Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/OU3RTj9olOzYPTeIWlpateYuT1I.roa
File: OU3RTj9olOzYPTeIWlpateYuT1I.roa (raw, json)
Hash identifier: rKkSJNu5ENPH+5cfHvhUbTuhSMQT8gL0OmrB2QiKnPU=
Subject key identifier: 39:4D:D1:4E:3F:68:94:EC:D8:3D:37:88:5A:5A:5A:B5:E6:2E:4F:52
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 0191B1D5C5956E52D1A188722CA406315ECE
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/OU3RTj9olOzYPTeIWlpateYuT1I.roa
Signing time: Mon 02 Sep 2024 08:24:22 +0000
ROA not before: Mon 02 Sep 2024 08:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41937
IP address blocks: 5.134.104.0/21 maxlen: 24
46.235.96.0/21 maxlen: 21
46.235.96.0/22 maxlen: 22
46.235.96.0/23 maxlen: 23
46.235.96.0/24 maxlen: 24
46.235.97.0/24 maxlen: 24
46.235.98.0/23 maxlen: 23
46.235.98.0/24 maxlen: 24
46.235.99.0/24 maxlen: 24
46.235.100.0/22 maxlen: 22
46.235.100.0/23 maxlen: 23
46.235.100.0/24 maxlen: 24
46.235.101.0/24 maxlen: 24
46.235.102.0/23 maxlen: 23
46.235.102.0/24 maxlen: 24
46.235.103.0/24 maxlen: 24
62.240.24.0/21 maxlen: 24
91.185.96.0/19 maxlen: 24
91.204.52.0/22 maxlen: 24
109.94.228.0/22 maxlen: 24
109.94.232.0/21 maxlen: 24
109.122.64.0/18 maxlen: 24
109.198.0.0/19 maxlen: 24
178.237.208.0/20 maxlen: 20
178.237.216.0/22 maxlen: 22
178.237.216.0/23 maxlen: 23
178.237.216.0/24 maxlen: 24
178.237.217.0/24 maxlen: 24
178.237.218.0/23 maxlen: 23
178.237.218.0/24 maxlen: 24
178.237.219.0/24 maxlen: 24
178.237.220.0/22 maxlen: 22
178.237.220.0/23 maxlen: 23
178.237.220.0/24 maxlen: 24
178.237.221.0/24 maxlen: 24
178.237.222.0/23 maxlen: 23
178.237.222.0/24 maxlen: 24
178.237.223.0/24 maxlen: 24
178.250.136.0/21 maxlen: 24
185.10.140.0/22 maxlen: 24
185.26.172.0/22 maxlen: 24
185.34.92.0/22 maxlen: 24
185.103.136.0/22 maxlen: 24
185.112.20.0/22 maxlen: 24
185.179.136.0/22 maxlen: 24
2a00:8720::/32 maxlen: 48
2a00:cf00::/32 maxlen: 48
2a01:b800::/32 maxlen: 48
2a02:61a0::/32 maxlen: 48
2a03:fc40::/32 maxlen: 48
2a04:1dc0::/29 maxlen: 48
2a06:5b00::/29 maxlen: 48
2a06:63c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Sep 2024 08:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b1:d5:c5:95:6e:52:d1:a1:88:72:2c:a4:06:31:5e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Sep 2 08:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=394dd14e3f6894ecd83d37885a5a5ab5e62e4f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:80:99:0d:9b:20:b6:fb:07:15:39:38:70:e5:
4f:77:a2:39:d3:89:bd:69:df:4f:c9:eb:cd:07:45:
80:4f:bf:42:93:45:3e:6c:af:3f:41:8e:74:f8:94:
eb:c2:86:f3:1c:35:c7:5e:d7:5a:c0:8f:3c:79:3b:
02:12:23:24:71:f8:b9:b8:61:83:27:12:3b:1a:14:
44:37:27:ca:01:1b:fd:8e:c5:a8:c4:ed:1b:dc:a4:
f7:95:6a:0e:98:f0:a4:a2:d3:6f:21:50:a0:b2:e1:
dd:d9:94:4d:ee:d4:dd:fd:a5:cc:d8:70:b9:7a:68:
da:65:29:b8:5d:d4:75:46:5f:e2:bd:ee:44:27:e7:
71:7c:28:57:0c:ec:c5:ab:f6:5c:3f:64:75:04:d4:
68:3e:3a:06:71:a6:97:00:f4:e7:b9:d9:76:21:d7:
34:5c:02:22:a0:e8:f6:3e:16:80:4d:1a:68:27:0e:
07:38:ec:9e:c7:ee:15:b8:86:6d:7b:41:69:32:11:
45:4c:a1:1b:84:33:c5:26:34:70:84:67:e8:8c:18:
47:df:d6:c0:4c:ec:9d:da:b2:3c:fc:49:65:22:1e:
