Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/pb_WJbw8NkA8egliY-Tw_drV0-o.roa
File: pb_WJbw8NkA8egliY-Tw_drV0-o.roa (raw, json)
Hash identifier: uSNankrb12Y+s9U+871X80ZAeha80wnvFBgjPbCl8ag=
Subject key identifier: A5:BF:D6:25:BC:3C:36:40:3C:7A:09:62:63:E4:F0:FD:DA:D5:D3:EA
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 0193E01F8BE0FA5E4BCBB449DB973F3D85BD
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/pb_WJbw8NkA8egliY-Tw_drV0-o.roa
Signing time: Thu 19 Dec 2024 18:13:04 +0000
ROA not before: Thu 19 Dec 2024 18:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31122
IP address blocks: 46.183.104.0/23 maxlen: 23
78.137.128.0/18 maxlen: 18
78.143.128.0/18 maxlen: 18
80.93.16.0/20 maxlen: 20
83.147.128.0/18 maxlen: 18
84.203.0.0/16 maxlen: 16
89.16.64.0/19 maxlen: 19
89.184.32.0/22 maxlen: 22
89.184.40.0/21 maxlen: 21
89.184.48.0/21 maxlen: 21
89.184.56.0/23 maxlen: 23
89.234.64.0/18 maxlen: 18
91.142.96.0/20 maxlen: 20
92.51.192.0/19 maxlen: 19
92.51.208.0/20 maxlen: 20
92.51.240.0/21 maxlen: 21
93.92.8.0/21 maxlen: 21
94.247.48.0/21 maxlen: 21
109.106.96.0/20 maxlen: 20
109.106.112.0/21 maxlen: 21
109.106.124.0/22 maxlen: 22
176.52.216.0/22 maxlen: 22
176.52.220.0/23 maxlen: 23
185.47.144.0/22 maxlen: 22
185.53.32.0/24 maxlen: 24
185.53.35.0/24 maxlen: 24
185.182.72.0/22 maxlen: 22
185.205.228.0/22 maxlen: 22
185.233.176.0/22 maxlen: 22
185.242.236.0/23 maxlen: 23
212.126.32.0/19 maxlen: 19
212.126.60.0/22 maxlen: 22
217.78.0.0/20 maxlen: 20
2a00:15b8::/32 maxlen: 32
2a00:15b8:400::/40 maxlen: 40
2a01:258::/32 maxlen: 32
2a01:8aa0::/32 maxlen: 32
2a02:220::/32 maxlen: 32
2a0a:e780::/29 maxlen: 30
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e0:1f:8b:e0:fa:5e:4b:cb:b4:49:db:97:3f:3d:85:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Dec 19 18:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5bfd625bc3c36403c7a096263e4f0fddad5d3ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6d:cc:04:8f:6f:b6:2b:e0:40:28:90:3a:e5:
76:ab:d4:1b:9b:95:20:16:37:f5:f6:8b:fe:ba:e3:
3e:d4:97:10:da:b3:6d:1d:fe:32:b6:76:aa:35:99:
46:8c:9b:1d:2c:41:e0:82:f4:ca:d8:ae:6b:fd:4f:
91:f7:37:74:3d:fe:ad:d2:bb:d4:d5:e0:da:cb:40:
89:57:d4:66:9f:d7:01:b4:c8:4b:18:3e:3d:67:b0:
d4:1f:64:a8:e5:d9:7a:37:c5:38:0e:85:b8:9c:30:
52:e0:c3:62:b2:aa:7b:2d:0b:86:ef:f7:ef:89:7e:
14:17:e0:27:20:66:b4:72:9e:3d:2b:56:16:a0:af:
58:c2:b1:96:99:ce:f3:fe:6a:dd:9d:e2:48:ea:ed:
9b:db:ee:44:7f:13:0e:e0:f1:e4:72:68:2c:2f:b1:
f2:f2:fd:8a:de:21:65:b3:a7:b8:81:1e:03:00:f2:
39:fc:62:0e:21:46:53:13:77:e7:0a:62:a9:82:6c:
ec:8c:88:61:68:ff:88:e5:b3:ed:a5:e9:7c:b4:fa:
b2:03:31:05:c6:f6:18:81:47:3b:7c:e1:9a:1c:b4:
a2:44:6e:11:ac:4c:49:a3:61:b3:db:61:c7:48:5f:
0f:3d:31:07:ce:73:37:d7:07:ab:85:04:96:23:a7:
22:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BF:D6:25:BC:3C:36:40:3C:7A:09:62:63:E4:F0:FD:DA:D5:D3:EA
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/pb_WJbw8NkA8egliY-Tw_drV0-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.104.0/23
