Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ZD1dtEG9kXdzmuIpSbYtbn22t5I.roa
File: ZD1dtEG9kXdzmuIpSbYtbn22t5I.roa (raw, json)
Hash identifier: uO+6WvUlfwCbwVxJMC/FhQk6Q9ZoUGolGQyQVpNyd+w=
Subject key identifier: 64:3D:5D:B4:41:BD:91:77:73:9A:E2:29:49:B6:2D:6E:7D:B6:B7:92
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01941FFA71064B0A86266BF61091E2C832A8
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ZD1dtEG9kXdzmuIpSbYtbn22t5I.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 37.251.0.0/17 maxlen: 17
62.131.0.0/16 maxlen: 16
62.251.0.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.168.0.0/14 maxlen: 14
77.172.0.0/16 maxlen: 16
77.173.0.0/16 maxlen: 16
77.174.0.0/16 maxlen: 16
77.175.0.0/16 maxlen: 16
77.175.0.0/17 maxlen: 17
77.175.128.0/17 maxlen: 17
80.60.0.0/15 maxlen: 15
81.204.0.0/14 maxlen: 14
82.136.192.0/18 maxlen: 18
82.168.0.0/15 maxlen: 15
82.170.0.0/16 maxlen: 16
84.80.0.0/16 maxlen: 16
84.82.0.0/15 maxlen: 15
84.84.0.0/14 maxlen: 14
85.113.224.0/19 maxlen: 19
86.80.0.0/13 maxlen: 13
86.88.0.0/15 maxlen: 15
86.90.0.0/16 maxlen: 16
86.92.0.0/14 maxlen: 14
88.159.0.0/16 maxlen: 16
188.142.0.0/17 maxlen: 17
195.240.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
195.240.128.0/18 maxlen: 18
195.240.192.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
212.238.0.0/16 maxlen: 16
213.10.0.0/16 maxlen: 16
213.84.0.0/16 maxlen: 16
213.197.0.0/18 maxlen: 18
2a02:a400::/25 maxlen: 25
Validation: Failed, certificate revoked on Wed 15 Jan 2025 07:51:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:71:06:4b:0a:86:26:6b:f6:10:91:e2:c8:32:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=643d5db441bd9177739ae22949b62d6e7db6b792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:5d:2e:e9:f7:79:0d:f8:2d:0b:3e:f4:8c:
9c:04:c3:cc:e4:fa:f2:7e:a5:3d:af:31:1e:1e:17:
b4:61:a5:52:b1:03:8c:c1:1c:b9:57:83:5f:0b:64:
cf:c6:26:db:78:50:26:d3:37:bd:c3:9b:52:45:6b:
c7:ea:e8:cc:22:cc:59:63:27:b9:f5:fe:44:31:7b:
60:a6:34:e0:61:48:8b:d7:6c:43:ea:7b:b7:86:6b:
8d:d2:99:2d:ae:cf:3d:8b:ad:28:93:09:87:d6:43:
28:3b:89:55:8c:94:c0:c0:e3:4c:b4:66:b9:6a:d5:
d1:b9:38:b6:00:22:3d:24:a3:f0:d1:ee:5d:04:58:
b7:48:4f:0f:28:96:e9:c6:93:35:1a:60:dc:49:e5:
30:27:7b:cf:24:d2:bb:ba:4c:10:eb:2c:72:20:fe:
19:8f:f7:9f:82:d1:5f:2f:99:6b:1e:6a:0f:05:7c:
be:9f:5d:4b:15:2e:23:ae:e5:4b:b0:e5:55:31:19:
17:a7:6a:16:79:90:22:59:54:fb:b6:6c:32:d6:17:
dd:8a:4a:e0:7b:b1:45:7d:f3:75:10:2b:8d:fa:1a:
64:f5:ea:f6:29:76:92:a8:df:dc:87:5b:35:d6:91:
2e:db:f4:85:ca:3c:99:04:c7:38:0a:8e:35:24:d5:
bf:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3D:5D:B4:41:BD:91:77:73:9A:E2:29:49:B6:2D:6E:7D:B6:B7:92
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ZD1dtEG9kXdzmuIpSbYtbn22t5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
