Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/x9S-A2ro9z8poFAiCAssjGU7WYA.roa
File: x9S-A2ro9z8poFAiCAssjGU7WYA.roa (raw, json)
Hash identifier: y3afHcmsSkWNYNY1RNnAqKVig97tEPRvV2MdXHsrP3o=
Subject key identifier: C7:D4:BE:03:6A:E8:F7:3F:29:A0:50:22:08:0B:2C:8C:65:3B:59:80
Certificate issuer: /CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Certificate serial: 019423D746F886FE411986CD35C3724BCC9D
Authority key identifier: F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/x9S-A2ro9z8poFAiCAssjGU7WYA.roa
Signing time: Wed 01 Jan 2025 21:48:18 +0000
ROA not before: Wed 01 Jan 2025 21:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200924
IP address blocks: 5.182.107.0/24 maxlen: 24
31.14.29.0/24 maxlen: 24
31.14.30.0/24 maxlen: 24
46.102.102.0/24 maxlen: 24
80.208.255.0/24 maxlen: 24
85.204.37.0/24 maxlen: 24
94.177.133.0/24 maxlen: 24
103.197.8.0/22 maxlen: 22
103.214.180.0/22 maxlen: 22
178.157.95.0/24 maxlen: 24
185.11.16.0/22 maxlen: 22
185.11.16.0/23 maxlen: 23
185.11.18.0/23 maxlen: 23
185.36.112.0/22 maxlen: 22
185.186.116.0/22 maxlen: 22
185.207.240.0/22 maxlen: 22
195.5.96.0/23 maxlen: 23
195.181.254.0/24 maxlen: 24
195.192.252.0/24 maxlen: 24
212.103.52.0/22 maxlen: 22
212.237.254.0/24 maxlen: 24
217.61.255.0/24 maxlen: 24
2a03:4f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Feb 2025 13:15:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:46:f8:86:fe:41:19:86:cd:35:c3:72:4b:cc:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Validity
Not Before: Jan 1 21:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7d4be036ae8f73f29a05022080b2c8c653b5980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:48:cc:bc:85:61:07:8d:1c:ba:62:30:2e:1c:
e6:e7:e3:df:24:73:0e:6f:9b:f4:29:cb:64:d6:f0:
67:89:75:af:12:c4:df:62:db:94:d1:73:e6:51:bd:
44:c0:b0:60:a7:85:93:53:62:f1:ad:39:3b:b1:01:
53:ca:c2:1a:a2:8f:d7:6d:72:f2:63:10:33:57:11:
77:27:fb:81:0b:2f:33:c6:08:cf:40:49:8c:a4:c6:
31:1f:21:09:9a:60:e3:1a:0e:9b:20:0b:89:e4:42:
ab:6e:14:9e:bc:96:ad:5b:09:1d:03:10:91:af:e8:
3c:28:ae:76:de:db:f0:bf:8b:e1:87:82:4d:25:82:
aa:9e:f1:ac:73:59:0b:e7:0a:23:46:65:15:6f:69:
64:63:5b:c4:e1:d4:91:88:18:5d:42:89:ee:1e:be:
99:39:62:0f:06:d1:ac:7b:3e:00:79:d0:d5:b1:d3:
31:e6:57:35:b2:8c:6b:0a:d7:45:df:36:6f:e2:4e:
f0:2f:70:6f:78:a5:b9:bb:6f:1b:ee:ec:6f:06:06:
81:3f:f3:25:b4:cf:47:90:4c:6a:62:f1:3d:41:81:
b5:a9:52:75:d7:26:b9:b5:48:23:c4:04:b7:9b:5a:
31:54:c2:82:6c:43:b1:19:0f:20:0a:66:19:2f:ba:
94:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D4:BE:03:6A:E8:F7:3F:29:A0:50:22:08:0B:2C:8C:65:3B:59:80
X509v3 Authority Key Identifier:
keyid:F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/x9S-A2ro9z8poFAiCAssjGU7WYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.107.0/24
31.14.29.0-31.14.30.255
46.102.102.0/24
