Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sz0qG-OrPOjuOnRqK9zFNOhSb7k.roa
File: sz0qG-OrPOjuOnRqK9zFNOhSb7k.roa (raw, json)
Hash identifier: zTJ0FPUyqLL79GvAWmW7e+6Z7ZJDxl4McKE38tmXWeI=
Subject key identifier: B3:3D:2A:1B:E3:AB:3C:E8:EE:3A:74:6A:2B:DC:C5:34:E8:52:6F:B9
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01971AF46A0A3748E28449150C693347EED7
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sz0qG-OrPOjuOnRqK9zFNOhSb7k.roa
Signing time: Thu 29 May 2025 07:31:54 +0000
ROA not before: Thu 29 May 2025 07:31:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 80.81.39.0/24 maxlen: 24
80.81.47.0/24 maxlen: 24
80.81.48.0/24 maxlen: 24
80.81.53.0/24 maxlen: 24
80.81.58.0/24 maxlen: 24
80.255.224.0/20 maxlen: 20
83.223.128.0/24 maxlen: 24
83.223.129.0/24 maxlen: 24
83.223.130.0/24 maxlen: 24
83.223.131.0/24 maxlen: 24
83.223.134.0/24 maxlen: 24
83.223.135.0/24 maxlen: 24
83.223.137.0/24 maxlen: 24
83.223.138.0/24 maxlen: 24
83.223.140.0/24 maxlen: 24
83.223.142.0/24 maxlen: 24
83.223.144.0/24 maxlen: 24
83.223.148.0/24 maxlen: 24
83.223.152.0/24 maxlen: 24
83.223.153.0/24 maxlen: 24
83.223.154.0/24 maxlen: 24
83.223.156.0/24 maxlen: 24
83.223.157.0/24 maxlen: 24
83.223.158.0/24 maxlen: 24
85.254.41.0/24 maxlen: 24
85.254.46.0/24 maxlen: 24
85.254.52.0/24 maxlen: 24
85.254.53.0/24 maxlen: 24
85.254.54.0/24 maxlen: 24
85.254.55.0/24 maxlen: 24
85.254.66.0/24 maxlen: 24
85.254.67.0/24 maxlen: 24
85.254.133.0/24 maxlen: 24
85.254.135.0/24 maxlen: 24
85.254.136.0/24 maxlen: 24
85.254.165.0/24 maxlen: 24
85.254.166.0/24 maxlen: 24
85.254.167.0/24 maxlen: 24
85.254.171.0/24 maxlen: 24
85.254.190.0/24 maxlen: 24
91.190.37.0/24 maxlen: 24
91.190.38.0/24 maxlen: 24
91.190.39.0/24 maxlen: 24
91.190.47.0/24 maxlen: 24
91.190.61.0/24 maxlen: 24
94.101.226.0/24 maxlen: 24
94.101.237.0/24 maxlen: 24
159.148.143.0/24 maxlen: 24
159.148.148.0/24 maxlen: 24
159.148.149.0/24 maxlen: 24
159.148.181.0/24 maxlen: 24
159.148.240.0/24 maxlen: 24
185.7.237.0/24 maxlen: 24
185.7.238.0/24 maxlen: 24
185.7.239.0/24 maxlen: 24
185.176.116.0/24 maxlen: 24
185.176.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 10:11:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:f4:6a:0a:37:48:e2:84:49:15:0c:69:33:47:ee:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 29 07:31:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b33d2a1be3ab3ce8ee3a746a2bdcc534e8526fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:89:5d:bc:96:db:32:e1:39:9b:fd:60:86:b3:
80:c0:02:01:df:85:00:0c:de:81:c3:a5:27:af:1b:
1a:3a:02:fe:58:fe:65:e1:1f:46:62:e3:56:94:d7:
67:5f:d7:55:f7:95:f9:95:d6:5c:94:ce:4e:3f:8e:
e6:0e:5f:65:88:61:90:36:a5:84:b9:37:ef:ab:92:
33:00:88:9b:e7:91:9c:ca:53:fe:0e:69:62:0c:33:
67:fb:50:fd:56:e3:f7:39:50:7b:af:be:65:5f:dc:
a8:47:7d:67:c1:2e:b0:bb:87:59:ac:5c:39:22:b7:
a9:da:d4:fa:de:41:ea:5a:1c:74:7e:9d:cf:a1:37:
8b:02:2a:3a:e7:84:9a:4f:13:a7:65:68:d2:21:52:
e4:25:44:88:c5:0e:49:1f:7f:43:5f:89:a2:7a:00:
55:f7:a6:66:f9:3c:d1:d3:2d:f1:d1:9e:53:9b:c7:
8b:b4:4d:71:d0:d7:8d:32:17:e3:bc:8f:c9:73:cf:
22:4d:8e:84:4c:65:3b:26:38:01:56:e3:a5:6d:93:
f6:f6:81:9a:59:f5:2b:3e:ce:e7:2a:8a:f3:a6:d0:
fc:e3:5a:f9:8a:59:b5:3e:9b:57:47:14:89:f1:75:
28:c2:55:31:c6:a3:99:d7:67:bb:e5:d5:3e:51:8d:
30:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3D:2A:1B:E3:AB:3C:E8:EE:3A:74:6A:2B:DC:C5:34:E8:52:6F:B9
