Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/R7ilEd-J5uYll_C7MD19AGUyO7k.roa
File: R7ilEd-J5uYll_C7MD19AGUyO7k.roa (raw, json)
Hash identifier: lMmGlosfIn623+Ghn4lyl1GDPOj0D4fWSIuQoyrzI2Y=
Subject key identifier: 47:B8:A5:11:DF:89:E6:E6:25:97:F0:BB:30:3D:7D:00:65:32:3B:B9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942CEE8F089957EF8BC76EEF4EDC715B56
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/R7ilEd-J5uYll_C7MD19AGUyO7k.roa
Signing time: Fri 03 Jan 2025 16:10:19 +0000
ROA not before: Fri 03 Jan 2025 16:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.97.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.181.0.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.3.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.220.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
193.235.142.0/23 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.168.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 11:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2c:ee:8f:08:99:57:ef:8b:c7:6e:ef:4e:dc:71:5b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 3 16:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47b8a511df89e6e62597f0bb303d7d0065323bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:46:7b:b1:62:58:63:84:e4:d7:6d:7a:e3:08:
a7:0a:3c:88:11:96:a5:59:75:62:d4:0c:b4:87:13:
a4:ad:a0:89:54:e1:b7:52:3a:4a:02:d6:46:e8:84:
88:1a:ee:41:6b:da:8e:8a:a0:7f:99:3f:d0:15:25:
07:f2:20:de:ff:fa:f2:77:10:14:a7:ef:43:86:f4:
7d:a1:de:fc:3f:d8:4f:7d:df:dc:26:6c:04:73:8d:
fb:ed:27:5b:87:82:a3:3b:c4:9c:df:a4:e6:19:80:
b0:42:81:54:8e:6e:32:2c:12:6a:c5:7d:69:68:39:
b8:e2:34:d9:58:f5:60:2e:93:94:b7:70:50:12:b4:
0e:2e:8d:82:12:62:e7:6e:87:2d:7e:49:27:36:30:
02:9e:9f:e9:75:51:56:17:40:fa:44:bc:af:3c:ce:
ee:04:47:f3:37:ee:1a:64:76:53:d5:9c:60:78:12:
b8:28:3a:2e:90:19:1e:0e:a2:ba:e2:e2:d1:12:73:
f7:83:ea:fb:20:4a:1f:18:23:87:fa:a8:c1:f0:9f:
ea:86:01:87:94:30:49:74:fb:49:8d:68:28:08:6f:
48:10:58:74:47:22:a3:ca:c8:87:58:3f:69:65:ec:
8a:dc:2a:a3:27:eb:e9:47:11:e4:c8:f9:c0:fe:09:
44:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B8:A5:11:DF:89:E6:E6:25:97:F0:BB:30:3D:7D:00:65:32:3B:B9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/R7ilEd-J5uYll_C7MD19AGUyO7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.97.0/24
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.176.161.0/24
193.180.61.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
193.235.142.0/23
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.168.0/24
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
18:8f:61:64:cf:ca:6c:46:22:a5:45:65:63:da:ad:3f:6f:ec:
60:b9:22:6e:d6:cb:cc:10:21:aa:a8:8a:41:4d:e8:ce:c1:b5:
df:8e:1c:b4:38:fa:b0:47:11:4d:10:8b:c3:db:f1:51:92:72:
73:18:ea:e9:eb:43:2a:1c:85:80:67:16:42:28:22:f1:77:35:
04:9c:29:45:5e:3f:7c:29:4b:e2:4f:d5:c6:1f:0b:d8:d5:d3:
da:ff:fb:cc:9e:f0:8f:8a:9a:6c:78:e3:59:0d:3b:9c:fa:0e:
61:44:97:5f:ae:86:fd:01:23:7a:16:67:44:7c:b6:8f:32:be:
9f:8a:f6:92:31:09:3d:63:c8:be:30:76:4e:77:a9:8a:ce:23:
e8:09:bc:c3:bb:0d:46:0b:7d:55:79:ce:cd:bc:9f:7c:a2:2b:
6b:77:1d:3b:a7:1c:97:8d:61:f1:ea:71:0b:9d:a2:5a:3f:88:
30:b3:e2:7c:a2:a4:f8:46:5f:7a:00:8c:78:a5:fe:aa:af:31:
53:f4:15:97:dc:94:1d:78:25:91:e1:dd:78:23:85:08:5d:94:
ef:06:03:c9:5c:9c:83:60:38:4c:4e:a7:0c:9f:de:1a:80:7a:
ad:8e:f1:3d:c3:4a:02:96:2e:f9:14:52:a7:f3:6a:8f:cb:5b:
3c:d0:3a:24
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZQs7o8ImVfvi8du707ccVtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAzMTYxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I4YTUxMWRmODllNmU2MjU5N2YwYmIzMDNkN2QwMDY1MzIzYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkZ7sWJYY4Tk12164winCjyIEZal
WXVi1Ay0hxOkraCJVOG3UjpKAtZG6ISIGu5Ba9qOiqB/mT/QFSUH8iDe//rydxAU
p+9DhvR9od78P9hPfd/cJmwEc4377Sdbh4KjO8Sc36TmGYCwQoFUjm4yLBJqxX1p
aDm44jTZWPVgLpOUt3BQErQOLo2CEmLnboctfkknNjACnp/pdVFWF0D6RLyvPM7u
BEfzN+4aZHZT1ZxgeBK4KDoukBkeDqK64uLREnP3g+r7IEofGCOH+qjB8J/qhgGH
lDBJdPtJjWgoCG9IEFh0RyKjysiHWD9pZeyK3CqjJ+vpRxHkyPnA/glEGwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFEe4pRHfiebmJZfwuzA9fQBlMju5MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUjdpbEVkLUo1dVlsbF9DN01EMTlBR1V5TzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBADA
JCUDBADAR2EDBADAR54DBADAeawDBADAecADBADApUEDBADAsKEDBADBtD0DBADB
tQADBADBtbsDBADBtwMDBAHBt0QDBADBt08DBAHBt1wDBADBt2gDBADBt3YDBAHB
6kQDBAHB6twDBADB6u0DBAHB644DBADCDoEDBADCDtQDBAHCRDgDBADCRGMDBADC
RH4DBAHCRMIDBADCRxsDBADCR1MDBAHCR4wDBADCR6gDBAPCR/gDBADCZzIDBAHC
hGwDBAHChK4wDQYJKoZIhvcNAQELBQADggEBABiPYWTPymxGIqVFZWParT9v7GC5
Im7Wy8wQIaqoikFN6M7Btd+OHLQ4+rBHEU0Qi8Pb8VGScnMY6unrQyochYBnFkIo
IvF3NQScKUVeP3wpS+JP1cYfC9jV09r/+8ye8I+Kmmx441kNO5z6DmFEl1+uhv0B
I3oWZ0R8to8yvp+K9pIxCT1jyL4wdk53qYrOI+gJvMO7DUYLfVV5zs28n3yiK2t3
HTunHJeNYfHqcQudolo/iDCz4nyipPhGX3oAjHil/qqvMVP0FZfclB14JZHh3Xgj
hQhdlO8GA8lcnINgOExOpwyf3hqAeq2O8T3DSgKWLvkUUqfzao/LWzzQOiQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:27 2025 by rpki-client