Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/tK1-iiT-L2NBkcG0hNdG8PUvCJw.roa
File: tK1-iiT-L2NBkcG0hNdG8PUvCJw.roa (raw, json)
Hash identifier: NxHcrtzK91MSxL3perv96wHTtvCF/uHNCxHU2rMRd+c=
Subject key identifier: B4:AD:7E:8A:24:FE:2F:63:41:91:C1:B4:84:D7:46:F0:F5:2F:08:9C
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 01943CEEA018BC460572315045971CA3D5FC
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/tK1-iiT-L2NBkcG0hNdG8PUvCJw.roa
Signing time: Mon 06 Jan 2025 18:44:19 +0000
ROA not before: Mon 06 Jan 2025 18:44:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8359
IP address blocks: 5.144.96.0/19 maxlen: 19
31.40.112.0/20 maxlen: 20
37.208.120.0/21 maxlen: 21
62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
79.171.115.0/24 maxlen: 24
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
92.43.184.0/21 maxlen: 21
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
95.153.136.0/22 maxlen: 22
95.169.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
178.159.16.0/20 maxlen: 20
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
212.188.1.0/24 maxlen: 24
212.188.16.0/24 maxlen: 24
212.188.29.0/24 maxlen: 24
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.98.0/23 maxlen: 23
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.210.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa1::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 28 Jan 2025 11:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:ee:a0:18:bc:46:05:72:31:50:45:97:1c:a3:d5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 6 18:44:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4ad7e8a24fe2f634191c1b484d746f0f52f089c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1a:6b:22:fa:17:88:ba:1d:63:88:f0:46:fe:
c1:a8:53:cc:3d:ca:b6:df:f8:d0:af:7e:8c:5d:53:
70:71:06:1b:21:af:90:70:b0:d7:eb:81:1c:50:ef:
af:71:cb:98:a6:96:c0:55:2b:6c:f2:10:8c:05:34:
6c:5e:b5:2d:b1:29:c2:73:24:b8:50:d6:a8:82:1c:
b5:20:04:41:3f:2d:0d:e4:31:4a:94:7c:69:9f:a8:
75:aa:13:76:2c:2b:5c:f1:28:e6:55:0b:2a:02:fc:
df:31:28:0e:bf:58:45:a3:07:51:e9:45:c5:b0:53:
50:b3:47:aa:6f:73:78:87:d8:29:24:b0:86:5e:f8:
a7:73:3d:1b:81:17:6d:4a:d6:2e:a1:51:7a:97:84:
cc:f6:e5:a0:95:c4:fe:18:20:ec:1a:85:a8:24:b9:
57:82:e7:b1:02:07:d5:fc:21:82:08:57:73:2f:98:
a6:5b:32:fb:42:6f:ed:a5:96:f2:91:ed:a2:f9:d6:
17:e0:6c:25:0f:69:92:05:41:f6:a7:d1:1c:a5:e7:
31:f6:ea:ad:12:f1:d4:75:b6:c8:5f:de:c3:d9:ea:
d3:49:e2:5f:b7:d3:79:e4:50:f8:d4:20:8b:b2:29:
33:d4:fa:b7:78:e8:cd:34:44:54:01:c7:99:11:71:
a9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AD:7E:8A:24:FE:2F:63:41:91:C1:B4:84:D7:46:F0:F5:2F:08:9C
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/tK1-iiT-L2NBkcG0hNdG8PUvCJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.96.0/19
31.40.112.0/20