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sz0qG-OrPOjuOnRqK9zFNOhSb7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.39.0/24
80.81.47.0-80.81.48.255
80.81.53.0/24
80.81.58.0/24
80.255.224.0/20
83.223.128.0/22
83.223.134.0/23
83.223.137.0-83.223.138.255
83.223.140.0/24
83.223.142.0/24
83.223.144.0/24
83.223.148.0/24
83.223.152.0-83.223.154.255
83.223.156.0-83.223.158.255
85.254.41.0/24
85.254.46.0/24
85.254.52.0/22
85.254.66.0/23
85.254.133.0/24
85.254.135.0-85.254.136.255
85.254.165.0-85.254.167.255
85.254.171.0/24
85.254.190.0/24
91.190.37.0-91.190.39.255
91.190.47.0/24
91.190.61.0/24
94.101.226.0/24
94.101.237.0/24
159.148.143.0/24
159.148.148.0/23
159.148.181.0/24
159.148.240.0/24
185.7.237.0-185.7.239.255
185.176.116.0/24
185.176.119.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:e1:27:cf:66:c8:33:bc:94:b2:72:c5:54:54:13:21:7e:21:
4b:8f:2d:20:a2:94:1e:47:a5:9c:a7:a0:13:74:28:2f:28:ab:
82:d5:85:a1:27:e8:71:e1:ff:ad:d0:df:b5:25:c7:42:7a:c2:
ea:8a:21:ee:40:be:f5:11:46:d9:67:ec:98:37:82:85:83:9f:
41:ab:11:bb:c3:5b:be:9a:36:89:bb:5d:24:21:d0:d3:ab:5b:
a5:25:15:2e:35:0d:ba:fa:46:8c:b4:25:3c:f9:a2:46:44:36:
52:73:cc:8f:bb:14:c3:e1:dd:0b:7f:c4:34:dc:0d:5c:25:b8:
e2:d7:0e:8d:e9:af:a9:cb:94:44:4d:f3:d9:c3:c1:08:94:fd:
cc:c4:05:04:bb:8b:d0:e2:67:20:cc:9c:46:e6:b1:97:d0:33:
b5:4f:3c:bc:51:27:54:65:1a:67:02:02:8b:18:44:e3:ad:1f:
c0:01:64:8f:0a:c8:22:50:d3:71:0f:83:53:a6:e4:63:82:ee:
1e:e2:30:06:94:82:a2:e4:81:df:5a:0f:6d:0d:0f:47:b1:2a:
b6:cf:79:75:e1:7e:80:a0:9f:83:7c:af:54:a8:83:71:d2:d0:
2f:73:88:92:93:83:4b:5a:42:86:c2:25:a9:89:dd:36:dc:d4:
05:3a:65:2b
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAZca9GoKN0jihEkVDGkzR+7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNTI5MDczMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNkMmExYmUzYWIzY2U4ZWUzYTc0NmEyYmRjYzUzNGU4NTI2ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14ldvJbbMuE5m/1ghrOAwAIB34UA
DN6Bw6UnrxsaOgL+WP5l4R9GYuNWlNdnX9dV95X5ldZclM5OP47mDl9liGGQNqWE
uTfvq5IzAIib55GcylP+DmliDDNn+1D9VuP3OVB7r75lX9yoR31nwS6wu4dZrFw5
Irep2tT63kHqWhx0fp3PoTeLAio654SaTxOnZWjSIVLkJUSIxQ5JH39DX4miegBV
96Zm+TzR0y3x0Z5Tm8eLtE1x0NeNMhfjvI/Jc88iTY6ETGU7JjgBVuOlbZP29oGa
WfUrPs7nKorzptD841r5ilm1PptXRxSJ8XUowlUxxqOZ12e75dU+UY0wAwIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFLM9Khvjqzzo7jp0aivcxTToUm+5MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvc3owcUctT3JQT2p1T25ScUs5ekZOT2hTYjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAFBRJzAMAwQAUFEvAwQAUFEwAwQAUFE1AwQAUFE6AwQEUP/gAwQCU9+AAwQB
U9+GMAwDBABT34kDBABT34oDBABT34wDBABT344DBABT35ADBABT35QwDAMEA1Pf
mAMEAFPfmjAMAwQCU9+cAwQAU9+eAwQAVf4pAwQAVf4uAwQCVf40AwQBVf5CAwQA
Vf6FMAwDBABV/ocDBABV/ogwDAMEAFX+pQMEA1X+oAMEAFX+qwMEAFX+vjAMAwQA
W74lAwQDW74gAwQAW74vAwQAW749AwQAXmXiAwQAXmXtAwQAn5SPAwQBn5SUAwQA
n5S1AwQAn5TwMAwDBAC5B+0DBAS5B+ADBAC5sHQDBAC5sHcwDQYJKoZIhvcNAQEL
BQADggEBAKDhJ89myDO8lLJyxVRUEyF+IUuPLSCilB5HpZynoBN0KC8oq4LVhaEn
6HHh/63Q37Ulx0J6wuqKIe5AvvURRtln7Jg3goWDn0GrEbvDW76aNom7XSQh0NOr
W6UlFS41Dbr6Roy0JTz5okZENlJzzI+7FMPh3Qt/xDTcDVwluOLXDo3pr6nLlERN
89nDwQiU/czEBQS7i9DiZyDMnEbmsZfQM7VPPLxRJ1RlGmcCAosYROOtH8ABZI8K
yCJQ03EPg1Om5GOC7h7iMAaUgqLkgd9aD20ND0exKrbPeXXhfoCgn4N8r1Sog3HS
0C9ziJKTg0taQobCJamJ3Tbc1AU6ZSs=
-----END CERTIFICATE-----
Generated at Mon Jul 28 20:14:19 2025 by rpki-client