Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/_gfOX-1xtuFcbmsD7TFZJlRxqRk.roa
File: _gfOX-1xtuFcbmsD7TFZJlRxqRk.roa (raw, json)
Hash identifier: qvlN+iGzF7WGJOvEquqij5YbmuJW1i5r6c95MrG+ARo=
Subject key identifier: FE:07:CE:5F:ED:71:B6:E1:5C:6E:6B:03:ED:31:59:26:54:71:A9:19
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 0194656EDBA9D2DEEC321DF7C5938C6FE5CC
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/_gfOX-1xtuFcbmsD7TFZJlRxqRk.roa
Signing time: Tue 14 Jan 2025 15:29:11 +0000
ROA not before: Tue 14 Jan 2025 15:29:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.70.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.172.0/24 maxlen: 24
5.195.172.0/26 maxlen: 26
5.195.172.64/26 maxlen: 26
5.195.172.128/26 maxlen: 26
5.195.172.192/26 maxlen: 26
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.177.0/25 maxlen: 25
31.219.177.128/25 maxlen: 25
31.219.179.0/24 maxlen: 24
31.219.180.0/24 maxlen: 24
194.170.165.0/24 maxlen: 24
194.170.165.0/26 maxlen: 26
194.170.165.64/26 maxlen: 26
194.170.165.128/26 maxlen: 26
194.170.165.192/26 maxlen: 26
194.170.186.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.2.0/24 maxlen: 24
195.229.3.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
2001:8f8:0:14::/64 maxlen: 64
2001:8f8:0:15::/64 maxlen: 64
2001:8f8:0:121::/64 maxlen: 64
2001:8f8:0:122::/64 maxlen: 64
2001:8f8:0:124::/64 maxlen: 64
2001:8f8:0:125::/64 maxlen: 64
2001:8f8:0:126::/64 maxlen: 64
2001:8f8:0:127::/64 maxlen: 64
Validation: Failed, certificate revoked on Thu 16 Jan 2025 16:15:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:6e:db:a9:d2:de:ec:32:1d:f7:c5:93:8c:6f:e5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 14 15:29:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe07ce5fed71b6e15c6e6b03ed3159265471a919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ee:ab:1b:71:fb:17:e9:e7:88:7f:1c:8c:5a:
e1:6b:3e:e5:af:eb:83:91:ce:ab:43:05:40:cf:f2:
fa:36:cb:72:54:a1:f6:c3:e3:c3:e5:10:6e:72:e9:
e7:7e:63:e4:f4:a0:79:79:1f:75:af:9a:3b:e8:de:
0d:59:ae:54:1f:58:d0:c7:41:7f:42:75:16:54:66:
74:a1:12:09:65:55:a5:02:a3:86:2a:4a:0c:d5:64:
54:84:1b:15:8e:96:98:08:0a:83:37:ae:be:98:d4:
73:64:7d:c2:9a:7f:0f:a2:f5:fb:ad:0d:8e:d2:43:
81:98:15:d2:2f:c9:88:1e:a9:62:3a:56:d6:34:94:
5f:e8:19:06:8f:2e:c2:d6:5c:32:cc:ad:6d:ca:d0:
a3:45:4b:36:ae:a5:81:f8:e4:1d:fc:fa:6d:e3:5e:
3d:4c:17:0a:e1:4d:c5:d8:39:c1:c3:c2:70:18:53:
dc:06:9c:99:42:4a:2e:14:de:b8:5b:a0:16:c4:70:
9e:6a:fc:ce:d5:5f:9c:d1:8a:0c:28:a7:11:e9:a7:
03:14:2c:15:75:18:bb:e0:01:8b:5d:71:1b:fc:71:
b6:b9:11:f3:9c:46:48:43:ed:7d:76:7a:b1:6f:bd:
06:f9:bd:1d:50:21:bb:28:fe:89:84:77:fa:0f:fb:
93:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:07:CE:5F:ED:71:B6:E1:5C:6E:6B:03:ED:31:59:26:54:71:A9:19
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/_gfOX-1xtuFcbmsD7TFZJlRxqRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.70.0/24
5.195.166.0/23
5.195.172.0/22
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.165.0/24
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
87:f4:19:bf:e7:8b:76:39:43:42:c1:1a:20:79:1f:61:84:d6:
31:fb:a2:3f:69:10:9c:0b:2c:e5:ec:b4:dd:05:0c:ce:b8:dc:
b5:01:3b:1b:1f:b3:65:97:85:51:ad:ec:61:01:49:d1:bd:ce:
af:ff:64:92:31:6b:22:ba:83:29:95:a5:0d:69:4f:2e:52:47:
d5:cf:d9:42:76:ba:fc:23:17:b2:1d:23:51:f9:b6:00:27:9f:
d8:8c:4b:0e:12:6f:49:11:93:e4:2c:03:31:11:06:68:17:e6:
dd:d2:06:1d:5e:20:8e:e2:c5:7b:87:e8:99:d4:d8:91:0b:e3:
d8:88:1d:4d:a9:51:da:e1:ae:d9:8d:8f:6a:03:cb:53:75:99:
9a:12:79:be:7c:c5:e5:26:1b:61:af:a8:25:33:ca:44:a5:1e:
19:20:90:e3:d5:77:5d:bb:9a:c2:77:58:54:d8:bb:79:d2:53:
c8:5f:5d:0d:c5:5b:66:03:cf:22:7b:5f:4b:11:05:3c:86:44:
a0:90:db:87:25:fc:ef:ca:36:cf:b9:00:bf:b4:53:ea:17:66:
59:f9:90:cb:d9:16:ca:a7:bf:ba:76:2a:a9:17:b4:8f:6c:04:
5b:49:f0:58:f5:18:8c:ce:85:60:69:34:f2:eb:1b:e5:d4:2b:
6d:58:33:38
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZRlbtup0t7sMh33xZOMb+XMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwMTE0MTUyOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA3Y2U1ZmVkNzFiNmUxNWM2ZTZiMDNlZDMxNTkyNjU0NzFhOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze6rG3H7F+nniH8cjFrhaz7lr+uD
kc6rQwVAz/L6NstyVKH2w+PD5RBucunnfmPk9KB5eR91r5o76N4NWa5UH1jQx0F/
QnUWVGZ0oRIJZVWlAqOGKkoM1WRUhBsVjpaYCAqDN66+mNRzZH3Cmn8PovX7rQ2O
0kOBmBXSL8mIHqliOlbWNJRf6BkGjy7C1lwyzK1tytCjRUs2rqWB+OQd/Ppt4149
TBcK4U3F2DnBw8JwGFPcBpyZQkouFN64W6AWxHCeavzO1V+c0YoMKKcR6acDFCwV
dRi74AGLXXEb/HG2uRHznEZIQ+19dnqxb70G+b0dUCG7KP6JhHf6D/uTwwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFP4Hzl/tcbbhXG5rA+0xWSZUcakZMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvX2dmT1gtMXh0dUZjYm1zRDdURlpKbFJ4cVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQABcNGAwQB
BcOmAwQCBcOsAwQABcPQAwQABcPfAwQAH9uxMAwDBAAf27MDBAAf27QDBADCqqUD
BADCqroDBAXD5QADBADD5SIwDQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQAD
ggEBAIf0Gb/ni3Y5Q0LBGiB5H2GE1jH7oj9pEJwLLOXstN0FDM643LUBOxsfs2WX
hVGt7GEBSdG9zq//ZJIxayK6gymVpQ1pTy5SR9XP2UJ2uvwjF7IdI1H5tgAnn9iM
Sw4Sb0kRk+QsAzERBmgX5t3SBh1eII7ixXuH6JnU2JEL49iIHU2pUdrhrtmNj2oD
y1N1mZoSeb58xeUmG2GvqCUzykSlHhkgkOPVd127msJ3WFTYu3nSU8hfXQ3FW2YD
zyJ7X0sRBTyGRKCQ24cl/O/KNs+5AL+0U+oXZln5kMvZFsqnv7p2KqkXtI9sBFtJ
8Fj1GIzOhWBpNPLrG+XUK21YMzg=
-----END CERTIFICATE-----
Generated at Thu May 8 02:38:26 2025 by rpki-client