Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/z8ZiXj3W9AJXO0sLZ8X4qvC_QzA.roa
File: z8ZiXj3W9AJXO0sLZ8X4qvC_QzA.roa (raw, json)
Hash identifier: v+onL9n3THzaV9ArHPI8WS6KlZbSNVzNiZHurjXsBMg=
Subject key identifier: CF:C6:62:5E:3D:D6:F4:02:57:3B:4B:0B:67:C5:F8:AA:F0:BF:43:30
Certificate issuer: /CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Certificate serial: 0197F91C441A2CCACA3B7444520ADBE1BA20
Authority key identifier: 05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/z8ZiXj3W9AJXO0sLZ8X4qvC_QzA.roa
Signing time: Fri 11 Jul 2025 10:51:08 +0000
ROA not before: Fri 11 Jul 2025 10:51:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60187
IP address blocks: 5.150.62.0/24 maxlen: 24
5.150.64.0/24 maxlen: 24
5.150.65.0/24 maxlen: 24
5.150.66.0/24 maxlen: 24
5.150.67.0/24 maxlen: 24
5.150.68.0/24 maxlen: 24
5.150.69.0/24 maxlen: 24
5.150.70.0/24 maxlen: 24
5.150.71.0/24 maxlen: 24
5.150.74.0/24 maxlen: 24
5.150.76.0/24 maxlen: 24
5.150.80.0/20 maxlen: 20
5.150.96.0/22 maxlen: 22
5.150.100.0/22 maxlen: 22
5.150.104.0/22 maxlen: 22
5.150.108.0/22 maxlen: 22
5.150.112.0/22 maxlen: 22
5.150.116.0/22 maxlen: 22
5.150.120.0/22 maxlen: 22
5.150.124.0/22 maxlen: 22
171.33.192.0/21 maxlen: 21
171.33.192.0/22 maxlen: 22
171.33.196.0/22 maxlen: 22
171.33.200.0/21 maxlen: 21
171.33.208.0/21 maxlen: 21
171.33.216.0/21 maxlen: 21
2a02:af40::/29 maxlen: 29
2a02:af40::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 23 Jul 2025 12:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f9:1c:44:1a:2c:ca:ca:3b:74:44:52:0a:db:e1:ba:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Validity
Not Before: Jul 11 10:51:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfc6625e3dd6f402573b4b0b67c5f8aaf0bf4330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e2:63:e7:14:32:a8:41:d5:1b:57:ea:63:38:
b7:c2:71:b4:1a:71:7f:7d:33:60:fb:04:04:fe:68:
ac:9e:54:6d:27:62:18:9b:95:9d:da:6a:55:02:f3:
cb:9f:9d:5c:8f:fe:f4:9a:36:d1:11:4c:f2:60:5a:
64:ca:f2:d7:85:d9:78:44:cd:0b:a2:d2:95:19:69:
26:c8:c6:b7:7a:75:8f:98:01:3a:24:11:ae:c7:49:
f8:17:fb:a0:cb:dd:5e:64:56:12:6d:55:17:57:7e:
80:80:d1:11:eb:02:d1:dd:c1:16:aa:13:da:46:bd:
e9:ad:7f:88:5c:63:7b:51:5c:ac:0f:81:78:3d:b3:
31:0f:96:ae:e1:c9:a6:97:b1:48:76:46:da:30:ab:
ab:98:05:0e:92:06:7d:6f:ee:0e:cc:d8:f4:4b:31:
17:ee:1d:a6:ab:e3:c3:61:0e:9a:da:83:a9:3c:b1:
8f:f0:b2:9b:c9:fc:cf:d7:27:f4:16:6b:3d:bb:22:
88:fa:a0:31:bc:37:e3:ca:d6:a4:a5:08:51:92:92:
77:e7:f3:92:9c:e0:25:27:cb:0c:af:46:b3:dd:36:
74:d8:6f:40:85:8b:cb:7a:2e:11:ba:bf:79:2d:0c:
dc:d2:c8:7c:8b:f1:8c:07:2a:70:8a:06:b3:de:8c:
a9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C6:62:5E:3D:D6:F4:02:57:3B:4B:0B:67:C5:F8:AA:F0:BF:43:30
