Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/R5epUbzE0I8mNASbjx0yu9hdKgw.roa
File: R5epUbzE0I8mNASbjx0yu9hdKgw.roa (raw, json)
Hash identifier: SNNmNVsh8P0KToRUUt8JkOR6l6P9x1MwAA71kpovZb4=
Subject key identifier: 47:97:A9:51:BC:C4:D0:8F:26:34:04:9B:8F:1D:32:BB:D8:5D:2A:0C
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D70FA937059B075DC2E9042E509F45
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/R5epUbzE0I8mNASbjx0yu9hdKgw.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50113
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
5.180.136.221/32 maxlen: 32
5.180.137.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
185.17.3.102/32 maxlen: 32
185.104.248.0/24 maxlen: 24
185.139.68.28/32 maxlen: 32
185.139.70.116/32 maxlen: 32
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
185.180.230.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
185.188.180.0/24 maxlen: 24
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
185.244.174.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
194.53.52.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/23 maxlen: 23
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.142.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.198.108/32 maxlen: 32
194.67.203.54/32 maxlen: 32
194.67.208.6/32 maxlen: 32
194.67.208.12/32 maxlen: 32
194.67.208.48/32 maxlen: 32
213.108.197.0/24 maxlen: 24
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
2a04:5200::/29 maxlen: 29
2a04:5200::/32 maxlen: 32
2a04:5200::/48 maxlen: 48
2a04:5200:1::/48 maxlen: 48
2a04:5200:a::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5200:fff2::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff4::/48 maxlen: 48
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5200:fff7::/48 maxlen: 48
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a0a:9300::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Jan 2025 11:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0f:a9:37:05:9b:07:5d:c2:e9:04:2e:50:9f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4797a951bcc4d08f2634049b8f1d32bbd85d2a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:56:c2:8d:6f:4b:75:31:b3:2e:ec:09:9d:59:
41:3f:46:24:ec:21:a6:91:64:48:41:87:65:f3:6c:
a2:a3:21:ba:00:3e:2a:49:85:2d:fa:a4:4d:60:95:
3a:c4:9a:be:39:3d:c7:11:1d:11:81:19:0d:62:34:
c8:bc:d7:84:6c:f8:9c:99:93:e7:2d:15:7d:43:dc:
77:ac:d7:96:5f:79:d9:d9:27:78:12:d0:77:15:90:
4a:a7:7a:72:ee:0c:91:b3:30:67:d4:69:df:9f:73:
4b:d6:d7:95:9f:a2:4a:a3:53:0b:f9:53:ff:f3:7d:
67:ed:de:b4:cd:c6:d1:6d:97:71:84:4b:06:3a:12:
d9:73:fe:13:a5:4a:30:eb:f5:68:2f:f1:37:85:22:
f9:a9:39:ed:e3:87:f1:1c:a7:e3:22:50:c1:88:79:
63:b3:2b:21:86:34:d3:24:31:0c:2c:4a:f2:79:df:
47:63:23:73:53:40:90:0d:98:40:30:08:41:11:14:
8f:38:06:b6:ee:d7:b7:63:c7:4e:5d:7b:d2:b7:34:
99:75:1f:5f:3a:d6:ca:cc:4d:8c:db:1c:e8:a5:58:
58:ae:4d:b0:f4:8c:84:a5:e5:24:4f:ed:32:1b:2a:
af:1b:a5:59:b5:c9:82:19:ca:7b:6c:9b:69:9b:06:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:97:A9:51:BC:C4:D0:8F:26:34:04:9B:8F:1D:32:BB:D8:5D:2A:0C
