Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/b5ULsNLwEynZ_MK74sMN7i-YHlo.roa
File: b5ULsNLwEynZ_MK74sMN7i-YHlo.roa (raw, json)
Hash identifier: JhSys42vHv04b9yq1hY87JwY7GVrn5t7v6lL2fMcXB0=
Subject key identifier: 6F:95:0B:B0:D2:F0:13:29:D9:FC:C2:BB:E2:C3:0D:EE:2F:98:1E:5A
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 018CC9BB92A3174EF44C3C6179DBA3290775
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/b5ULsNLwEynZ_MK74sMN7i-YHlo.roa
Signing time: Tue 02 Jan 2024 10:32:42 +0000
ROA not before: Tue 02 Jan 2024 10:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24768
IP address blocks: 94.46.133.0/24 maxlen: 24
94.46.160.0/20 maxlen: 24
94.46.176.0/21 maxlen: 21
82.102.7.0/24 maxlen: 24
94.46.128.0/21 maxlen: 21
94.46.132.0/24 maxlen: 24
185.15.20.0/22 maxlen: 22
185.15.20.0/24 maxlen: 24
185.15.23.0/24 maxlen: 24
185.15.22.0/24 maxlen: 24
130.185.85.0/24 maxlen: 24
130.185.84.0/24 maxlen: 24
130.185.83.0/24 maxlen: 24
130.185.82.0/24 maxlen: 24
130.185.81.0/24 maxlen: 24
130.185.80.0/21 maxlen: 21
130.185.86.0/24 maxlen: 24
130.185.87.0/24 maxlen: 24
94.46.27.0/24 maxlen: 24
94.46.26.0/24 maxlen: 24
94.46.25.0/24 maxlen: 24
94.46.30.0/24 maxlen: 24
94.46.29.0/24 maxlen: 24
94.46.28.0/24 maxlen: 24
94.46.28.0/22 maxlen: 22
109.71.42.0/24 maxlen: 24
109.71.41.0/24 maxlen: 24
109.71.40.0/21 maxlen: 21
109.71.40.0/24 maxlen: 24
109.71.44.0/24 maxlen: 24
109.71.43.0/24 maxlen: 24
109.71.45.0/24 maxlen: 24
109.71.47.0/24 maxlen: 24
109.71.46.0/24 maxlen: 24
94.46.13.0/24 maxlen: 24
94.46.12.0/24 maxlen: 24
94.46.12.0/22 maxlen: 22
94.46.16.0/22 maxlen: 22
94.46.16.0/24 maxlen: 24
94.46.15.0/24 maxlen: 24
94.46.14.0/24 maxlen: 24
94.46.20.0/24 maxlen: 24
94.46.20.0/22 maxlen: 22
94.46.23.0/24 maxlen: 24
94.46.22.0/24 maxlen: 24
94.46.21.0/24 maxlen: 24
2a00:1650::/33 maxlen: 33
2a00:1650:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Fri 15 Mar 2024 01:12:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:92:a3:17:4e:f4:4c:3c:61:79:db:a3:29:07:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Jan 2 10:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f950bb0d2f01329d9fcc2bbe2c30dee2f981e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:af:5c:93:70:a4:2a:e5:73:0f:44:5c:de:
32:00:f0:93:4c:1b:45:96:ac:db:67:45:36:04:7f:
d6:25:b8:6b:2e:af:a2:b5:b3:f3:f5:b8:65:f7:f3:
9d:57:ce:77:bf:42:45:f1:1f:30:44:6c:c6:b2:a7:
19:9b:19:bc:e8:da:2a:f5:f7:fb:7d:bd:e1:3d:6b:
df:7d:e9:b9:67:f1:b0:49:90:c4:1c:d3:37:54:0a:
3d:57:9c:13:da:dc:a6:45:e1:cf:1f:c4:cc:40:bf:
9a:67:58:9c:e0:fb:1c:88:6c:11:43:0e:20:5a:9c:
7e:cb:36:58:ad:b7:8f:f7:0c:4b:c2:5f:4d:c7:8a:
c7:fa:3b:65:a3:fb:e3:c9:27:94:07:87:ea:26:64:
e4:6b:83:a7:eb:59:3e:db:1e:d9:98:34:0c:52:7b:
65:dd:ca:44:35:92:78:f1:94:a2:52:83:a8:f9:4a:
0e:9c:40:90:d4:a5:b8:0d:92:53:78:3e:bf:c6:b5:
35:8c:b7:fa:c2:53:b6:c1:b6:89:75:f3:c4:aa:a6:
9b:b8:35:2e:76:ac:a4:7a:e9:8b:29:f6:02:d2:50:
1f:0d:dc:90:81:ee:a7:19:c8:73:39:f4:9c:09:42:
1e:1b:3f:c4:1b:69:18:3d:a6:c4:d3:31:33:e3:a2:
f9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:95:0B:B0:D2:F0:13:29:D9:FC:C2:BB:E2:C3:0D:EE:2F:98:1E:5A
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/b5ULsNLwEynZ_MK74sMN7i-YHlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.102.7.0/24
94.46.12.0-94.46.23.255
94.46.25.0-94.46.31.255
94.46.128.0/21
94.46.160.0-94.46.183.255
109.71.40.0/21
130.185.80.0/21
185.15.20.0/22
IPv6:
2a00:1650::/32
Signature Algorithm: sha256WithRSAEncryption
a6:b7:7c:70:a8:e7:8e:77:09:e6:8d:fb:b7:de:a1:56:f6:2a:
e4:6a:35:c7:16:29:2e:09:ff:80:39:48:f3:f3:3e:c2:42:f6:
88:59:42:50:62:a7:7b:64:50:27:93:de:8c:24:1e:12:e3:0b:
8b:a1:6c:48:d9:df:38:3b:5a:1e:a0:23:29:d6:95:11:cb:c1:
39:3b:bb:58:5e:7f:dc:77:eb:9c:84:7e:06:af:ab:0b:40:87:
9f:f5:5f:14:f3:ea:2a:f0:77:43:0c:db:af:b1:c2:30:5f:2b:
35:77:b9:64:8a:84:ae:aa:6e:29:ad:d9:29:81:a4:bf:7d:9a:
f7:e7:cd:dd:1c:02:0b:52:77:38:ac:63:01:9a:6d:f0:3e:5b:
16:dd:6a:7b:eb:36:fd:ce:60:b6:e1:e8:0f:57:61:5c:d2:1d:
13:3b:33:eb:ec:6e:9e:c1:5c:39:7d:a2:57:0c:a0:4d:d4:53:
fd:b8:af:b0:6c:13:9f:61:00:68:25:7e:9f:5b:d7:f2:b0:46:
54:b1:78:f9:78:89:f2:a6:84:4d:3d:7d:70:5b:da:b0:c7:13:
0a:ce:aa:ca:eb:8e:e5:dd:8e:83:11:10:7c:c6:b0:af:b2:9f:
90:10:b7:39:6d:05:ae:f9:a2:b6:48:11:41:ad:21:a5:d4:7e:
94:0a:6c:df
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzJu5KjF070TDxhedujKQd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDVhNzIwMDE2NDkxMjA0MWJiOTMxZWZiMWZlYWMxMjNi
NDNhMTgwHhcNMjQwMTAyMTAzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjk1MGJiMGQyZjAxMzI5ZDlmY2MyYmJlMmMzMGRlZTJmOTgxZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4GvXJNwpCrlcw9EXN4yAPCTTBtF
lqzbZ0U2BH/WJbhrLq+itbPz9bhl9/OdV853v0JF8R8wRGzGsqcZmxm86Noq9ff7
fb3hPWvffem5Z/GwSZDEHNM3VAo9V5wT2tymReHPH8TMQL+aZ1ic4PsciGwRQw4g
Wpx+yzZYrbeP9wxLwl9Nx4rH+jtlo/vjySeUB4fqJmTka4On61k+2x7ZmDQMUntl
3cpENZJ48ZSiUoOo+UoOnECQ1KW4DZJTeD6/xrU1jLf6wlO2wbaJdfPEqqabuDUu
dqykeumLKfYC0lAfDdyQge6nGchzOfScCUIeGz/EG2kYPabE0zEz46L5MwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFG+VC7DS8BMp2fzCu+LDDe4vmB5aMB8GA1UdIwQY
MBaAFDVFpyABZJEgQbuTHvsf6sEjtDoYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDkt
YWFiYjA2MmU0MGRiLzEvYjVVTHNOTHdFeW5aX01LNzRzTU43aS1ZSGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDktYWFiYjA2MmU0MGRi
LzEvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAUmYHMAwD
BAJeLgwDBANeLhAwDAMEAF4uGQMEBV4uAAMEA14ugDAMAwQFXi6gAwQDXi6wAwQD
bUcoAwQDgrlQAwQCuQ8UMA0EAgACMAcDBQAqABZQMA0GCSqGSIb3DQEBCwUAA4IB
AQCmt3xwqOeOdwnmjfu33qFW9irkajXHFikuCf+AOUjz8z7CQvaIWUJQYqd7ZFAn
k96MJB4S4wuLoWxI2d84O1oeoCMp1pURy8E5O7tYXn/cd+uchH4Gr6sLQIef9V8U
8+oq8HdDDNuvscIwXys1d7lkioSuqm4prdkpgaS/fZr3583dHAILUnc4rGMBmm3w
PlsW3Wp76zb9zmC24egPV2Fc0h0TOzPr7G6ewVw5faJXDKBN1FP9uK+wbBOfYQBo
JX6fW9fysEZUsXj5eInypoRNPX1wW9qwxxMKzqrK647l3Y6DERB8xrCvsp+QELc5
bQWu+aK2SBFBrSGl1H6UCmzf
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:01:56 2025 by rpki-client