16:99:86:b7:6f:67:ea:e1:d9:0d:87:e3:0f:ec:a7:
a0:b2:23:31:eb:35:ab:ec:65:7a:41:47:c2:c1:cd:
9f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4D:D1:4E:3F:68:94:EC:D8:3D:37:88:5A:5A:5A:B5:E6:2E:4F:52
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/OU3RTj9olOzYPTeIWlpateYuT1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.104.0/21
46.235.96.0/21
62.240.24.0/21
91.185.96.0/19
91.204.52.0/22
109.94.228.0-109.94.239.255
109.122.64.0/18
109.198.0.0/19
178.237.208.0/20
178.250.136.0/21
185.10.140.0/22
185.26.172.0/22
185.34.92.0/22
185.103.136.0/22
185.112.20.0/22
185.179.136.0/22
IPv6:
2a00:8720::/32
2a00:cf00::/32
2a01:b800::/32
2a02:61a0::/32
2a03:fc40::/32
2a04:1dc0::/29
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:4d:5a:2d:ff:6d:75:40:f8:a2:bc:55:bd:52:f0:88:0c:8c:
83:be:81:5d:70:46:7c:6d:24:29:b9:51:ae:2e:3a:4a:92:17:
ec:19:56:63:07:27:13:d7:73:c5:12:d6:ec:cd:bc:4b:67:85:
0f:37:a6:1a:b2:e5:be:89:c3:f3:6d:73:ed:b2:d2:ae:e7:6b:
f7:5a:f4:38:ba:04:6f:27:08:1f:a2:17:68:c5:25:bf:0a:f6:
6d:44:c6:11:ec:97:c7:2a:17:24:be:7c:32:a2:3f:72:54:04:
6f:1d:fb:fd:9b:e7:e2:ae:b0:cd:61:3a:66:1b:20:d3:fc:64:
fa:ad:3e:83:74:5a:82:e8:bf:a1:bb:72:2e:ea:2d:1d:4d:cd:
72:be:05:16:06:e3:62:c4:d0:e3:d4:c3:75:53:74:b5:cd:ab:
90:15:a4:22:10:c1:45:30:a7:b3:b5:4d:1b:b5:07:0b:d9:eb:
eb:8d:23:a1:96:8a:7f:7a:3d:37:e0:e2:7f:32:31:80:27:23:
5c:37:dd:61:bb:ce:73:fe:79:c7:8f:7b:81:fd:ba:70:5b:22:
d8:c7:f2:a2:fe:d0:92:5a:40:77:48:dc:f7:f9:e2:b3:e1:58:
37:db:12:59:a9:fa:11:7c:2a:46:45:9b:90:4d:38:f6:18:fc:
06:b2:ec:aa
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZGx1cWVblLRoYhyLKQGMV7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwOTAyMDgyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTRkZDE0ZTNmNjg5NGVjZDgzZDM3ODg1YTVhNWFiNWU2MmU0ZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4CZDZsgtvsHFTk4cOVPd6I504m9
ad9PyevNB0WAT79Ck0U+bK8/QY50+JTrwobzHDXHXtdawI88eTsCEiMkcfi5uGGD
JxI7GhRENyfKARv9jsWoxO0b3KT3lWoOmPCkotNvIVCgsuHd2ZRN7tTd/aXM2HC5
emjaZSm4XdR1Rl/ive5EJ+dxfChXDOzFq/ZcP2R1BNRoPjoGcaaXAPTnudl2Idc0
XAIioOj2PhaATRpoJw4HOOyex+4VuIZte0FpMhFFTKEbhDPFJjRwhGfojBhH39bA
TOyd2rI8/EllIh4WmYa3b2fq4dkNh+MP7KegsiMx6zWr7GV6QUfCwc2fBQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFDlN0U4/aJTs2D03iFpaWrXmLk9SMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvT1UzUlRqOW9sT3pZUFRlSVdscGF0ZVl1VDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDBuBAIAATBoAwQDBYZo
AwQDLutgAwQDPvAYAwQFW7lgAwQCW8w0MAwDBAJtXuQDBARtXuADBAZtekADBAVt
xgADBASy7dADBAOy+ogDBAK5CowDBAK5GqwDBAK5IlwDBAK5Z4gDBAK5cBQDBAK5
s4gwPgQCAAIwOAMFACoAhyADBQAqAM8AAwUAKgG4AAMFACoCYaADBQAqA/xAAwUD
KgQdwAMFAyoGWwADBQMqBmPAMA0GCSqGSIb3DQEBCwUAA4IBAQCmTVot/211QPii
vFW9UvCIDIyDvoFdcEZ8bSQpuVGuLjpKkhfsGVZjBycT13PFEtbszbxLZ4UPN6Ya
suW+icPzbXPtstKu52v3WvQ4ugRvJwgfohdoxSW/CvZtRMYR7JfHKhckvnwyoj9y
VARvHfv9m+firrDNYTpmGyDT/GT6rT6DdFqC6L+hu3Iu6i0dTc1yvgUWBuNixNDj
1MN1U3S1zauQFaQiEMFFMKeztU0btQcL2evrjSOhlop/ej034OJ/MjGAJyNcN91h
u85z/nnHj3uB/bpwWyLYx/Ki/tCSWkB3SNz3+eKz4Vg32xJZqfoRfCpGRZuQTTj2
GPwGsuyq
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:05:28 2025 by rpki-client