Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/M9GnzaeJ-eDwVF0tQ0vRLcHGESw.roa
File: M9GnzaeJ-eDwVF0tQ0vRLcHGESw.roa (raw, json)
Hash identifier: kc53nQxq8dN3fkol6EVdwslGhXa2bfrqAwFUOQkuGP4=
Subject key identifier: 33:D1:A7:CD:A7:89:F9:E0:F0:54:5D:2D:43:4B:D1:2D:C1:C6:11:2C
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 01943CB40894668F6D82B24126DA0A4E5472
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/M9GnzaeJ-eDwVF0tQ0vRLcHGESw.roa
Signing time: Mon 06 Jan 2025 17:40:18 +0000
ROA not before: Mon 06 Jan 2025 17:40:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8359
IP address blocks: 5.144.96.0/19 maxlen: 19
31.40.112.0/20 maxlen: 20
37.208.120.0/21 maxlen: 21
62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
79.171.115.0/24 maxlen: 24
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
92.43.184.0/21 maxlen: 21
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
95.153.136.0/22 maxlen: 22
95.169.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
178.159.16.0/20 maxlen: 20
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
212.188.1.0/24 maxlen: 24
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.98.0/23 maxlen: 23
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.210.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa1::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 06 Jan 2025 18:44:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:b4:08:94:66:8f:6d:82:b2:41:26:da:0a:4e:54:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 6 17:40:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33d1a7cda789f9e0f0545d2d434bd12dc1c6112c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:d7:b7:61:fd:a4:fa:83:62:c7:58:a9:8b:
22:5c:4e:b7:87:4d:a4:eb:04:c5:e7:3d:7d:e5:ff:
59:55:1b:42:59:d2:8f:ef:59:2e:6d:6f:a6:1d:43:
b8:90:5c:ce:81:d9:25:19:96:6a:be:ff:4a:f9:71:
78:46:a6:65:c4:99:25:e1:88:49:13:31:4b:cd:35:
54:24:e1:52:61:b1:60:b2:7d:0b:42:90:4a:9c:05:
75:d4:e0:13:7a:1f:3d:9f:35:4c:07:d8:e6:da:ff:
23:07:8c:84:d0:58:51:22:00:7e:4a:14:9f:9b:95:
0c:35:69:47:ff:2a:05:92:a6:7f:8e:05:e3:4d:8c:
be:aa:28:02:1f:dc:33:ec:46:c4:bb:5f:56:dd:5b:
eb:3c:78:30:b3:40:dd:79:9a:8c:06:6d:25:49:f7:
c7:e0:94:26:78:d1:18:bb:a4:3b:03:a0:20:10:ad:
34:00:11:ef:3a:ba:8c:9e:ae:82:4b:a0:a5:92:b6:
40:45:c0:27:67:d5:7d:22:50:56:ee:e3:42:56:fd:
ad:18:74:3f:9e:80:2e:97:d1:40:ec:a3:a5:11:d8:
06:8d:55:ad:c8:07:e4:35:83:36:94:a3:1b:0f:f7:
cd:e4:92:e3:08:66:30:83:21:d6:d1:2a:94:e6:21:
05:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D1:A7:CD:A7:89:F9:E0:F0:54:5D:2D:43:4B:D1:2D:C1:C6:11:2C
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/M9GnzaeJ-eDwVF0tQ0vRLcHGESw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.96.0/19
31.40.112.0/20
37.208.120.0/21
