Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/G053EG3Bi4gas4njXqkBiFwoEiI.roa
File: G053EG3Bi4gas4njXqkBiFwoEiI.roa (raw, json)
Hash identifier: xZKUer6bVw3blY05j3KNBIZUY2/T0YRlEnl8JRPaeL0=
Subject key identifier: 1B:4E:77:10:6D:C1:8B:88:1A:B3:89:E3:5E:A9:01:88:5C:28:12:22
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0194266B7D1650C9CA4E8EF1CA8466E6DD17
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/G053EG3Bi4gas4njXqkBiFwoEiI.roa
Signing time: Thu 02 Jan 2025 09:49:26 +0000
ROA not before: Thu 02 Jan 2025 09:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/19 maxlen: 19
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/19 maxlen: 19
171.25.218.0/23 maxlen: 23
176.103.176.0/20 maxlen: 20
176.103.184.0/24 maxlen: 24
176.103.192.0/21 maxlen: 21
176.106.48.0/20 maxlen: 20
176.106.96.0/21 maxlen: 21
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
185.220.196.0/22 maxlen: 22
185.220.196.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/19 maxlen: 19
2a01:8ca0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 Jan 2025 09:57:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:7d:16:50:c9:ca:4e:8e:f1:ca:84:66:e6:dd:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 09:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b4e77106dc18b881ab389e35ea901885c281222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:86:b6:24:0b:1f:da:ea:5b:f4:64:da:d5:4e:
d5:f5:b9:5f:c1:16:11:0f:e3:01:80:5a:91:cb:ec:
83:73:22:33:86:ad:ee:38:60:6c:5f:98:1a:48:15:
62:f4:be:af:33:60:d8:67:66:54:b7:45:24:57:fd:
34:d0:01:ae:a7:e7:48:7f:34:59:08:45:24:34:b3:
ca:4d:64:b3:f3:a0:84:b0:fe:1c:40:26:cb:e7:21:
df:0b:6f:6c:7d:21:df:ae:c3:9d:f4:fd:85:75:29:
fe:35:cf:f6:25:f9:1e:fd:cf:09:8d:f2:46:22:41:
bd:09:a9:07:d6:55:fe:2b:d9:96:dc:f7:1c:de:e6:
80:75:db:f3:b6:38:a3:ce:ce:46:04:1e:fd:84:18:
50:65:76:d6:13:b0:e2:ce:75:0d:46:4e:0d:2a:59:
99:70:a3:b1:0f:ea:c6:fe:b0:11:25:8d:29:36:85:
ae:e6:8a:5b:60:e5:f3:ba:58:e1:34:05:57:40:09:
0b:02:19:bd:e7:e1:fb:52:0e:03:c8:56:19:92:3b:
fe:22:6d:45:c4:ad:2c:5f:69:f4:28:3a:86:34:17:
75:a6:36:ca:cd:a8:ac:ad:30:44:1d:e8:00:ca:2e:
ab:7c:35:63:41:11:d8:dc:1e:fa:10:4a:a1:a3:22:
c4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4E:77:10:6D:C1:8B:88:1A:B3:89:E3:5E:A9:01:88:5C:28:12:22
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/G053EG3Bi4gas4njXqkBiFwoEiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0-176.103.199.255
176.106.48.0/20
176.106.96.0/21
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
99:95:9b:d7:07:ad:21:93:3d:ab:6e:f2:4c:58:1b:58:cf:04:
7c:73:ba:88:b8:d9:10:39:49:23:23:ba:76:4b:ff:47:2b:3f:
7b:4e:a5:e1:4f:7a:47:7f:bb:a5:b6:ac:85:ce:0b:e9:9b:8b:
3b:80:5e:e1:95:e2:c2:dd:08:66:60:55:74:ca:97:06:b7:d6:
cb:ea:60:44:84:77:b7:6e:e0:f8:7d:43:5b:82:9f:06:06:8f:
d8:0f:54:41:8b:94:6a:7d:6e:82:ce:a8:ba:26:6f:9a:54:0d:
d7:2e:ce:6c:27:b2:b4:19:c6:9f:ae:9a:a0:96:e3:6a:8f:68:
80:37:9a:16:fd:13:67:8b:86:13:83:e8:b6:d1:cc:bf:7a:ab:
18:a6:a9:9a:55:31:5f:ae:dd:6c:ac:96:28:1e:cc:61:33:9a:
5d:9c:83:20:2c:40:af:59:90:a1:64:21:3e:7c:ea:a0:90:79:
16:c7:ec:f7:fb:1a:56:0a:e3:be:eb:57:ed:23:26:33:c7:97:
1f:96:0e:a6:d1:ee:e1:eb:0a:55:be:e0:32:56:53:9f:c0:e7:
1f:3c:d3:29:0c:0c:32:25:6a:94:d0:81:b5:ca:6f:79:d5:f2:
89:55:24:7d:b8:12:85:b2:89:20:d5:da:f3:ac:73:eb:91:ff:
b9:47:52:95
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAZQma30WUMnKTo7xyoRm5t0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMTAyMDk0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjRlNzcxMDZkYzE4Yjg4MWFiMzg5ZTM1ZWE5MDE4ODVjMjgxMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroa2JAsf2upb9GTa1U7V9blfwRYR
D+MBgFqRy+yDcyIzhq3uOGBsX5gaSBVi9L6vM2DYZ2ZUt0UkV/000AGup+dIfzRZ
CEUkNLPKTWSz86CEsP4cQCbL5yHfC29sfSHfrsOd9P2FdSn+Nc/2Jfke/c8JjfJG
IkG9CakH1lX+K9mW3Pcc3uaAddvztjijzs5GBB79hBhQZXbWE7DiznUNRk4NKlmZ
cKOxD+rG/rARJY0pNoWu5opbYOXzuljhNAVXQAkLAhm95+H7Ug4DyFYZkjv+Im1F
xK0sX2n0KDqGNBd1pjbKzaisrTBEHegAyi6rfDVjQRHY3B76EEqhoyLE+wIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFBtOdxBtwYuIGrOJ416pAYhcKBIiMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvRzA1M0VHM0JpNGdhczRualhxa0JpRndvRWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdowDAMEBLBnsAMEA7BnwAMEBLBqMAMEA7BqYDAMAwQFsGqgAwQDsGqw
AwQBuS8KAwQCudzEAwQCwW/0MAwDBALB7tQDBAXB7sADBALCCdQDBALDRVgDBAXV
bkAwDQQCAAIwBwMFACoBjKAwDQYJKoZIhvcNAQELBQADggEBAJmVm9cHrSGTPatu
8kxYG1jPBHxzuoi42RA5SSMjunZL/0crP3tOpeFPekd/u6W2rIXOC+mbizuAXuGV
4sLdCGZgVXTKlwa31svqYESEd7du4Ph9Q1uCnwYGj9gPVEGLlGp9boLOqLomb5pU
DdcuzmwnsrQZxp+umqCW42qPaIA3mhb9E2eLhhOD6LbRzL96qximqZpVMV+u3Wys
ligezGEzml2cgyAsQK9ZkKFkIT586qCQeRbH7Pf7GlYK477rV+0jJjPHlx+WDqbR
7uHrClW+4DJWU5/A5x880ykMDDIlapTQgbXKb3nV8olVJH24EoWyiSDV2vOsc+uR
/7lHUpU=
-----END CERTIFICATE-----
Generated at Sun May 11 09:07:30 2025 by rpki-client