Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/0kG127HMx3Up7HwmoOkQuxb85fk.roa
File: 0kG127HMx3Up7HwmoOkQuxb85fk.roa (raw, json)
Hash identifier: +RLBC+Xiypte8w3y9qGjAmW2PoXvZ77VA/iglOOFBnU=
Subject key identifier: D2:41:B5:DB:B1:CC:C7:75:29:EC:7C:26:A0:E9:10:BB:16:FC:E5:F9
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 0191B71883245F282A43FEC4F847371B5206
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/0kG127HMx3Up7HwmoOkQuxb85fk.roa
Signing time: Tue 03 Sep 2024 08:55:22 +0000
ROA not before: Tue 03 Sep 2024 08:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48854
IP address blocks: 46.36.204.0/22 maxlen: 22
46.36.208.0/21 maxlen: 21
77.243.128.0/20 maxlen: 20
80.70.0.0/23 maxlen: 23
80.70.6.0/23 maxlen: 23
80.70.6.0/24 maxlen: 24
80.70.7.0/24 maxlen: 24
81.95.240.0/20 maxlen: 20
81.95.249.0/24 maxlen: 24
89.188.72.0/21 maxlen: 21
91.197.248.0/22 maxlen: 22
91.217.201.0/24 maxlen: 24
93.191.152.0/21 maxlen: 21
93.191.152.0/22 maxlen: 22
93.191.156.0/24 maxlen: 24
93.191.157.0/24 maxlen: 24
93.191.158.0/24 maxlen: 24
94.143.8.0/21 maxlen: 21
94.231.96.0/20 maxlen: 20
94.231.103.0/24 maxlen: 24
109.71.56.0/21 maxlen: 21
178.251.0.0/21 maxlen: 21
178.251.1.0/24 maxlen: 24
185.20.204.0/22 maxlen: 22
185.20.205.0/24 maxlen: 24
185.20.206.0/23 maxlen: 23
185.21.40.0/22 maxlen: 22
185.25.140.0/24 maxlen: 24
185.25.141.0/24 maxlen: 24
185.25.142.0/24 maxlen: 24
185.25.143.0/24 maxlen: 24
185.134.28.0/22 maxlen: 22
185.154.240.0/22 maxlen: 22
185.221.36.0/22 maxlen: 22
185.223.24.0/22 maxlen: 22
185.235.52.0/22 maxlen: 22
185.235.52.0/24 maxlen: 24
193.239.96.0/22 maxlen: 22
194.150.112.0/22 maxlen: 22
195.69.128.0/22 maxlen: 22
195.178.14.0/23 maxlen: 23
212.97.132.0/22 maxlen: 22
212.97.140.0/22 maxlen: 22
212.97.140.0/24 maxlen: 24
212.97.141.0/24 maxlen: 24
212.97.142.0/24 maxlen: 24
212.97.143.0/24 maxlen: 24
212.237.248.0/23 maxlen: 23
217.61.236.0/22 maxlen: 22
2a02:2338::/32 maxlen: 48
2a02:2339::/36 maxlen: 36
2a02:2339:4000::/34 maxlen: 48
2a03:2740::/47 maxlen: 48
2a06:eac0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:18:83:24:5f:28:2a:43:fe:c4:f8:47:37:1b:52:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Sep 3 08:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d241b5dbb1ccc77529ec7c26a0e910bb16fce5f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:40:5e:55:b0:dc:ee:e2:6d:bf:14:9f:a0:1a:
fe:ec:6e:85:77:5a:97:ad:27:1c:9e:15:a0:57:18:
72:09:f2:3d:b3:0f:c4:b8:34:5f:6c:fc:ca:1d:68:
6f:15:aa:12:a4:9a:7f:8a:92:a1:c7:5f:0d:98:17:
e8:c9:f4:14:71:f6:17:fb:67:15:f6:7b:2f:c9:89:
66:a1:d2:fd:ec:59:62:e3:01:e9:7c:7f:e4:ae:7d:
a3:65:e1:c5:f4:b4:98:61:ab:3a:3e:a6:fb:f6:6a:
27:57:0a:ba:ac:25:d8:6a:e5:70:dd:67:52:aa:69:
be:97:d6:ec:76:bf:fa:df:64:ef:5c:5b:4a:dc:b2:
a4:b4:ab:bd:8c:dc:97:9f:a3:4b:83:a8:65:45:85:
30:2b:34:3c:c5:36:a1:03:71:ca:88:7c:e2:86:1a:
63:b9:c6:57:ff:34:26:ec:74:ed:8c:9a:22:23:e1:
97:88:33:07:78:2f:f1:c3:ff:f4:fa:d4:c0:b4:57:
9f:5d:2c:54:4c:fa:ba:28:8c:15:e1:5b:d1:82:f9:
23:9f:bd:73:78:6d:20:a0:20:24:4c:b8:5d:8f:9f:
a4:2d:b9:88:29:34:24:42:a6:62:4e:2b:11:93:f8:
b1:da:ee:b7:c0:d8:5b:c2:84:2c:a9:27:cc:89:df:
ab:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:41:B5:DB:B1:CC:C7:75:29:EC:7C:26:A0:E9:10:BB:16:FC:E5:F9