62.118.0.0/16
62.168.224.0/19
79.171.115.0/24
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
92.43.184.0/21
93.90.224.0/20
94.140.128.0/19
95.153.136.0/22
95.169.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
178.159.16.0/20
185.168.236.0/22
193.104.128.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
41:87:9a:3b:6d:bd:2e:2b:67:bd:df:1e:03:63:13:c9:05:ec:
d8:98:4d:e4:e7:33:73:b5:de:b3:89:90:94:cd:92:89:02:9d:
0f:6c:06:4e:6f:e4:17:04:56:79:ab:78:fb:dc:cd:78:13:58:
c2:8a:11:82:db:af:37:ad:9c:e4:e0:d3:c1:56:0b:02:99:84:
01:e5:34:94:c8:94:08:21:62:8a:41:c1:b7:9d:b1:bd:70:9d:
60:12:68:1a:d4:f4:bc:01:67:d3:dc:10:b7:ba:7d:4d:19:8e:
d0:30:77:ed:ee:82:0f:92:56:85:38:99:71:67:47:76:8b:d0:
2d:bc:67:fc:9f:b2:41:8e:85:36:7b:5c:9f:45:18:c6:06:65:
47:c2:97:fa:88:82:e9:17:38:e1:b2:bc:b9:2a:f6:89:9c:fe:
69:34:48:3b:c0:d2:46:f1:65:e9:8f:e4:c0:c4:60:69:92:e2:
cc:62:da:e7:fe:c4:ea:56:ca:90:f9:8a:de:ef:66:be:f4:4d:
b4:80:bb:69:7e:29:fb:25:af:71:36:19:e8:0e:0c:0e:52:a7:
33:fa:27:5b:4a:7f:3c:01:7f:6a:11:b8:42:c6:2e:0b:81:9a:
6c:14:ff:1a:01:89:93:f3:d9:d2:6c:af:d6:04:c0:08:be:7b:
c5:6e:5c:ae
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAZQ8tAiUZo9tgrJBJtoKTlRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTA2MTc0MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QxYTdjZGE3ODlmOWUwZjA1NDVkMmQ0MzRiZDEyZGMxYzYxMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfHXt2H9pPqDYsdYqYsiXE63h02k
6wTF5z195f9ZVRtCWdKP71kubW+mHUO4kFzOgdklGZZqvv9K+XF4RqZlxJkl4YhJ
EzFLzTVUJOFSYbFgsn0LQpBKnAV11OATeh89nzVMB9jm2v8jB4yE0FhRIgB+ShSf
m5UMNWlH/yoFkqZ/jgXjTYy+qigCH9wz7EbEu19W3VvrPHgws0DdeZqMBm0lSffH
4JQmeNEYu6Q7A6AgEK00ABHvOrqMnq6CS6ClkrZARcAnZ9V9IlBW7uNCVv2tGHQ/
noAul9FA7KOlEdgGjVWtyAfkNYM2lKMbD/fN5JLjCGYwgyHW0SqU5iEFUwIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFDPRp82nifng8FRdLUNL0S3BxhEsMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvTTlHbnphZUotZUR3VkYwdFEwdlJMY0hHRVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zCB0gQCAAEwgcsDBAUF
kGADBAQfKHADBAMl0HgDAwA+dgMEBT6o4AMEAE+rcwMEAFBT7QMEBVFbIAMDAFHD
AwQGUmDAAwMAU+0DAwFVjAMEBVXrIAMDAFmvAwMCW0wDBANcK7gDBARdWuADBAVe
jIADBAJfmYgDBAVfqYADBAVtxuADBAONaRgDBACw3hEDAwCyjQMEB7KbAAMEBLKf
EAMEArmo7AMEAMFogAMEBsMiAAMEB9S8AAMDANVXAwQF1ZMgAwQC1bDkMAsDBALZ
SvQDAwDZSjAUBAIAAjAOAwUDKgAfoAMFAyoCACgwDQYJKoZIhvcNAQELBQADggEB
AEGHmjttvS4rZ73fHgNjE8kF7NiYTeTnM3O13rOJkJTNkokCnQ9sBk5v5BcEVnmr
ePvczXgTWMKKEYLbrzetnOTg08FWCwKZhAHlNJTIlAghYopBwbedsb1wnWASaBrU
9LwBZ9PcELe6fU0ZjtAwd+3ugg+SVoU4mXFnR3aL0C28Z/yfskGOhTZ7XJ9FGMYG
ZUfCl/qIgukXOOGyvLkq9omc/mk0SDvA0kbxZemP5MDEYGmS4sxi2uf+xOpWypD5
it7vZr70TbSAu2l+Kfslr3E2GegODA5SpzP6J1tKfzwBf2oRuELGLguBmmwU/xoB
iZPz2dJsr9YEwAi+e8VuXK4=
-----END CERTIFICATE-----
Generated at Thu May 1 02:54:55 2025 by rpki-client