Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/sgNXpb1vFLr1R_7JYiO2MpT-kVo.roa
File: sgNXpb1vFLr1R_7JYiO2MpT-kVo.roa (raw, json)
Hash identifier: KEZUUfmtyUTRFRTkQHAvqiLzIavWXb65LpShJisCewM=
Subject key identifier: B2:03:57:A5:BD:6F:14:BA:F5:47:FE:C9:62:23:B6:32:94:FE:91:5A
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 01914036CCDBA683416C1DC632E2B3912F73
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/sgNXpb1vFLr1R_7JYiO2MpT-kVo.roa
Signing time: Sun 11 Aug 2024 06:53:38 +0000
ROA not before: Sun 11 Aug 2024 06:53:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34397
IP address blocks: 79.172.128.0/18 maxlen: 18
85.129.128.0/17 maxlen: 17
85.129.164.0/22 maxlen: 22
88.213.0.0/18 maxlen: 18
88.213.6.0/24 maxlen: 24
88.213.64.0/18 maxlen: 18
88.213.64.0/21 maxlen: 21
88.213.72.0/21 maxlen: 21
88.213.78.0/24 maxlen: 24
88.213.126.0/23 maxlen: 23
89.4.0.0/15 maxlen: 15
89.5.220.0/23 maxlen: 23
89.5.220.0/24 maxlen: 24
93.98.0.0/16 maxlen: 16
93.98.127.0/24 maxlen: 24
212.71.32.0/19 maxlen: 19
212.71.32.0/24 maxlen: 24
212.71.33.0/24 maxlen: 24
212.71.35.0/24 maxlen: 24
212.71.37.0/24 maxlen: 24
212.71.41.0/24 maxlen: 24
212.71.42.0/24 maxlen: 24
212.71.51.0/24 maxlen: 24
212.71.53.0/24 maxlen: 24
212.107.96.0/19 maxlen: 19
212.107.97.0/24 maxlen: 24
212.107.99.0/24 maxlen: 24
212.107.103.0/24 maxlen: 24
212.107.105.0/24 maxlen: 24
212.107.106.0/24 maxlen: 24
212.118.96.0/19 maxlen: 19
212.118.100.0/24 maxlen: 24
212.118.102.0/24 maxlen: 24
212.118.106.0/24 maxlen: 24
212.118.107.0/24 maxlen: 24
212.118.108.0/22 maxlen: 22
212.118.115.0/24 maxlen: 24
212.118.117.0/24 maxlen: 24
212.118.119.0/24 maxlen: 24
212.118.122.0/24 maxlen: 24
212.118.124.0/24 maxlen: 24
212.119.64.0/20 maxlen: 20
212.119.64.0/24 maxlen: 24
212.119.69.0/24 maxlen: 24
212.119.74.0/24 maxlen: 24
212.119.80.0/21 maxlen: 21
212.119.81.0/24 maxlen: 24
212.119.82.0/24 maxlen: 24
212.119.88.0/22 maxlen: 22
212.119.92.0/23 maxlen: 23
212.119.92.0/24 maxlen: 24
212.119.93.0/24 maxlen: 24
213.181.160.0/19 maxlen: 19
213.181.190.0/24 maxlen: 24
213.210.192.0/18 maxlen: 18
213.210.195.0/24 maxlen: 24
213.210.196.0/24 maxlen: 24
213.210.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 08:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:40:36:cc:db:a6:83:41:6c:1d:c6:32:e2:b3:91:2f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Aug 11 06:53:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b20357a5bd6f14baf547fec96223b63294fe915a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7b:28:0e:3d:87:98:8c:5a:a3:32:be:f4:6c:
e8:81:b5:d4:96:8a:9c:52:ec:11:f3:46:22:1d:53:
a8:88:02:c0:de:6b:a4:f6:a1:0d:cd:f4:a3:4b:54:
de:8a:3f:6e:30:7b:7e:34:9e:f9:9a:f6:25:32:a6:
dc:b0:15:c5:f5:00:0c:39:02:f1:cb:ce:2e:b0:33:
82:92:e5:84:c9:16:93:39:7f:cf:e8:63:82:1e:43:
d5:0b:37:ae:ab:d8:c6:ad:25:da:c4:7b:8f:8c:a9:
d4:bc:0b:ad:c5:14:0f:db:36:ac:9c:2f:55:56:50:
c8:c3:99:18:da:ea:3c:a0:2d:cc:bc:06:0f:7a:23:
f7:73:a6:9b:0e:e4:c8:40:84:f0:69:80:c4:25:42:
81:96:92:2f:62:f7:b8:37:e4:d0:d6:76:fd:ff:76:
5b:4c:b8:e2:91:b8:8a:2b:89:eb:29:3f:20:1e:65:
0e:fc:fa:7e:6d:6f:96:0c:36:3e:74:be:42:96:c8:
27:ca:4e:7a:7c:60:ea:c2:57:93:b2:9c:93:96:9b:
0a:59:9b:6a:53:35:b6:84:d3:c8:60:8c:62:9b:87:
14:91:0a:8a:79:9e:a6:43:ee:e0:15:b6:1b:04:06:
04:c2:99:64:a7:57:64:5b:d7:91:58:be:49:dd:9d:
4e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:03:57:A5:BD:6F:14:BA:F5:47:FE:C9:62:23:B6:32:94:FE:91:5A
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/sgNXpb1vFLr1R_7JYiO2MpT-kVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.128.0/18
85.129.128.0/17
88.213.0.0/17
89.4.0.0/15
93.98.0.0/16
212.71.32.0/19
212.107.96.0/19
212.118.96.0/19
212.119.64.0-212.119.93.255
213.181.160.0/19
213.210.192.0/18
Signature Algorithm: sha256WithRSAEncryption
3d:a3:46:e2:38:82:44:d6:e4:78:5b:b5:a4:79:c6:2f:0e:28:
b1:dc:78:af:41:8a:eb:1e:36:95:a5:7c:5f:f6:39:42:8a:d8:
75:be:8d:4d:9d:97:a1:1f:77:45:2b:af:2f:a2:c6:bc:3d:51:
84:b3:99:20:d8:aa:c6:b5:ec:26:36:57:7a:51:27:a7:b9:63:
50:2a:fb:d4:b0:49:d3:af:d2:17:cb:43:1b:a4:4f:2d:d7:ed:
d4:80:f5:7f:14:9a:1e:3f:49:dc:7f:94:ad:cb:b5:58:2e:14:
97:41:02:06:66:5f:bd:98:60:bc:8c:8c:83:d1:06:32:42:9c:
a1:a6:8a:3f:0e:64:4e:2c:c9:2b:4f:a3:90:cf:4f:fc:d5:26:
0c:05:56:23:45:be:3d:b7:ed:da:68:08:f3:89:7b:c9:a2:4d:
db:a6:2a:90:d8:74:56:33:10:33:05:04:82:f8:e5:1b:bd:de:
60:f5:94:42:67:0d:9c:c1:5b:cf:22:f4:f2:62:4f:77:80:70:
a8:25:9e:a0:d9:aa:8e:93:12:1d:42:65:73:e3:80:46:3f:18:
fd:c8:dd:b7:c3:5d:dd:3f:07:17:32:30:60:f6:36:4e:ef:b0:
a3:b6:40:a9:88:29:ff:9a:86:cc:7c:ff:8a:84:b4:12:60:fa:
62:b7:59:70
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZFANszbpoNBbB3GMuKzkS9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjQwODExMDY1MzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjAzNTdhNWJkNmYxNGJhZjU0N2ZlYzk2MjIzYjYzMjk0ZmU5MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHsoDj2HmIxaozK+9GzogbXUloqc
UuwR80YiHVOoiALA3muk9qENzfSjS1Teij9uMHt+NJ75mvYlMqbcsBXF9QAMOQLx
y84usDOCkuWEyRaTOX/P6GOCHkPVCzeuq9jGrSXaxHuPjKnUvAutxRQP2zasnC9V
VlDIw5kY2uo8oC3MvAYPeiP3c6abDuTIQITwaYDEJUKBlpIvYve4N+TQ1nb9/3Zb
TLjikbiKK4nrKT8gHmUO/Pp+bW+WDDY+dL5Clsgnyk56fGDqwleTspyTlpsKWZtq
UzW2hNPIYIxim4cUkQqKeZ6mQ+7gFbYbBAYEwplkp1dkW9eRWL5J3Z1OtQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLIDV6W9bxS69Uf+yWIjtjKU/pFaMB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvc2dOWHBiMXZGTHIxUl83SllpTzJNcFQta1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQGT6yAAwQH
VYGAAwQHWNUAAwMBWQQDAwBdYgMEBdRHIAMEBdRrYAMEBdR2YDAMAwQG1HdAAwQB
1HdcAwQF1bWgAwQG1dLAMA0GCSqGSIb3DQEBCwUAA4IBAQA9o0biOIJE1uR4W7Wk
ecYvDiix3HivQYrrHjaVpXxf9jlCith1vo1NnZehH3dFK68vosa8PVGEs5kg2KrG
tewmNld6USenuWNQKvvUsEnTr9IXy0MbpE8t1+3UgPV/FJoeP0ncf5Sty7VYLhSX
QQIGZl+9mGC8jIyD0QYyQpyhpoo/DmROLMkrT6OQz0/81SYMBVYjRb49t+3aaAjz
iXvJok3bpiqQ2HRWMxAzBQSC+OUbvd5g9ZRCZw2cwVvPIvTyYk93gHCoJZ6g2aqO
kxIdQmVz44BGPxj9yN23w13dPwcXMjBg9jZO77CjtkCpiCn/mobMfP+KhLQSYPpi
t1lw
-----END CERTIFICATE-----
Generated at Fri May 2 23:21:41 2025 by rpki-client