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/R5epUbzE0I8mNASbjx0yu9hdKgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.8.211.0/24
45.89.64.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.104.248.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
185.244.174.0/24
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.53.52.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.197.0-213.108.199.255
IPv6:
2a04:5200::/29
2a09:5303::/32
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
88:ce:99:39:bd:73:70:d4:dc:95:34:a7:b8:af:8d:c0:55:84:
64:3b:cb:f1:88:bc:9c:3e:b1:4b:bb:f7:52:33:14:47:67:2a:
03:27:6e:db:5e:f4:44:5e:d6:08:e2:15:12:e0:18:27:7c:38:
00:28:1c:7c:38:50:e8:fd:d2:6e:f7:d0:80:a1:94:68:ab:73:
89:c7:2f:1f:e1:2e:21:1f:29:f8:31:7d:7f:0b:e5:14:4a:07:
00:d0:8a:78:7e:15:ae:2f:3f:f9:5f:7e:f0:c2:0d:e2:04:e7:
d4:63:85:10:01:bf:f6:e8:8a:9c:ce:0a:5a:9b:3e:48:78:84:
cc:ee:1c:d9:df:8e:87:14:96:ba:c3:bd:f2:63:b9:49:cf:bd:
16:45:c1:60:ca:f1:18:ce:c2:df:28:93:e5:7b:d4:a0:09:4a:
d3:0d:94:59:97:0f:d8:ad:e9:ec:45:53:c2:e0:2f:59:aa:4d:
34:8a:ce:6c:81:0f:2d:a1:39:72:5d:ce:08:d4:a5:a0:50:56:
5c:34:ec:1b:aa:93:c8:b1:39:cb:40:ff:95:34:43:49:56:12:
ac:31:10:37:53:67:66:93:2e:73:42:21:89:9f:3b:79:42:8b:
b2:24:ee:4f:be:b5:4c:de:27:8a:3b:b9:83:fb:66:eb:af:a4:
5e:19:73:6a
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAZQj1w+pNwWbB13C6QQuUJ9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzk3YTk1MWJjYzRkMDhmMjYzNDA0OWI4ZjFkMzJiYmQ4NWQyYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFbCjW9LdTGzLuwJnVlBP0Yk7CGm
kWRIQYdl82yioyG6AD4qSYUt+qRNYJU6xJq+OT3HER0RgRkNYjTIvNeEbPicmZPn
LRV9Q9x3rNeWX3nZ2Sd4EtB3FZBKp3py7gyRszBn1Gnfn3NL1teVn6JKo1ML+VP/
831n7d60zcbRbZdxhEsGOhLZc/4TpUow6/VoL/E3hSL5qTnt44fxHKfjIlDBiHlj
syshhjTTJDEMLEryed9HYyNzU0CQDZhAMAhBERSPOAa27te3Y8dOXXvStzSZdR9f
OtbKzE2M2xzopVhYrk2w9IyEpeUkT+0yGyqvG6VZtcmCGcp7bJtpmwZS9QIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFEeXqVG8xNCPJjQEm48dMrvYXSoMMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUjVlcFViekUwSThtTkFTYmp4MHl1OWhkS2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgdUEAgABMIHOAwQB
BbSIAwQABfx0AwQALQjTAwQALVlAAwQAW9lNAwUAk05CBwMFALkRA2YDBAC5aPgD
BQC5i0QcAwUAuYtGdAMEAbmsggMEALmuiwMEALm05gMFALm051cDBAC5vLQDBAK5
vQwDBAC59K4DBALAomQDBADBAMgDBAHBAMoDBADBqOIDBADCNTQDBALCP4wDBQDC
Q8R/AwUAwkPGBwMFAMJDxmwDBQDCQ8s2AwUAwkPQBgMFAMJD0AwDBQDCQ9AwMAwD
BADVbMUDBAPVbMAwGwQCAAIwFQMFAyoEUgADBQAqCVMDAwUAKgqTADANBgkqhkiG
9w0BAQsFAAOCAQEAiM6ZOb1zcNTclTSnuK+NwFWEZDvL8Yi8nD6xS7v3UjMUR2cq
Aydu2170RF7WCOIVEuAYJ3w4ACgcfDhQ6P3SbvfQgKGUaKtziccvH+EuIR8p+DF9
fwvlFEoHANCKeH4Vri8/+V9+8MIN4gTn1GOFEAG/9uiKnM4KWps+SHiEzO4c2d+O
hxSWusO98mO5Sc+9FkXBYMrxGM7C3yiT5XvUoAlK0w2UWZcP2K3p7EVTwuAvWapN
NIrObIEPLaE5cl3OCNSloFBWXDTsG6qTyLE5y0D/lTRDSVYSrDEQN1NnZpMuc0Ih
iZ87eUKLsiTuT761TN4niju5g/tm66+kXhlzag==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:01:35 2025 by rpki-client