Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/Zq70FHMZD76_Gue3kDu809Jb-QQ.roa
File: Zq70FHMZD76_Gue3kDu809Jb-QQ.roa (raw, json)
Hash identifier: C35CxPCBZyY0sb6IH9wA6K1/eolcaHDQJDP8Tb7cqSE=
Subject key identifier: 66:AE:F4:14:73:19:0F:BE:BF:1A:E7:B7:90:3B:BC:D3:D2:5B:F9:04
Certificate issuer: /CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Certificate serial: 0194266BDDC2EC344995500BD96ACB3D5E99
Authority key identifier: 18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/Zq70FHMZD76_Gue3kDu809Jb-QQ.roa
Signing time: Thu 02 Jan 2025 09:49:50 +0000
ROA not before: Thu 02 Jan 2025 09:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14061
IP address blocks: 5.42.203.0/24 maxlen: 24
5.101.96.0/20 maxlen: 24
37.139.0.0/19 maxlen: 22
46.101.0.0/16 maxlen: 22
80.240.128.0/20 maxlen: 22
82.196.0.0/20 maxlen: 22
95.85.0.0/18 maxlen: 22
146.185.128.0/19 maxlen: 22
146.185.160.0/19 maxlen: 22
167.172.0.0/16 maxlen: 22
178.62.0.0/16 maxlen: 22
178.128.0.0/17 maxlen: 22
178.128.128.0/17 maxlen: 22
185.14.184.0/22 maxlen: 22
188.166.0.0/16 maxlen: 22
188.226.128.0/17 maxlen: 22
2a03:b0c0::/32 maxlen: 48
2a12:1840::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Mar 2025 10:54:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:dd:c2:ec:34:49:95:50:0b:d9:6a:cb:3d:5e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Validity
Not Before: Jan 2 09:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66aef41473190fbebf1ae7b7903bbcd3d25bf904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:34:e6:fb:33:80:ca:c7:33:70:af:01:ae:64:
b4:15:5f:9a:cd:70:f1:0f:61:dd:80:9f:79:f2:1a:
5a:87:bd:35:69:dc:60:aa:af:41:b1:f3:23:32:83:
ee:21:b8:e1:b3:15:d4:2d:e5:b1:98:4d:3f:8e:4c:
4a:be:4a:de:77:40:ce:c5:01:0e:be:4e:a8:bb:cf:
df:1c:a2:ff:0d:d0:11:47:5f:ea:8a:a9:68:7e:1d:
92:c6:28:52:26:bd:36:fc:20:b1:5a:86:ea:f6:b5:
f8:e7:1c:47:a2:89:f4:d0:16:6b:f6:59:3f:fd:a9:
14:9b:8c:a5:3b:58:a4:3c:c6:3d:82:47:82:06:a4:
2f:d7:6a:65:7c:ff:e3:b9:e5:35:49:7a:9a:e9:3d:
1f:14:53:fe:46:61:2d:a5:f7:33:aa:37:ea:bc:c3:
32:17:68:d0:50:71:01:d4:06:25:6d:f9:ec:0c:44:
76:be:0c:00:13:0b:43:f8:6d:c0:3b:17:26:47:38:
a3:ff:f7:66:97:f2:a1:ff:8e:12:2e:7d:76:ee:19:
81:db:9f:c2:6e:3e:eb:b1:1f:36:5b:29:d6:7a:17:
46:d0:2f:3c:00:8e:aa:26:c7:ee:e0:10:94:e0:cf:
cd:c2:3f:fa:c0:f9:cd:02:3c:a8:6c:7a:15:80:57:
23:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AE:F4:14:73:19:0F:BE:BF:1A:E7:B7:90:3B:BC:D3:D2:5B:F9:04
X509v3 Authority Key Identifier:
keyid:18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/Zq70FHMZD76_Gue3kDu809Jb-QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.203.0/24
5.101.96.0/20
37.139.0.0/19
46.101.0.0/16
80.240.128.0/20
