Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/4gZE9NHf0N4WcBNmep7IyfAcbh8.roa
File: 4gZE9NHf0N4WcBNmep7IyfAcbh8.roa (raw, json)
Hash identifier: OxplGv8K5fngfV9e5fcV1Jf/n30qcxtNYICC+9BneHo=
Subject key identifier: E2:06:44:F4:D1:DF:D0:DE:16:70:13:66:7A:9E:C8:C9:F0:1C:6E:1F
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 018DE5132CAB5374D0A1A80EA8A2820B3C43
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/4gZE9NHf0N4WcBNmep7IyfAcbh8.roa
Signing time: Mon 26 Feb 2024 11:00:55 +0000
ROA not before: Mon 26 Feb 2024 11:00:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210079
IP address blocks: 5.35.100.0/24 maxlen: 24
5.35.101.0/24 maxlen: 24
5.35.102.0/24 maxlen: 24
37.143.8.0/23 maxlen: 23
37.143.10.0/23 maxlen: 23
37.143.12.0/23 maxlen: 23
37.143.14.0/23 maxlen: 23
46.254.16.0/23 maxlen: 23
46.254.18.0/23 maxlen: 23
46.254.20.0/23 maxlen: 23
46.254.22.0/24 maxlen: 24
46.254.23.0/24 maxlen: 24
91.201.40.0/22 maxlen: 22
91.218.228.0/23 maxlen: 23
91.218.230.0/23 maxlen: 23
95.181.224.0/24 maxlen: 24
95.181.225.0/24 maxlen: 24
95.181.226.0/24 maxlen: 24
95.181.227.0/24 maxlen: 24
95.181.228.0/24 maxlen: 24
95.181.229.0/24 maxlen: 24
95.181.230.0/24 maxlen: 24
95.181.231.0/24 maxlen: 24
95.183.8.0/23 maxlen: 23
95.183.10.0/24 maxlen: 24
95.183.11.0/24 maxlen: 24
95.183.12.0/24 maxlen: 24
95.183.13.0/24 maxlen: 24
95.183.14.0/24 maxlen: 24
95.183.15.0/24 maxlen: 24
178.57.216.0/23 maxlen: 23
178.57.218.0/23 maxlen: 23
178.57.220.0/23 maxlen: 23
178.57.222.0/23 maxlen: 23
178.217.100.0/24 maxlen: 24
178.217.101.0/24 maxlen: 24
185.11.246.0/23 maxlen: 23
185.12.92.0/22 maxlen: 22
185.22.232.0/23 maxlen: 23
185.22.234.0/23 maxlen: 23
185.87.192.0/24 maxlen: 24
185.87.193.0/24 maxlen: 24
185.87.194.0/24 maxlen: 24
185.87.195.0/24 maxlen: 24
185.87.196.0/24 maxlen: 24
185.87.197.0/24 maxlen: 24
185.87.198.0/24 maxlen: 24
185.87.199.0/24 maxlen: 24
185.221.152.0/22 maxlen: 22
185.221.154.0/24 maxlen: 24
185.221.155.0/24 maxlen: 24
212.8.247.0/24 maxlen: 24
217.144.96.0/24 maxlen: 24
217.144.97.0/24 maxlen: 24
217.144.98.0/24 maxlen: 24
217.144.99.0/24 maxlen: 24
217.144.100.0/24 maxlen: 24
217.144.101.0/24 maxlen: 24
217.144.103.0/24 maxlen: 24
2a03:80c0::/48 maxlen: 48
2a03:80c0:1::/48 maxlen: 48
2a03:c980:db::/48 maxlen: 48
2a03:c980:e5::/48 maxlen: 48
