Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/aBKDO4vlamMwYc7lZiSwF0wziT4.roa
File: aBKDO4vlamMwYc7lZiSwF0wziT4.roa (raw, json)
Hash identifier: I0ebixvZN+Aetpovm/Jsmjy6VEfgzfOuJnOA/vfDGMc=
Subject key identifier: 68:12:83:3B:8B:E5:6A:63:30:61:CE:E5:66:24:B0:17:4C:33:89:3E
Certificate issuer: /CN=83479514959397c5e3fa76e1ea495e8e1f6c319b
Certificate serial: 0192B9B4F4B7F2AFFF948C4EB6A0A88F2FB8
Authority key identifier: 83:47:95:14:95:93:97:C5:E3:FA:76:E1:EA:49:5E:8E:1F:6C:31:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g0eVFJWTl8Xj-nbh6klejh9sMZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/aBKDO4vlamMwYc7lZiSwF0wziT4.roa
Signing time: Wed 23 Oct 2024 14:08:16 +0000
ROA not before: Wed 23 Oct 2024 14:08:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13030
IP address blocks: 37.17.232.0/21 maxlen: 21
45.80.136.0/22 maxlen: 22
77.74.80.0/21 maxlen: 21
77.109.128.0/18 maxlen: 18
77.109.128.0/19 maxlen: 19
77.109.160.0/19 maxlen: 19
80.253.88.0/21 maxlen: 21
81.6.32.0/20 maxlen: 20
82.197.160.0/19 maxlen: 19
82.197.160.0/20 maxlen: 20
82.197.176.0/20 maxlen: 20
85.195.192.0/20 maxlen: 20
85.195.208.0/20 maxlen: 20
85.195.224.0/19 maxlen: 19
85.195.224.0/20 maxlen: 20
85.195.240.0/20 maxlen: 20
109.202.192.0/19 maxlen: 19
141.195.80.0/20 maxlen: 20
185.72.64.0/22 maxlen: 22
185.72.67.0/24 maxlen: 24
185.137.172.0/22 maxlen: 22
185.183.192.0/22 maxlen: 22
185.201.248.0/22 maxlen: 22
185.246.104.0/22 maxlen: 22
193.47.153.0/24 maxlen: 24
193.223.80.0/20 maxlen: 20
195.134.128.0/19 maxlen: 19
212.51.128.0/19 maxlen: 19
212.51.128.0/20 maxlen: 20
212.51.144.0/20 maxlen: 20
213.144.128.0/19 maxlen: 19
213.144.128.0/20 maxlen: 20
213.144.144.0/20 maxlen: 20
217.118.192.0/21 maxlen: 21
217.118.200.0/22 maxlen: 22
2001:1620::/32 maxlen: 32
2a02:168::/30 maxlen: 30
2a02:168::/32 maxlen: 32
2a02:169::/32 maxlen: 32
2a07:600::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:b4:f4:b7:f2:af:ff:94:8c:4e:b6:a0:a8:8f:2f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83479514959397c5e3fa76e1ea495e8e1f6c319b
Validity
Not Before: Oct 23 14:08:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6812833b8be56a633061cee56624b0174c33893e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3b:c4:cc:b3:0f:00:0d:c9:68:45:3b:b5:0a:
a3:a8:f3:cf:b7:06:28:b3:9e:dc:6d:0d:af:df:fe:
29:95:87:bf:ae:a5:cc:c8:d9:d1:17:ca:db:56:4d:
66:0d:6e:bc:2b:08:2f:2f:b5:a5:70:36:6d:6b:53:
7a:d7:24:f9:a4:03:d6:69:73:3f:30:13:9d:7a:01:
f1:fa:46:18:6b:d6:8b:86:15:d8:5c:fd:d6:00:a3:
bb:7b:fb:c8:b9:25:a0:4c:b2:88:f6:0a:dc:07:b5:
f7:91:47:3d:31:86:d0:e8:5f:e9:87:0e:ad:e6:e5:
0e:68:f8:cf:ee:79:f0:58:a7:7a:b7:e9:49:0d:c3:
0b:e1:71:05:bb:ec:56:6f:c8:3b:76:fc:05:08:73:
bd:3b:29:98:a7:64:ef:fd:14:8d:a7:c9:5f:27:52:
01:d2:ee:d9:fe:c3:30:b6:08:73:4d:3e:ea:41:d6:
13:d0:5b:7e:8a:1e:7c:e5:ce:ba:38:14:f8:86:d3:
0b:03:3e:f3:91:62:24:dd:20:82:87:c3:a4:1e:d6:
e3:26:73:6c:f1:29:88:02:99:a7:9e:16:54:47:7f:
a0:7b:95:97:a9:63:da:db:b2:c1:9c:ae:7b:ee:e8:
51:74:04:da:0b:33:c6:3e:4e:b8:c9:9e:0a:0e:6d:
6c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:12:83:3B:8B:E5:6A:63:30:61:CE:E5:66:24:B0:17:4C:33:89:3E
X509v3 Authority Key Identifier:
keyid:83:47:95:14:95:93:97:C5:E3:FA:76:E1:EA:49:5E:8E:1F:6C:31:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g0eVFJWTl8Xj-nbh6klejh9sMZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/aBKDO4vlamMwYc7lZiSwF0wziT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/g0eVFJWTl8Xj-nbh6klejh9sMZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.232.0/21
45.80.136.0/22
77.74.80.0/21
77.109.128.0/18
80.253.88.0/21
81.6.32.0/20
82.197.160.0/19
85.195.192.0/18
109.202.192.0/19
141.195.80.0/20
185.72.64.0/22
185.137.172.0/22
185.183.192.0/22
185.201.248.0/22
185.246.104.0/22
193.47.153.0/24
193.223.80.0/20
195.134.128.0/19
212.51.128.0/19
213.144.128.0/19
217.118.192.0-217.118.203.255
IPv6:
2001:1620::/32
2a02:168::/30
2a07:600::/29
Signature Algorithm: sha256WithRSAEncryption
19:5f:71:1a:67:26:5c:ab:a8:5c:40:6f:8a:a2:a6:aa:fd:e6:
6e:3a:b8:b2:f9:61:b2:42:e3:85:9b:9d:db:ae:0b:6d:4b:76:
4d:3d:5a:6d:92:ba:c3:25:18:c0:f3:bb:08:cd:34:1b:0a:28:
6d:54:54:83:b6:ec:bc:d7:bc:98:80:65:39:a9:9d:9b:5e:14:
c3:ce:81:d0:cd:fb:30:44:0b:0b:04:54:64:c6:5a:57:2c:0d:
09:8f:c8:ed:6a:f6:31:ee:3b:aa:3e:b9:96:05:ad:fb:70:6e:
6d:87:53:90:ae:8c:0c:81:3c:d4:fb:78:59:84:c6:14:ed:a4:
34:1a:63:c6:1c:df:a5:c7:02:e7:f0:b4:3a:d4:24:60:24:cb:
ee:ca:3b:20:d1:b4:a0:cd:05:40:7e:63:5a:3b:ba:b0:5b:c2:
d8:6f:51:e2:9b:30:21:0a:b0:b2:73:22:49:d8:e7:b2:8e:60:
98:96:36:92:68:66:52:e2:0a:54:40:d9:ca:f4:fa:33:2b:dd:
0e:05:ac:4c:26:eb:20:05:03:cf:a7:44:b1:07:b2:19:3e:68:
93:dd:b8:fc:38:33:7b:5b:2b:3d:fd:5e:74:d2:44:b0:2f:fc:
3d:67:52:8b:59:04:b0:9e:f7:a6:1e:ab:3b:84:9a:51:1c:38:
7f:fb:ce:7a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZK5tPS38q//lIxOtqCojy+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNDc5NTE0OTU5Mzk3YzVlM2ZhNzZlMWVhNDk1ZThlMWY2
YzMxOWIwHhcNMjQxMDIzMTQwODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODEyODMzYjhiZTU2YTYzMzA2MWNlZTU2NjI0YjAxNzRjMzM4OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TvEzLMPAA3JaEU7tQqjqPPPtwYo
s57cbQ2v3/4plYe/rqXMyNnRF8rbVk1mDW68KwgvL7WlcDZta1N61yT5pAPWaXM/
MBOdegHx+kYYa9aLhhXYXP3WAKO7e/vIuSWgTLKI9grcB7X3kUc9MYbQ6F/phw6t
5uUOaPjP7nnwWKd6t+lJDcML4XEFu+xWb8g7dvwFCHO9OymYp2Tv/RSNp8lfJ1IB
0u7Z/sMwtghzTT7qQdYT0Ft+ih585c66OBT4htMLAz7zkWIk3SCCh8OkHtbjJnNs
8SmIApmnnhZUR3+ge5WXqWPa27LBnK577uhRdATaCzPGPk64yZ4KDm1s6QIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFGgSgzuL5WpjMGHO5WYksBdMM4k+MB8GA1UdIwQY
MBaAFINHlRSVk5fF4/p24epJXo4fbDGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzBlVkZKV1RsOFhqLW5iaDZrbGVqaDlzTVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9lMDkxODEtMjY0My00MTRjLThmYmUt
MWU1ZTQzMGRkNzExLzEvYUJLRE80dmxhbU13WWM3bFppU3dGMHd6aVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9lMDkxODEtMjY0My00MTRjLThmYmUtMWU1ZTQzMGRkNzEx
LzEvZzBlVkZKV1RsOFhqLW5iaDZrbGVqaDlzTVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBjQQCAAEwgYYDBAMl
EegDBAItUIgDBANNSlADBAZNbYADBANQ/VgDBARRBiADBAVSxaADBAZVw8ADBAVt
ysADBASNw1ADBAK5SEADBAK5iawDBAK5t8ADBAK5yfgDBAK59mgDBADBL5kDBATB
31ADBAXDhoADBAXUM4ADBAXVkIAwDAMEBtl2wAMEAtl2yDAbBAIAAjAVAwUAIAEW
IAMFAioCAWgDBQMqBwYAMA0GCSqGSIb3DQEBCwUAA4IBAQAZX3EaZyZcq6hcQG+K
oqaq/eZuOriy+WGyQuOFm53brgttS3ZNPVptkrrDJRjA87sIzTQbCihtVFSDtuy8
17yYgGU5qZ2bXhTDzoHQzfswRAsLBFRkxlpXLA0Jj8jtavYx7juqPrmWBa37cG5t
h1OQrowMgTzU+3hZhMYU7aQ0GmPGHN+lxwLn8LQ61CRgJMvuyjsg0bSgzQVAfmNa
O7qwW8LYb1HimzAhCrCycyJJ2OeyjmCYljaSaGZS4gpUQNnK9PozK90OBaxMJusg
BQPPp0SxB7IZPmiT3bj8ODN7Wys9/V500kSwL/w9Z1KLWQSwnvemHqs7hJpRHDh/
+856
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:13:12 2025 by rpki-client