37.208.120.0/21
62.118.0.0/16
62.168.224.0/19
79.171.115.0/24
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
92.43.184.0/21
93.90.224.0/20
94.140.128.0/19
95.153.136.0/22
95.169.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
178.159.16.0/20
185.168.236.0/22
193.104.128.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
5f:a8:4d:47:a1:3c:68:33:eb:fe:07:b7:2f:9f:44:f7:db:95:
17:e1:b9:f0:09:ef:f4:77:79:d6:75:82:3c:88:16:4d:a7:83:
93:b4:5f:c6:7c:1a:22:6f:2e:6d:38:d9:fa:be:27:4d:38:e5:
53:6b:6e:e1:ff:31:bf:9f:ba:d9:1f:33:62:3b:82:6f:92:6c:
66:c7:c5:55:0a:45:f5:2d:6e:50:1b:62:25:a2:39:43:6f:10:
d4:11:7c:20:84:de:a1:00:56:6f:ad:c3:84:e5:23:3f:a2:87:
88:7d:f3:34:cb:d5:d9:99:8b:2b:3f:a8:04:e4:10:d0:5c:cd:
30:6f:f1:aa:2e:2c:88:b3:cc:5e:13:27:a0:0c:6e:33:39:06:
6c:07:c8:6f:8f:f5:5d:a6:a6:cf:b2:ca:f9:07:ec:31:28:74:
67:ce:9b:fb:64:cf:a5:ac:27:26:91:e7:ff:3b:2d:0e:af:fc:
2f:cc:35:04:8b:05:06:09:32:cc:2b:9d:f9:d5:20:d9:ad:30:
ad:4e:7d:24:04:58:e0:ec:7d:c4:62:b4:2c:28:71:85:f5:8e:
c9:46:6e:ad:eb:e2:b4:25:7b:b4:94:4f:e7:7b:a2:a6:65:08:
28:cb:a6:3d:5a:79:e6:e7:dd:7f:2a:5a:76:78:b1:7c:38:46:
a2:66:10:d1
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAZQ87qAYvEYFcjFQRZcco9X8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTA2MTg0NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFkN2U4YTI0ZmUyZjYzNDE5MWMxYjQ4NGQ3NDZmMGY1MmYwODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBprIvoXiLodY4jwRv7BqFPMPcq2
3/jQr36MXVNwcQYbIa+QcLDX64EcUO+vccuYppbAVSts8hCMBTRsXrUtsSnCcyS4
UNaoghy1IARBPy0N5DFKlHxpn6h1qhN2LCtc8SjmVQsqAvzfMSgOv1hFowdR6UXF
sFNQs0eqb3N4h9gpJLCGXvincz0bgRdtStYuoVF6l4TM9uWglcT+GCDsGoWoJLlX
guexAgfV/CGCCFdzL5imWzL7Qm/tpZbyke2i+dYX4GwlD2mSBUH2p9Ecpecx9uqt
EvHUdbbIX97D2erTSeJft9N55FD41CCLsikz1Pq3eOjNNERUAceZEXGpDQIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFLStfook/i9jQZHBtITXRvD1LwicMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvdEsxLWlpVC1MMk5Ca2NHMGhOZEc4UFV2Q0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zCB0gQCAAEwgcsDBAUF
kGADBAQfKHADBAMl0HgDAwA+dgMEBT6o4AMEAE+rcwMEAFBT7QMEBVFbIAMDAFHD
AwQGUmDAAwMAU+0DAwFVjAMEBVXrIAMDAFmvAwMCW0wDBANcK7gDBARdWuADBAVe
jIADBAJfmYgDBAVfqYADBAVtxuADBAONaRgDBACw3hEDAwCyjQMEB7KbAAMEBLKf
EAMEArmo7AMEAMFogAMEBsMiAAMEB9S8AAMDANVXAwQF1ZMgAwQC1bDkMAsDBALZ
SvQDAwDZSjAUBAIAAjAOAwUDKgAfoAMFAyoCACgwDQYJKoZIhvcNAQELBQADggEB
AF+oTUehPGgz6/4Hty+fRPfblRfhufAJ7/R3edZ1gjyIFk2ng5O0X8Z8GiJvLm04
2fq+J0045VNrbuH/Mb+futkfM2I7gm+SbGbHxVUKRfUtblAbYiWiOUNvENQRfCCE
3qEAVm+tw4TlIz+ih4h98zTL1dmZiys/qATkENBczTBv8aouLIizzF4TJ6AMbjM5
BmwHyG+P9V2mps+yyvkH7DEodGfOm/tkz6WsJyaR5/87LQ6v/C/MNQSLBQYJMswr
nfnVINmtMK1OfSQEWODsfcRitCwocYX1jslGbq3r4rQle7SUT+d7oqZlCCjLpj1a
eebn3X8qWnZ4sXw4RqJmENE=
-----END CERTIFICATE-----
Generated at Wed May 14 02:36:42 2025 by rpki-client