Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/bLVXbKlLz05_yGwI2YITyiGKWiI.roa
File: bLVXbKlLz05_yGwI2YITyiGKWiI.roa (raw, json)
Hash identifier: YLvp20iEPkTwbQpwokIP5vDuT/hvV5/9U11J3QVLu38=
Subject key identifier: 6C:B5:57:6C:A9:4B:CF:4E:7F:C8:6C:08:D9:82:13:CA:21:8A:5A:22
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 0193B007D13AF72122F4E175CCFB64809DD1
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/bLVXbKlLz05_yGwI2YITyiGKWiI.roa
Signing time: Tue 10 Dec 2024 10:05:22 +0000
ROA not before: Tue 10 Dec 2024 10:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43915
IP address blocks: 5.181.104.0/22 maxlen: 22
45.66.36.0/22 maxlen: 22
45.80.160.0/22 maxlen: 22
45.130.56.0/22 maxlen: 22
45.143.112.0/22 maxlen: 22
45.152.28.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
79.135.122.0/23 maxlen: 24
87.117.64.0/22 maxlen: 22
87.117.68.0/23 maxlen: 23
91.239.57.0/24 maxlen: 24
94.154.184.0/22 maxlen: 24
109.224.216.0/22 maxlen: 22
109.224.224.0/22 maxlen: 24
109.224.224.0/23 maxlen: 23
109.224.226.0/23 maxlen: 24
109.224.234.0/23 maxlen: 24
109.224.236.0/22 maxlen: 22
109.224.240.0/23 maxlen: 24
144.178.104.0/23 maxlen: 23
144.178.118.0/23 maxlen: 23
144.178.252.0/23 maxlen: 23
147.189.156.0/22 maxlen: 24
147.189.214.0/24 maxlen: 24
176.116.116.0/22 maxlen: 22
178.248.128.0/21 maxlen: 21
185.23.254.0/23 maxlen: 24
185.147.184.0/22 maxlen: 22
185.161.4.0/22 maxlen: 22
185.231.136.0/21 maxlen: 21
193.35.146.0/23 maxlen: 23
194.105.134.0/23 maxlen: 24
194.145.242.0/23 maxlen: 24
194.146.160.0/22 maxlen: 24
195.184.250.0/23 maxlen: 23
195.206.172.0/22 maxlen: 24
195.242.148.0/23 maxlen: 23
195.244.2.0/23 maxlen: 23
212.59.72.0/21 maxlen: 24
212.108.90.0/23 maxlen: 23
213.225.224.0/22 maxlen: 24
217.14.184.0/21 maxlen: 21
217.20.244.0/22 maxlen: 24
217.171.100.0/22 maxlen: 22
217.171.104.0/22 maxlen: 22
2a07:5940::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:07:d1:3a:f7:21:22:f4:e1:75:cc:fb:64:80:9d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: Dec 10 10:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cb5576ca94bcf4e7fc86c08d98213ca218a5a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:53:72:b8:97:4c:36:df:16:22:21:11:68:73:
3e:15:a1:dd:69:d7:99:ab:2a:e9:49:19:9d:d3:61:
38:5f:05:1b:f7:62:60:b2:46:4a:0e:0e:ee:a7:d0:
0c:ca:0e:46:7a:1d:95:c7:fc:c7:29:2b:99:9c:64:
1a:11:a3:12:f7:7d:36:86:27:d7:f6:0a:30:27:30:
d6:ff:22:f1:bc:dc:a7:aa:83:e3:3b:9e:47:cc:11:
98:62:bd:42:15:6a:e7:b0:e3:f8:19:d8:60:08:dd:
76:6b:d3:e5:21:4e:8c:bd:0d:e2:72:34:91:12:de:
f2:cf:94:62:ea:7c:71:ba:89:fb:c9:82:1a:30:d1:
0c:ae:9e:3f:94:78:53:a5:bb:b1:64:a4:40:7c:70:
4e:60:18:c7:6b:cf:27:5f:17:2a:04:97:65:04:e3:
74:a0:12:a3:0f:e4:74:99:2b:86:01:8e:e9:b6:7d:
f4:60:f0:6e:07:f0:ff:de:3e:d4:69:d2:9a:79:a7:
94:69:09:e9:fd:67:dc:e6:a1:a8:3c:d5:3c:52:3a:
d0:b0:68:19:ca:25:20:31:e2:e2:17:d5:e7:df:21:
6f:e9:f6:3f:12:34:51:c6:b3:84:34:7a:57:76:91:
0b:8d:86:ef:82:e0:30:ef:1a:cb:65:6b:78:fb:c7:
d8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B5:57:6C:A9:4B:CF:4E:7F:C8:6C:08:D9:82:13:CA:21:8A:5A:22
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/bLVXbKlLz05_yGwI2YITyiGKWiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.104.0/22
