Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/9S9yplF1qdFJgKRfTh_PhVSTxtk.roa
File: 9S9yplF1qdFJgKRfTh_PhVSTxtk.roa (raw, json)
Hash identifier: MnsjD9CtCjhi8uD4DQ6Nd7wV58Zj6fIkrA+Gc0B0GQM=
Subject key identifier: F5:2F:72:A6:51:75:A9:D1:49:80:A4:5F:4E:1F:CF:85:54:93:C6:D9
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 01946F3400470C4BF102DF2B936D14CB9409
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/9S9yplF1qdFJgKRfTh_PhVSTxtk.roa
Signing time: Thu 16 Jan 2025 13:01:06 +0000
ROA not before: Thu 16 Jan 2025 13:01:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202053
IP address blocks: 5.22.208.0/21 maxlen: 21
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
80.69.172.0/22 maxlen: 22
83.136.248.0/21 maxlen: 21
94.237.0.0/24 maxlen: 24
94.237.1.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.4.0/22 maxlen: 22
94.237.8.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
94.237.126.0/24 maxlen: 24
95.111.192.0/20 maxlen: 20
95.111.192.0/21 maxlen: 21
95.111.200.0/22 maxlen: 22
95.111.204.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
185.26.48.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
2a04:3540::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3544::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3545::/32 maxlen: 32
2a04:3546::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 22 Jan 2025 16:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:34:00:47:0c:4b:f1:02:df:2b:93:6d:14:cb:94:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jan 16 13:01:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f52f72a65175a9d14980a45f4e1fcf855493c6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ee:56:42:56:f7:5b:40:0c:3e:4e:78:e2:07:
ff:00:22:bd:9c:79:01:ec:62:1b:a4:41:80:e5:d4:
22:54:4e:1f:68:5b:81:68:90:23:8c:41:29:a5:f6:
bc:cb:01:b9:22:01:af:1f:d2:96:fd:4e:62:f8:c2:
f5:e8:50:4b:60:e8:3c:c3:23:7e:f6:a1:33:ac:41:
33:2c:71:83:88:7e:f2:95:44:ad:51:29:d9:18:da:
02:11:9b:2d:0a:45:7a:21:01:0f:ff:b6:4d:0f:ed:
ee:f3:05:c3:c4:22:fb:85:9e:9c:73:50:2d:e1:f9:
5e:6b:8e:6e:da:bb:d7:9c:40:da:89:a9:68:a1:94:
f8:ee:a7:73:4d:eb:9d:c1:a4:7f:6e:05:6c:47:4f:
eb:90:32:7d:2e:1a:31:0a:36:8f:be:01:43:51:5a:
92:ea:2d:4b:8b:c5:d8:4d:c2:1e:d6:c8:0a:36:45:
2b:14:f2:74:fb:52:51:19:8b:fa:54:81:16:51:fc:
8a:b0:80:73:56:e3:03:6d:ca:81:85:14:c3:03:50:
9a:e4:9e:88:e7:fb:ac:ac:cb:ca:32:c3:31:61:a2:
f7:8d:27:a8:92:9e:80:1c:24:c1:fe:f5:42:77:18:
db:00:70:d3:0e:9a:27:ae:29:f9:c4:e6:7c:a8:7f:
70:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2F:72:A6:51:75:A9:D1:49:80:A4:5F:4E:1F:CF:85:54:93:C6:D9
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/9S9yplF1qdFJgKRfTh_PhVSTxtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:c0:3e:88:ca:6c:d5:93:5e:98:16:e0:de:47:9f:39:c7:6b:
fb:03:a4:00:f2:23:cf:4c:b2:94:79:e2:2c:db:19:a7:6a:da:
eb:a0:05:d1:13:b4:47:8d:d5:fa:9c:2c:3b:5d:2b:c6:96:5c:
9b:59:b6:3b:d6:f6:9c:32:24:d1:86:0e:a0:ab:22:85:da:ff:
5c:93:61:45:23:07:67:df:11:bd:92:57:bc:4a:4b:78:21:61:
4c:15:ed:8e:9a:37:d7:20:13:86:3f:aa:f9:f2:25:5f:81:30:
74:b8:04:13:ca:0c:71:d4:59:db:04:26:e2:4b:5b:c4:e0:1f:
86:79:69:80:d4:83:64:94:dd:74:51:1c:f9:ca:02:89:0b:39:
c2:51:29:fa:b8:4b:d0:25:fc:a7:cd:b0:19:e8:5c:3a:e1:ef:
c3:50:ce:61:77:71:01:6e:b3:d2:6c:f1:35:82:2e:bf:80:1b:
f1:65:0c:93:fb:51:23:28:32:3e:d4:4f:26:51:fc:b9:fc:69:
87:c8:fb:2e:e6:0c:b0:1a:df:83:30:92:ed:dd:ef:98:35:09:
fd:37:90:93:33:f5:bd:80:6b:3d:ee:3c:e7:11:f4:43:87:98:
05:c3:69:51:36:9b:42:b7:95:52:f2:51:5f:47:37:ea:cc:26:
75:fe:8d:49
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZRvNABHDEvxAt8rk20Uy5QJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjUwMTE2MTMwMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJmNzJhNjUxNzVhOWQxNDk4MGE0NWY0ZTFmY2Y4NTU0OTNjNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO5WQlb3W0AMPk544gf/ACK9nHkB
7GIbpEGA5dQiVE4faFuBaJAjjEEppfa8ywG5IgGvH9KW/U5i+ML16FBLYOg8wyN+
9qEzrEEzLHGDiH7ylUStUSnZGNoCEZstCkV6IQEP/7ZND+3u8wXDxCL7hZ6cc1At
4flea45u2rvXnEDaialooZT47qdzTeudwaR/bgVsR0/rkDJ9LhoxCjaPvgFDUVqS
6i1Li8XYTcIe1sgKNkUrFPJ0+1JRGYv6VIEWUfyKsIBzVuMDbcqBhRTDA1Ca5J6I
5/usrMvKMsMxYaL3jSeokp6AHCTB/vVCdxjbAHDTDponrin5xOZ8qH9wsQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFPUvcqZRdanRSYCkX04fz4VUk8bZMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvOVM5eXBsRjFxZEZKZ0tSZlRoX1BoVlNUeHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBRBAIAATBLAwQEBRbQAwQC
UEWsAwQDU4j4MAsDAwBe7QMEAF7tfjAMAwQGX2/AAwQCX2/QAwQDX2/YAwQCuRSI
AwQCuRowAwQCuUbEAwQCwj5gMBYEAgACMBAwDgMFBioENUADBQAqBDVGMA0GCSqG
SIb3DQEBCwUAA4IBAQB0wD6IymzVk16YFuDeR585x2v7A6QA8iPPTLKUeeIs2xmn
atrroAXRE7RHjdX6nCw7XSvGllybWbY71vacMiTRhg6gqyKF2v9ck2FFIwdn3xG9
kle8Skt4IWFMFe2OmjfXIBOGP6r58iVfgTB0uAQTygxx1FnbBCbiS1vE4B+GeWmA
1INklN10URz5ygKJCznCUSn6uEvQJfynzbAZ6Fw64e/DUM5hd3EBbrPSbPE1gi6/
gBvxZQyT+1EjKDI+1E8mUfy5/GmHyPsu5gywGt+DMJLt3e+YNQn9N5CTM/W9gGs9
7jznEfRDh5gFw2lRNptCt5VS8lFfRzfqzCZ1/o1J
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:31:05 2025 by rpki-client