5:6a:72:
94:a1:f7:06:d9:5c:78:89:21:a8:1a:53:37:63:ab:
b7:c5:a6:ea:e7:6f:36:c6:95:31:f6:ef:ff:0b:d9:
c3:29:75:59:bd:44:18:c2:bb:45:ad:6c:18:24:e8:
5f:52:5e:df:98:84:73:35:7e:09:6b:0c:d9:de:21:
7b:65:9a:25:56:68:82:95:09:da:db:d3:5b:9a:a2:
34:27:e9:da:66:de:48:4b:04:01:de:35:4f:c9:24:
a6:ce:2b:83:c0:c7:dd:cd:53:f3:7c:59:7f:54:88:
2c:de:b8:82:11:27:3f:f5:d7:6e:08:ad:7e:2f:3f:
aa:00:4d:77:af:76:d7:21:81:5a:98:d9:c7:5f:ee:
e9:8e:82:0a:96:39:e0:5b:f4:3c:7c:66:ae:62:3d:
fd:3e:d2:40:40:26:00:f3:fb:a0:ed:cc:33:6e:5a:
1d:89:fb:a7:3f:ce:b8:77:fb:e6:78:3d:8a:a1:01:
0a:b9:0e:5d:ba:85:a3:8e:85:b4:c3:20:07:ff:bb:
ad:14:54:bf:b8:b1:7e:13:56:9e:38:18:29:fd:f3:
ee:5d:ec:36:78:9d:8d:41:82:59:8f:89:6c:6b:cf:
d6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9F:8F:7B:37:8B:ED:40:40:4D:F8:45:FC:35:5C:5F:0D:0C:8B:1B
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/H5-PezeL7UBATfhF_DVcXw0Mixs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.78.0/24
37.235.88.0/21
45.15.204.0/22
45.138.192.0/22
46.29.120.0/21
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.197.240.0/21
185.31.148.0/22
185.39.168.0/22
185.71.148.0/22
185.75.140.0/22
185.117.18.0/24
185.161.44.0/22
185.167.76.0/24
185.181.4.0/22
185.218.212.0/22
185.227.0.0/22
185.246.26.0/24
185.246.96.0/22
185.252.156.0/22
194.88.112.0/21
194.126.178.0/24
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a01:6600:2e00::/40
2a02:21c8::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
9d:5b:db:41:f8:23:dd:ee:1a:0e:e5:bd:86:46:11:d9:45:c3:
47:9b:0d:22:eb:45:be:6f:57:2e:18:4f:18:97:01:18:23:52:
b3:38:6f:0b:87:24:9b:68:55:f9:26:de:ef:ff:a8:a8:09:92:
a4:79:1e:f0:3c:bc:1a:90:51:d0:66:30:a0:74:ce:ba:4e:97:
c2:73:c0:3b:16:ae:78:ff:9e:6f:8e:14:70:54:3a:6b:7a:fe:
83:ad:7e:1f:57:27:65:20:4b:90:18:7d:ed:b9:fc:71:d8:3d:
1f:e3:39:cf:80:cd:45:c5:11:39:98:7f:ee:85:68:94:1d:3a:
11:ea:7b:70:24:cd:db:2b:63:33:a4:bf:1f:5b:4d:31:d6:52:
48:62:c6:46:be:8b:d4:c0:00:38:18:64:a2:2e:08:de:bd:44:
fb:72:ec:a6:de:96:fd:e4:01:3e:1c:a7:a3:ef:4b:0c:7a:5e:
39:9f:dd:8a:c3:ff:41:7e:b6:e7:67:4e:02:54:c2:bc:4a:f9:
d0:ca:f9:1a:b5:c5:2d:05:89:0e:19:75:ad:9a:ad:2f:ff:31:
c2:27:4e:3c:81:51:71:26:53:d5:9c:af:ec:f7:5d:65:f3:dc:
9d:4a:d1:a7:5d:f9:37:a7:45:93:19:13:30:e6:89:3c:80:6d:
d2:82:f4:19
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZCXm0dDe+01vWikewv4OfKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwNzA5MTMwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjlmOGY3YjM3OGJlZDQwNDA0ZGY4NDVmYzM1NWM1ZjBkMGM4YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMCO19L20vDHbU8p9Z5O53Fz5o7f
oUQPHMnVanKUofcG2Vx4iSGoGlM3Y6u3xabq5282xpUx9u//C9nDKXVZvUQYwrtF
rWwYJOhfUl7fmIRzNX4JawzZ3iF7ZZolVmiClQna29NbmqI0J+naZt5ISwQB3jVP
ySSmziuDwMfdzVPzfFl/VIgs3riCESc/9dduCK1+Lz+qAE13r3bXIYFamNnHX+7p
joIKljngW/Q8fGauYj39PtJAQCYA8/ug7cwzblodifunP864d/vmeD2KoQEKuQ5d
uoWjjoW0wyAH/7utFFS/uLF+E1aeOBgp/fPuXew2eJ2NQYJZj4lsa8/WiQIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFB+fj3s3i+1AQE34Rfw1XF8NDIsbMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvSDUtUGV6ZUw3VUJBVGZoRl9EVmNYdzBNaXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBqQQCAAEwgaIDBAAl
EE4DBAMl61gDBAItD8wDBAItisADBAMuHXgDBAJV0NgDBABb1OwDBABb5YgDBAJe
nrQDBANtxfADBAK5H5QDBAK5J6gDBAK5R5QDBAK5S4wDBAC5dRIDBAK5oSwDBAC5
p0wDBAK5tQQDBAK52tQDBAK54wADBAC59hoDBAK59mADBAK5/JwDBAPCWHADBADC
frIDBALDWnQDBADDvhswMwQCAAIwLTAOAwUFKgC6YAMFACoAumIDBQAqALpnAwYA
KgFmAC4DBQAqAiHIAwUDKgmMQDANBgkqhkiG9w0BAQsFAAOCAQEAnVvbQfgj3e4a
DuW9hkYR2UXDR5sNIutFvm9XLhhPGJcBGCNSszhvC4ckm2hV+Sbe7/+oqAmSpHke
8Dy8GpBR0GYwoHTOuk6XwnPAOxaueP+eb44UcFQ6a3r+g61+H1cnZSBLkBh97bn8
cdg9H+M5z4DNRcUROZh/7oVolB06Eep7cCTN2ytjM6S/H1tNMdZSSGLGRr6L1MAA
OBhkoi4I3r1E+3Lspt6W/eQBPhyno+9LDHpeOZ/disP/QX6252dOAlTCvEr50Mr5
GrXFLQWJDhl1rZqtL/8xwidOPIFRcSZT1Zyv7PddZfPcnUrRp135N6dFkxkTMOaJ
PIBt0oL0GQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:17:35 2025 by rpki-client