X509v3 Authority Key Identifier:
keyid:05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/z8ZiXj3W9AJXO0sLZ8X4qvC_QzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.62.0/24
5.150.64.0/21
5.150.74.0/24
5.150.76.0/24
5.150.80.0-5.150.127.255
171.33.192.0/19
IPv6:
2a02:af40::/29
Signature Algorithm: sha256WithRSAEncryption
95:79:d8:2a:dc:1f:e4:be:ce:ed:2f:3c:19:59:d7:01:5a:47:
d3:f7:de:74:0b:66:e6:9e:39:73:1a:30:ca:eb:bd:ce:f1:43:
98:2d:41:f6:5a:0f:e3:db:7d:df:b1:69:08:53:c9:d4:e2:b1:
60:15:84:e3:3e:83:5b:06:54:a5:32:17:70:1f:22:4d:27:12:
83:29:98:9d:72:fa:fd:1d:bc:93:6a:3a:a5:98:1d:6c:31:b9:
57:5b:35:05:01:75:db:f1:40:de:74:3c:46:c8:1a:a7:33:b8:
20:38:cf:6b:57:23:c6:cf:ee:7f:a1:03:45:24:c6:92:08:6d:
8c:34:a1:fe:b2:d5:a7:de:74:2c:1e:9b:71:06:bb:11:90:b4:
4e:6c:83:91:3b:a3:48:b8:b0:2f:46:d0:98:c9:bc:2c:0a:77:
dd:d5:eb:87:a0:fd:af:2f:01:09:f7:e1:57:2d:2c:5d:47:4a:
4d:29:f2:91:b8:19:f5:4a:b7:9c:cb:bb:4f:db:b7:90:4a:b8:
cc:3e:f1:4b:1e:14:14:02:38:36:51:ce:1d:87:8a:1b:b4:33:
05:98:d8:7f:31:74:13:3b:20:89:f2:b4:79:91:87:a6:e3:83:
4d:ae:61:41:f4:2d:69:a5:12:39:39:c4:96:56:d3:e0:07:52:
7b:e1:39:51
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZf5HEQaLMrKO3REUgrb4bogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmNkZTMxOWEzZGNhMmNmNjc0NGQyODgxY2E5MWI4M2Ri
OWJkZWEwHhcNMjUwNzExMTA1MTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmM2NjI1ZTNkZDZmNDAyNTczYjRiMGI2N2M1ZjhhYWYwYmY0MzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluJj5xQyqEHVG1fqYzi3wnG0GnF/
fTNg+wQE/misnlRtJ2IYm5Wd2mpVAvPLn51cj/70mjbREUzyYFpkyvLXhdl4RM0L
otKVGWkmyMa3enWPmAE6JBGux0n4F/ugy91eZFYSbVUXV36AgNER6wLR3cEWqhPa
Rr3prX+IXGN7UVysD4F4PbMxD5au4cmml7FIdkbaMKurmAUOkgZ9b+4OzNj0SzEX
7h2mq+PDYQ6a2oOpPLGP8LKbyfzP1yf0Fms9uyKI+qAxvDfjytakpQhRkpJ35/OS
nOAlJ8sMr0az3TZ02G9AhYvLei4Rur95LQzc0sh8i/GMBypwigaz3oypAwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFM/GYl491vQCVztLC2fF+Krwv0MwMB8GA1UdIwQY
MBaAFAW83jGaPcos9nRNKIHKkbg9ub3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMt
Njg2N2M0YWUzMTYxLzEvejhaaVhqM1c5QUpYTzBzTFo4WDRxdkNfUXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMtNjg2N2M0YWUzMTYx
LzEvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQABZY+AwQD
BZZAAwQABZZKAwQABZZMMAwDBAQFllADBAcFlgADBAWrIcAwDQQCAAIwBwMFAyoC
r0AwDQYJKoZIhvcNAQELBQADggEBAJV52CrcH+S+zu0vPBlZ1wFaR9P33nQLZuae
OXMaMMrrvc7xQ5gtQfZaD+Pbfd+xaQhTydTisWAVhOM+g1sGVKUyF3AfIk0nEoMp
mJ1y+v0dvJNqOqWYHWwxuVdbNQUBddvxQN50PEbIGqczuCA4z2tXI8bP7n+hA0Uk
xpIIbYw0of6y1afedCwem3EGuxGQtE5sg5E7o0i4sC9G0JjJvCwKd93V64eg/a8v
AQn34VctLF1HSk0p8pG4GfVKt5zLu0/bt5BKuMw+8UseFBQCODZRzh2Hihu0MwWY
2H8xdBM7IInytHmRh6bjg02uYUH0LWmlEjk5xJZW0+AHUnvhOVE=
-----END CERTIFICATE-----
Generated at Mon Jul 28 06:08:43 2025 by rpki-client