62.131.0.0/16
62.251.0.0/17
77.160.0.0/12
80.60.0.0/15
81.204.0.0/14
82.136.192.0/18
82.168.0.0-82.170.255.255
84.80.0.0/16
84.82.0.0-84.87.255.255
85.113.224.0/19
86.80.0.0-86.90.255.255
86.92.0.0/14
88.159.0.0/16
188.142.0.0/17
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
212.238.0.0/16
213.10.0.0/16
213.84.0.0/16
213.197.0.0/18
IPv6:
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
af:68:d0:37:f9:5a:30:4c:af:38:0b:88:ee:7b:ae:35:15:74:
0f:2a:f3:88:df:27:72:be:1b:7b:90:31:39:d9:13:44:7f:b7:
22:0e:9c:0d:34:17:e6:42:0a:94:6e:e7:8d:2d:55:20:b1:e6:
48:5d:ee:ba:7c:17:c1:1b:9a:1f:02:1b:03:63:79:78:de:85:
85:db:19:19:47:e1:5e:15:e8:ec:91:f3:d9:19:97:6a:1b:85:
f8:95:5a:37:9f:9b:df:78:d3:98:2d:2c:07:82:3e:44:9a:5b:
83:82:a7:cf:8f:65:a6:e8:7e:46:9d:ff:55:3f:62:7d:ad:7b:
f8:dc:29:04:7a:91:e3:e0:7a:65:10:5b:26:a1:63:b7:aa:b7:
ef:0d:83:0c:06:9c:a3:d4:a5:8b:c3:49:e5:9f:5e:12:a2:c9:
5d:ce:89:6d:c8:ce:14:cd:c9:05:d3:ba:ba:56:a1:fe:e8:e0:
3b:a1:f0:c8:d1:ea:62:93:65:42:b7:e3:75:bd:ff:43:23:92:
26:dd:96:45:22:0a:86:23:41:0a:6e:34:42:0a:67:1c:24:7c:
8d:1a:27:8f:67:bb:8d:20:c0:8c:4c:08:01:8d:32:37:c8:ea:
3a:28:a5:92:80:4b:41:49:3e:8f:16:19:f0:89:57:e1:16:37:
fd:e0:f0:7f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZQf+nEGSwqGJmv2EJHiyDKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDNkNWRiNDQxYmQ5MTc3NzM5YWUyMjk0OWI2MmQ2ZTdkYjZiNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYldLun3eQ34LQs+9IycBMPM5Pry
fqU9rzEeHhe0YaVSsQOMwRy5V4NfC2TPxibbeFAm0ze9w5tSRWvH6ujMIsxZYye5
9f5EMXtgpjTgYUiL12xD6nu3hmuN0pktrs89i60okwmH1kMoO4lVjJTAwONMtGa5
atXRuTi2ACI9JKPw0e5dBFi3SE8PKJbpxpM1GmDcSeUwJ3vPJNK7ukwQ6yxyIP4Z
j/efgtFfL5lrHmoPBXy+n11LFS4jruVLsOVVMRkXp2oWeZAiWVT7tmwy1hfdikrg
e7FFffN1ECuN+hpk9er2KXaSqN/ch1s11pEu2/SFyjyZBMc4Co41JNW/BwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFGQ9XbRBvZF3c5riKUm2LW59treSMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvWkQxZHRFRzlrWGR6bXVJcFNiWXRibjIydDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBkgQCAAEwgYsDBAcl
+wADAwA+gwMEBz77AAMDBE2gAwMBUDwDAwJRzAMEBlKIwDAKAwMDUqgDAwBSqgMD
AFRQMAoDAwFUUgMDA1RQAwQFVXHgMAoDAwRWUAMDAFZaAwMCVlwDAwBYnwMEB7yO
AAMDAcPwAwQG1HuAAwQG1LaAAwMA1O4DAwDVCgMDANVUAwQG1cUAMA0EAgACMAcD
BQcqAqQAMA0GCSqGSIb3DQEBCwUAA4IBAQCvaNA3+VowTK84C4jue641FXQPKvOI
3ydyvht7kDE52RNEf7ciDpwNNBfmQgqUbueNLVUgseZIXe66fBfBG5ofAhsDY3l4
3oWF2xkZR+FeFejskfPZGZdqG4X4lVo3n5vfeNOYLSwHgj5EmluDgqfPj2Wm6H5G
nf9VP2J9rXv43CkEepHj4HplEFsmoWO3qrfvDYMMBpyj1KWLw0nln14Sosldzolt
yM4UzckF07q6VqH+6OA7ofDI0epik2VCt+N1vf9DI5Im3ZZFIgqGI0EKbjRCCmcc
JHyNGiePZ7uNIMCMTAgBjTI3yOo6KKWSgEtBST6PFhnwiVfhFjf94PB/
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:58:55 2025 by rpki-client