Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/I4-QqAu-y2MihD3XDFOcodziV2c.roa
File: I4-QqAu-y2MihD3XDFOcodziV2c.roa (raw, json)
Hash identifier: sSTOFkHoNy8Oq0fSepwjX1HLdksngNw4RsNbe5yMZo4=
Subject key identifier: 23:8F:90:A8:0B:BE:CB:63:22:84:3D:D7:0C:53:9C:A1:DC:E2:57:67
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 018F51A98BC87EC431B76547E92DE4D6129F
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/I4-QqAu-y2MihD3XDFOcodziV2c.roa
Signing time: Tue 07 May 2024 06:06:56 +0000
ROA not before: Tue 07 May 2024 06:06:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31027
IP address blocks: 5.56.144.0/20 maxlen: 20
5.179.80.0/20 maxlen: 20
37.49.128.0/20 maxlen: 20
46.32.156.0/22 maxlen: 22
62.12.32.0/20 maxlen: 20
62.12.48.0/21 maxlen: 21
62.116.192.0/19 maxlen: 19
77.233.224.0/19 maxlen: 19
78.153.160.0/19 maxlen: 19
80.88.128.0/20 maxlen: 20
80.243.112.0/20 maxlen: 20
82.192.160.0/19 maxlen: 19
83.136.88.0/21 maxlen: 21
83.151.128.0/18 maxlen: 18
87.116.0.0/18 maxlen: 18
88.212.64.0/18 maxlen: 18
89.221.160.0/20 maxlen: 20
92.62.192.0/20 maxlen: 20
93.176.64.0/18 maxlen: 18
94.18.211.0/24 maxlen: 24
130.185.128.0/20 maxlen: 20
185.20.240.0/22 maxlen: 22
185.67.128.0/22 maxlen: 22
188.120.80.0/21 maxlen: 21
193.105.116.0/24 maxlen: 24
193.105.149.0/24 maxlen: 24
194.182.96.0/21 maxlen: 21
195.140.132.0/22 maxlen: 22
212.60.120.0/21 maxlen: 21
212.98.96.0/24 maxlen: 24
217.74.208.0/20 maxlen: 20
217.116.208.0/20 maxlen: 20
217.195.176.0/20 maxlen: 20
217.195.178.0/24 maxlen: 24
2a02:188::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 22 May 2024 12:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:51:a9:8b:c8:7e:c4:31:b7:65:47:e9:2d:e4:d6:12:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: May 7 06:06:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=238f90a80bbecb6322843dd70c539ca1dce25767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1c:8a:71:21:9d:e8:0d:6c:4e:b6:ca:bd:a0:
64:34:8a:dc:ad:f1:c0:a2:4a:6f:ef:4b:6e:21:97:
bf:a1:a6:d5:68:aa:57:ca:97:77:c5:59:f3:bb:48:
a4:6e:c3:ce:33:c5:e8:26:fc:b0:cf:ef:ac:ee:4a:
8a:f4:14:0c:88:3a:58:20:de:00:23:d7:96:23:a8:
b2:62:53:2f:ea:64:48:4c:3d:ee:2d:d4:d6:77:c0:
3d:29:5b:76:cb:0b:46:b4:bb:cc:98:c3:c4:eb:5e:
30:9d:e5:83:e3:4a:0e:06:ec:c0:0b:e3:40:68:2a:
9b:79:bd:22:7f:37:d3:86:7a:b3:46:4b:6a:de:d1:
b8:18:0e:b0:1a:a7:82:c8:a3:09:d7:6a:32:48:7f:
22:25:7b:0b:b3:9f:4e:f6:c7:c2:1e:9a:ce:93:83:
f3:5c:08:91:c3:9c:b4:55:24:12:56:8e:b7:01:ca:
89:37:3e:19:68:15:b9:06:40:d7:13:14:0c:71:82:
7e:35:ba:86:96:53:5c:a5:7f:2b:ea:b1:f7:25:94:
57:7c:ef:f5:f5:8a:69:c7:87:5d:c2:a3:d6:ef:d4:
6b:e5:c6:ae:1c:7a:b5:7b:56:18:1f:c2:65:a1:42:
37:b2:b0:de:92:97:fe:19:62:b0:73:73:d9:ef:47:
01:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8F:90:A8:0B:BE:CB:63:22:84:3D:D7:0C:53:9C:A1:DC:E2:57:67
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/I4-QqAu-y2MihD3XDFOcodziV2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.144.0/20
5.179.80.0/20
