Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/9sDJq7RIyrd2A4avyc5-p73pJng.roa
File: 9sDJq7RIyrd2A4avyc5-p73pJng.roa (raw, json)
Hash identifier: iGBy1QjRMbe+N4dWqrNYHk3RFnfm8Yujgl1AKSeCb/M=
Subject key identifier: F6:C0:C9:AB:B4:48:CA:B7:76:03:86:AF:C9:CE:7E:A7:BD:E9:26:78
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 018CC871398B33694E7EE6733027A28E4D75
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/9sDJq7RIyrd2A4avyc5-p73pJng.roa
Signing time: Tue 02 Jan 2024 04:31:52 +0000
ROA not before: Tue 02 Jan 2024 04:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47119
IP address blocks: 188.191.112.0/22 maxlen: 22
188.191.112.0/24 maxlen: 24
188.191.112.0/23 maxlen: 23
188.191.116.0/22 maxlen: 22
188.191.114.0/23 maxlen: 23
188.191.114.0/24 maxlen: 24
188.191.113.0/24 maxlen: 24
188.191.112.0/21 maxlen: 21
188.191.112.0/20 maxlen: 20
188.191.116.0/24 maxlen: 24
188.191.117.0/24 maxlen: 24
188.191.116.0/23 maxlen: 23
188.191.115.0/24 maxlen: 24
188.191.118.0/24 maxlen: 24
188.191.118.0/23 maxlen: 23
188.191.122.0/24 maxlen: 24
188.191.119.0/24 maxlen: 24
188.191.120.0/23 maxlen: 23
188.191.124.0/22 maxlen: 22
188.191.122.0/23 maxlen: 23
188.191.121.0/24 maxlen: 24
188.191.120.0/24 maxlen: 24
188.191.124.0/24 maxlen: 24
188.191.124.0/23 maxlen: 23
188.191.123.0/24 maxlen: 24
188.191.120.0/22 maxlen: 22
188.191.126.0/24 maxlen: 24
188.191.126.0/23 maxlen: 23
79.174.34.0/24 maxlen: 24
79.174.34.0/23 maxlen: 23
79.174.33.0/24 maxlen: 24
79.174.36.0/23 maxlen: 23
79.174.36.0/24 maxlen: 24
79.174.35.0/24 maxlen: 24
79.174.32.0/22 maxlen: 22
79.174.32.0/19 maxlen: 19
79.174.32.0/20 maxlen: 20
79.174.32.0/23 maxlen: 23
79.174.38.0/24 maxlen: 24
79.174.37.0/24 maxlen: 24
79.174.32.0/24 maxlen: 24
79.174.42.0/23 maxlen: 23
79.174.44.0/22 maxlen: 22
79.174.39.0/24 maxlen: 24
79.174.38.0/23 maxlen: 23
79.174.42.0/24 maxlen: 24
79.174.41.0/24 maxlen: 24
79.174.44.0/23 maxlen: 23
79.174.44.0/24 maxlen: 24
79.174.40.0/22 maxlen: 22
79.174.40.0/23 maxlen: 23
79.174.43.0/24 maxlen: 24
79.174.40.0/24 maxlen: 24
79.174.47.0/24 maxlen: 24
79.174.50.0/23 maxlen: 23
79.174.50.0/24 maxlen: 24
79.174.49.0/24 maxlen: 24
79.174.48.0/22 maxlen: 22
79.174.48.0/24 maxlen: 24
79.174.45.0/24 maxlen: 24
79.174.48.0/23 maxlen: 23
79.174.51.0/24 maxlen: 24
79.174.46.0/23 maxlen: 23
79.174.46.0/24 maxlen: 24
79.174.48.0/20 maxlen: 20
79.174.56.0/22 maxlen: 22
79.174.55.0/24 maxlen: 24
79.174.56.0/24 maxlen: 24
79.174.58.0/23 maxlen: 23
79.174.58.0/24 maxlen: 24
79.174.57.0/24 maxlen: 24
79.174.52.0/23 maxlen: 23
79.174.53.0/24 maxlen: 24
79.174.52.0/24 maxlen: 24
79.174.54.0/23 maxlen: 23
79.174.54.0/24 maxlen: 24
79.174.56.0/23 maxlen: 23
79.174.60.0/22 maxlen: 22
79.174.63.0/24 maxlen: 24
79.174.60.0/23 maxlen: 23
79.174.60.0/24 maxlen: 24
79.174.59.0/24 maxlen: 24
79.174.62.0/23 maxlen: 23
79.174.62.0/24 maxlen: 24
79.174.61.0/24 maxlen: 24
136.169.222.0/23 maxlen: 23
136.169.222.0/24 maxlen: 24
136.169.221.0/24 maxlen: 24
136.169.220.0/22 maxlen: 22
136.169.223.0/24 maxlen: 24
136.169.220.0/23 maxlen: 23
136.169.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:39:8b:33:69:4e:7e:e6:73:30:27:a2:8e:4d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 2 04:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6c0c9abb448cab7760386afc9ce7ea7bde92678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d7:68:1d:1a:fc:fb:ce:df:25:8a:25:ae:11:
46:f9:78:06:8c:24:16:33:4b:cf:2b:f1:bf:c1:ad:
2e:16:35:32:4a:fa:14:5e:31:45:fa:79:4d:90:72:
b3:47:f0:ca:ab:d5:ea:b4:e4:ee:d9:69:bf:0d:85:
34:4c:f6:4a:59:c8:9b:f3:94:e4:ad:72:cc:6b:9f:
41:3d:fc:fd:32:f7:b9:a5:89:c5:f3:77:0e:ac:2e:
e3:ed:ce:3f:b1:44:de:87:c4:f8:ad:ed:f3:1a:68:
ae:3d:03:5b:c6:e3:a6:f9:fe:2f:68:8a:7c:2b:d5:
b8:35:ec:55:1f:a9:a6:70:93:eb:6e:db:77:36:9a:
81:62:3d:b5:a6:e2:be:b6:e5:a1:31:99:00:5b:97:
91:8c:ba:2d:ac:a1:71:00:4e:d3:c1:82:51:c1:5b:
da:ff:a0:01:3c:2b:f6:cc:ab:0e:e1:cb:d0:2a:15:
ba:f3:7e:4f:01:4e:0b:03:c8:e5:8d:81:e7:26:ce:
6a:80:8c:34:3d:4e:47:47:7d:98:49:37:0b:aa:fa:
32:94:f9:4b:75:a5:23:e8:f0:da:3f:45:0d:82:86:
74:46:7a:09:13:e4:40:e7:5a:87:15:f6:e0:6e:a4:
7d:14:9f:0e:4e:ba:e4:eb:2c:49:6f:fd:25:c1:f3:
41:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C0:C9:AB:B4:48:CA:B7:76:03:86:AF:C9:CE:7E:A7:BD:E9:26:78
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/9sDJq7RIyrd2A4avyc5-p73pJng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.32.0/19
136.169.220.0/22
188.191.112.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:14:91:e3:26:7b:06:10:e9:73:de:ba:9f:f0:e9:47:53:1d:
e2:93:e9:f4:f8:5f:41:97:3f:89:bc:73:bd:7e:24:2b:5c:1f:
d4:c4:ff:d5:15:d0:2c:12:94:4e:96:32:06:73:4c:34:cf:85:
04:46:0d:a0:26:df:cc:d0:f1:91:35:2e:5b:13:6f:10:2d:d1:
ef:fa:9c:2f:2f:39:3a:5b:7b:c7:91:ae:78:bd:81:e5:f1:be:
9a:a7:15:9f:3f:de:85:97:4d:9a:36:64:b3:93:ad:32:f6:07:
36:6e:fd:a1:63:0a:8d:42:32:30:21:04:d5:23:22:d8:20:f8:
dc:0a:12:1a:9d:20:b5:ce:fa:d4:a0:36:85:81:fb:b3:a3:30:
30:15:b0:6b:a8:e6:43:01:87:13:83:8a:94:ae:91:2e:f4:6e:
26:ec:5c:a0:02:d9:23:a1:6f:d4:97:09:f8:8d:e5:d5:fa:e0:
c2:90:69:eb:ba:30:dd:53:97:82:c0:82:61:bf:3d:6a:6c:28:
c4:77:b7:56:ff:4d:23:01:76:91:c5:60:5d:2a:dd:ba:35:3c:
85:ac:8c:95:9f:3c:85:f5:ad:83:e5:15:f3:14:9a:59:4d:7c:
6e:f7:49:76:80:79:24:40:15:f3:25:69:42:bd:ac:4f:1b:02:
dc:1a:c8:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIcTmLM2lOfuZzMCeijk11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjQwMTAyMDQzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmMwYzlhYmI0NDhjYWI3NzYwMzg2YWZjOWNlN2VhN2JkZTkyNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtdoHRr8+87fJYolrhFG+XgGjCQW
M0vPK/G/wa0uFjUySvoUXjFF+nlNkHKzR/DKq9XqtOTu2Wm/DYU0TPZKWcib85Tk
rXLMa59BPfz9Mve5pYnF83cOrC7j7c4/sUTeh8T4re3zGmiuPQNbxuOm+f4vaIp8
K9W4NexVH6mmcJPrbtt3NpqBYj21puK+tuWhMZkAW5eRjLotrKFxAE7TwYJRwVva
/6ABPCv2zKsO4cvQKhW6835PAU4LA8jljYHnJs5qgIw0PU5HR32YSTcLqvoylPlL
daUj6PDaP0UNgoZ0RnoJE+RA51qHFfbgbqR9FJ8OTrrk6yxJb/0lwfNBJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPbAyau0SMq3dgOGr8nOfqe96SZ4MB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvOXNESnE3Ukl5cmQyQTRhdnljNS1wNzNwSm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFT64gAwQC
iKncAwQEvL9wMA0GCSqGSIb3DQEBCwUAA4IBAQCkFJHjJnsGEOlz3rqf8OlHUx3i
k+n0+F9Blz+JvHO9fiQrXB/UxP/VFdAsEpROljIGc0w0z4UERg2gJt/M0PGRNS5b
E28QLdHv+pwvLzk6W3vHka54vYHl8b6apxWfP96Fl02aNmSzk60y9gc2bv2hYwqN
QjIwIQTVIyLYIPjcChIanSC1zvrUoDaFgfuzozAwFbBrqOZDAYcTg4qUrpEu9G4m
7FygAtkjoW/Ulwn4jeXV+uDCkGnrujDdU5eCwIJhvz1qbCjEd7dW/00jAXaRxWBd
Kt26NTyFrIyVnzyF9a2D5RXzFJpZTXxu90l2gHkkQBXzJWlCvaxPGwLcGshP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:10 2025 by rpki-client