Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/4Sci6qpzQ8xqZKziRp9vj72RraY.roa
File: 4Sci6qpzQ8xqZKziRp9vj72RraY.roa (raw, json)
Hash identifier: pa1MHinLX6PFD8alFCcMTVlatEEuUrOp8c1OU71q1Kg=
Subject key identifier: E1:27:22:EA:AA:73:43:CC:6A:64:AC:E2:46:9F:6F:8F:BD:91:AD:A6
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DE3FE396182B6B5257950BACB2C77
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/4Sci6qpzQ8xqZKziRp9vj72RraY.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31213
IP address blocks: 85.26.128.0/20 maxlen: 20
85.26.212.0/22 maxlen: 22
85.26.208.0/22 maxlen: 22
109.188.128.0/17 maxlen: 17
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
78.25.120.0/22 maxlen: 22
188.170.80.0/21 maxlen: 21
188.170.92.0/22 maxlen: 22
176.106.130.0/24 maxlen: 24
176.106.131.0/24 maxlen: 24
37.28.160.0/21 maxlen: 21
37.28.168.0/21 maxlen: 21
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
188.170.66.0/24 maxlen: 24
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
94.25.232.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
94.25.228.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
83.149.0.0/21 maxlen: 21
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
94.25.208.0/22 maxlen: 22
188.162.64.0/23 maxlen: 23
37.29.48.0/21 maxlen: 21
94.25.216.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
2a03:d000:100::/40 maxlen: 40
2a03:d000::/40 maxlen: 40
2a03:d000:301::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 05 Mar 2024 06:40:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e3:fe:39:61:82:b6:b5:25:79:50:ba:cb:2c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e12722eaaa7343cc6a64ace2469f6f8fbd91ada6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:76:55:d6:fb:50:09:6d:e9:09:ef:43:0b:91:
56:0b:e4:0f:7b:ae:51:b6:32:33:7e:e7:2d:b9:fd:
95:69:f6:07:a5:b4:f7:d6:90:33:9d:12:66:4e:f2:
b2:5d:0f:f9:bd:d7:72:51:a3:29:83:cb:4a:93:59:
99:cd:96:c9:39:59:b0:91:7a:fa:11:bc:41:89:8a:
85:91:28:a4:10:8c:8f:2f:b0:59:47:2d:f5:6d:d8:
5d:e2:c2:e6:a8:19:ab:9a:f0:1d:ef:38:f4:d1:50:
93:93:74:eb:5c:e3:96:a7:e8:88:01:f4:3e:34:c2:
0a:5e:19:09:d7:06:1e:3e:1a:2d:46:49:f5:62:a4:
83:47:df:20:d2:5d:43:f0:87:9f:85:a7:ac:c0:5a:
98:65:c8:2a:13:c5:86:f1:29:7e:7d:ea:3c:55:af:
0c:fe:2b:14:54:89:28:a0:b5:b7:c4:98:df:58:09:
e5:64:74:0d:3c:30:55:da:41:ff:73:cd:bf:ab:67:
65:d2:35:d5:c6:c2:4c:bc:56:43:e7:fd:d6:fc:38:
1f:42:e1:75:ce:61:0e:25:a5:cf:6e:9a:58:9d:b2:
6b:97:c9:ca:7c:50:ad:8e:c8:0c:f5:0b:23:32:c6:
45:57:a6:2f:58:9c:81:ec:56:d8:29:49:a2:d2:55:
af:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:27:22:EA:AA:73:43:CC:6A:64:AC:E2:46:9F:6F:8F:BD:91:AD:A6
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/4Sci6qpzQ8xqZKziRp9vj72RraY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
176.106.130.0/23
188.162.64.0/23
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
IPv6:
2a03:d000::/39
2a03:d000:301::/48
Signature Algorithm: sha256WithRSAEncryption
31:33:ec:0e:74:28:c6:2d:96:2d:18:f5:71:3b:41:86:58:6e:
6d:6e:dc:19:33:de:fa:b4:e2:5f:84:09:15:f8:84:1f:ad:8e:
03:ae:bf:cd:e0:fc:59:05:7e:7f:0d:9e:0c:d5:5a:65:3c:db:
1d:2f:e1:04:3f:cd:b8:c5:26:30:93:1b:ea:6b:9b:52:89:9e:
d9:3e:04:d4:cf:50:81:87:e1:32:65:61:9b:2b:4d:bd:eb:0c:
8d:d4:b3:f0:5c:68:7e:5f:5f:f0:48:04:01:c7:53:5f:80:e3:
26:3a:50:fb:c2:e5:40:9d:84:cf:8f:2e:11:05:3e:d1:f7:e6:
60:ca:59:ef:b6:66:e6:b5:7e:06:9d:38:fb:73:2d:c7:93:24:
39:28:06:25:ff:b6:d5:77:0e:88:72:1f:17:b1:86:56:38:18:
b0:ed:95:94:56:d7:07:2d:e4:00:10:4f:94:bf:d1:94:46:6d:
ad:49:3d:cb:8b:a6:fb:6b:48:c5:66:79:40:f8:7f:1c:d6:94:
2c:47:0f:a9:e3:0a:b3:2b:bd:24:38:79:37:fa:c9:1c:33:ff:
86:cd:51:f7:d2:42:c8:59:53:d1:47:5e:6f:ad:4a:c5:88:3a:
e1:f3:ea:f8:9e:2e:d2:fe:bf:81:c6:34:1b:1c:88:92:1e:96:
58:96:31:06
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYzFbeP+OWGCtrUleVC6yyx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTI3MjJlYWFhNzM0M2NjNmE2NGFjZTI0NjlmNmY4ZmJkOTFhZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXZV1vtQCW3pCe9DC5FWC+QPe65R
tjIzfuctuf2VafYHpbT31pAznRJmTvKyXQ/5vddyUaMpg8tKk1mZzZbJOVmwkXr6
EbxBiYqFkSikEIyPL7BZRy31bdhd4sLmqBmrmvAd7zj00VCTk3TrXOOWp+iIAfQ+
NMIKXhkJ1wYePhotRkn1YqSDR98g0l1D8IefhaeswFqYZcgqE8WG8Sl+feo8Va8M
/isUVIkooLW3xJjfWAnlZHQNPDBV2kH/c82/q2dl0jXVxsJMvFZD5/3W/DgfQuF1
zmEOJaXPbppYnbJrl8nKfFCtjsgM9QsjMsZFV6YvWJyB7FbYKUmi0lWvuQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFOEnIuqqc0PMamSs4kafb4+9ka2mMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNFNjaTZxcHpROHhxWkt6aVJwOXZqNzJScmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBjQQCAAEwgYYDBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwQBsGqCAwQBvKJA
MAwDBAC8qkEDBAC8qkQwDAMEA7yqSAMEA7yqUAMEAryqXDAXBAIAAjARAwYBKgPQ
AAADBwAqA9AAAwEwDQYJKoZIhvcNAQELBQADggEBADEz7A50KMYtli0Y9XE7QYZY
bm1u3Bkz3vq04l+ECRX4hB+tjgOuv83g/FkFfn8NngzVWmU82x0v4QQ/zbjFJjCT
G+prm1KJntk+BNTPUIGH4TJlYZsrTb3rDI3Us/BcaH5fX/BIBAHHU1+A4yY6UPvC
5UCdhM+PLhEFPtH35mDKWe+2Zua1fgadOPtzLceTJDkoBiX/ttV3DohyHxexhlY4
GLDtlZRW1wct5AAQT5S/0ZRGba1JPcuLpvtrSMVmeUD4fxzWlCxHD6njCrMrvSQ4
eTf6yRwz/4bNUffSQshZU9FHXm+tSsWIOuHz6vieLtL+v4HGNBsciJIelliWMQY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:30 2025 by rpki-client