Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/M5ReVAWegTjrM9hJ2F3neFM8pts.roa
File: M5ReVAWegTjrM9hJ2F3neFM8pts.roa (raw, json)
Hash identifier: z+CTThJF5vXGjaots8NVoYVnNB+Kov2roXBQAQFq3CU=
Subject key identifier: 33:94:5E:54:05:9E:81:38:EB:33:D8:49:D8:5D:E7:78:53:3C:A6:DB
Certificate issuer: /CN=e2110acce33ac85011ca8c22d2001666e45b9377
Certificate serial: 01953DF63EFA70D46465E923DB906F29351E
Authority key identifier: E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/M5ReVAWegTjrM9hJ2F3neFM8pts.roa
Signing time: Tue 25 Feb 2025 16:35:02 +0000
ROA not before: Tue 25 Feb 2025 16:35:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 5.134.0.0/21 maxlen: 24
31.14.50.0/23 maxlen: 24
31.193.176.0/21 maxlen: 24
37.72.160.0/21 maxlen: 24
37.148.176.0/21 maxlen: 24
46.21.224.0/20 maxlen: 24
62.182.56.0/21 maxlen: 21
77.73.96.0/21 maxlen: 24
77.241.80.0/20 maxlen: 24
77.241.95.0/24 maxlen: 24
79.174.128.0/21 maxlen: 24
83.217.64.0/19 maxlen: 24
87.238.160.0/21 maxlen: 24
88.151.240.0/21 maxlen: 24
89.36.74.0/23 maxlen: 24
89.42.54.0/23 maxlen: 24
89.44.166.0/23 maxlen: 24
93.115.168.0/23 maxlen: 23
94.176.98.0/23 maxlen: 24
176.62.160.0/20 maxlen: 24
178.208.32.0/19 maxlen: 24
185.2.52.0/22 maxlen: 24
185.18.8.0/22 maxlen: 24
185.76.236.0/22 maxlen: 24
185.86.16.0/22 maxlen: 24
185.111.196.0/22 maxlen: 24
185.162.28.0/22 maxlen: 24
185.175.196.0/22 maxlen: 24
185.190.84.0/22 maxlen: 24
188.93.96.0/21 maxlen: 24
188.93.152.0/21 maxlen: 24
188.208.36.0/23 maxlen: 24
188.211.170.0/23 maxlen: 24
193.111.95.0/24 maxlen: 24
193.239.210.0/23 maxlen: 24
194.26.24.0/24 maxlen: 24
194.150.224.0/23 maxlen: 23
194.165.51.0/24 maxlen: 24
195.13.56.0/23 maxlen: 24
195.47.215.0/24 maxlen: 24
195.234.184.0/24 maxlen: 24
217.19.224.0/20 maxlen: 24
217.19.228.0/22 maxlen: 24
217.19.232.0/23 maxlen: 24
217.19.234.0/23 maxlen: 24
217.21.176.0/20 maxlen: 24
217.21.176.0/21 maxlen: 24
217.21.179.0/24 maxlen: 24
217.21.184.0/22 maxlen: 24
217.21.188.0/22 maxlen: 24
2a00:1c98::/32 maxlen: 64
2a00:1c98:fff0::/44 maxlen: 64
2a00:7000::/32 maxlen: 64
2a02:d08::/32 maxlen: 64
2a03:a800::/32 maxlen: 32
2a07:ca80::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 10 Mar 2025 11:44:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:f6:3e:fa:70:d4:64:65:e9:23:db:90:6f:29:35:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2110acce33ac85011ca8c22d2001666e45b9377
Validity