78.137.128.0/18
78.143.128.0/18
80.93.16.0/20
83.147.128.0/18
84.203.0.0/16
89.16.64.0/19
89.184.32.0/22
89.184.40.0-89.184.57.255
89.234.64.0/18
91.142.96.0/20
92.51.192.0/19
92.51.240.0/21
93.92.8.0/21
94.247.48.0/21
109.106.96.0-109.106.119.255
109.106.124.0/22
176.52.216.0-176.52.221.255
185.47.144.0/22
185.53.32.0/24
185.53.35.0/24
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
185.242.236.0/23
212.126.32.0/19
217.78.0.0/20
IPv6:
2a00:15b8::/32
2a01:258::/32
2a01:8aa0::/32
2a02:220::/32
2a0a:e780::/29
Signature Algorithm: sha256WithRSAEncryption
c7:a1:5b:51:f0:a7:62:97:d5:cb:a5:c5:47:da:99:15:72:cc:
93:9f:f2:5d:d2:95:b9:80:55:62:de:ac:b8:9d:1c:75:29:a8:
07:c2:c3:62:da:02:5b:21:c9:8f:da:ef:62:6a:c3:b2:b2:f4:
57:4c:33:c7:e5:1e:33:ae:33:6a:da:9d:3f:8d:9b:54:b3:88:
7b:5c:d0:47:4c:51:6d:e5:08:c2:fe:7e:1c:1d:37:5b:8b:a8:
72:6d:92:1a:3f:ac:1f:17:78:db:85:1c:4c:27:70:29:67:e2:
cc:3d:14:08:44:31:c6:d1:ca:c2:3b:b3:0a:8d:3c:20:9d:de:
aa:35:8f:46:d8:57:59:87:08:20:d1:25:d2:5d:2b:57:c4:60:
d3:59:63:e3:de:15:69:87:63:3f:60:aa:1d:35:d4:04:7d:4f:
46:d6:1a:77:8c:46:5e:aa:32:88:f6:0e:12:01:61:48:54:40:
67:53:37:2d:43:82:79:79:be:ba:51:77:50:d9:3b:d6:37:a1:
c6:6e:da:d4:d5:9b:2e:d0:7c:81:63:c9:50:60:0b:44:46:01:
39:24:31:4c:8e:f4:16:c0:55:80:3b:24:f7:4b:6d:bd:bd:94:
a6:1c:f6:b3:39:bd:f1:7b:2a:09:e9:62:af:15:5a:d3:0e:0b:
aa:36:69:c7
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZPgH4vg+l5Ly7RJ25c/PYW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjQxMjE5MTgxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJmZDYyNWJjM2MzNjQwM2M3YTA5NjI2M2U0ZjBmZGRhZDVkM2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG3MBI9vtivgQCiQOuV2q9Qbm5Ug
Fjf19ov+uuM+1JcQ2rNtHf4ytnaqNZlGjJsdLEHggvTK2K5r/U+R9zd0Pf6t0rvU
1eDay0CJV9Rmn9cBtMhLGD49Z7DUH2So5dl6N8U4DoW4nDBS4MNisqp7LQuG7/fv
iX4UF+AnIGa0cp49K1YWoK9YwrGWmc7z/mrdneJI6u2b2+5EfxMO4PHkcmgsL7Hy
8v2K3iFls6e4gR4DAPI5/GIOIUZTE3fnCmKpgmzsjIhhaP+I5bPtpel8tPqyAzEF
xvYYgUc7fOGaHLSiRG4RrExJo2Gz22HHSF8PPTEHznM31werhQSWI6ciewIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFKW/1iW8PDZAPHoJYmPk8P3a1dPqMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvcGJfV0pidzhOa0E4ZWdsaVktVHdfZHJWMC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgcAEAgABMIG5AwQB
LrdoAwQGTomAAwQGTo+AAwQEUF0QAwQGU5OAAwMAVMsDBAVZEEADBAJZuCAwDAME
A1m4KAMEAVm4OAMEBlnqQAMEBFuOYAMEBVwzwAMEA1wz8AMEA11cCAMEA173MDAM
AwQFbWpgAwQDbWpwAwQCbWp8MAwDBAOwNNgDBAGwNNwDBAK5L5ADBAC5NSADBAC5
NSMDBAK5tkgDBAK5zeQDBAK56bADBAG58uwDBAXUfiADBATZTgAwKQQCAAIwIwMF
ACoAFbgDBQAqAQJYAwUAKgGKoAMFACoCAiADBQMqCueAMA0GCSqGSIb3DQEBCwUA
A4IBAQDHoVtR8Kdil9XLpcVH2pkVcsyTn/Jd0pW5gFVi3qy4nRx1KagHwsNi2gJb
IcmP2u9iasOysvRXTDPH5R4zrjNq2p0/jZtUs4h7XNBHTFFt5QjC/n4cHTdbi6hy
bZIaP6wfF3jbhRxMJ3ApZ+LMPRQIRDHG0crCO7MKjTwgnd6qNY9G2FdZhwgg0SXS
XStXxGDTWWPj3hVph2M/YKodNdQEfU9G1hp3jEZeqjKI9g4SAWFIVEBnUzctQ4J5
eb66UXdQ2TvWN6HGbtrU1Zsu0HyBY8lQYAtERgE5JDFMjvQWwFWAOyT3S229vZSm
HPazOb3xeyoJ6WKvFVrTDguqNmnH
-----END CERTIFICATE-----
Generated at Tue May 13 02:23:36 2025 by rpki-client