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/0kG127HMx3Up7HwmoOkQuxb85fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.204.0-46.36.215.255
77.243.128.0/20
80.70.0.0/23
80.70.6.0/23
81.95.240.0/20
89.188.72.0/21
91.197.248.0/22
91.217.201.0/24
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
109.71.56.0/21
178.251.0.0/21
185.20.204.0/22
185.21.40.0/22
185.25.140.0/22
185.134.28.0/22
185.154.240.0/22
185.221.36.0/22
185.223.24.0/22
185.235.52.0/22
193.239.96.0/22
194.150.112.0/22
195.69.128.0/22
195.178.14.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a02:2338::-2a02:2339:fff:ffff:ffff:ffff:ffff:ffff
2a02:2339:4000::/34
2a03:2740::/47
2a06:eac0::/29
Signature Algorithm: sha256WithRSAEncryption
44:18:50:21:e6:18:09:03:ef:89:60:1e:fd:6b:e1:4a:04:ed:
88:3d:f4:58:9f:f1:8c:e8:fd:72:2c:04:d6:d0:9a:da:e1:c7:
1f:d9:b0:35:52:86:0b:46:69:c8:c5:57:20:d4:1a:b3:ae:c6:
e7:2a:30:50:2b:8c:f6:03:f6:a1:0f:27:da:27:96:08:4b:8f:
e3:ea:e6:9b:9c:33:9a:a7:8a:57:ea:2c:5e:82:2d:6b:ee:01:
14:84:53:fa:c4:0c:9a:0b:0c:50:78:b7:16:41:87:26:46:e6:
a6:eb:1f:7c:8a:c9:9f:b7:19:19:d4:dc:35:65:b9:95:5b:63:
03:b7:a7:f1:c3:c5:b6:1a:7c:46:6d:ef:d4:28:35:51:7f:3b:
bc:b4:78:f7:5c:f0:c3:b8:9c:c6:e1:db:d7:41:37:07:23:c7:
4c:74:9e:0a:dd:36:bd:0c:a0:0b:1d:25:b9:2a:57:25:0e:c4:
b8:e9:9f:f8:39:8b:1f:f8:e5:ff:d9:2d:c7:c2:e3:f8:60:dd:
db:5e:07:e8:15:8e:f8:0d:5e:2f:c6:36:d7:88:a0:47:e9:05:
ce:cb:19:71:44:5b:62:a9:43:23:f8:1f:45:34:8c:a2:a4:3d:
20:f5:b3:42:5d:cb:b9:b4:bf:3b:55:09:34:f2:b7:0a:01:9f:
01:a9:3b:68
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZG3GIMkXygqQ/7E+Ec3G1IGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjQwOTAzMDg1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQxYjVkYmIxY2NjNzc1MjllYzdjMjZhMGU5MTBiYjE2ZmNlNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0BeVbDc7uJtvxSfoBr+7G6Fd1qX
rSccnhWgVxhyCfI9sw/EuDRfbPzKHWhvFaoSpJp/ipKhx18NmBfoyfQUcfYX+2cV
9nsvyYlmodL97Fli4wHpfH/krn2jZeHF9LSYYas6Pqb79monVwq6rCXYauVw3WdS
qmm+l9bsdr/632TvXFtK3LKktKu9jNyXn6NLg6hlRYUwKzQ8xTahA3HKiHzihhpj
ucZX/zQm7HTtjJoiI+GXiDMHeC/xw//0+tTAtFefXSxUTPq6KIwV4VvRgvkjn71z
eG0goCAkTLhdj5+kLbmIKTQkQqZiTisRk/ix2u63wNhbwoQsqSfMid+rSQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFNJBtduxzMd1Kex8JqDpELsW/OX5MB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvMGtHMTI3SE14M1VwN0h3bW9Pa1F1eGI4NWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgb0EAgABMIG2MAwD
BAIuJMwDBAMuJNADBARN84ADBAFQRgADBAFQRgYDBARRX/ADBANZvEgDBAJbxfgD
BABb2ckDBANdv5gDBANejwgDBARe52ADBANtRzgDBAOy+wADBAK5FMwDBAK5FSgD
BAK5GYwDBAK5hhwDBAK5mvADBAK53SQDBAK53xgDBAK56zQDBALB72ADBALClnAD
BALDRYADBAHDsg4DBALUYYQDBALUYYwDBAHU7fgDBALZPewwLwQCAAIwKTAPAwUD
KgIjOAMGBCoCIzkAAwYGKgIjOUADBwEqAydAAAADBQMqBurAMA0GCSqGSIb3DQEB
CwUAA4IBAQBEGFAh5hgJA++JYB79a+FKBO2IPfRYn/GM6P1yLATW0Jra4ccf2bA1
UoYLRmnIxVcg1BqzrsbnKjBQK4z2A/ahDyfaJ5YIS4/j6uabnDOap4pX6ixegi1r
7gEUhFP6xAyaCwxQeLcWQYcmRuam6x98ismftxkZ1Nw1ZbmVW2MDt6fxw8W2GnxG
be/UKDVRfzu8tHj3XPDDuJzG4dvXQTcHI8dMdJ4K3Ta9DKALHSW5KlclDsS46Z/4
OYsf+OX/2S3HwuP4YN3bXgfoFY74DV4vxjbXiKBH6QXOyxlxRFtiqUMj+B9FNIyi
pD0g9bNCXcu5tL87VQk08rcKAZ8BqTto
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:35 2025 by rpki-client