Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/6MHKWsrMfkkYpM5xiaJASAaCdX0.roa
File: 6MHKWsrMfkkYpM5xiaJASAaCdX0.roa (raw, json)
Hash identifier: ySLyefFX9C4oEgoKMWJpscAGmnN7nDweuBlIZSjT/us=
Subject key identifier: E8:C1:CA:5A:CA:CC:7E:49:18:A4:CE:71:89:A2:40:48:06:82:75:7D
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C761EFFF9416C2596473E33F466EA
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/6MHKWsrMfkkYpM5xiaJASAaCdX0.roa
Signing time: Thu 02 Jan 2025 09:50:29 +0000
ROA not before: Thu 02 Jan 2025 09:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41691
IP address blocks: 81.22.192.0/24 maxlen: 24
87.117.128.0/21 maxlen: 21
87.117.132.0/24 maxlen: 24
87.117.136.0/23 maxlen: 23
87.117.138.0/24 maxlen: 24
87.117.140.0/22 maxlen: 22
87.117.146.0/23 maxlen: 23
87.117.148.0/23 maxlen: 23
89.221.192.0/21 maxlen: 21
89.221.192.0/22 maxlen: 22
89.221.197.0/24 maxlen: 24
89.221.205.0/24 maxlen: 24
109.172.48.0/22 maxlen: 22
109.172.52.0/23 maxlen: 23
109.172.72.0/23 maxlen: 23
109.172.76.0/23 maxlen: 23
109.172.102.0/23 maxlen: 23
109.172.104.0/22 maxlen: 22
109.172.118.0/23 maxlen: 23
2a02:25e0:f00::/40 maxlen: 40
2a02:25e0:7700::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 12 Feb 2025 10:13:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:76:1e:ff:f9:41:6c:25:96:47:3e:33:f4:66:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8c1ca5acacc7e4918a4ce7189a240480682757d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b8:eb:6a:97:f4:71:83:c3:71:b8:91:5b:80:
9d:3b:a8:a0:1e:c0:83:63:11:4f:83:c8:5b:6a:a0:
eb:ef:c5:59:fc:4f:ea:f9:df:33:6c:85:1f:8b:4a:
84:a7:e8:17:f1:36:e8:d4:c0:a0:a4:6e:d6:a1:63:
24:96:80:b4:c7:3e:cd:5d:52:76:ac:88:ea:0a:66:
b2:4e:6e:1c:f8:fb:72:e0:5d:62:ad:25:73:15:84:
fc:df:14:1b:11:14:92:7d:e4:70:fc:c2:e9:21:ba:
56:99:c5:87:ad:52:b5:ed:db:de:05:c4:42:31:c2:
90:e7:ba:fd:82:46:d6:0d:ab:42:56:cb:05:4d:dc:
b4:78:0f:7d:ce:9b:5a:09:75:b6:f4:5e:0c:d3:19:
b0:99:5b:d2:43:f6:8d:4d:62:6f:eb:12:05:81:26:
00:6f:d7:a9:8b:4c:83:f9:37:1d:e0:32:3f:d8:8b:
22:e8:ef:cb:24:db:82:42:00:d3:1c:8a:33:28:9d:
f3:63:f1:c7:2d:fd:07:52:f0:97:2c:e3:72:c1:5b:
02:75:80:bf:f1:e1:8c:d2:f1:5a:0e:9b:79:e9:6c:
ed:b1:9d:f5:dc:65:d4:5f:59:7d:2c:c6:1b:a5:c0:
9b:3a:7e:ab:5f:5a:34:75:ad:d3:2e:2e:b8:95:e7:
89:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:C1:CA:5A:CA:CC:7E:49:18:A4:CE:71:89:A2:40:48:06:82:75:7D
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/6MHKWsrMfkkYpM5xiaJASAaCdX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.192.0/24
