Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/15BodGfNW0DN0El6ebGoQGH0FLI.roa
File: 15BodGfNW0DN0El6ebGoQGH0FLI.roa (raw, json)
Hash identifier: 51Jv0HrKsWw8dUEx7aJB8BRS3hWV5j9HebV7xpDmw/8=
Subject key identifier: D7:90:68:74:67:CD:5B:40:CD:D0:49:7A:79:B1:A8:40:61:F4:14:B2
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0194274848F19B6FD239697839EE0C3165F8
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/15BodGfNW0DN0El6ebGoQGH0FLI.roa
Signing time: Thu 02 Jan 2025 13:50:36 +0000
ROA not before: Thu 02 Jan 2025 13:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202053
IP address blocks: 5.22.208.0/21 maxlen: 21
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
80.69.172.0/22 maxlen: 22
83.136.248.0/21 maxlen: 21
94.237.0.0/24 maxlen: 24
94.237.1.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.4.0/22 maxlen: 22
94.237.8.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
94.237.126.0/24 maxlen: 24
95.111.192.0/20 maxlen: 20
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
185.26.48.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
2a04:3540::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3544::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3545::/32 maxlen: 32
2a04:3546::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Jan 2025 13:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:48:f1:9b:6f:d2:39:69:78:39:ee:0c:31:65:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jan 2 13:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d790687467cd5b40cdd0497a79b1a84061f414b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:08:94:e4:b3:c3:b4:bd:3c:6f:26:8f:7d:12:
0e:19:c6:94:80:ea:16:40:0e:47:de:41:73:f8:d4:
99:03:a7:2c:08:cb:51:2f:90:1d:1b:f8:76:1c:3b:
41:66:99:dd:06:73:8c:2d:e3:f8:79:ed:b4:fe:dd:
3a:94:51:25:7c:e6:ae:30:fd:0d:90:a0:bd:ca:17:
79:de:0d:28:13:62:53:ee:ce:cc:dd:b0:8a:b1:b0:
61:15:50:a4:69:19:82:21:17:5a:91:0e:65:b5:72:
00:7d:6c:33:b9:e8:ec:02:c4:29:e0:93:c0:29:40:
c8:7c:9f:cd:97:8a:9f:d5:f9:c0:ae:d9:c7:d1:ab:
35:7c:b6:e1:83:f8:a1:41:76:e2:29:7d:06:a0:4a:
d6:4d:5f:37:0d:51:28:8a:c1:90:d3:6a:df:7e:4b:
c0:63:2d:e0:42:20:42:40:4d:e5:90:3d:e4:d5:4a:
c4:b3:05:ba:48:4e:64:58:e0:fb:20:0a:7f:fa:fd:
25:88:ea:f5:7f:19:b9:0a:41:f5:85:bf:ce:93:2f:
9f:39:87:93:88:df:8a:f4:ba:19:f5:d9:c5:fa:f7:
62:99:65:41:ee:65:47:23:bb:6c:c5:ba:76:da:8e:
bf:3c:94:5e:ad:30:9c:d9:f5:ea:2a:f9:32:9b:a4:
58:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:90:68:74:67:CD:5B:40:CD:D0:49:7A:79:B1:A8:40:61:F4:14:B2
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/15BodGfNW0DN0El6ebGoQGH0FLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
75:0a:06:34:2c:9b:94:68:1d:ea:23:78:1d:71:93:1f:15:1d:
91:42:0c:62:b9:07:a4:e3:64:8b:24:4d:38:dc:b9:df:3a:03:
3e:99:9d:cf:d7:83:55:b1:ce:3e:73:12:d4:f1:b6:7b:d5:25:
f0:7b:9e:27:49:50:0b:ce:a2:b9:2f:88:f6:bb:9f:48:37:e4:
8a:bb:24:23:8e:98:99:b0:d0:42:3d:f9:01:e8:28:6a:eb:b2:
1f:06:9c:fe:48:1c:21:90:37:be:b6:f9:07:a9:2c:3b:a6:17:
ee:0c:45:d8:26:f9:74:c5:39:06:02:83:3f:92:2e:21:2d:a6:
1b:47:f0:77:0d:b0:f6:4e:b6:c6:b8:6d:c7:9a:85:28:92:86:
20:20:50:7d:de:66:93:9b:11:9a:be:f0:dd:29:eb:56:4a:7e:
2a:0b:64:b5:99:59:14:9c:1d:fe:96:00:03:b0:f4:8b:13:ca:
4a:f6:c9:ea:e5:a6:ef:a2:de:4f:b7:1c:69:08:b5:7c:b9:15:
95:77:f8:e1:d5:d2:4d:77:34:f1:d6:86:6e:b2:a1:b4:5b:80:
44:a3:71:03:79:42:cd:1f:ad:ae:1c:ea:46:99:4d:bf:62:75:
cc:be:64:ca:a8:15:58:a1:f1:61:b0:25:eb:23:22:cb:97:fe:
f2:35:72:64
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQnSEjxm2/SOWl4Oe4MMWX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjUwMTAyMTM1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzkwNjg3NDY3Y2Q1YjQwY2RkMDQ5N2E3OWIxYTg0MDYxZjQxNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAiU5LPDtL08byaPfRIOGcaUgOoW
QA5H3kFz+NSZA6csCMtRL5AdG/h2HDtBZpndBnOMLeP4ee20/t06lFElfOauMP0N
kKC9yhd53g0oE2JT7s7M3bCKsbBhFVCkaRmCIRdakQ5ltXIAfWwzuejsAsQp4JPA
KUDIfJ/Nl4qf1fnArtnH0as1fLbhg/ihQXbiKX0GoErWTV83DVEoisGQ02rffkvA
Yy3gQiBCQE3lkD3k1UrEswW6SE5kWOD7IAp/+v0liOr1fxm5CkH1hb/Oky+fOYeT
iN+K9LoZ9dnF+vdimWVB7mVHI7tsxbp22o6/PJRerTCc2fXqKvkym6RY8wIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFNeQaHRnzVtAzdBJenmxqEBh9BSyMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvMTVCb2RHZk5XMEROMEVsNmViR29RR0gwRkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBRBAIAATBLAwQEBRbQAwQC
UEWsAwQDU4j4MAsDAwBe7QMEAF7tfjAMAwQGX2/AAwQCX2/QAwQDX2/YAwQCuRSI
AwQCuRowAwQCuUbEAwQCwj5gMBYEAgACMBAwDgMFBioENUADBQAqBDVGMA0GCSqG
SIb3DQEBCwUAA4IBAQB1CgY0LJuUaB3qI3gdcZMfFR2RQgxiuQek42SLJE043Lnf
OgM+mZ3P14NVsc4+cxLU8bZ71SXwe54nSVALzqK5L4j2u59IN+SKuyQjjpiZsNBC
PfkB6Chq67IfBpz+SBwhkDe+tvkHqSw7phfuDEXYJvl0xTkGAoM/ki4hLaYbR/B3
DbD2TrbGuG3HmoUokoYgIFB93maTmxGavvDdKetWSn4qC2S1mVkUnB3+lgADsPSL
E8pK9snq5abvot5PtxxpCLV8uRWVd/jh1dJNdzTx1oZusqG0W4BEo3EDeULNH62u
HOpGmU2/YnXMvmTKqBVYofFhsCXrIyLLl/7yNXJk
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:25:19 2025 by rpki-client