37.49.128.0/20
46.32.156.0/22
62.12.32.0-62.12.55.255
62.116.192.0/19
77.233.224.0/19
78.153.160.0/19
80.88.128.0/20
80.243.112.0/20
82.192.160.0/19
83.136.88.0/21
83.151.128.0/18
87.116.0.0/18
88.212.64.0/18
89.221.160.0/20
92.62.192.0/20
93.176.64.0/18
94.18.211.0/24
130.185.128.0/20
185.20.240.0/22
185.67.128.0/22
188.120.80.0/21
193.105.116.0/24
193.105.149.0/24
194.182.96.0/21
195.140.132.0/22
212.60.120.0/21
212.98.96.0/24
217.74.208.0/20
217.116.208.0/20
217.195.176.0/20
IPv6:
2a02:188::/29
Signature Algorithm: sha256WithRSAEncryption
35:0d:e0:11:fb:01:6d:0e:2c:09:e5:8a:47:ec:a4:ae:80:22:
80:a8:35:a9:6c:08:24:0a:10:64:07:06:7c:94:2a:b0:df:09:
9b:7d:c7:51:f5:f1:8e:22:1a:ec:ab:21:3c:b9:ab:2b:7d:69:
94:7c:f6:a6:98:d6:69:d6:9c:23:b6:81:f9:22:d4:1a:ac:cb:
91:07:fc:56:c5:7b:ba:ed:89:02:c9:c6:ee:8f:df:23:29:fa:
38:02:e8:6d:91:70:f3:00:71:6c:7f:f8:cb:54:e2:c7:c8:7b:
69:2f:d8:48:99:90:f6:55:47:42:55:be:5a:c8:19:15:30:3f:
a6:95:da:23:0e:84:53:bd:a4:88:81:16:74:49:c1:c9:e5:2f:
8e:42:0a:fe:70:df:3a:fd:99:48:9d:0c:11:dc:e5:8c:f4:2f:
7b:4b:8b:27:8d:e1:c2:28:e6:b3:bd:03:3c:5e:6b:a2:c4:48:
94:09:aa:ef:aa:c0:67:72:2f:68:58:1f:3e:12:75:e4:4f:f3:
91:ae:a6:34:28:ee:95:9c:92:ce:9a:69:92:4b:92:ba:16:8c:
2d:6f:db:d7:64:38:f0:79:a1:43:26:28:18:80:6f:46:b4:b4:
cc:4b:1a:43:10:13:f1:cb:e5:46:10:10:bf:ba:af:fa:b9:50:
b6:8d:65:7a
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAY9RqYvIfsQxt2VH6S3k1hKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjQwNTA3MDYwNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhmOTBhODBiYmVjYjYzMjI4NDNkZDcwYzUzOWNhMWRjZTI1NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxyKcSGd6A1sTrbKvaBkNIrcrfHA
okpv70tuIZe/oabVaKpXypd3xVnzu0ikbsPOM8XoJvywz++s7kqK9BQMiDpYIN4A
I9eWI6iyYlMv6mRITD3uLdTWd8A9KVt2ywtGtLvMmMPE614wneWD40oOBuzAC+NA
aCqbeb0ifzfThnqzRktq3tG4GA6wGqeCyKMJ12oySH8iJXsLs59O9sfCHprOk4Pz
XAiRw5y0VSQSVo63AcqJNz4ZaBW5BkDXExQMcYJ+NbqGllNcpX8r6rH3JZRXfO/1
9Yppx4ddwqPW79Rr5cauHHq1e1YYH8JloUI3srDekpf+GWKwc3PZ70cBVQIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFCOPkKgLvstjIoQ91wxTnKHc4ldnMB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvSTQtUXFBdS15Mk1paEQzWERGT2NvZHppVjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBzwQCAAEwgcgDBAQF
OJADBAQFs1ADBAQlMYADBAIuIJwwDAMEBT4MIAMEAz4MMAMEBT50wAMEBU3p4AME
BU6ZoAMEBFBYgAMEBFDzcAMEBVLAoAMEA1OIWAMEBlOXgAMEBld0AAMEBljUQAME
BFndoAMEBFw+wAMEBl2wQAMEAF4S0wMEBIK5gAMEArkU8AMEArlDgAMEA7x4UAME
AMFpdAMEAMFplQMEA8K2YAMEAsOMhAMEA9Q8eAMEANRiYAMEBNlK0AMEBNl00AME
BNnDsDANBAIAAjAHAwUDKgIBiDANBgkqhkiG9w0BAQsFAAOCAQEANQ3gEfsBbQ4s
CeWKR+ykroAigKg1qWwIJAoQZAcGfJQqsN8Jm33HUfXxjiIa7KshPLmrK31plHz2
ppjWadacI7aB+SLUGqzLkQf8VsV7uu2JAsnG7o/fIyn6OALobZFw8wBxbH/4y1Ti
x8h7aS/YSJmQ9lVHQlW+WsgZFTA/ppXaIw6EU72kiIEWdEnByeUvjkIK/nDfOv2Z
SJ0MEdzljPQve0uLJ43hwijms70DPF5rosRIlAmq76rAZ3IvaFgfPhJ15E/zka6m
NCjulZySzpppkkuSuhaMLW/b12Q48HmhQyYoGIBvRrS0zEsaQxAT8cvlRhAQv7qv
+rlQto1leg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:14:17 2025 by rpki-client