Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/63JVyoKi0vMGXHIZkNO_gU30p3A.roa
File: 63JVyoKi0vMGXHIZkNO_gU30p3A.roa (raw, json)
Hash identifier: IKdp7+E10fmQxyfs1+XhXh7U8hgadUhB6Ai2ASe+7TA=
Subject key identifier: EB:72:55:CA:82:A2:D2:F3:06:5C:72:19:90:D3:BF:81:4D:F4:A7:70
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DE2DFFF1D1545F5CC090988295CDE
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/63JVyoKi0vMGXHIZkNO_gU30p3A.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31195
IP address blocks: 85.26.240.0/22 maxlen: 22
178.178.64.0/24 maxlen: 24
178.178.71.0/24 maxlen: 24
178.178.66.0/24 maxlen: 24
178.178.65.0/24 maxlen: 24
178.178.68.0/24 maxlen: 24
178.178.67.0/24 maxlen: 24
178.178.70.0/24 maxlen: 24
178.178.74.0/24 maxlen: 24
178.178.73.0/24 maxlen: 24
178.178.75.0/24 maxlen: 24
178.178.72.0/24 maxlen: 24
78.25.124.0/22 maxlen: 22
78.25.127.0/24 maxlen: 24
31.173.225.0/24 maxlen: 24
31.173.226.0/24 maxlen: 24
31.173.132.0/23 maxlen: 23
31.173.134.0/23 maxlen: 23
31.173.135.0/24 maxlen: 24
178.176.233.0/24 maxlen: 24
178.176.235.0/24 maxlen: 24
178.176.234.0/24 maxlen: 24
31.173.143.0/24 maxlen: 24
37.28.188.0/22 maxlen: 22
37.28.191.0/24 maxlen: 24
37.28.190.0/24 maxlen: 24
37.29.89.0/24 maxlen: 24
37.29.91.0/24 maxlen: 24
37.29.88.0/22 maxlen: 22
37.29.95.0/24 maxlen: 24
37.29.92.0/22 maxlen: 22
37.29.94.0/24 maxlen: 24
188.170.233.0/24 maxlen: 24
188.170.231.0/24 maxlen: 24
188.170.228.0/23 maxlen: 23
188.170.232.0/24 maxlen: 24
188.170.230.0/24 maxlen: 24
188.170.236.0/24 maxlen: 24
188.170.234.0/24 maxlen: 24
188.170.239.0/24 maxlen: 24
188.170.237.0/24 maxlen: 24
188.170.235.0/24 maxlen: 24
31.173.231.0/24 maxlen: 24
31.173.228.0/23 maxlen: 23
31.173.228.0/24 maxlen: 24
31.173.230.0/24 maxlen: 24
31.173.232.0/23 maxlen: 23
31.173.229.0/24 maxlen: 24
31.173.239.0/24 maxlen: 24
31.173.236.0/23 maxlen: 23
31.173.238.0/24 maxlen: 24
31.173.235.0/24 maxlen: 24
37.29.43.0/24 maxlen: 24
83.149.52.0/22 maxlen: 22
83.169.228.0/23 maxlen: 23
83.169.230.0/24 maxlen: 24
83.169.227.0/24 maxlen: 24
83.169.226.0/24 maxlen: 24
83.169.224.0/23 maxlen: 23
85.26.244.0/22 maxlen: 22
85.26.247.0/24 maxlen: 24
2a03:d006:400::/40 maxlen: 40
2a03:d006:500::/40 maxlen: 40
2a03:d006:200::/40 maxlen: 40
2a03:d006:300::/40 maxlen: 40
2a03:d006::/40 maxlen: 40
2a03:d006:100::/40 maxlen: 40
2a03:d006:600::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 13 Feb 2024 08:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e2:df:ff:1d:15:45:f5:cc:09:09:88:29:5c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb7255ca82a2d2f3065c721990d3bf814df4a770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:81:d7:1b:4a:a6:a9:b6:87:ca:5f:41:36:42:
e7:97:10:4a:63:db:c3:aa:92:00:74:4f:81:8a:d9:
a3:2c:8c:1d:75:c8:25:7b:20:24:ea:92:f7:48:d9:
e2:78:d8:45:52:46:df:b0:86:fe:8b:27:2c:1a:0a:
97:19:1f:fe:0c:ed:f1:2a:a7:85:fd:23:3e:83:72:
4f:c5:d2:f2:18:cd:db:2b:ad:52:96:a2:c5:bd:d4:
5c:f4:22:1b:1f:8a:ec:07:ba:5b:1b:73:c0:1e:07:
c6:f8:02:a9:29:9e:a4:a0:3d:c4:e0:21:06:27:a5:
a4:47:c7:3b:56:df:89:88:ee:cb:39:4b:65:d3:d8:
0e:82:4b:5d:68:82:fa:46:e5:8f:59:ae:f5:f9:b6:
3f:89:88:4f:20:da:3b:59:5a:2e:3b:69:4e:a8:be:
1b:d1:f4:9f:8f:70:81:8e:5e:d3:75:7a:67:f9:c2:
23:39:2b:1c:0c:1f:5b:b3:79:46:36:86:8c:09:dd:
e7:d0:78:d9:13:07:c9:c1:3c:d3:88:fe:c4:ce:71:
52:08:0a:8c:0b:9b:d2:b6:dc:43:77:b2:f4:19:30:
64:3b:7d:94:01:57:c7:bf:62:db:51:a5:5c:93:f7:
11:37:0e:44:a6:7d:1c:95:51:8f:89:3c:7f:14:12:
e1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:72:55:CA:82:A2:D2:F3:06:5C:72:19:90:D3:BF:81:4D:F4:A7:70
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/63JVyoKi0vMGXHIZkNO_gU30p3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.132.0/22
31.173.143.0/24
31.173.225.0-31.173.226.255
31.173.228.0-31.173.233.255
31.173.235.0-31.173.239.255
37.28.188.0/22
37.29.43.0/24
37.29.88.0/21
78.25.124.0/22
83.149.52.0/22
83.169.224.0-83.169.230.255
85.26.240.0/21
178.176.233.0-178.176.235.255
178.178.64.0-178.178.68.255
178.178.70.0-178.178.75.255
188.170.228.0-188.170.237.255
188.170.239.0/24
IPv6:
2a03:d006::-2a03:d006:6ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:6c:64:b8:24:f6:5c:89:c1:ef:c3:05:3a:77:3b:80:18:b8:
8d:b6:d5:84:a0:51:c6:13:86:a7:5b:18:b3:03:39:c0:e2:cf:
bb:9a:e6:df:4d:78:8e:cb:ea:ca:64:53:bf:89:c1:83:75:2a:
df:b2:f8:40:e8:02:2c:1b:5e:2d:46:da:7e:55:17:01:93:54:
65:96:15:d7:83:34:9f:10:4c:9b:67:3f:99:34:26:a9:18:2c:
60:3b:9f:bd:a5:ee:eb:2a:e9:1c:f0:da:da:a3:c8:c4:4e:0f:
e0:af:95:f0:b5:e5:86:dc:a3:ca:0e:e6:00:3c:c8:d4:d9:d6:
04:3c:ba:f2:3e:89:f6:08:3d:64:75:2a:fb:fc:4d:5a:f1:18:
5f:fd:91:4f:3a:e4:ba:37:32:74:f2:a2:7e:3b:25:19:1a:10:
1a:a5:4b:af:d2:61:7a:19:de:8a:52:9b:ea:41:45:9f:02:0c:
e1:ee:f6:53:91:fd:3b:07:b1:59:04:f7:92:92:c9:79:42:5b:
9f:01:ab:c7:cf:c0:2f:1e:3d:3e:67:b6:08:e7:3f:b2:e7:fd:
e6:34:14:26:67:17:1a:56:ac:0b:71:66:7f:ed:63:4a:52:37:
64:aa:e9:5d:1f:a8:e7:40:78:e0:3b:40:67:90:a6:42:1a:57:
90:f6:cd:49
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYzFbeLf/x0VRfXMCQmIKVzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjcyNTVjYTgyYTJkMmYzMDY1YzcyMTk5MGQzYmY4MTRkZjRhNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoHXG0qmqbaHyl9BNkLnlxBKY9vD
qpIAdE+BitmjLIwddcgleyAk6pL3SNnieNhFUkbfsIb+iycsGgqXGR/+DO3xKqeF
/SM+g3JPxdLyGM3bK61SlqLFvdRc9CIbH4rsB7pbG3PAHgfG+AKpKZ6koD3E4CEG
J6WkR8c7Vt+JiO7LOUtl09gOgktdaIL6RuWPWa71+bY/iYhPINo7WVouO2lOqL4b
0fSfj3CBjl7TdXpn+cIjOSscDB9bs3lGNoaMCd3n0HjZEwfJwTzTiP7EznFSCAqM
C5vSttxDd7L0GTBkO32UAVfHv2LbUaVck/cRNw5Epn0clVGPiTx/FBLhzwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFOtyVcqCotLzBlxyGZDTv4FN9KdwMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNjNKVnlvS2kwdk1HWEhJWmtOT19nVTMwcDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBrQQCAAEwgaYDBAIf
rYQDBAAfrY8wDAMEAB+t4QMEAB+t4jAMAwQCH63kAwQBH63oMAwDBAAfresDBAQf
reADBAIlHLwDBAAlHSsDBAMlHVgDBAJOGXwDBAJTlTQwDAMEBVOp4AMEAFOp5gME
A1Ua8DAMAwQAsrDpAwQCsrDoMAwDBAayskADBACyskQwDAMEAbKyRgMEArKySDAM
AwQCvKrkAwQBvKrsAwQAvKrvMBcEAgACMBEwDwMFASoD0AYDBgAqA9AGBjANBgkq
hkiG9w0BAQsFAAOCAQEAFmxkuCT2XInB78MFOnc7gBi4jbbVhKBRxhOGp1sYswM5
wOLPu5rm3014jsvqymRTv4nBg3Uq37L4QOgCLBteLUbaflUXAZNUZZYV14M0nxBM
m2c/mTQmqRgsYDufvaXu6yrpHPDa2qPIxE4P4K+V8LXlhtyjyg7mADzI1NnWBDy6
8j6J9gg9ZHUq+/xNWvEYX/2RTzrkujcydPKifjslGRoQGqVLr9JhehneilKb6kFF
nwIM4e72U5H9OwexWQT3kpLJeUJbnwGrx8/ALx49Pme2COc/suf95jQUJmcXGlas
C3Fmf+1jSlI3ZKrpXR+o50B44DtAZ5CmQhpXkPbNSQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:49 2025 by rpki-client