Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/gipDsVfP0A5YcMReP0J9RcNwD5s.roa
File: gipDsVfP0A5YcMReP0J9RcNwD5s.roa (raw, json)
Hash identifier: a8RUco2voFUHQjJVEee0g5o4PcF6QS+UvFNmXydINQk=
Subject key identifier: 82:2A:43:B1:57:CF:D0:0E:58:70:C4:5E:3F:42:7D:45:C3:70:0F:9B
Certificate issuer: /CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Certificate serial: 0194CC4D02A366E3823F4F409851E9E8BEB0
Authority key identifier: 9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/gipDsVfP0A5YcMReP0J9RcNwD5s.roa
Signing time: Mon 03 Feb 2025 14:53:06 +0000
ROA not before: Mon 03 Feb 2025 14:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31638
IP address blocks: 5.144.184.0/21 maxlen: 24
37.156.96.0/22 maxlen: 23
37.156.148.0/22 maxlen: 23
37.156.168.0/22 maxlen: 23
37.156.208.0/22 maxlen: 23
46.255.80.0/21 maxlen: 24
86.104.6.0/24 maxlen: 24
86.104.229.0/24 maxlen: 24
86.105.8.0/24 maxlen: 24
86.105.179.0/24 maxlen: 24
89.33.232.0/24 maxlen: 24
89.34.6.0/24 maxlen: 24
89.39.92.0/24 maxlen: 24
89.39.224.0/20 maxlen: 21
89.42.230.0/24 maxlen: 24
89.44.206.0/24 maxlen: 24
89.45.24.0/21 maxlen: 21
89.45.24.0/24 maxlen: 24
89.45.25.0/24 maxlen: 24
89.45.26.0/24 maxlen: 24
89.45.27.0/24 maxlen: 24
89.45.95.0/24 maxlen: 24
89.45.216.0/22 maxlen: 23
89.47.32.0/23 maxlen: 24
93.113.89.0/24 maxlen: 24
93.115.170.0/23 maxlen: 23
93.118.37.0/24 maxlen: 24
94.177.18.0/23 maxlen: 23
94.177.151.0/24 maxlen: 24
176.223.164.0/24 maxlen: 24
185.82.168.0/22 maxlen: 23
185.82.169.0/24 maxlen: 24
185.82.170.0/24 maxlen: 24
185.82.171.0/24 maxlen: 24
188.209.80.0/20 maxlen: 24
188.209.80.0/24 maxlen: 24
188.209.81.0/24 maxlen: 24
188.209.82.0/24 maxlen: 24
188.209.83.0/24 maxlen: 24
188.209.88.0/21 maxlen: 21
188.209.89.0/24 maxlen: 24
188.210.239.0/24 maxlen: 24
188.212.153.0/24 maxlen: 24
188.215.44.0/22 maxlen: 23
188.215.65.0/24 maxlen: 24
188.215.247.0/24 maxlen: 24
188.215.248.0/24 maxlen: 24
188.241.4.0/23 maxlen: 24
188.241.190.0/23 maxlen: 24
195.62.160.0/19 maxlen: 20
2a02:20d8::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Feb 2025 15:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:4d:02:a3:66:e3:82:3f:4f:40:98:51:e9:e8:be:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Validity
Not Before: Feb 3 14:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=822a43b157cfd00e5870c45e3f427d45c3700f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6d:5d:b2:b6:63:2b:8b:81:4d:1c:30:9c:4d:
2f:cd:89:85:79:19:79:2c:0b:08:74:9b:3d:8e:91:
18:88:5b:23:a9:1b:1f:37:31:6c:c1:b5:2f:08:c0:
9a:2d:4c:f5:d0:3f:4f:f5:9a:c4:ed:11:5b:77:c2:
38:96:5f:5a:69:ad:4a:40:41:e7:de:a1:be:7d:bd:
4a:5e:cf:5c:5d:ab:e7:c8:fc:69:bf:28:3c:e1:62:
2f:89:95:d8:0d:d3:70:a2:ca:d5:5f:19:29:bf:bb:
fd:f9:e5:c4:31:77:27:92:8a:fe:b8:b5:b2:9f:70:
ff:01:88:a3:79:b7:d4:c0:d8:c4:3e:b8:e9:6a:98:
f2:43:01:45:af:b9:86:fb:5d:bd:c6:14:5f:a1:4b:
10:f1:e4:dc:04:1f:c8:b3:77:e8:94:5e:93:fb:fd:
70:15:c8:ee:e4:0c:85:f5:29:e8:49:78:06:2b:bc:
43:fd:a4:d2:48:9c:13:e7:cf:4b:38:9d:66:a2:e3:
69:b7:d7:3d:f6:d1:7e:0a:79:bb:fe:14:23:1c:0f:
ce:d7:f3:4e:1d:d1:d8:64:40:71:f3:6f:f3:e9:98:
d8:95:a4:06:fd:cf:8b:f8:9f:49:8f:4a:0b:c4:3e:
0d:91:2f:3a:a7:ce:35:67:eb:31:96:1e:0b:f7:5a:
ee:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2A:43:B1:57:CF:D0:0E:58:70:C4:5E:3F:42:7D:45:C3:70:0F:9B
X509v3 Authority Key Identifier:
keyid:9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/gipDsVfP0A5YcMReP0J9RcNwD5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.184.0/21
37.156.96.0/22
37.156.148.0/22
37.156.168.0/22
37.156.208.0/22
46.255.80.0/21
86.104.6.0/24
86.104.229.0/24
86.105.8.0/24
86.105.179.0/24
89.33.232.0/24
89.34.6.0/24
89.39.92.0/24
89.39.224.0/20
89.42.230.0/24
89.44.206.0/24
89.45.24.0/21
89.45.95.0/24
89.45.216.0/22
89.47.32.0/23
93.113.89.0/24
93.115.170.0/23
93.118.37.0/24
94.177.18.0/23
94.177.151.0/24
176.223.164.0/24
185.82.168.0/22
188.209.80.0/20
188.210.239.0/24
188.212.153.0/24
188.215.44.0/22
188.215.65.0/24
188.215.247.0-188.215.248.255
188.241.4.0/23
188.241.190.0/23
195.62.160.0/19
IPv6:
2a02:20d8::/29
Signature Algorithm: sha256WithRSAEncryption
a7:ee:60:04:11:e5:c2:11:f2:f0:14:0b:81:11:86:a1:35:61:
0a:24:63:6e:e1:95:30:d9:88:44:73:bb:72:4f:d3:da:ff:35:
92:3f:c4:82:66:69:f3:60:09:46:8a:79:e2:39:ed:3a:21:57:
20:0d:55:cc:3b:1a:85:01:da:66:89:25:7a:fd:bb:ea:46:23:
8d:ed:72:a8:03:10:f9:78:db:15:eb:2d:a2:e4:cf:df:0a:20:
6a:55:a9:36:09:3e:06:22:c1:6f:3b:b7:0a:aa:0c:a3:82:e0:
69:2b:cf:e4:9d:c7:ec:c1:d2:e1:55:71:66:f0:05:3b:d0:7d:
b9:2a:4e:8c:09:44:c5:88:0e:dc:92:5a:dc:18:dc:84:81:9c:
41:3b:0a:eb:9a:99:d8:14:92:1c:9d:ae:76:d9:71:6f:fd:f6:
13:d7:5e:39:04:a7:e0:17:73:9d:35:c4:2d:70:37:42:ae:f5:
d4:91:f2:ab:99:2d:3f:dc:9e:2c:f9:fa:f0:1f:58:4a:19:ba:
bc:75:ce:b2:39:55:93:5d:de:c2:e0:58:27:42:f7:a5:90:32:
e0:6a:70:a9:0d:e7:80:1e:22:bb:fb:a4:71:04:dd:bc:4f:b1:
ed:48:c2:7a:54:70:40:b9:49:5f:ba:83:bc:dc:93:0e:b1:0d:
b6:68:28:dc
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZTMTQKjZuOCP09AmFHp6L6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMjAwZDBlN2FkM2NlZjcyMjM4YjUxNjRjNGIyY2RkZTIz
YTZhMWUwHhcNMjUwMjAzMTQ1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJhNDNiMTU3Y2ZkMDBlNTg3MGM0NWUzZjQyN2Q0NWMzNzAwZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW1dsrZjK4uBTRwwnE0vzYmFeRl5
LAsIdJs9jpEYiFsjqRsfNzFswbUvCMCaLUz10D9P9ZrE7RFbd8I4ll9aaa1KQEHn
3qG+fb1KXs9cXavnyPxpvyg84WIviZXYDdNwosrVXxkpv7v9+eXEMXcnkor+uLWy
n3D/AYijebfUwNjEPrjpapjyQwFFr7mG+129xhRfoUsQ8eTcBB/Is3folF6T+/1w
Fcju5AyF9SnoSXgGK7xD/aTSSJwT589LOJ1mouNpt9c99tF+Cnm7/hQjHA/O1/NO
HdHYZEBx82/z6ZjYlaQG/c+L+J9Jj0oLxD4NkS86p841Z+sxlh4L91ruVQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFIIqQ7FXz9AOWHDEXj9CfUXDcA+bMB8GA1UdIwQY
MBaAFJsgDQ560873Iji1FkxLLN3iOmoeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2Mt
YTRmMDhkYmI4NWE1LzEvZ2lwRHNWZlAwQTVZY01SZVAwSjlSY053RDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2MtYTRmMDhkYmI4NWE1
LzEvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgAwQD
BZC4AwQCJZxgAwQCJZyUAwQCJZyoAwQCJZzQAwQDLv9QAwQAVmgGAwQAVmjlAwQA
VmkIAwQAVmmzAwQAWSHoAwQAWSIGAwQAWSdcAwQEWSfgAwQAWSrmAwQAWSzOAwQD
WS0YAwQAWS1fAwQCWS3YAwQBWS8gAwQAXXFZAwQBXXOqAwQAXXYlAwQBXrESAwQA
XrGXAwQAsN+kAwQCuVKoAwQEvNFQAwQAvNLvAwQAvNSZAwQCvNcsAwQAvNdBMAwD
BAC81/cDBAC81/gDBAG88QQDBAG88b4DBAXDPqAwDQQCAAIwBwMFAyoCINgwDQYJ
KoZIhvcNAQELBQADggEBAKfuYAQR5cIR8vAUC4ERhqE1YQokY27hlTDZiERzu3JP
09r/NZI/xIJmafNgCUaKeeI57TohVyANVcw7GoUB2maJJXr9u+pGI43tcqgDEPl4
2xXrLaLkz98KIGpVqTYJPgYiwW87twqqDKOC4Gkrz+Sdx+zB0uFVcWbwBTvQfbkq
TowJRMWIDtySWtwY3ISBnEE7CuuamdgUkhydrnbZcW/99hPXXjkEp+AXc501xC1w
N0Ku9dSR8quZLT/cniz5+vAfWEoZurx1zrI5VZNd3sLgWCdC96WQMuBqcKkN54Ae
Irv7pHEE3bxPse1IwnpUcEC5SV+6g7zckw6xDbZoKNw=
-----END CERTIFICATE-----
Generated at Thu May 8 11:59:39 2025 by rpki-client