82.196.0.0/20
95.85.0.0/18
146.185.128.0/18
167.172.0.0/16
178.62.0.0/16
178.128.0.0/16
185.14.184.0/22
188.166.0.0/16
188.226.128.0/17
IPv6:
2a03:b0c0::/32
2a12:1840::/29
Signature Algorithm: sha256WithRSAEncryption
a3:4a:b1:b2:f6:c0:67:a0:9a:a9:eb:43:87:ae:a8:ab:5f:65:
e2:dd:b3:db:7e:60:c1:77:22:b7:91:b4:3b:7e:0f:61:e7:b9:
25:6d:b8:62:dc:49:02:ed:fd:f1:77:6b:a8:a1:a8:e5:04:41:
19:86:84:3b:41:b0:bc:67:c8:c5:6d:86:b3:c0:85:d7:6a:28:
c3:f2:a6:d3:f2:ad:9f:33:62:53:53:b4:ab:11:f6:27:fd:08:
de:6f:0b:2f:1b:3b:47:ad:54:f4:50:42:1c:cd:b1:7e:f1:2f:
ec:8d:c0:69:02:bf:de:12:07:55:19:16:76:83:da:21:ad:b1:
c5:16:d6:73:0a:ee:7d:87:56:31:af:7b:62:fb:ff:09:f0:38:
19:bd:64:ab:fd:06:06:c4:84:95:9b:2d:03:79:7d:85:bc:66:
59:e5:a4:07:aa:0b:72:bf:eb:ba:52:9c:87:70:e6:e3:15:21:
73:07:af:ff:48:53:54:f1:71:09:fc:73:c9:f2:0f:5a:a4:b9:
67:64:5d:ce:a2:cf:99:0a:32:f2:59:ac:a0:87:0a:b7:f9:39:
37:eb:d3:bf:99:53:0e:48:ee:e0:ad:d2:cb:10:ef:d4:b7:bd:
b4:b5:b6:3b:39:89:13:f3:d7:9a:78:c1:c3:5f:62:d4:e9:9a:
19:25:b7:37
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZQma93C7DRJlVAL2WrLPV6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDhiZjdmZTQ4YjA1N2Y5ZjJmM2Q1ZDFhNjMxMGZkOWUx
NGM1NzEwHhcNMjUwMTAyMDk0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFlZjQxNDczMTkwZmJlYmYxYWU3Yjc5MDNiYmNkM2QyNWJmOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTTm+zOAysczcK8BrmS0FV+azXDx
D2HdgJ958hpah701adxgqq9BsfMjMoPuIbjhsxXULeWxmE0/jkxKvkred0DOxQEO
vk6ou8/fHKL/DdARR1/qiqlofh2SxihSJr02/CCxWobq9rX45xxHoon00BZr9lk/
/akUm4ylO1ikPMY9gkeCBqQv12plfP/jueU1SXqa6T0fFFP+RmEtpfczqjfqvMMy
F2jQUHEB1AYlbfnsDER2vgwAEwtD+G3AOxcmRzij//dml/Kh/44SLn127hmB25/C
bj7rsR82WynWehdG0C88AI6qJsfu4BCU4M/Nwj/6wPnNAjyobHoVgFcjVwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFGau9BRzGQ++vxrnt5A7vNPSW/kEMB8GA1UdIwQY
MBaAFBgIv3/kiwV/ny89XRpjEP2eFMVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMt
OWQzOTJlZWUwZjY2LzEvWnE3MEZITVpENzZfR3VlM2tEdTgwOUpiLVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMtOWQzOTJlZWUwZjY2
LzEvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBVBAIAATBPAwQABSrLAwQE
BWVgAwQFJYsAAwMALmUDBARQ8IADBARSxAADBAZfVQADBAaSuYADAwCnrAMDALI+
AwMAsoADBAK5DrgDAwC8pgMEB7zigDAUBAIAAjAOAwUAKgOwwAMFAyoSGEAwDQYJ
KoZIhvcNAQELBQADggEBAKNKsbL2wGegmqnrQ4euqKtfZeLds9t+YMF3IreRtDt+
D2HnuSVtuGLcSQLt/fF3a6ihqOUEQRmGhDtBsLxnyMVthrPAhddqKMPyptPyrZ8z
YlNTtKsR9if9CN5vCy8bO0etVPRQQhzNsX7xL+yNwGkCv94SB1UZFnaD2iGtscUW
1nMK7n2HVjGve2L7/wnwOBm9ZKv9BgbEhJWbLQN5fYW8ZlnlpAeqC3K/67pSnIdw
5uMVIXMHr/9IU1TxcQn8c8nyD1qkuWdkXc6iz5kKMvJZrKCHCrf5OTfr07+ZUw5I
7uCt0ssQ79S3vbS1tjs5iRPz15p4wcNfYtTpmhkltzc=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:50:12 2025 by rpki-client