Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/cGgsY5RWhst5pshx4Rmu8uyglYA.roa
File: cGgsY5RWhst5pshx4Rmu8uyglYA.roa (raw, json)
Hash identifier: 5jJ2tY/niLFZJ/Jvd3H5uhfpiCC59aA1hR6VzlKTjAM=
Subject key identifier: 70:68:2C:63:94:56:86:CB:79:A6:C8:71:E1:19:AE:F2:EC:A0:95:80
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01941456790D36131BBCB12EA961CB85F0DA
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/cGgsY5RWhst5pshx4Rmu8uyglYA.roa
Signing time: Sun 29 Dec 2024 21:33:18 +0000
ROA not before: Sun 29 Dec 2024 21:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
103.216.196.0/24 maxlen: 24
103.216.198.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.198.91.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
192.145.70.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:14:56:79:0d:36:13:1b:bc:b1:2e:a9:61:cb:85:f0:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Dec 29 21:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70682c63945686cb79a6c871e119aef2eca09580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:af:8f:34:38:91:3e:ff:a6:f5:a8:ff:73:fd:
7e:44:b7:53:58:a7:54:50:5e:79:68:e7:1b:0a:a6:
1b:55:6a:a4:34:dc:45:cf:c8:9a:d0:d0:2f:af:43:
0b:63:3f:70:97:e3:a1:e0:4c:7a:27:04:40:52:31:
95:42:81:39:fa:1d:de:1f:18:76:85:33:ad:14:bb:
de:b1:7e:a5:2b:60:3f:9e:7f:3b:01:4d:ee:66:a7:
bf:34:5c:ea:97:6f:1e:ca:23:2f:8c:a7:e6:84:a2:
a7:28:8b:e3:32:4e:3a:c3:18:c9:57:c6:97:f8:89:
22:55:16:82:b3:1f:c4:f9:ae:27:77:f9:64:6a:c8:
1f:66:b7:49:aa:82:08:96:45:ba:71:8f:1b:15:b3:
2f:fe:47:09:d4:8c:25:d7:b8:ab:14:b5:99:e4:72:
48:79:6b:88:d5:e2:36:3c:8e:9f:65:02:e8:2c:9c:
bd:a2:a9:f4:1f:b8:c9:89:76:95:60:3a:a9:70:07:
bb:8c:3e:cb:83:e2:6f:bc:78:2b:6c:e3:48:47:2f:
56:c7:dc:6d:21:7c:41:69:6f:15:5e:94:bc:0b:95:
48:34:b8:0c:c7:7b:83:4a:d8:fa:6a:1b:93:35:7e:
60:6a:c4:a4:48:3b:ff:e7:24:91:b4:0f:36:a8:82:
4e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:68:2C:63:94:56:86:CB:79:A6:C8:71:E1:19:AE:F2:EC:A0:95:80
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/cGgsY5RWhst5pshx4Rmu8uyglYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
103.216.196.0/24
103.216.198.0/24
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.91.255
185.201.42.0/24
185.205.204.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
192.145.70.0/24
212.60.13.0/24
217.197.170.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
4b:9d:71:4c:43:ba:59:ef:93:99:04:de:8b:75:cb:0a:02:55:
76:89:bd:32:41:5b:46:01:cf:60:9e:c0:58:e4:45:4f:59:29:
76:1e:ae:34:0c:b2:65:b8:94:2c:66:3c:35:79:72:40:c5:4e:
67:95:51:2f:9f:37:bc:0e:a1:d6:64:52:7a:d4:06:9b:e0:42:
39:1d:5e:49:99:ce:bc:24:e6:ac:22:d8:a0:f8:3a:47:df:4a:
ef:ad:26:e9:e4:20:03:b7:27:14:2a:43:64:61:51:6e:9d:02:
af:7b:00:55:b7:c4:af:d3:bd:e8:46:22:ff:78:8b:e4:da:92:
4a:ea:ce:df:9d:0a:b1:38:14:37:7b:82:63:87:0b:c4:d1:89:
07:89:3e:49:9b:27:39:42:f3:69:c1:fa:b6:ba:55:74:ee:3a:
b0:5d:7c:59:2d:65:9f:00:9a:61:6e:7d:9e:d7:15:63:a0:62:
d8:c6:12:83:4c:33:6b:85:0a:61:bd:45:9e:0a:44:03:28:ae:
5e:9a:ff:68:40:c8:ba:94:e1:5d:20:37:66:3e:c0:91:db:e5:
62:ac:09:b0:32:71:26:83:cd:98:24:af:e2:9a:7a:32:1a:3b:
e6:91:a4:59:d8:0a:65:a7:b2:41:fb:ad:44:2a:ba:b9:b7:27:
a7:5b:16:f2
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZQUVnkNNhMbvLEuqWHLhfDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQxMjI5MjEzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDY4MmM2Mzk0NTY4NmNiNzlhNmM4NzFlMTE5YWVmMmVjYTA5NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3q+PNDiRPv+m9aj/c/1+RLdTWKdU
UF55aOcbCqYbVWqkNNxFz8ia0NAvr0MLYz9wl+Oh4Ex6JwRAUjGVQoE5+h3eHxh2
hTOtFLvesX6lK2A/nn87AU3uZqe/NFzql28eyiMvjKfmhKKnKIvjMk46wxjJV8aX
+IkiVRaCsx/E+a4nd/lkasgfZrdJqoIIlkW6cY8bFbMv/kcJ1Iwl17irFLWZ5HJI
eWuI1eI2PI6fZQLoLJy9oqn0H7jJiXaVYDqpcAe7jD7Lg+JvvHgrbONIRy9Wx9xt
IXxBaW8VXpS8C5VINLgMx3uDStj6ahuTNX5gasSkSDv/5ySRtA82qIJOLQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFHBoLGOUVobLeabIceEZrvLsoJWAMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvY0dnc1k1Uldoc3Q1cHNoeDRSbXU4dXlnbFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCBrQQCAAEwgaYDBAAF
trkDBAEFtsQDBABOH80DBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrADBABn
2MQDBABn2MYDBABo6CQDBACTTs8DBACi2l0DBAG5NIoDBAC5ob4DBAG5u9YwDAME
ALnGWQMEArnGWAMEALnJKgMEALnNzDAMAwQDudCYAwQAudCaAwQAueZ5AwQBuf14
AwQAwJFGAwQA1DwNAwQA2cWqMCwEAgACMCYDBwAqCo9AAAMwEgMHACoKj0AABwMH
ACoKj0AADAMHACoKj0AAHDANBgkqhkiG9w0BAQsFAAOCAQEAS51xTEO6We+TmQTe
i3XLCgJVdom9MkFbRgHPYJ7AWORFT1kpdh6uNAyyZbiULGY8NXlyQMVOZ5VRL583
vA6h1mRSetQGm+BCOR1eSZnOvCTmrCLYoPg6R99K760m6eQgA7cnFCpDZGFRbp0C
r3sAVbfEr9O96EYi/3iL5NqSSurO350KsTgUN3uCY4cLxNGJB4k+SZsnOULzacH6
trpVdO46sF18WS1lnwCaYW59ntcVY6Bi2MYSg0wza4UKYb1FngpEAyiuXpr/aEDI
upThXSA3Zj7AkdvlYqwJsDJxJoPNmCSv4pp6Mho75pGkWdgKZaeyQfutRCq6ubcn
p1sW8g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:08:36 2025 by rpki-client