Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/OTjiVhetnP1uzkg0-BFULzckcjc.roa
File: OTjiVhetnP1uzkg0-BFULzckcjc.roa (raw, json)
Hash identifier: M7AkAso8dn2eXp5RCT2+6LcbK8ZUtwo30LBXYFDUgxc=
Subject key identifier: 39:38:E2:56:17:AD:9C:FD:6E:CE:48:34:F8:11:54:2F:37:24:72:37
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 019428230929F0DDED8C1FE88C27C0915F6F
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/OTjiVhetnP1uzkg0-BFULzckcjc.roa
Signing time: Thu 02 Jan 2025 17:49:32 +0000
ROA not before: Thu 02 Jan 2025 17:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 79.137.184.0/24 maxlen: 24
79.137.194.0/23 maxlen: 23
79.137.196.0/22 maxlen: 22
79.137.202.0/23 maxlen: 23
79.137.204.0/23 maxlen: 23
79.137.206.0/24 maxlen: 24
79.137.207.0/24 maxlen: 24
79.137.248.0/24 maxlen: 24
85.192.24.0/24 maxlen: 24
85.192.25.0/24 maxlen: 24
85.192.26.0/24 maxlen: 24
85.192.27.0/24 maxlen: 24
85.192.28.0/24 maxlen: 24
85.192.29.0/24 maxlen: 24
85.192.31.0/24 maxlen: 24
85.192.37.0/24 maxlen: 24
85.192.40.0/23 maxlen: 23
85.192.42.0/24 maxlen: 24
85.192.56.0/24 maxlen: 24
85.192.60.0/24 maxlen: 24
85.192.61.0/24 maxlen: 24
85.192.63.0/24 maxlen: 24
89.208.96.0/24 maxlen: 24
89.208.97.0/24 maxlen: 24
89.208.103.0/24 maxlen: 24
89.208.104.0/22 maxlen: 22
95.163.152.0/24 maxlen: 24
95.163.153.0/24 maxlen: 24
185.125.100.0/24 maxlen: 24
185.125.101.0/24 maxlen: 24
185.125.102.0/24 maxlen: 24
185.125.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 13:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:09:29:f0:dd:ed:8c:1f:e8:8c:27:c0:91:5f:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Jan 2 17:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3938e25617ad9cfd6ece4834f811542f37247237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f2:3c:84:38:79:ef:70:1f:59:e0:2f:47:4d:
35:69:10:2c:5f:ff:94:f4:ee:3a:08:98:73:3b:64:
7d:70:e2:94:8f:8d:97:e1:84:84:2f:b3:74:55:90:
63:ab:85:a7:0f:6b:2c:2f:4a:eb:43:1c:f4:60:9f:
ba:7d:8e:97:59:7d:ba:f9:6f:22:69:2d:f4:ac:c2:
e3:d9:04:47:e3:02:48:5f:ca:d6:a1:ec:fe:44:c2:
b6:b4:d5:47:85:27:ee:48:d4:58:82:8a:9c:73:84:
ed:7f:1f:49:78:08:0d:69:d4:2a:37:98:52:85:bf:
f3:8d:a7:93:a5:6d:76:08:40:71:2f:fe:e5:76:e8:
8a:76:4d:fb:9e:cb:c2:e0:60:4f:84:5a:27:b1:ba:
5b:1e:38:f3:07:c9:e0:bd:ab:a2:4b:45:9f:32:bc:
25:92:7c:04:35:c1:ea:5c:fb:4f:b2:3a:5e:c6:56:
63:60:66:e0:d5:e2:99:b8:4f:23:89:bc:27:ad:88:
69:f0:87:5b:50:97:ef:15:0c:62:08:f1:03:bd:07:
4f:7f:ee:fc:06:37:e8:6d:45:22:1d:5b:0c:e6:71:
10:d1:27:72:bd:c3:35:56:75:a3:35:92:36:6f:fa:
de:9c:3b:21:7c:8d:85:4e:d3:51:78:7a:3b:74:97:
c5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:38:E2:56:17:AD:9C:FD:6E:CE:48:34:F8:11:54:2F:37:24:72:37
