Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/KVqI0dAXS3bIqTe0uIP-ywlBq4A.roa
File: KVqI0dAXS3bIqTe0uIP-ywlBq4A.roa (raw, json)
Hash identifier: iVP/02HdhRf0Xmj2ZCw/OMsQU+5+USKxHMGmG+VSrKQ=
Subject key identifier: 29:5A:88:D1:D0:17:4B:76:C8:A9:37:B4:B8:83:FE:CB:09:41:AB:80
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 01955C87845F8C1813EDD0FE4C612EEDA0B8
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/KVqI0dAXS3bIqTe0uIP-ywlBq4A.roa
Signing time: Mon 03 Mar 2025 15:02:19 +0000
ROA not before: Mon 03 Mar 2025 15:02:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 79.137.133.0/24 maxlen: 24
79.137.184.0/24 maxlen: 24
79.137.194.0/23 maxlen: 23
79.137.196.0/22 maxlen: 22
79.137.202.0/23 maxlen: 23
79.137.204.0/23 maxlen: 23
79.137.206.0/24 maxlen: 24
79.137.207.0/24 maxlen: 24
79.137.248.0/24 maxlen: 24
85.192.24.0/24 maxlen: 24
85.192.25.0/24 maxlen: 24
85.192.26.0/24 maxlen: 24
85.192.27.0/24 maxlen: 24
85.192.28.0/24 maxlen: 24
85.192.29.0/24 maxlen: 24
85.192.31.0/24 maxlen: 24
85.192.37.0/24 maxlen: 24
85.192.38.0/24 maxlen: 24
85.192.40.0/23 maxlen: 23
85.192.42.0/24 maxlen: 24
85.192.48.0/24 maxlen: 24
85.192.49.0/24 maxlen: 24
85.192.56.0/24 maxlen: 24
85.192.60.0/24 maxlen: 24
85.192.61.0/24 maxlen: 24
85.192.63.0/24 maxlen: 24
89.208.96.0/24 maxlen: 24
89.208.97.0/24 maxlen: 24
89.208.103.0/24 maxlen: 24
89.208.104.0/22 maxlen: 22
89.208.113.0/24 maxlen: 24
89.208.137.0/24 maxlen: 24
89.208.142.0/24 maxlen: 24
92.38.240.0/24 maxlen: 24
92.38.241.0/24 maxlen: 24
95.163.152.0/24 maxlen: 24
95.163.153.0/24 maxlen: 24
95.163.176.0/24 maxlen: 24
185.125.100.0/24 maxlen: 24
185.125.101.0/24 maxlen: 24
185.125.102.0/24 maxlen: 24
185.125.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 14:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:87:84:5f:8c:18:13:ed:d0:fe:4c:61:2e:ed:a0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Mar 3 15:02:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=295a88d1d0174b76c8a937b4b883fecb0941ab80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:30:7d:61:15:c0:ee:9a:7a:47:a9:f3:73:6d:
d9:11:06:36:5b:e8:39:93:cf:65:a5:a8:c3:0b:33:
4f:db:d9:ac:5e:b6:ca:5f:50:5d:1e:43:8a:e6:36:
42:da:77:79:e7:92:81:fc:d5:57:a8:2a:40:42:a0:
20:80:8f:82:cb:4e:6f:fc:95:e6:3d:5d:ab:f8:28:
d0:00:2e:f0:41:ab:58:f7:99:50:05:75:0e:ea:ab:
08:12:80:75:74:e0:16:aa:14:92:bf:0a:a1:8f:a3:
de:da:67:1a:18:62:a3:c3:d4:83:37:d7:b1:6f:88:
d9:fb:9f:28:97:78:db:fd:16:4d:ab:d3:9d:e9:de:
bc:67:a7:48:70:af:11:45:35:ca:28:38:0a:c6:8a:
88:a4:f7:a1:98:50:a6:4d:b8:ca:e7:8d:95:2f:35:
c1:e9:d9:bc:9c:55:6f:6a:5c:57:fc:3c:72:72:47:
53:4a:de:25:d7:11:c6:63:40:e0:33:85:1e:79:05:
9b:98:30:21:07:f4:ea:9b:f1:9c:46:67:bc:cf:b5:
2a:e5:29:2a:c9:9f:76:b1:16:eb:2a:ba:5d:a0:68:
95:1e:e4:d6:c4:5c:b8:77:1d:bb:1b:a1:61:83:7b:
f9:3d:46:bd:9d:6d:3d:b8:7a:c3:d8:3a:8a:4d:36:
64:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5A:88:D1:D0:17:4B:76:C8:A9:37:B4:B8:83:FE:CB:09:41:AB:80