2a03:c980:5fb5::/48 maxlen: 48
2a03:c980:5fb7::/48 maxlen: 48
2a03:c980:b239::/48 maxlen: 48
2a03:c980:b916::/48 maxlen: 48
2a03:c980:b957::/48 maxlen: 48
2a03:c980:beef::/48 maxlen: 48
2a03:c980:d990::/48 maxlen: 48
2a03:c980:dead::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 15 Jun 2024 10:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:13:2c:ab:53:74:d0:a1:a8:0e:a8:a2:82:0b:3c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Feb 26 11:00:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e20644f4d1dfd0de167013667a9ec8c9f01c6e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3a:e9:ad:99:47:d6:5f:de:69:e7:7f:da:f6:
d7:bd:e2:ac:c7:0f:1d:18:aa:6f:0e:70:bf:8e:5d:
b1:70:fa:75:1b:9e:c2:29:b7:60:73:75:19:09:00:
fc:25:78:fb:eb:26:0e:ff:16:a6:98:41:49:50:4f:
06:6c:3d:95:ec:ff:6c:74:f3:98:cb:c0:cf:34:65:
b5:7e:d2:82:bc:d0:25:3a:2a:b7:67:18:2f:70:d2:
37:ae:b8:b4:4f:37:b5:15:1f:b6:0f:e3:a1:a1:65:
b3:09:86:f5:ea:94:e6:ad:03:a9:cb:37:a4:96:d9:
bf:74:73:29:b7:3d:7b:f2:dc:26:8a:c9:66:d5:81:
3e:ea:27:f7:58:96:7e:3c:23:85:b0:d8:e4:bd:62:
1a:9d:f3:5a:e7:48:41:86:d5:52:ad:5d:5d:2c:07:
9a:d8:c7:66:9d:48:da:c6:02:20:ea:9b:5b:eb:6b:
54:4a:0a:cd:c2:b2:9c:4e:f8:ef:20:74:56:51:1c:
4c:e1:cd:4b:88:24:e2:bb:9d:32:24:1a:e7:c3:90:
83:97:33:ad:f0:c6:bc:6c:f7:44:b7:ca:03:aa:30:
8b:ef:42:dc:12:57:dd:a4:bb:61:43:e5:11:80:b2:
fb:7c:a3:2b:a2:7d:34:fa:c8:ee:e8:d7:76:90:c9:
6b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:06:44:F4:D1:DF:D0:DE:16:70:13:66:7A:9E:C8:C9:F0:1C:6E:1F
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/4gZE9NHf0N4WcBNmep7IyfAcbh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.100.0-5.35.102.255
37.143.8.0/21
46.254.16.0/21
91.201.40.0/22
91.218.228.0/22
95.181.224.0/21
95.183.8.0/21
178.57.216.0/21
178.217.100.0/23
185.11.246.0/23
185.12.92.0/22
185.22.232.0/22
185.87.192.0/21
185.221.152.0/22
212.8.247.0/24
217.144.96.0-217.144.101.255
217.144.103.0/24
IPv6:
2a03:80c0::/47
2a03:c980:db::/48
2a03:c980:e5::/48
2a03:c980:5fb5::/48
2a03:c980:5fb7::/48
2a03:c980:b239::/48
2a03:c980:b916::/48
2a03:c980:b957::/48
2a03:c980:beef::/48
2a03:c980:d990::/48
2a03:c980:dead::/48
Signature Algorithm: sha256WithRSAEncryption
10:16:5f:c9:11:83:21:93:bf:a7:2b:f0:ed:25:ed:ec:15:dd:
be:fd:4f:86:dd:1c:46:99:90:bf:06:4e:ec:96:df:fc:bf:0c:
a9:11:ff:29:4b:81:b8:bc:f3:42:82:f0:fb:10:ac:2a:0c:f9:
5b:bf:e7:41:89:85:d8:95:0b:33:47:f5:dd:bd:a3:ae:c5:16:
11:7c:7d:9b:69:38:4c:c0:29:e9:c0:54:59:08:4e:f4:8a:dd:
6c:6f:db:36:56:80:dc:7c:15:22:07:cd:cf:9f:b0:9a:20:85:
63:9f:f8:de:57:98:e7:69:24:76:99:2c:2e:f8:2f:73:2e:74:
40:35:2b:b2:89:34:58:e6:cf:09:67:9f:c8:ff:9b:1b:55:2c:
5f:5e:c4:24:80:fb:12:fd:71:ef:c7:02:4f:10:b5:cf:4b:1a:
93:62:9f:b1:bf:01:3e:55:26:fc:72:84:ca:71:e3:b1:25:7d:
66:ce:98:26:3d:f8:01:fe:02:15:4e:e4:76:ff:ce:56:4f:40:
eb:0c:f0:c5:c1:96:51:d2:05:b3:a8:36:1a:d4:66:16:b9:3f:
a2:0d:6a:7d:2b:16:a0:46:97:ef:be:6b:d5:05:d5:af:38:dc:
25:7a:03:cb:2e:9d:11:cb:49:e4:ff:8e:9e:41:80:83:af:4d:
cd:65:69:9f
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAY3lEyyrU3TQoagOqKKCCzxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjQwMjI2MTEwMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjA2NDRmNGQxZGZkMGRlMTY3MDEzNjY3YTllYzhjOWYwMWM2ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTrprZlH1l/eaed/2vbXveKsxw8d
GKpvDnC/jl2xcPp1G57CKbdgc3UZCQD8JXj76yYO/xammEFJUE8GbD2V7P9sdPOY
y8DPNGW1ftKCvNAlOiq3ZxgvcNI3rri0Tze1FR+2D+OhoWWzCYb16pTmrQOpyzek
ltm/dHMptz178twmislm1YE+6if3WJZ+PCOFsNjkvWIanfNa50hBhtVSrV1dLAea
2MdmnUjaxgIg6ptb62tUSgrNwrKcTvjvIHRWURxM4c1LiCTiu50yJBrnw5CDlzOt
8Ma8bPdEt8oDqjCL70LcElfdpLthQ+URgLL7fKMron00+sju6Nd2kMlrOQIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFOIGRPTR39DeFnATZnqeyMnwHG4fMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvNGdaRTlOSGYwTjRXY0JObWVwN0l5ZkFjYmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TB8BAIAATB2MAwDBAIF
I2QDBAAFI2YDBAMljwgDBAMu/hADBAJbySgDBAJb2uQDBANfteADBANftwgDBAOy
OdgDBAGy2WQDBAG5C/YDBAK5DFwDBAK5FugDBAO5V8ADBAK53ZgDBADUCPcwDAME
BdmQYAMEAdmQZAMEANmQZzBpBAIAAjBjAwcBKgOAwAAAAwcAKgPJgADbAwcAKgPJ
gADlAwcAKgPJgF+1AwcAKgPJgF+3AwcAKgPJgLI5AwcAKgPJgLkWAwcAKgPJgLlX
AwcAKgPJgL7vAwcAKgPJgNmQAwcAKgPJgN6tMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
Fl/JEYMhk7+nK/DtJe3sFd2+/U+G3RxGmZC/Bk7slt/8vwypEf8pS4G4vPNCgvD7
EKwqDPlbv+dBiYXYlQszR/XdvaOuxRYRfH2baThMwCnpwFRZCE70it1sb9s2VoDc
fBUiB83Pn7CaIIVjn/jeV5jnaSR2mSwu+C9zLnRANSuyiTRY5s8JZ5/I/5sbVSxf
XsQkgPsS/XHvxwJPELXPSxqTYp+xvwE+VSb8coTKceOxJX1mzpgmPfgB/gIVTuR2
/85WT0DrDPDFwZZR0gWzqDYa1GYWuT+iDWp9KxagRpfvvmvVBdWvONwlegPLLp0R
y0nk/46eQYCDr03NZWmf
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:33 2025 by rpki-client