Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/5KrroNZ9dzY4BUSpzAwXScAZ0ME.roa
File: 5KrroNZ9dzY4BUSpzAwXScAZ0ME.roa (raw, json)
Hash identifier: 5HE7FTOxTeRnZ6u0xBzsDdUp4YEuAWPSQTZDyrlgEtA=
Subject key identifier: E4:AA:EB:A0:D6:7D:77:36:38:05:44:A9:CC:0C:17:49:C0:19:D0:C1
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018D167441509F9BBA48108F609484A900C5
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/5KrroNZ9dzY4BUSpzAwXScAZ0ME.roa
Signing time: Wed 17 Jan 2024 08:05:34 +0000
ROA not before: Wed 17 Jan 2024 08:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 2.137.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
83.47.0.0/16 maxlen: 16
83.52.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
83.60.0.0/16 maxlen: 16
83.63.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
88.15.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
192.101.1.0/24 maxlen: 24
194.179.112.0/24 maxlen: 24
195.53.0.0/16 maxlen: 16
195.53.193.0/24 maxlen: 24
195.53.218.0/23 maxlen: 23
195.55.110.0/24 maxlen: 24
213.99.44.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 11:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:74:41:50:9f:9b:ba:48:10:8f:60:94:84:a9:00:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 17 08:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4aaeba0d67d7736380544a9cc0c1749c019d0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:6f:37:3a:56:1c:27:67:a0:44:dc:86:9e:16:
94:1a:2c:0b:6b:cf:e6:cb:87:aa:2e:7f:01:d2:82:
0c:93:34:26:86:c8:dc:36:d3:57:13:97:c3:ca:e8:
42:87:8f:5c:30:d6:be:97:25:ad:b0:ff:18:a1:a3:
11:c7:db:ea:f9:52:62:0e:3c:8b:39:a2:73:f0:8f:
f3:09:3a:8e:4f:3f:39:0f:6a:dd:b7:65:93:79:4f:
f1:e0:ca:2d:67:1d:5a:63:9b:7a:fa:e0:81:6d:21:
ac:2f:53:ab:f3:19:ca:c5:34:ef:c9:77:be:54:3c:
bc:35:e5:9a:aa:15:e0:12:39:e9:71:fb:a1:b8:c6:
0c:3c:5d:00:f5:52:e5:37:27:be:0a:28:d0:81:04:
5f:4d:51:1e:3c:7b:2f:47:16:50:ad:d9:a9:cc:35:
d8:b1:01:4e:5e:22:57:b9:0d:c5:45:15:55:62:7e:
73:16:5d:54:92:47:e3:ea:e0:d1:94:60:30:15:ea:
aa:97:73:71:88:27:e7:b7:5f:61:50:e5:6e:fb:c3:
45:02:db:8e:79:18:98:72:04:dd:18:aa:f4:87:9e:
df:21:e7:ce:56:10:6d:cb:01:84:1e:c1:51:f4:91:
9e:81:cf:7d:a4:bc:89:81:22:37:87:7a:fe:91:5b:
ea:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AA:EB:A0:D6:7D:77:36:38:05:44:A9:CC:0C:17:49:C0:19:D0:C1
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/5KrroNZ9dzY4BUSpzAwXScAZ0ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.137.0.0-2.138.255.255
79.144.0.0/14
80.30.0.0/15
81.32.0.0/16
81.34.0.0-81.41.255.255
83.32.0.0/14
83.37.0.0-83.39.255.255
