Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/KXHEGdK0GaRLVe2VJfARdYyEZ2c.roa
File: KXHEGdK0GaRLVe2VJfARdYyEZ2c.roa (raw, json)
Hash identifier: r4f3OaDocxAMOdNEIRbJcrd3Vd8KzphMRU4TaGiCN5w=
Subject key identifier: 29:71:C4:19:D2:B4:19:A4:4B:55:ED:95:25:F0:11:75:8C:84:67:67
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 0193BA818E0BE782FDE04CC91B5C03AFBF1F
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/KXHEGdK0GaRLVe2VJfARdYyEZ2c.roa
Signing time: Thu 12 Dec 2024 10:54:32 +0000
ROA not before: Thu 12 Dec 2024 10:54:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204601
IP address blocks: 45.81.224.0/22 maxlen: 22
45.82.68.0/22 maxlen: 22
45.82.176.0/22 maxlen: 22
45.87.0.0/22 maxlen: 22
45.136.84.0/24 maxlen: 24
45.136.85.0/24 maxlen: 24
45.136.86.0/24 maxlen: 24
45.136.87.0/24 maxlen: 24
45.137.64.0/22 maxlen: 22
46.18.107.0/24 maxlen: 24
46.21.250.0/24 maxlen: 24
77.220.214.0/24 maxlen: 24
77.220.215.0/24 maxlen: 24
81.31.197.0/24 maxlen: 24
91.201.25.0/24 maxlen: 24
91.208.127.0/24 maxlen: 24
91.209.226.0/24 maxlen: 24
91.228.56.0/24 maxlen: 24
94.124.78.0/24 maxlen: 24
178.159.38.0/24 maxlen: 24
178.159.39.0/24 maxlen: 24
178.159.42.0/24 maxlen: 24
185.23.108.0/24 maxlen: 24
185.51.121.0/24 maxlen: 24
185.51.246.0/24 maxlen: 24
185.51.247.0/24 maxlen: 24
185.107.237.0/24 maxlen: 24
185.204.109.0/24 maxlen: 24
185.232.164.0/24 maxlen: 24
185.235.129.0/24 maxlen: 24
185.235.130.0/24 maxlen: 24
185.235.131.0/24 maxlen: 24
185.241.52.0/24 maxlen: 24
185.241.53.0/24 maxlen: 24
185.241.54.0/24 maxlen: 24
185.241.55.0/24 maxlen: 24
185.244.216.0/22 maxlen: 22
185.244.216.0/24 maxlen: 24
185.244.217.0/24 maxlen: 24
185.250.204.0/24 maxlen: 24
185.250.205.0/24 maxlen: 24
185.250.206.0/24 maxlen: 24
193.22.21.0/24 maxlen: 24
193.56.8.0/24 maxlen: 24
193.163.7.0/24 maxlen: 24
193.163.113.0/24 maxlen: 24
194.29.53.0/24 maxlen: 24
212.8.244.0/24 maxlen: 24
212.8.246.0/24 maxlen: 24
212.23.221.0/24 maxlen: 24
212.86.101.0/24 maxlen: 24
212.86.102.0/24 maxlen: 24
212.86.108.0/24 maxlen: 24
212.86.109.0/24 maxlen: 24
212.162.152.0/22 maxlen: 22
212.162.152.0/24 maxlen: 24
212.162.153.0/24 maxlen: 24
212.162.154.0/24 maxlen: 24
212.162.155.0/24 maxlen: 24
213.166.68.0/24 maxlen: 24
213.166.69.0/24 maxlen: 24
213.166.70.0/24 maxlen: 24
213.166.71.0/24 maxlen: 24
