Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/PH2PvvrNZFEp1b-YmTiT0AilBWM.roa
File: PH2PvvrNZFEp1b-YmTiT0AilBWM.roa (raw, json)
Hash identifier: 4JPw200jUUAd85bjDmW0NuU14dUEGquTXxlnjv5+lVE=
Subject key identifier: 3C:7D:8F:BE:FA:CD:64:51:29:D5:BF:98:99:38:93:D0:08:A5:05:63
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 019669AFC9F792E87B21D622931D41740190
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/PH2PvvrNZFEp1b-YmTiT0AilBWM.roa
Signing time: Thu 24 Apr 2025 21:24:10 +0000
ROA not before: Thu 24 Apr 2025 21:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202105
IP address blocks: 83.136.8.0/24 maxlen: 24
83.136.9.0/24 maxlen: 24
83.136.10.0/24 maxlen: 24
83.136.11.0/24 maxlen: 24
83.136.12.0/24 maxlen: 24
83.136.13.0/24 maxlen: 24
83.136.14.0/24 maxlen: 24
83.136.15.0/24 maxlen: 24
87.237.224.0/24 maxlen: 24
87.237.225.0/24 maxlen: 24
87.237.226.0/24 maxlen: 24
87.237.227.0/24 maxlen: 24
87.237.228.0/24 maxlen: 24
87.237.229.0/24 maxlen: 24
87.237.230.0/24 maxlen: 24
87.237.231.0/24 maxlen: 24
185.11.120.0/24 maxlen: 24
185.11.121.0/24 maxlen: 24
185.11.122.0/24 maxlen: 24
185.11.123.0/24 maxlen: 24
185.51.204.0/24 maxlen: 24
185.51.205.0/24 maxlen: 24
185.51.206.0/24 maxlen: 24
185.51.207.0/24 maxlen: 24
185.82.116.0/24 maxlen: 24
185.82.117.0/24 maxlen: 24
185.82.118.0/24 maxlen: 24
185.82.119.0/24 maxlen: 24
185.108.240.0/24 maxlen: 24
185.108.241.0/24 maxlen: 24
185.108.242.0/24 maxlen: 24
185.108.243.0/24 maxlen: 24
185.133.84.0/24 maxlen: 24
185.133.85.0/24 maxlen: 24
185.133.86.0/24 maxlen: 24
185.133.87.0/24 maxlen: 24
185.164.26.0/24 maxlen: 24
185.164.27.0/24 maxlen: 24
185.164.29.0/24 maxlen: 24
185.164.31.0/24 maxlen: 24
185.203.110.0/24 maxlen: 24
185.206.28.0/24 maxlen: 24
185.206.29.0/24 maxlen: 24
185.206.30.0/24 maxlen: 24
185.206.132.0/24 maxlen: 24
185.206.133.0/24 maxlen: 24
185.206.134.0/24 maxlen: 24
185.206.135.0/24 maxlen: 24
185.217.8.0/24 maxlen: 24
185.217.9.0/24 maxlen: 24
185.217.10.0/24 maxlen: 24
185.217.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 22:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:69:af:c9:f7:92:e8:7b:21:d6:22:93:1d:41:74:01:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: Apr 24 21:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c7d8fbefacd645129d5bf98993893d008a50563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0d:39:65:a2:f9:c1:40:f5:04:d8:d9:da:89:
f3:2f:af:75:39:bb:ee:23:e6:82:79:5d:c7:40:90:
ee:00:d2:bb:61:7f:dd:4f:4a:6f:88:7b:bc:5a:6a:
4d:75:ce:03:25:4e:5c:8c:d3:03:50:71:75:a1:2a:
db:d8:34:3a:96:d1:0f:37:22:c4:2f:0f:ec:c2:ef:
4a:e7:06:52:f0:eb:44:15:e3:84:32:85:ed:76:02:
75:49:ce:f8:80:5f:7f:69:6f:72:b2:08:77:81:fb:
bf:a9:50:f8:b5:9c:12:77:46:89:5f:d4:ef:64:31:
40:28:28:77:21:79:30:70:67:17:45:6b:b7:c8:f2:
5c:99:76:15:29:45:4e:c1:8c:8f:ca:32:8c:30:ac:
dd:79:68:bb:38:38:19:f0:1f:12:5a:5a:24:78:72:
20:3e:d3:30:09:28:ad:05:f7:0c:a1:f9:15:f3:46:
43:79:d1:87:df:ff:6a:b1:fd:31:0b:6a:93:e9:97:
08:4f:8a:9e:74:80:39:bd:7d:ef:d2:08:c1:79:b9:
c6:39:44:45:d4:9b:8c:22:ac:23:7c:e0:cb:d2:4e:
18:91:53:e9:56:c9:cc:50:6e:01:0b:04:d1:de:56:
81:b7:03:3d:8f:b4:47:2b:9a:01:69:38:ac:27:b1:
e7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7D:8F:BE:FA:CD:64:51:29:D5:BF:98:99:38:93:D0:08:A5:05:63
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/PH2PvvrNZFEp1b-YmTiT0AilBWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.8.0/21
87.237.224.0/21
185.11.120.0/22
185.51.204.0/22
185.82.116.0/22
185.108.240.0/22
185.133.84.0/22
185.164.26.0/23
185.164.29.0/24
185.164.31.0/24
185.203.110.0/24
185.206.28.0-185.206.30.255
185.206.132.0/22
185.217.8.0/22
Signature Algorithm: sha256WithRSAEncryption
03:5b:04:eb:98:42:03:d6:ef:79:75:77:54:b9:59:02:3a:a5:
13:94:14:0c:00:88:c7:86:bf:50:7a:5b:0f:b5:0c:37:03:0a:
3c:0a:81:5d:4d:e6:ca:d0:d9:3b:d0:bf:55:d9:3d:7b:ed:60:
be:4c:25:9c:9f:10:02:4d:4b:ea:4d:31:fb:33:f1:e4:78:ba:
ee:2e:98:30:67:78:db:0f:f5:34:d8:7d:12:da:b6:ef:fb:5f:
81:c8:6a:df:a6:59:23:cd:73:94:70:3b:50:4c:58:a5:43:08:
35:ff:78:cb:d4:c7:dc:fe:07:09:0f:0a:74:3f:7f:9a:01:82:
89:22:ed:56:90:40:95:0c:4e:0b:97:b8:b3:be:70:de:36:a4:
84:e6:65:e6:42:45:04:72:cc:d4:70:34:3f:36:a7:2d:2b:43:
5f:73:43:93:95:c3:a8:00:aa:3a:3b:9c:c1:22:ac:44:2f:51:
5c:f6:90:09:cf:43:5c:0e:42:88:64:ed:e9:4d:15:39:ab:46:
3b:e0:7c:bb:35:e2:8c:bd:cd:97:b9:9a:93:09:0f:0e:4b:6e:
d4:81:86:04:82:ee:91:0e:0a:c7:18:e7:fa:b3:b6:f8:35:3a:
66:ce:cb:66:9f:31:52:89:68:84:52:c1:23:db:e6:1d:05:4e:
3f:40:4c:3c
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZZpr8n3kuh7IdYikx1BdAGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OWVmZTZlZjk3NzI4YTQyODJhZTJjN2IwNWEyNDA1MDY1
NzFmMWMwHhcNMjUwNDI0MjEyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzdkOGZiZWZhY2Q2NDUxMjlkNWJmOTg5OTM4OTNkMDA4YTUwNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1g05ZaL5wUD1BNjZ2onzL691Obvu
I+aCeV3HQJDuANK7YX/dT0pviHu8WmpNdc4DJU5cjNMDUHF1oSrb2DQ6ltEPNyLE
Lw/swu9K5wZS8OtEFeOEMoXtdgJ1Sc74gF9/aW9ysgh3gfu/qVD4tZwSd0aJX9Tv
ZDFAKCh3IXkwcGcXRWu3yPJcmXYVKUVOwYyPyjKMMKzdeWi7ODgZ8B8SWlokeHIg
PtMwCSitBfcMofkV80ZDedGH3/9qsf0xC2qT6ZcIT4qedIA5vX3v0gjBebnGOURF
1JuMIqwjfODL0k4YkVPpVsnMUG4BCwTR3laBtwM9j7RHK5oBaTisJ7HneQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFDx9j776zWRRKdW/mJk4k9AIpQVjMB8GA1UdIwQY
MBaAFJWe/m75dyikKCrix7BaJAUGVx8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUt
YTA5MjY2YmI0ZDhjLzEvUEgyUHZ2ck5aRkVwMWItWW1UaVQwQWlsQldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUtYTA5MjY2YmI0ZDhj
LzEvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDU4gIAwQD
V+3gAwQCuQt4AwQCuTPMAwQCuVJ0AwQCuWzwAwQCuYVUAwQBuaQaAwQAuaQdAwQA
uaQfAwQAuctuMAwDBAK5zhwDBAC5zh4DBAK5zoQDBAK52QgwDQYJKoZIhvcNAQEL
BQADggEBAANbBOuYQgPW73l1d1S5WQI6pROUFAwAiMeGv1B6Ww+1DDcDCjwKgV1N
5srQ2TvQv1XZPXvtYL5MJZyfEAJNS+pNMfsz8eR4uu4umDBneNsP9TTYfRLatu/7
X4HIat+mWSPNc5RwO1BMWKVDCDX/eMvUx9z+BwkPCnQ/f5oBgoki7VaQQJUMTguX
uLO+cN42pITmZeZCRQRyzNRwND82py0rQ19zQ5OVw6gAqjo7nMEirEQvUVz2kAnP
Q1wOQohk7elNFTmrRjvgfLs14oy9zZe5mpMJDw5LbtSBhgSC7pEOCscY5/qztvg1
OmbOy2afMVKJaIRSwSPb5h0FTj9ATDw=
-----END CERTIFICATE-----
Generated at Wed May 7 20:28:53 2025 by rpki-client