Not Before: Feb 25 16:35:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33945e54059e8138eb33d849d85de778533ca6db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:5f:cd:1e:9b:9f:c7:4e:4d:60:c5:5c:1f:
a0:ff:9e:e3:47:2d:1d:1c:6a:df:90:fc:39:f2:76:
d7:e7:19:0c:96:5a:57:52:ed:b3:f7:f9:22:95:77:
9c:95:64:25:34:1d:27:74:23:91:ca:00:72:ef:5c:
e8:7d:ef:c7:9f:cb:e6:91:96:a2:e9:01:b5:dd:7c:
79:1b:4c:5a:e5:1e:91:3e:72:c8:63:6c:9c:59:7e:
92:42:54:73:df:78:db:e8:bf:ba:f6:f2:4c:f8:db:
07:a5:63:0d:b6:91:64:a2:38:40:e2:40:80:25:48:
69:1a:32:b7:72:9a:fc:42:1f:be:52:f6:10:94:d8:
2c:c4:97:b6:bf:f0:7d:b4:55:f7:6d:5b:53:8d:08:
c9:bc:60:3a:3f:08:7d:2a:5f:58:ac:43:c0:e5:22:
a4:03:68:ab:2c:6f:89:34:bd:dd:d4:ce:08:19:35:
0d:11:2b:7e:d9:d4:13:4f:1d:34:4e:90:bb:c8:af:
ac:c7:5f:8a:10:6d:21:a5:f0:a0:af:19:1d:e6:1e:
f2:c1:2d:aa:5c:2a:38:3b:96:1e:77:15:73:2d:74:
d9:fe:7b:9e:93:b5:20:fe:eb:35:e3:33:e9:23:bb:
4c:88:66:81:36:66:e3:0d:9a:8f:bb:92:8e:89:c9:
b1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:94:5E:54:05:9E:81:38:EB:33:D8:49:D8:5D:E7:78:53:3C:A6:DB
X509v3 Authority Key Identifier:
keyid:E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/M5ReVAWegTjrM9hJ2F3neFM8pts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/4hEKzOM6yFARyowi0gAWZuRbk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.0.0/21
31.14.50.0/23
31.193.176.0/21
37.72.160.0/21
37.148.176.0/21
46.21.224.0/20
62.182.56.0/21
77.73.96.0/21
77.241.80.0/20
79.174.128.0/21
83.217.64.0/19
87.238.160.0/21
88.151.240.0/21
89.36.74.0/23
89.42.54.0/23
89.44.166.0/23
93.115.168.0/23
94.176.98.0/23
176.62.160.0/20
178.208.32.0/19
185.2.52.0/22
185.18.8.0/22
185.76.236.0/22
185.86.16.0/22
185.111.196.0/22
185.162.28.0/22
185.175.196.0/22
185.190.84.0/22
188.93.96.0/21
188.93.152.0/21
188.208.36.0/23
188.211.170.0/23
193.111.95.0/24
193.239.210.0/23
194.26.24.0/24
194.150.224.0/23
194.165.51.0/24
195.13.56.0/23
195.47.215.0/24
195.234.184.0/24
217.19.224.0/20
217.21.176.0/20
IPv6:
2a00:1c98::/32
2a00:7000::/32
2a02:d08::/32
2a03:a800::/32
2a07:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
46:cf:b1:5c:92:3b:d0:c3:02:30:18:ff:03:88:8c:bf:1a:e6:
41:73:8d:97:2a:21:77:b9:ff:36:86:01:d1:5e:37:5f:2e:27:
b8:56:50:10:71:a6:dd:c8:1c:8e:16:98:a1:83:56:b3:05:e1:
c1:e0:4c:20:fc:42:7a:20:69:11:e7:72:e7:f7:97:af:a9:89:
7c:b6:df:10:ed:44:14:09:a6:08:a9:a4:83:c3:a9:25:50:fa:
3d:25:58:b5:b3:ab:f3:de:76:1d:18:45:e7:48:1d:7a:7f:6a:
04:3f:40:6e:ce:91:de:02:73:28:95:93:da:4f:93:13:c0:e5:
cf:f9:74:91:04:e9:28:c4:5a:42:84:e6:d3:5b:ad:67:38:e9:
ed:0d:27:d4:b1:5e:19:b8:41:1b:7d:8b:87:e1:41:a0:49:52:
a5:4d:f1:b8:88:38:72:14:54:c9:c1:7d:68:ae:04:6f:a0:f1:
7f:e2:0d:ea:dc:c2:35:3f:ef:c6:d7:74:8f:01:61:8f:b2:df:
dd:83:c2:a5:e2:d5:ea:7c:64:fa:d5:4e:89:f9:98:e5:0f:34:
b8:51:1e:17:e7:65:0c:61:eb:0b:1c:a9:73:1d:a7:a9:91:03:
31:08:ce:ca:a9:c3:ae:ad:87:ee:f5:08:72:01:e5:74:02:22:
fb:b2:c2:d8
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZU99j76cNRkZekj25BvKTUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTEwYWNjZTMzYWM4NTAxMWNhOGMyMmQyMDAxNjY2ZTQ1
YjkzNzcwHhcNMjUwMjI1MTYzNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzk0NWU1NDA1OWU4MTM4ZWIzM2Q4NDlkODVkZTc3ODUzM2NhNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEpfzR6bn8dOTWDFXB+g/57jRy0d
HGrfkPw58nbX5xkMllpXUu2z9/kilXeclWQlNB0ndCORygBy71zofe/Hn8vmkZai
6QG13Xx5G0xa5R6RPnLIY2ycWX6SQlRz33jb6L+69vJM+NsHpWMNtpFkojhA4kCA
JUhpGjK3cpr8Qh++UvYQlNgsxJe2v/B9tFX3bVtTjQjJvGA6Pwh9Kl9YrEPA5SKk
A2irLG+JNL3d1M4IGTUNESt+2dQTTx00TpC7yK+sx1+KEG0hpfCgrxkd5h7ywS2q
XCo4O5YedxVzLXTZ/nuek7Ug/us14zPpI7tMiGaBNmbjDZqPu5KOicmx/wIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFDOUXlQFnoE46zPYSdhd53hTPKbbMB8GA1UdIwQY
MBaAFOIRCszjOshQEcqMItIAFmbkW5N3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhFS3pPTTZ5RkFSeW93aTBnQVdadVJiazNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8wNTEwMzUtMjAwZC00MWU4LWFkZjEt
ZDMzZjA4ZjNhNDhkLzEvTTVSZVZBV2VnVGpyTTloSjJGM25lRk04cHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8wNTEwMzUtMjAwZC00MWU4LWFkZjEtZDMzZjA4ZjNhNDhk
LzEvNGhFS3pPTTZ5RkFSeW93aTBnQVdadVJiazNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCCAQMEAgABMIH8
AwQDBYYAAwQBHw4yAwQDH8GwAwQDJUigAwQDJZSwAwQELhXgAwQDPrY4AwQDTUlg
AwQETfFQAwQDT66AAwQFU9lAAwQDV+6gAwQDWJfwAwQBWSRKAwQBWSo2AwQBWSym
AwQBXXOoAwQBXrBiAwQEsD6gAwQFstAgAwQCuQI0AwQCuRIIAwQCuUzsAwQCuVYQ
AwQCuW/EAwQCuaIcAwQCua/EAwQCub5UAwQDvF1gAwQDvF2YAwQBvNAkAwQBvNOq
AwQAwW9fAwQBwe/SAwQAwhoYAwQBwpbgAwQAwqUzAwQBww04AwQAwy/XAwQAw+q4
AwQE2RPgAwQE2RWwMCkEAgACMCMDBQAqAByYAwUAKgBwAAMFACoCDQgDBQAqA6gA
AwUDKgfKgDANBgkqhkiG9w0BAQsFAAOCAQEARs+xXJI70MMCMBj/A4iMvxrmQXON
lyohd7n/NoYB0V43Xy4nuFZQEHGm3cgcjhaYoYNWswXhweBMIPxCeiBpEedy5/eX
r6mJfLbfEO1EFAmmCKmkg8OpJVD6PSVYtbOr8952HRhF50gden9qBD9Abs6R3gJz
KJWT2k+TE8Dlz/l0kQTpKMRaQoTm01utZzjp7Q0n1LFeGbhBG32Lh+FBoElSpU3x
uIg4chRUycF9aK4Eb6Dxf+IN6tzCNT/vxtd0jwFhj7Lf3YPCpeLV6nxk+tVOifmY
5Q80uFEeF+dlDGHrCxypcx2nqZEDMQjOyqnDrq2H7vUIcgHldAIi+7LC2A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:40:19 2025 by rpki-client