Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/7I2osiEcNYF4dsik5aKRsxdgVDw.roa
File: 7I2osiEcNYF4dsik5aKRsxdgVDw.roa (raw, json)
Hash identifier: QM2yZU65OoqNi2Ct5jVrC03QpRi0iWrO8Iq6k1lXex0=
Subject key identifier: EC:8D:A8:B2:21:1C:35:81:78:76:C8:A4:E5:A2:91:B3:17:60:54:3C
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 018DEB4A3FED7E9F68AD600F8D5F64661453
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/7I2osiEcNYF4dsik5aKRsxdgVDw.roa
Signing time: Tue 27 Feb 2024 15:58:48 +0000
ROA not before: Tue 27 Feb 2024 15:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.172.0/24 maxlen: 24
79.141.174.0/23 maxlen: 23
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:25:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:4a:3f:ed:7e:9f:68:ad:60:0f:8d:5f:64:66:14:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Feb 27 15:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec8da8b2211c35817876c8a4e5a291b31760543c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1e:1a:bc:83:ce:bd:17:8b:a2:cb:2a:29:4a:
28:6a:83:8f:67:7e:01:2c:61:0c:90:02:13:e5:8f:
15:8e:9b:46:07:36:97:8e:fd:a4:65:13:47:d4:a0:
97:39:4a:ff:53:08:ef:47:b1:9e:b5:5d:5a:b4:3e:
9f:ab:7b:3e:26:d4:32:ed:ee:67:1c:ce:5b:1b:52:
43:81:24:be:5c:f7:2e:b2:e0:0d:96:b3:15:87:37:
07:05:93:6e:45:31:33:77:12:cc:79:10:46:ff:88:
2e:09:49:e9:41:c3:d1:7a:5d:95:17:24:e9:f6:78:
68:a5:2d:74:36:d8:ac:3a:26:77:5c:5f:5e:81:1d:
22:7b:c9:9c:17:77:9f:65:c0:02:1f:85:a7:6d:1f:
38:30:53:2e:0d:a0:68:9f:4e:45:7e:0e:cf:74:3e:
15:ae:d8:64:9a:a4:31:8c:00:34:c0:c0:ee:d0:6a:
59:e4:ae:36:87:44:07:98:69:8c:17:66:81:d5:98:
ec:ba:06:40:ba:ec:ce:00:3a:87:34:02:c3:9f:a9:
a1:8f:13:bb:bd:c5:43:0b:9f:7e:ab:fe:d0:69:85:
8d:c6:9f:57:b6:1b:b5:fc:26:d1:15:33:a3:0a:07:
ea:49:6d:b5:25:b7:9f:3a:25:33:de:ab:70:1e:14:
06:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8D:A8:B2:21:1C:35:81:78:76:C8:A4:E5:A2:91:B3:17:60:54:3C
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/7I2osiEcNYF4dsik5aKRsxdgVDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.172.0/24
79.141.174.0/23
89.150.57.0/24
91.193.18.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.235.137.0-185.235.138.255
193.42.36.0/24
193.42.39.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
68:a8:e7:95:95:cc:f3:18:22:2c:d1:77:81:42:fb:ee:7e:74:
6d:4b:08:ad:36:0a:b2:52:da:ec:e6:7f:3d:16:8d:51:3a:0f:
ea:a6:48:95:f9:35:57:3d:00:3a:74:52:79:b8:a3:c8:3c:1d:
ef:31:3b:79:05:9e:2c:a0:0f:34:da:8d:83:76:bf:d7:48:4c:
14:cc:7b:a6:c1:c6:33:e0:a7:b8:3c:c5:41:e9:03:a1:46:86:
ba:90:3d:52:85:78:bb:73:7e:99:42:9a:bd:a3:b2:b1:29:62:
a3:47:4b:39:a1:d2:00:9c:d8:bf:6a:ee:eb:b6:45:b6:5a:09:
e7:fb:79:b3:d2:21:6f:0d:7f:a9:fe:cc:e7:94:c2:17:d8:49:
ac:fb:3a:e6:4b:c1:3a:02:d4:a9:1f:f5:e5:d0:f3:b6:e5:7f:
46:97:22:79:3b:48:0b:9c:8b:e9:b6:84:9b:7b:23:16:d5:a5:
79:c5:8c:d6:a9:12:19:21:07:32:df:f0:8e:08:46:a7:d0:75:
16:2c:8f:96:4d:b8:14:4a:fc:0d:77:ec:48:92:7c:77:ca:9d:
5f:f7:c9:24:2a:c6:97:e6:3f:86:cc:d9:5b:6d:b1:a6:e7:53:
71:ae:20:dd:d2:0c:1b:75:57:76:67:f7:bf:27:89:72:20:8b:
ae:05:cf:a2
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAY3rSj/tfp9orWAPjV9kZhRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjQwMjI3MTU1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzhkYThiMjIxMWMzNTgxNzg3NmM4YTRlNWEyOTFiMzE3NjA1NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B4avIPOvReLossqKUooaoOPZ34B
LGEMkAIT5Y8VjptGBzaXjv2kZRNH1KCXOUr/UwjvR7GetV1atD6fq3s+JtQy7e5n
HM5bG1JDgSS+XPcusuANlrMVhzcHBZNuRTEzdxLMeRBG/4guCUnpQcPRel2VFyTp
9nhopS10NtisOiZ3XF9egR0ie8mcF3efZcACH4WnbR84MFMuDaBon05Ffg7PdD4V
rthkmqQxjAA0wMDu0GpZ5K42h0QHmGmMF2aB1ZjsugZAuuzOADqHNALDn6mhjxO7
vcVDC59+q/7QaYWNxp9Xthu1/CbRFTOjCgfqSW21JbefOiUz3qtwHhQGxwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFOyNqLIhHDWBeHbIpOWikbMXYFQ8MB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvN0kyb3NpRWNOWUY0ZHNpazVhS1JzeGRnVkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCBkQQCAAEwgYoDBAEF
lfgDBAEFlf4wDAMEAk1TxAMEAE1TxgMEAU+NpAMEAE+NrAMEAU+NrgMEAFmWOQME
AFvBEgMEArlQNAMEAblRcjAMAwQGuWjAAwQAuWjCAwQCuXVYAwQAuXtmAwQAua6F
AwQAua6HMAwDBAC564kDBAC564oDBADBKiQDBADBKicDBADDX5swUgQCAAIwTAMH
ACoBhkAAAAMHACoBhkAAAgMHACoBhkAABjASAwcAKgGGQAAJAwcAKgGGQAAKAwcA
KgGGQAAPMBIDBwAqAYZAABEDBwAqAYZAABQwDQYJKoZIhvcNAQELBQADggEBAGio
55WVzPMYIizRd4FC++5+dG1LCK02CrJS2uzmfz0WjVE6D+qmSJX5NVc9ADp0Unm4
o8g8He8xO3kFniygDzTajYN2v9dITBTMe6bBxjPgp7g8xUHpA6FGhrqQPVKFeLtz
fplCmr2jsrEpYqNHSzmh0gCc2L9q7uu2RbZaCef7ebPSIW8Nf6n+zOeUwhfYSaz7
OuZLwToC1Kkf9eXQ87blf0aXInk7SAuci+m2hJt7IxbVpXnFjNapEhkhBzLf8I4I
RqfQdRYsj5ZNuBRK/A137EiSfHfKnV/3ySQqxpfmP4bM2VttsabnU3GuIN3SDBt1
V3Zn978niXIgi64Fz6I=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:19 2025 by rpki-client