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/OTjiVhetnP1uzkg0-BFULzckcjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.184.0/24
79.137.194.0-79.137.199.255
79.137.202.0-79.137.207.255
79.137.248.0/24
85.192.24.0-85.192.29.255
85.192.31.0/24
85.192.37.0/24
85.192.40.0-85.192.42.255
85.192.56.0/24
85.192.60.0/23
85.192.63.0/24
89.208.96.0/23
89.208.103.0-89.208.107.255
95.163.152.0/23
185.125.100.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:ad:8d:d4:57:7b:0b:cb:d6:3a:31:8e:34:e2:54:1e:0c:4f:
53:0e:77:dd:28:15:77:e2:c9:01:34:88:7d:07:1f:70:c9:36:
de:2c:c0:3a:78:ac:59:04:a5:a2:e3:e8:d2:93:4a:b2:d7:8a:
14:56:87:9d:1d:80:6d:0d:f6:a6:49:23:79:5d:26:4d:d4:0e:
21:fa:b3:34:59:43:cb:c1:de:04:fc:a4:fb:8f:8a:61:66:16:
eb:82:43:fe:6e:bb:f4:f7:d9:97:b0:de:36:ca:9a:bf:a2:74:
32:ac:dd:5f:e4:e4:42:bb:ea:76:44:d9:4a:19:39:11:56:a8:
6b:ec:c6:4e:98:af:d2:73:f9:87:d0:83:08:93:7d:12:07:c3:
bd:25:d0:24:4a:66:8a:85:00:c5:39:e8:88:5a:5d:03:e9:2a:
36:28:68:22:a4:6e:34:84:46:cf:69:98:28:dd:ee:93:8c:42:
70:a7:52:00:28:88:8b:9a:d2:e0:99:7b:f1:92:12:2d:fb:2e:
dc:24:f5:81:b3:d1:21:62:3a:40:df:d6:2e:e1:33:33:01:03:
08:01:47:2f:eb:9a:ec:d4:37:28:27:c0:1a:96:d5:63:ad:87:
91:68:5e:9f:b5:46:e0:25:15:ee:03:ea:5e:3a:e0:88:4a:a9:
71:96:97:6e
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZQoIwkp8N3tjB/ojCfAkV9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjUwMTAyMTc0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTM4ZTI1NjE3YWQ5Y2ZkNmVjZTQ4MzRmODExNTQyZjM3MjQ3MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/I8hDh573AfWeAvR001aRAsX/+U
9O46CJhzO2R9cOKUj42X4YSEL7N0VZBjq4WnD2ssL0rrQxz0YJ+6fY6XWX26+W8i
aS30rMLj2QRH4wJIX8rWoez+RMK2tNVHhSfuSNRYgoqcc4Ttfx9JeAgNadQqN5hS
hb/zjaeTpW12CEBxL/7lduiKdk37nsvC4GBPhFonsbpbHjjzB8ngvauiS0WfMrwl
knwENcHqXPtPsjpexlZjYGbg1eKZuE8jibwnrYhp8IdbUJfvFQxiCPEDvQdPf+78
BjfobUUiHVsM5nEQ0SdyvcM1VnWjNZI2b/renDshfI2FTtNReHo7dJfF4QIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFDk44lYXrZz9bs5INPgRVC83JHI3MB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvT1RqaVZoZXRuUDF1emtnMC1CRlVMemNrY2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABP
ibgwDAMEAU+JwgMEA0+JwDAMAwQBT4nKAwQET4nAAwQAT4n4MAwDBANVwBgDBAFV
wBwDBABVwB8DBABVwCUwDAMEA1XAKAMEAFXAKgMEAFXAOAMEAVXAPAMEAFXAPwME
AVnQYDAMAwQAWdBnAwQCWdBoAwQBX6OYAwQCuX1kMA0GCSqGSIb3DQEBCwUAA4IB
AQBMrY3UV3sLy9Y6MY404lQeDE9TDnfdKBV34skBNIh9Bx9wyTbeLMA6eKxZBKWi
4+jSk0qy14oUVoedHYBtDfamSSN5XSZN1A4h+rM0WUPLwd4E/KT7j4phZhbrgkP+
brv099mXsN42ypq/onQyrN1f5ORCu+p2RNlKGTkRVqhr7MZOmK/Sc/mH0IMIk30S
B8O9JdAkSmaKhQDFOeiIWl0D6So2KGgipG40hEbPaZgo3e6TjEJwp1IAKIiLmtLg
mXvxkhIt+y7cJPWBs9EhYjpA39Yu4TMzAQMIAUcv65rs1DcoJ8AaltVjrYeRaF6f
tUbgJRXuA+peOuCISqlxlpdu
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:52 2025 by rpki-client