2a07:5980::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 12 Dec 2024 13:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:81:8e:0b:e7:82:fd:e0:4c:c9:1b:5c:03:af:bf:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: Dec 12 10:54:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2971c419d2b419a44b55ed9525f011758c846767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d5:2a:03:e0:69:cf:9f:a5:2f:c6:38:b8:9c:
45:ae:c7:21:75:50:c5:0d:a4:1e:18:b6:3a:00:f8:
eb:4e:a4:8b:d1:2a:71:97:5a:60:06:94:3f:b5:28:
1e:67:52:b9:02:e8:69:55:6b:79:49:4f:c6:5b:66:
21:08:eb:19:21:6f:11:2e:dd:8c:6f:e1:52:9e:a2:
00:59:d5:07:24:1c:03:18:4c:52:c7:cd:75:4f:fa:
aa:1f:e0:77:50:53:d4:c1:fa:06:8b:ca:4f:7b:e8:
ce:4c:8e:7b:a1:76:df:dc:f3:b5:a3:99:b7:79:48:
32:93:ad:61:db:d7:5a:75:02:5f:60:24:50:5d:72:
b4:c7:8b:93:9a:9d:cd:22:d0:88:22:92:53:e7:e8:
3d:51:98:a1:15:e5:2c:3e:dd:10:4d:f7:b8:5f:76:
4a:30:77:53:fb:64:f0:29:22:cf:f7:97:ea:2b:6e:
80:d3:50:f5:85:42:ad:79:9b:92:48:6e:cf:53:ae:
5f:c6:77:d5:c4:a2:52:bb:cc:3c:c6:41:3f:41:e0:
23:75:8f:35:1e:be:71:63:f9:be:61:99:ab:27:5a:
4d:ad:9c:e4:ba:9d:a2:03:28:3f:e7:d0:fe:2c:17:
5a:b1:59:72:cc:23:6c:cc:be:17:a7:f8:6f:45:0f:
26:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:71:C4:19:D2:B4:19:A4:4B:55:ED:95:25:F0:11:75:8C:84:67:67
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/KXHEGdK0GaRLVe2VJfARdYyEZ2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.224.0/22
45.82.68.0/22
45.82.176.0/22
45.87.0.0/22
45.136.84.0/22
45.137.64.0/22
46.18.107.0/24
46.21.250.0/24
77.220.214.0/23
81.31.197.0/24
91.201.25.0/24
91.208.127.0/24
91.209.226.0/24
91.228.56.0/24
94.124.78.0/24
178.159.38.0/23
178.159.42.0/24
185.23.108.0/24
185.51.121.0/24
185.51.246.0/23
185.107.237.0/24
185.204.109.0/24
185.232.164.0/24
185.235.129.0-185.235.131.255
185.241.52.0/22
185.244.216.0/22
185.250.204.0-185.250.206.255
193.22.21.0/24
193.56.8.0/24
193.163.7.0/24
193.163.113.0/24
194.29.53.0/24
212.8.244.0/24
212.8.246.0/24
212.23.221.0/24
212.86.101.0-212.86.102.255
212.86.108.0/23
212.162.152.0/22
213.166.68.0/22
IPv6:
2a07:5980::/29
Signature Algorithm: sha256WithRSAEncryption
6d:ec:0e:cf:d6:e4:b7:41:94:d3:4a:84:62:8a:77:6d:a6:45:
f3:9d:ca:ed:11:65:d9:1f:fb:dd:75:86:76:7b:ac:be:07:58:
21:34:e6:56:9a:0a:de:7f:7a:b0:81:a8:29:e3:61:96:8f:e7:
56:41:ac:c8:3f:c6:4c:b4:23:79:dc:87:57:3e:c4:e4:04:ed:
71:f0:5e:6b:f8:ad:c6:24:78:9c:cb:57:50:94:b8:0b:0f:e8:
c1:fc:19:8a:2e:58:34:00:3b:a8:b6:72:88:ed:0e:b4:d7:d4:
0a:9b:db:2c:3f:08:22:5e:9a:54:80:40:f4:cf:5b:d2:5e:a3:
2c:93:e4:e2:a9:4f:08:59:9e:c5:c7:78:ab:5a:d7:d4:a8:04:
1f:83:e1:f6:bd:9f:c2:75:4d:fa:56:49:d4:ab:17:3a:f1:92:
9b:cc:76:98:32:ba:24:43:bc:19:b8:46:b9:e3:aa:8d:81:8a:
ca:af:74:57:af:65:a5:48:fc:cc:3d:c3:5a:79:b9:83:53:db:
fd:05:f7:87:8f:32:b7:89:ec:53:7f:96:4f:43:37:ab:e4:20:
92:bd:12:cb:ed:b3:43:be:fb:3c:5f:68:71:3a:ca:fe:bf:61:
d3:2e:0e:21:1b:7f:fd:0b:f5:34:05:33:d0:b3:e5:ac:69:66:
12:c4:a6:b0
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgISAZO6gY4L54L94EzJG1wDr78fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjQxMjEyMTA1NDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTcxYzQxOWQyYjQxOWE0NGI1NWVkOTUyNWYwMTE3NThjODQ2NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdUqA+Bpz5+lL8Y4uJxFrschdVDF
DaQeGLY6APjrTqSL0Spxl1pgBpQ/tSgeZ1K5AuhpVWt5SU/GW2YhCOsZIW8RLt2M
b+FSnqIAWdUHJBwDGExSx811T/qqH+B3UFPUwfoGi8pPe+jOTI57oXbf3PO1o5m3
eUgyk61h29dadQJfYCRQXXK0x4uTmp3NItCIIpJT5+g9UZihFeUsPt0QTfe4X3ZK
MHdT+2TwKSLP95fqK26A01D1hUKteZuSSG7PU65fxnfVxKJSu8w8xkE/QeAjdY81
Hr5xY/m+YZmrJ1pNrZzkup2iAyg/59D+LBdasVlyzCNszL4Xp/hvRQ8mHQIDAQAB
o4IDHjCCAxowHQYDVR0OBBYEFClxxBnStBmkS1XtlSXwEXWMhGdnMB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvS1hIRUdkSzBHYVJMVmUyVkpmQVJkWXlFWjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMgYIKwYBBQUHAQcBAf8EggEhMIIBHTCCAQoEAgABMIIB
AgMEAi1R4AMEAi1SRAMEAi1SsAMEAi1XAAMEAi2IVAMEAi2JQAMEAC4SawMEAC4V
+gMEAU3c1gMEAFEfxQMEAFvJGQMEAFvQfwMEAFvR4gMEAFvkOAMEAF58TgMEAbKf
JgMEALKfKgMEALkXbAMEALkzeQMEAbkz9gMEALlr7QMEALnMbQMEALnopDAMAwQA
ueuBAwQCueuAAwQCufE0AwQCufTYMAwDBAK5+swDBAC5+s4DBADBFhUDBADBOAgD
BADBowcDBADBo3EDBADCHTUDBADUCPQDBADUCPYDBADUF90wDAMEANRWZQMEANRW
ZgMEAdRWbAMEAtSimAMEAtWmRDANBAIAAjAHAwUDKgdZgDANBgkqhkiG9w0BAQsF
AAOCAQEAbewOz9bkt0GU00qEYop3baZF853K7RFl2R/73XWGdnusvgdYITTmVpoK
3n96sIGoKeNhlo/nVkGsyD/GTLQjedyHVz7E5ATtcfBea/itxiR4nMtXUJS4Cw/o
wfwZii5YNAA7qLZyiO0OtNfUCpvbLD8IIl6aVIBA9M9b0l6jLJPk4qlPCFmexcd4
q1rX1KgEH4Ph9r2fwnVN+lZJ1KsXOvGSm8x2mDK6JEO8GbhGueOqjYGKyq90V69l
pUj8zD3DWnm5g1Pb/QX3h48yt4nsU3+WT0M3q+Qgkr0Sy+2zQ777PF9ocTrK/r9h
0y4OIRt//Qv1NAUz0LPlrGlmEsSmsA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:34:10 2025 by rpki-client