80.208.255.0/24
85.204.37.0/24
94.177.133.0/24
103.197.8.0/22
103.214.180.0/22
178.157.95.0/24
185.11.16.0/22
185.36.112.0/22
185.186.116.0/22
185.207.240.0/22
195.5.96.0/23
195.181.254.0/24
195.192.252.0/24
212.103.52.0/22
212.237.254.0/24
217.61.255.0/24
IPv6:
2a03:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
79:94:cb:84:90:da:a0:e2:27:6e:d0:d1:e4:cd:a0:38:32:01:
3d:10:ce:03:93:06:90:e5:63:cf:1e:94:b1:63:37:c7:f9:16:
6f:55:37:01:8a:18:2f:c6:59:b8:66:49:a9:c8:c2:3c:fa:15:
d0:a8:ad:26:2a:48:c6:db:84:9e:da:8b:1d:0c:b4:00:05:8a:
34:4c:80:32:38:d4:1d:81:cf:32:0b:63:8d:72:5d:5e:32:47:
03:75:27:10:6c:f4:9e:01:ff:19:86:96:c9:c3:6c:41:2e:69:
67:bd:3b:32:f4:7e:16:67:f2:c6:97:7e:09:7f:57:aa:83:cf:
a1:4f:64:ce:8e:13:91:cd:94:82:b0:3c:26:6e:33:8d:32:21:
9c:0b:d7:df:e2:14:ff:d2:9c:1b:bd:59:2c:3a:e2:02:02:9f:
28:67:3c:0e:50:4f:78:67:04:99:3a:a9:96:3a:55:36:2d:ec:
87:98:39:b4:c4:4d:fe:a0:15:69:b2:ab:5c:dc:c4:48:3d:5c:
a5:38:b6:7b:7b:fa:b4:8c:d4:93:8a:1d:da:31:d4:12:f5:fe:
6c:14:11:e6:96:64:22:5f:9a:02:06:c4:57:20:f2:53:e7:3b:
9e:e6:52:1d:e7:79:e1:80:c2:55:fe:fa:65:5f:9d:83:19:dc:
0c:c4:c0:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZQj10b4hv5BGYbNNcNyS8ydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjE0ZWQxMjRmOWEyZjNkZWFiMTAwNmYxODRjZjRmYjgw
YTNhZWMwHhcNMjUwMTAxMjE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Q0YmUwMzZhZThmNzNmMjlhMDUwMjIwODBiMmM4YzY1M2I1OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUjMvIVhB40cumIwLhzm5+PfJHMO
b5v0Kctk1vBniXWvEsTfYtuU0XPmUb1EwLBgp4WTU2LxrTk7sQFTysIaoo/XbXLy
YxAzVxF3J/uBCy8zxgjPQEmMpMYxHyEJmmDjGg6bIAuJ5EKrbhSevJatWwkdAxCR
r+g8KK523tvwv4vhh4JNJYKqnvGsc1kL5wojRmUVb2lkY1vE4dSRiBhdQonuHr6Z
OWIPBtGsez4AedDVsdMx5lc1soxrCtdF3zZv4k7wL3BveKW5u28b7uxvBgaBP/Ml
tM9HkExqYvE9QYG1qVJ11ya5tUgjxAS3m1oxVMKCbEOxGQ8gCmYZL7qU5wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFMfUvgNq6Pc/KaBQIggLLIxlO1mAMB8GA1UdIwQY
MBaAFPDxTtEk+aLz3qsQBvGEz0+4CjrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQt
NDM2MTJlN2Q5Y2MxLzEveDlTLUEycm85ejhwb0ZBaUNBc3NqR1U3V1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQtNDM2MTJlN2Q5Y2Mx
LzEvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEAAW2
azAMAwQAHw4dAwQAHw4eAwQALmZmAwQAUND/AwQAVcwlAwQAXrGFAwQCZ8UIAwQC
Z9a0AwQAsp1fAwQCuQsQAwQCuSRwAwQCubp0AwQCuc/wAwQBwwVgAwQAw7X+AwQA
w8D8AwQC1Gc0AwQA1O3+AwQA2T3/MA0EAgACMAcDBQAqA09AMA0GCSqGSIb3DQEB
CwUAA4IBAQB5lMuEkNqg4idu0NHkzaA4MgE9EM4DkwaQ5WPPHpSxYzfH+RZvVTcB
ihgvxlm4ZkmpyMI8+hXQqK0mKkjG24Se2osdDLQABYo0TIAyONQdgc8yC2ONcl1e
MkcDdScQbPSeAf8ZhpbJw2xBLmlnvTsy9H4WZ/LGl34Jf1eqg8+hT2TOjhORzZSC
sDwmbjONMiGcC9ff4hT/0pwbvVksOuICAp8oZzwOUE94ZwSZOqmWOlU2LeyHmDm0
xE3+oBVpsqtc3MRIPVylOLZ7e/q0jNSTih3aMdQS9f5sFBHmlmQiX5oCBsRXIPJT
5zue5lId53nhgMJV/vplX52DGdwMxMBY
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:26:53 2025 by rpki-client