87.117.128.0-87.117.138.255
87.117.140.0/22
87.117.146.0-87.117.149.255
89.221.192.0/21
89.221.205.0/24
109.172.48.0-109.172.53.255
109.172.72.0/23
109.172.76.0/23
109.172.102.0-109.172.107.255
109.172.118.0/23
IPv6:
2a02:25e0:f00::/40
2a02:25e0:7700::/40
Signature Algorithm: sha256WithRSAEncryption
9c:38:e6:de:38:04:a5:e9:96:e4:95:54:75:a4:11:da:2a:0d:
95:06:48:50:cf:75:8b:51:08:bc:5f:b7:19:b8:30:93:ba:97:
2c:ae:e4:8a:76:62:9c:32:c6:98:41:8a:00:42:68:ab:b4:d6:
32:8c:f9:2d:be:f5:92:50:49:1c:7f:2b:34:3a:5c:48:40:8a:
2d:49:15:89:91:32:c1:22:ab:ee:97:ea:ac:9e:9d:15:fc:f9:
b6:42:47:39:9f:a1:db:93:98:07:8a:bd:e3:2d:68:0d:6b:c9:
27:a4:f0:5f:2f:16:46:d0:78:85:71:55:51:d5:aa:b4:e4:ec:
fe:b2:d6:a1:58:59:d6:1d:39:6d:02:9d:17:a5:f0:68:77:5c:
8d:09:69:0e:ec:16:fb:52:10:27:c4:5d:0c:47:06:1d:e4:ad:
0c:52:9c:1e:e8:7f:22:37:82:af:8f:63:d6:35:ec:29:73:bd:
55:4e:88:4a:13:05:5d:80:6a:bb:75:7a:6f:63:51:c0:8d:76:
be:02:e4:a3:6c:6f:dc:fa:99:86:f4:0d:17:cb:5c:1c:f4:2b:
c2:b9:3d:bd:20:ef:fb:7a:0e:11:c5:bf:4c:be:0d:80:5d:21:
b8:1b:6f:95:f1:0a:64:d6:b6:23:65:c3:67:c1:db:4f:bd:0c:
b9:4a:78:16
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZQmbHYe//lBbCWWRz4z9GbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGMxY2E1YWNhY2M3ZTQ5MThhNGNlNzE4OWEyNDA0ODA2ODI3NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7jrapf0cYPDcbiRW4CdO6igHsCD
YxFPg8hbaqDr78VZ/E/q+d8zbIUfi0qEp+gX8Tbo1MCgpG7WoWMkloC0xz7NXVJ2
rIjqCmayTm4c+Pty4F1irSVzFYT83xQbERSSfeRw/MLpIbpWmcWHrVK17dveBcRC
McKQ57r9gkbWDatCVssFTdy0eA99zptaCXW29F4M0xmwmVvSQ/aNTWJv6xIFgSYA
b9epi0yD+Tcd4DI/2Isi6O/LJNuCQgDTHIozKJ3zY/HHLf0HUvCXLONywVsCdYC/
8eGM0vFaDpt56WztsZ313GXUX1l9LMYbpcCbOn6rX1o0da3TLi64leeJ2QIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFOjBylrKzH5JGKTOcYmiQEgGgnV9MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvNk1IS1dzck1ma2tZcE01eGlhSkFTQWFDZFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBoBAIAATBiAwQAURbA
MAwDBAdXdYADBABXdYoDBAJXdYwwDAMEAVd1kgMEAVd1lAMEA1ndwAMEAFndzTAM
AwQEbawwAwQBbaw0AwQBbaxIAwQBbaxMMAwDBAFtrGYDBAJtrGgDBAFtrHYwFgQC
AAIwEAMGACoCJeAPAwYAKgIl4HcwDQYJKoZIhvcNAQELBQADggEBAJw45t44BKXp
luSVVHWkEdoqDZUGSFDPdYtRCLxftxm4MJO6lyyu5Ip2YpwyxphBigBCaKu01jKM
+S2+9ZJQSRx/KzQ6XEhAii1JFYmRMsEiq+6X6qyenRX8+bZCRzmfoduTmAeKveMt
aA1rySek8F8vFkbQeIVxVVHVqrTk7P6y1qFYWdYdOW0CnRel8Gh3XI0JaQ7sFvtS
ECfEXQxHBh3krQxSnB7ofyI3gq+PY9Y17ClzvVVOiEoTBV2Aart1em9jUcCNdr4C
5KNsb9z6mYb0DRfLXBz0K8K5Pb0g7/t6DhHFv0y+DYBdIbgbb5XxCmTWtiNlw2fB
20+9DLlKeBY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:01:36 2025 by rpki-client