83.47.0.0/16
83.52.0.0/14
83.57.0.0-83.60.255.255
83.63.0.0/16
88.0.0.0/15
88.8.0.0/14
88.13.0.0-88.16.255.255
88.24.0.0/15
192.101.1.0/24
194.179.112.0/24
195.53.0.0/16
195.55.110.0/24
213.99.44.0/24
213.99.59.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:3b:64:3d:ca:f1:7d:d4:fe:85:54:34:97:be:49:6b:90:bd:
45:71:3e:1c:b0:64:cc:41:89:9f:b7:09:2d:5f:4f:47:0a:89:
90:36:e7:d3:4d:46:ec:16:e1:60:29:b0:37:fe:5a:ac:66:fc:
2e:57:ae:80:9d:53:a2:6c:90:e0:8a:17:b2:33:1c:2a:26:7d:
31:05:cf:64:61:4d:3e:fe:e3:fc:cf:4b:d1:17:01:e9:82:85:
7d:7f:49:4d:71:c1:57:11:35:73:d4:03:f1:5a:ef:2b:db:9c:
e2:d1:e5:73:a4:59:d1:36:67:74:50:d6:be:21:4f:cb:a8:4b:
cd:18:3f:ff:bf:71:c1:e9:fc:a7:1f:0f:a9:17:2a:3b:4d:ae:
dc:77:5a:f8:b0:77:ab:cb:f6:f2:6b:c7:f0:61:22:90:e1:02:
b8:df:2d:80:4d:81:b1:10:d0:f7:b7:80:cb:24:dd:5b:ae:e4:
00:06:2c:74:f6:e2:d8:97:23:5e:23:63:eb:ea:99:c9:79:df:
ec:15:be:f1:e3:8a:3e:98:bc:d7:b9:25:8e:50:7f:b7:24:31:
a3:a0:ad:6b:0c:e2:13:5c:15:e6:1a:71:84:f7:77:4a:6c:3e:
94:24:af:f3:b4:ed:ec:17:53:be:e3:db:78:ae:e0:5d:66:df:
06:2c:ba:2b
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAY0WdEFQn5u6SBCPYJSEqQDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTE3MDgwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFhZWJhMGQ2N2Q3NzM2MzgwNTQ0YTljYzBjMTc0OWMwMTlkMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8m83OlYcJ2egRNyGnhaUGiwLa8/m
y4eqLn8B0oIMkzQmhsjcNtNXE5fDyuhCh49cMNa+lyWtsP8YoaMRx9vq+VJiDjyL
OaJz8I/zCTqOTz85D2rdt2WTeU/x4MotZx1aY5t6+uCBbSGsL1Or8xnKxTTvyXe+
VDy8NeWaqhXgEjnpcfuhuMYMPF0A9VLlNye+CijQgQRfTVEePHsvRxZQrdmpzDXY
sQFOXiJXuQ3FRRVVYn5zFl1Ukkfj6uDRlGAwFeqql3NxiCfnt19hUOVu+8NFAtuO
eRiYcgTdGKr0h57fIefOVhBtywGEHsFR9JGegc99pLyJgSI3h3r+kVvqpwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFOSq66DWfXc2OAVEqcwMF0nAGdDBMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvNUtycm9OWjlkelk0QlVTcHpBd1hTY0FaME1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBmAQCAAEwgZEwCgMD
AAKJAwMAAooDAwJPkAMDAVAeAwMAUSAwCgMDAVEiAwMBUSgDAwJTIDAKAwMAUyUD
AwNTIAMDAFMvAwMCUzQwCgMDAFM5AwMAUzwDAwBTPwMDAVgAAwMCWAgwCgMDAFgN
AwMAWBADAwFYGAMEAMBlAQMEAMKzcAMDAMM1AwQAwzduAwQA1WMsAwQA1WM7MA0G
CSqGSIb3DQEBCwUAA4IBAQDPO2Q9yvF91P6FVDSXvklrkL1FcT4csGTMQYmftwkt
X09HComQNufTTUbsFuFgKbA3/lqsZvwuV66AnVOibJDgiheyMxwqJn0xBc9kYU0+
/uP8z0vRFwHpgoV9f0lNccFXETVz1APxWu8r25zi0eVzpFnRNmd0UNa+IU/LqEvN
GD//v3HB6fynHw+pFyo7Ta7cd1r4sHery/bya8fwYSKQ4QK43y2ATYGxEND3t4DL
JN1bruQABix09uLYlyNeI2Pr6pnJed/sFb7x44o+mLzXuSWOUH+3JDGjoK1rDOIT
XBXmGnGE93dKbD6UJK/ztO3sF1O+49t4ruBdZt8GLLor
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:55 2025 by rpki-client