45.66.36.0/22
45.80.160.0/22
45.130.56.0/22
45.143.112.0/22
45.152.28.0/22
62.169.148.0/23
79.135.122.0/23
87.117.64.0-87.117.69.255
91.239.57.0/24
94.154.184.0/22
109.224.216.0/22
109.224.224.0/22
109.224.234.0-109.224.241.255
144.178.104.0/23
144.178.118.0/23
144.178.252.0/23
147.189.156.0/22
147.189.214.0/24
176.116.116.0/22
178.248.128.0/21
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
185.231.136.0/21
193.35.146.0/23
194.105.134.0/23
194.145.242.0/23
194.146.160.0/22
195.184.250.0/23
195.206.172.0/22
195.242.148.0/23
195.244.2.0/23
212.59.72.0/21
212.108.90.0/23
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
217.171.100.0-217.171.107.255
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
51:5a:18:bf:16:06:d5:ba:76:8d:82:0f:75:fa:ca:a6:94:ad:
d2:26:4b:00:98:98:94:6d:89:64:c1:29:f4:85:0b:60:3d:37:
e8:ef:f2:ca:b6:2d:f6:68:09:36:bb:70:0f:58:3e:dd:42:d2:
9d:ca:87:e2:3b:05:3b:9f:99:e2:2c:90:86:d9:46:8a:22:e8:
4f:40:0b:10:bb:2a:cd:63:cb:2d:78:7a:bd:e9:e6:38:2b:11:
29:b3:20:41:d5:52:2a:a1:c9:22:12:7d:1e:63:a7:90:4b:0f:
30:1a:47:0e:97:40:f6:51:4e:e8:64:f7:2f:f4:cb:30:ba:06:
8e:08:46:d0:6c:86:b9:75:eb:f7:c6:b0:09:06:24:a1:f0:3c:
e8:6a:ac:6f:90:97:2e:b6:c7:ad:eb:66:ab:60:09:c9:3a:95:
3c:89:f2:f0:82:14:f4:52:f1:ac:09:ff:23:43:27:3a:ef:ab:
1d:56:ff:bc:24:81:8a:2c:b3:6b:91:14:9c:bf:9e:6f:d7:88:
b0:ef:b2:b6:2d:44:d5:45:04:13:3d:1c:60:4c:08:c9:d4:e4:
9f:df:7a:eb:1f:ab:e1:14:4b:82:1a:b3:be:6b:79:d2:63:8f:
f0:cc:42:0a:e5:11:6c:29:92:c8:cf:cc:75:c6:f8:08:ef:e4:
c2:ff:d8:b9
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgISAZOwB9E69yEi9OF1zPtkgJ3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjQxMjEwMTAwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2I1NTc2Y2E5NGJjZjRlN2ZjODZjMDhkOTgyMTNjYTIxOGE1YTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVNyuJdMNt8WIiERaHM+FaHdadeZ
qyrpSRmd02E4XwUb92JgskZKDg7up9AMyg5Geh2Vx/zHKSuZnGQaEaMS9302hifX
9gowJzDW/yLxvNynqoPjO55HzBGYYr1CFWrnsOP4GdhgCN12a9PlIU6MvQ3icjSR
Et7yz5Ri6nxxuon7yYIaMNEMrp4/lHhTpbuxZKRAfHBOYBjHa88nXxcqBJdlBON0
oBKjD+R0mSuGAY7ptn30YPBuB/D/3j7UadKaeaeUaQnp/Wfc5qGoPNU8UjrQsGgZ
yiUgMeLiF9Xn3yFv6fY/EjRRxrOENHpXdpELjYbvguAw7xrLZWt4+8fYewIDAQAB
o4IDHjCCAxowHQYDVR0OBBYEFGy1V2ypS89Of8hsCNmCE8ohiloiMB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvYkxWWGJLbEx6MDVfeUd3STJZSVR5aUdLV2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMgYIKwYBBQUHAQcBAf8EggEhMIIBHTCCAQoEAgABMIIB
AgMEAgW1aAMEAi1CJAMEAi1QoAMEAi2COAMEAi2PcAMEAi2YHAMEAT6plAMEAU+H
ejAMAwQGV3VAAwQBV3VEAwQAW+85AwQCXpq4AwQCbeDYAwQCbeDgMAwDBAFt4OoD
BAFt4PADBAGQsmgDBAGQsnYDBAGQsvwDBAKTvZwDBACTvdYDBAKwdHQDBAOy+IAD
BAG5F/4DBAK5k7gDBAK5oQQDBAO554gDBAHBI5IDBAHCaYYDBAHCkfIDBALCkqAD
BAHDuPoDBALDzqwDBAHD8pQDBAHD9AIDBAPUO0gDBAHUbFoDBALV4eADBAPZDrgD
BALZFPQwDAMEAtmrZAMEAtmraDANBAIAAjAHAwUAKgdZQDANBgkqhkiG9w0BAQsF
AAOCAQEAUVoYvxYG1bp2jYIPdfrKppSt0iZLAJiYlG2JZMEp9IULYD036O/yyrYt
9mgJNrtwD1g+3ULSncqH4jsFO5+Z4iyQhtlGiiLoT0ALELsqzWPLLXh6venmOCsR
KbMgQdVSKqHJIhJ9HmOnkEsPMBpHDpdA9lFO6GT3L/TLMLoGjghG0GyGuXXr98aw
CQYkofA86Gqsb5CXLrbHretmq2AJyTqVPIny8IIU9FLxrAn/I0MnOu+rHVb/vCSB
iiyza5EUnL+eb9eIsO+yti1E1UUEEz0cYEwIydTkn9966x+r4RRLghqzvmt50mOP
8MxCCuURbCmSyM/Mdcb4CO/kwv/YuQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:15 2025 by rpki-client