Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/gzMG8KoOGsKpSsRIEYcPKElfOkM.roa
File: gzMG8KoOGsKpSsRIEYcPKElfOkM.roa (raw, json)
Hash identifier: oqvs5q8xG5f+wSWA1puqmmHCWmtouT3tZAVY6Fux7EI=
Subject key identifier: 83:33:06:F0:AA:0E:1A:C2:A9:4A:C4:48:11:87:0F:28:49:5F:3A:43
Certificate issuer: /CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Certificate serial: 019711ECB59662517E851CEF4A1BABFA0F95
Authority key identifier: A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/gzMG8KoOGsKpSsRIEYcPKElfOkM.roa
Signing time: Tue 27 May 2025 13:26:54 +0000
ROA not before: Tue 27 May 2025 13:26:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199541
IP address blocks: 147.196.0.0/16 maxlen: 16
153.98.1.0/24 maxlen: 24
153.98.5.0/24 maxlen: 24
153.98.9.0/24 maxlen: 24
153.98.13.0/24 maxlen: 24
153.98.36.0/24 maxlen: 24
153.98.37.0/24 maxlen: 24
153.98.68.0/24 maxlen: 24
153.98.70.0/24 maxlen: 24
153.98.71.0/24 maxlen: 24
153.98.83.0/24 maxlen: 24
153.98.100.0/24 maxlen: 24
153.98.105.0/24 maxlen: 24
153.98.106.0/24 maxlen: 24
153.98.107.0/24 maxlen: 24
153.98.108.0/24 maxlen: 24
153.98.109.0/24 maxlen: 24
153.98.110.0/24 maxlen: 24
153.98.111.0/24 maxlen: 24
153.98.112.0/24 maxlen: 24
153.98.113.0/24 maxlen: 24
153.98.114.0/24 maxlen: 24
153.98.115.0/24 maxlen: 24
192.70.89.0/24 maxlen: 24
192.70.90.0/24 maxlen: 24
192.93.20.0/22 maxlen: 22
193.58.19.0/24 maxlen: 24
193.58.21.0/24 maxlen: 24
193.58.31.0/24 maxlen: 24
193.221.2.0/24 maxlen: 24
193.221.14.0/24 maxlen: 24
193.221.170.0/24 maxlen: 24
193.221.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 May 2025 13:27:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:ec:b5:96:62:51:7e:85:1c:ef:4a:1b:ab:fa:0f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Validity
Not Before: May 27 13:26:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=833306f0aa0e1ac2a94ac44811870f28495f3a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:21:9b:41:11:48:3e:15:e6:e0:4e:99:b7:
0c:f4:b5:f3:90:f7:70:f1:8e:a7:2b:83:09:0b:03:
30:41:80:57:96:91:96:4d:c5:c6:c0:0a:b3:52:9f:
15:0b:b6:b4:ae:56:de:6b:b5:73:5d:bf:03:6e:5f:
0d:d3:a4:d0:fa:f7:4a:60:a4:c7:76:f1:6c:3f:c8:
82:00:84:cf:ba:7f:97:22:74:9e:00:53:3a:e4:6f:
23:59:d2:60:66:99:6e:f9:31:3a:60:00:c2:dc:b7:
e2:56:38:7b:c6:0c:1c:0b:a3:0b:42:92:68:73:1b:
22:ae:e4:08:7e:b5:29:ff:fc:e4:9c:05:b5:01:d7:
0f:52:62:e7:3f:22:89:08:27:3b:db:d2:d9:45:40:
cd:51:9f:51:d4:d8:42:19:a4:d1:22:ef:85:f4:79:
cd:92:25:13:3b:57:2a:6d:d7:14:cf:c7:82:dc:d3:
e4:9f:96:7e:2c:2a:a7:b5:31:a7:21:3c:d1:b6:07:
06:d4:6b:17:36:09:b5:41:c3:07:de:cf:87:1e:ba:
97:09:4b:e9:e1:bc:82:33:f3:da:11:32:2e:17:c0:
eb:2b:ab:90:c3:28:0a:1b:1f:0f:1c:9b:3d:4e:3a:
36:63:1a:be:f9:74:d6:43:cf:51:44:9e:3f:ad:f6:
6e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:33:06:F0:AA:0E:1A:C2:A9:4A:C4:48:11:87:0F:28:49:5F:3A:43
X509v3 Authority Key Identifier:
keyid:A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/gzMG8KoOGsKpSsRIEYcPKElfOkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.196.0.0/16
153.98.1.0/24
153.98.5.0/24
153.98.9.0/24
153.98.13.0/24
153.98.36.0/23
153.98.68.0/24
153.98.70.0/23
153.98.83.0/24
153.98.100.0/24
153.98.105.0-153.98.115.255
192.70.89.0-192.70.90.255
192.93.20.0/22
193.58.19.0/24
193.58.21.0/24
193.58.31.0/24
193.221.2.0/24
193.221.14.0/24
193.221.170.0/24
193.221.181.0/24
Signature Algorithm: sha256WithRSAEncryption
44:79:8b:2d:95:26:fb:0f:ef:76:cf:2c:a6:62:20:fa:c4:04:
7e:2e:bd:e3:a1:d4:35:9a:b3:d3:8f:48:02:5e:9e:ae:78:94:
91:50:1f:f0:3d:6e:14:3c:b6:6e:2d:b8:91:a7:87:f9:ca:83:
69:15:04:0f:f4:20:19:8a:4a:a2:a2:bd:b1:b5:c2:4b:91:44:
80:50:da:3f:c5:18:48:f2:24:7e:0f:ec:e8:54:c4:80:07:cb:
d7:05:ba:92:3e:83:85:c2:8f:fe:8e:43:74:29:2c:c1:f6:1e:
5e:b3:9c:47:16:12:3a:97:bb:04:10:49:98:d9:c1:21:de:2a:
df:dd:3b:11:e1:4c:81:38:dc:ce:14:cd:af:06:cd:15:3e:89:
54:cb:a1:2d:a3:22:8d:a2:3c:8f:af:16:13:f7:21:1b:5f:82:
8d:ed:07:cf:20:47:c0:63:d2:06:10:da:b4:53:f6:b2:ba:31:
b2:b5:69:07:64:32:7c:d4:20:ee:b5:02:54:de:a9:6b:98:9c:
6f:f2:e0:a5:20:17:ee:45:a9:76:1a:e0:d4:16:ac:c7:f8:7b:
42:2c:90:a2:6a:f5:03:6b:b0:ba:db:a9:a2:ef:1a:d5:a5:f8:
d0:93:9e:2d:04:8e:4e:64:26:7b:d7:95:cb:de:d0:68:5c:75:
86:57:ae:5b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAZcR7LWWYlF+hRzvShur+g+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmZjZmFkOTY2YWU3ZTgxNzFjZmNlMjZkYjNmNjU3NzZk
MjZmZTgwHhcNMjUwNTI3MTMyNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzMzMDZmMGFhMGUxYWMyYTk0YWM0NDgxMTg3MGYyODQ5NWYzYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwohm0ERSD4V5uBOmbcM9LXzkPdw
8Y6nK4MJCwMwQYBXlpGWTcXGwAqzUp8VC7a0rlbea7VzXb8Dbl8N06TQ+vdKYKTH
dvFsP8iCAITPun+XInSeAFM65G8jWdJgZplu+TE6YADC3LfiVjh7xgwcC6MLQpJo
cxsiruQIfrUp//zknAW1AdcPUmLnPyKJCCc729LZRUDNUZ9R1NhCGaTRIu+F9HnN
kiUTO1cqbdcUz8eC3NPkn5Z+LCqntTGnITzRtgcG1GsXNgm1QcMH3s+HHrqXCUvp
4byCM/PaETIuF8DrK6uQwygKGx8PHJs9Tjo2Yxq++XTWQ89RRJ4/rfZu7QIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFIMzBvCqDhrCqUrESBGHDyhJXzpDMB8GA1UdIwQY
MBaAFKdvz62WaufoFxz84m2z9ld20m/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEt
YzU0MDFmNmQ5MWQxLzEvZ3pNRzhLb09Hc0twU3NSSUVZY1BLRWxmT2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEtYzU0MDFmNmQ5MWQx
LzEvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTCBjgQCAAEwgYcDAwCT
xAMEAJliAQMEAJliBQMEAJliCQMEAJliDQMEAZliJAMEAJliRAMEAZliRgMEAJli
UwMEAJliZDAMAwQAmWJpAwQCmWJwMAwDBADARlkDBADARloDBALAXRQDBADBOhMD
BADBOhUDBADBOh8DBADB3QIDBADB3Q4DBADB3aoDBADB3bUwDQYJKoZIhvcNAQEL
BQADggEBAER5iy2VJvsP73bPLKZiIPrEBH4uveOh1DWas9OPSAJenq54lJFQH/A9
bhQ8tm4tuJGnh/nKg2kVBA/0IBmKSqKivbG1wkuRRIBQ2j/FGEjyJH4P7OhUxIAH
y9cFupI+g4XCj/6OQ3QpLMH2Hl6znEcWEjqXuwQQSZjZwSHeKt/dOxHhTIE43M4U
za8GzRU+iVTLoS2jIo2iPI+vFhP3IRtfgo3tB88gR8Bj0gYQ2rRT9rK6MbK1aQdk
MnzUIO61AlTeqWuYnG/y4KUgF+5FqXYa4NQWrMf4e0IskKJq9QNrsLrbqaLvGtWl
+NCTni0Ejk5kJnvXlcve0GhcdYZXrls=
-----END CERTIFICATE-----
Generated at Sun Jun 8 17:15:17 2025 by rpki-client