Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/rMUgC4MCquJg4wcP07iyTk0NYg4.roa
File: rMUgC4MCquJg4wcP07iyTk0NYg4.roa (raw, json)
Hash identifier: 31N+i2McVlx1dEP775HvKQy1Mnm5q66YYiODJ0buErc=
Subject key identifier: AC:C5:20:0B:83:02:AA:E2:60:E3:07:0F:D3:B8:B2:4E:4D:0D:62:0E
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0194CC13269C76143EDFDDDBB6B1A755379B
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/rMUgC4MCquJg4wcP07iyTk0NYg4.roa
Signing time: Mon 03 Feb 2025 13:49:54 +0000
ROA not before: Mon 03 Feb 2025 13:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Feb 2025 11:39:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:13:26:9c:76:14:3e:df:dd:db:b6:b1:a7:55:37:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Feb 3 13:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acc5200b8302aae260e3070fd3b8b24e4d0d620e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a4:78:fe:41:b6:5b:90:5b:8b:14:d8:97:19:
a5:08:55:03:97:a5:fd:d5:01:b6:51:a5:8b:bd:30:
d4:1b:cf:7d:7a:b5:1f:eb:94:4f:63:4c:cc:14:a3:
9b:b2:53:ce:65:76:90:27:8f:25:15:8e:1f:2c:3a:
51:a8:6d:34:0a:30:6b:32:19:a0:0e:db:da:c7:ed:
e6:21:f8:75:74:84:3c:ab:cd:ab:9e:23:33:9e:90:
7b:db:72:19:54:75:64:bf:b7:3d:bd:28:ca:b1:56:
0c:87:9e:70:5a:6c:79:69:21:fe:08:33:16:bc:dc:
f8:d8:4e:76:d0:0f:4c:b2:d5:c9:92:9e:cf:e0:43:
7d:09:b8:dd:82:19:e3:f0:ec:ce:d6:75:1b:c8:23:
3f:90:0d:69:60:8b:f5:a8:35:81:70:d5:6c:a9:9d:
c2:15:ab:3d:22:0d:b5:06:4e:eb:b3:aa:48:7c:5e:
f6:74:dc:fe:27:90:26:c9:09:a4:de:35:da:47:54:
5c:81:98:dd:85:08:92:7c:dd:2a:0f:22:6f:bc:4d:
a0:a7:97:81:19:c4:4f:6b:b3:46:49:00:cf:23:18:
8a:13:c9:5c:5e:2c:1e:67:ab:b8:92:1d:96:b3:1d:
f2:a7:df:4a:3d:18:5e:3d:ed:e5:13:1e:63:7f:d0:
ea:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C5:20:0B:83:02:AA:E2:60:E3:07:0F:D3:B8:B2:4E:4D:0D:62:0E
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/rMUgC4MCquJg4wcP07iyTk0NYg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:2a:f6:05:be:14:11:d1:45:d1:b9:53:91:0c:43:cc:74:d0:
83:3a:e2:85:e1:85:c6:2b:15:89:41:1d:98:fb:d7:da:ad:a0:
9d:da:91:1f:3e:41:c2:9e:bb:a7:b0:1f:d9:b6:30:0f:df:c1:
a1:89:3e:8a:16:70:96:b0:89:a0:4b:2f:0f:cf:db:d6:6f:1a:
e3:9b:c3:93:0b:01:4e:af:04:40:03:ca:63:b5:5d:61:24:4f:
ca:9f:c9:ce:66:aa:2e:5f:bd:69:b4:c6:0b:5e:76:a1:fc:c8:
7c:fe:c3:80:73:ab:96:00:2c:95:75:18:e3:1f:03:18:5c:4c:
e8:47:9b:31:3f:c4:17:3b:d1:53:a7:c1:83:52:da:dd:ad:e5:
5e:8b:c9:b0:fd:71:08:ce:63:fd:41:0c:5a:d7:0a:4d:6a:cb:
37:d3:25:a9:35:16:8d:a6:0c:76:ed:71:7f:e0:7b:9e:36:e3:
e3:20:fb:bd:d6:57:2f:d2:9e:69:e3:67:fc:35:7d:e4:c4:ca:
c1:3a:f6:ba:75:cd:61:96:86:3f:3f:f8:06:57:70:46:39:d8:
68:d3:03:68:88:09:a9:49:5c:91:e9:68:5a:e3:12:8e:44:89:
61:9d:2c:15:03:ee:6b:72:e4:39:7f:71:ca:5e:04:19:85:68:
9f:a5:55:4e
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZTMEyacdhQ+393btrGnVTebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMjAzMTM0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M1MjAwYjgzMDJhYWUyNjBlMzA3MGZkM2I4YjI0ZTRkMGQ2MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6R4/kG2W5BbixTYlxmlCFUDl6X9
1QG2UaWLvTDUG899erUf65RPY0zMFKObslPOZXaQJ48lFY4fLDpRqG00CjBrMhmg
Dtvax+3mIfh1dIQ8q82rniMznpB723IZVHVkv7c9vSjKsVYMh55wWmx5aSH+CDMW
vNz42E520A9MstXJkp7P4EN9Cbjdghnj8OzO1nUbyCM/kA1pYIv1qDWBcNVsqZ3C
Fas9Ig21Bk7rs6pIfF72dNz+J5AmyQmk3jXaR1RcgZjdhQiSfN0qDyJvvE2gp5eB
GcRPa7NGSQDPIxiKE8lcXiweZ6u4kh2Wsx3yp99KPRhePe3lEx5jf9Dq6QIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFKzFIAuDAqriYOMHD9O4sk5NDWIOMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvck1VZ0M0TUNxdUpnNHdjUDA3aXlUazBOWWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgYQEAgABMH4DBAIC
OKQDBAAFtjADBAItURQDBAItjNwDBAJNU/ADBABObNkDBAJTj3QDBAJVyqADBAJZ
vpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uADBADBHx4DBALB
IkwDBALB3cADBALCMhADBALCOOADBALUawwwcQQCAAIwawMHBCoLC4IAADAPAwUC
KgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//SAwcAKgsLh//a
AwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQMqDXfAMA0G
CSqGSIb3DQEBCwUAA4IBAQCOKvYFvhQR0UXRuVORDEPMdNCDOuKF4YXGKxWJQR2Y
+9faraCd2pEfPkHCnrunsB/ZtjAP38GhiT6KFnCWsImgSy8Pz9vWbxrjm8OTCwFO
rwRAA8pjtV1hJE/Kn8nOZqouX71ptMYLXnah/Mh8/sOAc6uWACyVdRjjHwMYXEzo
R5sxP8QXO9FTp8GDUtrdreVei8mw/XEIzmP9QQxa1wpNass30yWpNRaNpgx27XF/
4HueNuPjIPu91lcv0p5p42f8NX3kxMrBOva6dc1hloY/P/gGV3BGOdho0wNoiAmp
SVyR6Wha4xKORIlhnSwVA+5rcuQ5f3HKXgQZhWifpVVO
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:13:01 2025 by rpki-client