Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/pagqRrr0b9eSKUHHql1iT3lQHR4.roa
File: pagqRrr0b9eSKUHHql1iT3lQHR4.roa (raw, json)
Hash identifier: 25MluKbn/7tZ6Y2KGqaqLZBQVlBmpeHh6srKRuyf9Wc=
Subject key identifier: A5:A8:2A:46:BA:F4:6F:D7:92:29:41:C7:AA:5D:62:4F:79:50:1D:1E
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0195951534B3AD0C08DB5E597CD6B6142EFE
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/pagqRrr0b9eSKUHHql1iT3lQHR4.roa
Signing time: Fri 14 Mar 2025 14:35:49 +0000
ROA not before: Fri 14 Mar 2025 14:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 32
37.123.112.0/24 maxlen: 32
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/19 maxlen: 23
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/20 maxlen: 24
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Mar 2025 10:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:95:15:34:b3:ad:0c:08:db:5e:59:7c:d6:b6:14:2e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Mar 14 14:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5a82a46baf46fd7922941c7aa5d624f79501d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:20:d4:23:13:cb:bf:59:30:b9:1a:30:d3:36:
4f:f5:e9:08:de:7a:1e:58:45:4a:bd:a8:a1:1f:75:
fa:a6:2b:92:06:52:f9:c6:91:0d:c8:02:b6:6f:d6:
b0:c4:54:ce:65:65:fe:ee:93:2f:e4:fa:ff:21:a0:
17:46:01:f1:a3:7d:a3:0e:3e:4d:93:e4:90:bb:a3:
b0:4b:ef:e9:de:d8:2d:83:41:42:5e:b4:41:f5:13:
0b:a0:e8:cd:eb:fd:dc:5f:d6:b6:37:78:c1:eb:07:
e5:f4:a5:0e:c3:50:96:ce:52:ac:6e:78:22:5e:23:
c0:a0:cf:0c:9d:33:4d:ae:4a:00:8b:61:24:b2:67:
2d:00:07:fe:9a:08:5a:96:7b:a4:22:c8:6c:f3:87:
37:5d:4a:e1:28:44:22:7e:5b:8b:06:0d:c2:f6:cf:
dc:85:45:51:55:68:76:f3:2a:b9:c6:28:16:11:26:
56:15:25:4a:02:27:38:8e:ab:55:b3:c5:51:80:a6:
e3:56:12:82:04:e9:d5:d1:c5:64:c0:ed:3e:1a:77:
a2:0e:89:bd:47:8d:2e:ac:ad:db:7b:e4:a4:02:75:
d1:d4:09:15:07:fb:6a:4d:fe:69:f4:a7:09:f5:be:
25:06:e1:a8:f6:75:e9:a7:48:37:56:9a:dc:b9:c8:
bd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A8:2A:46:BA:F4:6F:D7:92:29:41:C7:AA:5D:62:4F:79:50:1D:1E
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/pagqRrr0b9eSKUHHql1iT3lQHR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
5f:7e:01:4f:5c:82:5e:5f:f6:bd:77:7a:9f:e0:7f:bc:6d:89:
c8:06:2e:21:33:33:30:24:52:99:f6:d8:b7:4c:d6:88:8c:fe:
74:93:e2:d9:9a:d2:ed:b2:b5:51:d1:8c:da:f8:d0:ca:7a:3e:
b7:25:72:df:c7:b1:07:c2:95:bf:d5:bc:43:4d:c5:a9:37:12:
b8:31:7e:79:c4:19:c4:3f:05:a7:eb:d6:43:c5:5a:d3:cc:4c:
37:98:fe:7d:22:33:91:53:1a:48:5a:c9:aa:aa:0e:f7:03:96:
ba:dd:d2:a9:f8:22:0d:0b:e3:99:68:d4:03:57:87:a1:89:b1:
7b:14:36:88:20:fe:2e:2c:76:1e:14:29:ad:a4:5a:c9:c7:29:
e2:91:74:6e:5e:8d:de:dc:1b:c3:f6:08:5b:c3:01:5e:71:e9:
f5:a3:44:4f:20:1e:29:a6:77:bc:0c:0c:ef:34:02:3a:fd:09:
19:64:dd:85:c5:84:12:79:a8:6d:10:2d:a2:85:e1:52:29:b9:
ff:41:5c:4e:9d:a6:6a:3b:8b:00:10:72:93:a4:a0:28:2f:04:
48:56:2d:66:0d:81:bd:5c:67:16:78:5f:ee:53:ed:e6:39:07:
18:d2:fa:f6:9a:41:4d:9a:ad:53:4a:c1:6e:d6:ff:f6:9a:59:
20:da:98:51
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZWVFTSzrQwI215ZfNa2FC7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwMzE0MTQzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE4MmE0NmJhZjQ2ZmQ3OTIyOTQxYzdhYTVkNjI0Zjc5NTAxZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyDUIxPLv1kwuRow0zZP9ekI3noe
WEVKvaihH3X6piuSBlL5xpENyAK2b9awxFTOZWX+7pMv5Pr/IaAXRgHxo32jDj5N
k+SQu6OwS+/p3tgtg0FCXrRB9RMLoOjN6/3cX9a2N3jB6wfl9KUOw1CWzlKsbngi
XiPAoM8MnTNNrkoAi2EksmctAAf+mghalnukIshs84c3XUrhKEQifluLBg3C9s/c
hUVRVWh28yq5xigWESZWFSVKAic4jqtVs8VRgKbjVhKCBOnV0cVkwO0+GneiDom9
R40urK3be+SkAnXR1AkVB/tqTf5p9KcJ9b4lBuGo9nXpp0g3Vprcuci92QIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFKWoKka69G/XkilBx6pdYk95UB0eMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvcGFncVJycjBiOWVTS1VISHFsMWlUM2xRSFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAx8Y4AME
AyV7cAMEBC4XQAMEBU1cQAMEA1KjSAMEBlOqQAMEBFjKsAMEA1jK4AMEA1tt8AME
Bm17QAMEA7BDoAMEALBDqTAMAwQAsEOrAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAq
AiSYMA0GCSqGSIb3DQEBCwUAA4IBAQBffgFPXIJeX/a9d3qf4H+8bYnIBi4hMzMw
JFKZ9ti3TNaIjP50k+LZmtLtsrVR0Yza+NDKej63JXLfx7EHwpW/1bxDTcWpNxK4
MX55xBnEPwWn69ZDxVrTzEw3mP59IjORUxpIWsmqqg73A5a63dKp+CINC+OZaNQD
V4ehibF7FDaIIP4uLHYeFCmtpFrJxynikXRuXo3e3BvD9ghbwwFecen1o0RPIB4p
pne8DAzvNAI6/QkZZN2FxYQSeahtEC2iheFSKbn/QVxOnaZqO4sAEHKTpKAoLwRI
Vi1mDYG9XGcWeF/uU+3mOQcY0vr2mkFNmq1TSsFu1v/2mlkg2phR
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:11:26 2025 by rpki-client