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/KVqI0dAXS3bIqTe0uIP-ywlBq4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.133.0/24
79.137.184.0/24
79.137.194.0-79.137.199.255
79.137.202.0-79.137.207.255
79.137.248.0/24
85.192.24.0-85.192.29.255
85.192.31.0/24
85.192.37.0-85.192.38.255
85.192.40.0-85.192.42.255
85.192.48.0/23
85.192.56.0/24
85.192.60.0/23
85.192.63.0/24
89.208.96.0/23
89.208.103.0-89.208.107.255
89.208.113.0/24
89.208.137.0/24
89.208.142.0/24
92.38.240.0/23
95.163.152.0/23
95.163.176.0/24
185.125.100.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:1e:cb:ca:1a:43:a8:86:e1:80:db:c4:a0:98:f9:25:34:ea:
d2:8e:93:29:f0:f0:ac:e2:0e:72:de:02:5d:35:53:5e:3b:82:
85:55:2b:19:fe:16:0f:16:04:b5:65:d0:97:8f:bd:07:db:a0:
4e:39:64:d6:f2:33:11:12:aa:ea:d4:c2:0e:b7:d5:73:73:7b:
6c:96:a1:91:4b:4c:a1:2b:ee:96:54:f1:77:cc:c4:da:ec:17:
0e:49:4e:f9:d4:c5:8d:9e:11:35:b2:8c:a6:4c:08:2e:57:c7:
0e:42:1b:9d:aa:f5:7b:d7:c6:df:26:f2:5c:2e:3a:d5:eb:49:
8b:f3:c2:42:0d:d3:7e:df:8a:83:31:d5:8c:d9:d9:f7:bd:5f:
71:19:c7:d0:5b:4f:a6:57:c5:64:6a:68:87:19:d4:04:96:cd:
27:6d:f3:11:21:17:b4:6b:c3:8e:5d:cc:28:98:43:d8:3e:69:
a7:c9:e7:d3:c8:a9:05:07:5e:f3:1e:56:fc:b2:2f:29:e9:6a:
d7:eb:9b:3e:d2:47:32:ed:7f:15:b3:e9:57:9f:e0:b0:51:79:
12:91:17:e7:92:bb:70:56:e4:88:dd:4b:36:ad:ee:b0:e8:9b:
c2:dd:20:c3:3e:e3:fa:c8:67:fb:0a:76:4e:77:95:c9:0f:19:
e1:1e:73:70
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZVch4RfjBgT7dD+TGEu7aC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjUwMzAzMTUwMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTVhODhkMWQwMTc0Yjc2YzhhOTM3YjRiODgzZmVjYjA5NDFhYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjB9YRXA7pp6R6nzc23ZEQY2W+g5
k89lpajDCzNP29msXrbKX1BdHkOK5jZC2nd555KB/NVXqCpAQqAggI+Cy05v/JXm
PV2r+CjQAC7wQatY95lQBXUO6qsIEoB1dOAWqhSSvwqhj6Pe2mcaGGKjw9SDN9ex
b4jZ+58ol3jb/RZNq9Od6d68Z6dIcK8RRTXKKDgKxoqIpPehmFCmTbjK542VLzXB
6dm8nFVvalxX/DxyckdTSt4l1xHGY0DgM4UeeQWbmDAhB/Tqm/GcRme8z7Uq5Skq
yZ92sRbrKrpdoGiVHuTWxFy4dx27G6Fhg3v5PUa9nW09uHrD2DqKTTZkdwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFClaiNHQF0t2yKk3tLiD/ssJQauAMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvS1ZxSTBkQVhTM2JJcVRlMHVJUC15d2xCcTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBABP
iYUDBABPibgwDAMEAU+JwgMEA0+JwDAMAwQBT4nKAwQET4nAAwQAT4n4MAwDBANV
wBgDBAFVwBwDBABVwB8wDAMEAFXAJQMEAFXAJjAMAwQDVcAoAwQAVcAqAwQBVcAw
AwQAVcA4AwQBVcA8AwQAVcA/AwQBWdBgMAwDBABZ0GcDBAJZ0GgDBABZ0HEDBABZ
0IkDBABZ0I4DBAFcJvADBAFfo5gDBABfo7ADBAK5fWQwDQYJKoZIhvcNAQELBQAD
ggEBAH8ey8oaQ6iG4YDbxKCY+SU06tKOkynw8KziDnLeAl01U147goVVKxn+Fg8W
BLVl0JePvQfboE45ZNbyMxESqurUwg631XNze2yWoZFLTKEr7pZU8XfMxNrsFw5J
TvnUxY2eETWyjKZMCC5Xxw5CG52q9XvXxt8m8lwuOtXrSYvzwkIN037fioMx1YzZ
2fe9X3EZx9BbT6ZXxWRqaIcZ1ASWzSdt8xEhF7Rrw45dzCiYQ9g+aafJ59PIqQUH
XvMeVvyyLynpatfrmz7SRzLtfxWz6Vef4LBReRKRF+eSu3BW5IjdSzat7rDom8Ld
IMM+4/rIZ/sKdk53lckPGeEec3A=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:26 2025 by rpki-client