Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/JHNkLzWaTbx0bcpo-qtwHSrxJBg.roa
File: JHNkLzWaTbx0bcpo-qtwHSrxJBg.roa (raw, json)
Hash identifier: iN75Wj2W9V9CyaXftJ97zDgR0pC7NjNLuQ0Ql8yTUh0=
Subject key identifier: 24:73:64:2F:35:9A:4D:BC:74:6D:CA:68:FA:AB:70:1D:2A:F1:24:18
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195D732FE708DFA4DB5DC99D326C1FCA0B8
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/JHNkLzWaTbx0bcpo-qtwHSrxJBg.roa
Signing time: Thu 27 Mar 2025 10:43:18 +0000
ROA not before: Thu 27 Mar 2025 10:43:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.139.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.142.0/24 maxlen: 24
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 24
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.7.0/24 maxlen: 24
77.90.18.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.12.0/24 maxlen: 24
85.93.15.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
85.118.162.0/24 maxlen: 24
87.239.128.0/21 maxlen: 32
87.239.130.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
89.144.14.0/24 maxlen: 24
89.144.21.0/24 maxlen: 24
89.144.34.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.153.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.143.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
2a02:2fc0::/48 maxlen: 48
2a02:2fc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Mar 2025 05:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:32:fe:70:8d:fa:4d:b5:dc:99:d3:26:c1:fc:a0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 27 10:43:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2473642f359a4dbc746dca68faab701d2af12418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f1:96:ea:b8:fb:fc:fa:57:75:3d:ab:0a:1d:
3a:23:7a:5e:26:b8:60:bf:55:48:59:c6:4b:48:58:
e8:ee:a9:fe:19:aa:6d:15:1b:6c:9b:40:cb:ae:60:
ca:3a:08:46:fe:e9:dc:cf:00:7e:d7:ff:1e:e1:14:
a5:6e:09:3a:c9:3d:43:83:e2:67:83:38:38:84:05:
00:2c:31:dd:be:89:66:cf:75:1f:01:e8:56:a1:d0:
aa:92:a0:db:53:25:77:23:8e:84:33:23:a3:f7:a3:
ed:43:d1:3b:4f:19:35:a2:08:29:99:ab:e3:6c:46:
44:22:33:8d:27:8b:50:6e:94:25:9a:0b:46:c3:db:
c3:d3:d9:80:4f:91:3b:06:ed:fb:ca:63:de:3b:39:
19:3b:ee:34:f2:22:58:80:e5:24:d2:12:aa:ea:24:
35:21:8f:82:b6:eb:5c:3d:94:5d:95:80:f8:42:67:
bf:36:0d:0d:83:d3:a1:48:17:b8:91:b6:a6:cc:ce:
bb:01:ad:e8:25:9f:da:88:15:97:58:8d:3f:62:37:
f8:3f:2b:ac:06:ec:17:9e:2b:2c:7c:f6:76:a5:5a:
8c:91:57:1a:c1:95:85:85:cc:64:28:22:90:ce:24:
e5:77:9f:24:f4:cb:39:48:70:42:43:09:bb:f3:6b:
62:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:73:64:2F:35:9A:4D:BC:74:6D:CA:68:FA:AB:70:1D:2A:F1:24:18
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/JHNkLzWaTbx0bcpo-qtwHSrxJBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.142.0/23
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.47.143.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
31:2e:94:bf:b6:e7:af:14:5c:82:de:53:57:6b:e5:d2:00:e2:
3b:57:63:53:53:c6:ad:98:49:eb:f3:7a:2c:8a:99:3f:f8:31:
b1:63:62:e3:ad:12:e0:ac:25:8b:35:b9:af:fa:9f:7f:9b:73:
f8:b3:93:10:db:3a:28:27:05:0f:83:43:1b:a6:df:95:d1:ff:
be:fe:d3:0b:cc:4b:81:d8:95:bb:53:ba:9c:20:d6:ad:72:03:
f4:34:d9:04:98:fb:5d:56:4e:33:28:3d:14:f9:41:7f:44:67:
fe:47:d5:99:37:7c:18:63:81:7b:34:df:09:de:7c:fe:40:cc:
b3:cb:fc:af:b5:63:ab:6f:58:b0:a9:6c:79:10:29:27:26:32:
5e:44:b8:4f:9c:28:1b:76:83:5e:31:4d:cb:5b:83:09:31:6c:
fe:b8:47:48:c4:6c:45:ef:17:20:cc:b8:a5:5f:24:ba:8f:8a:
68:74:0f:f1:c0:d3:61:9f:eb:e4:f1:e9:8a:de:c3:36:a2:9e:
64:b2:f2:92:be:01:39:55:60:60:e7:43:3c:78:52:a7:4b:f7:
f0:92:fc:38:bb:fc:88:61:3f:1c:04:5d:96:46:d4:1c:b7:50:
8a:e9:ee:bd:49:41:e6:49:90:6d:b7:ac:98:eb:2f:10:b7:73:
16:42:43:f1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZXXMv5wjfpNtdyZ0ybB/KC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzI3MTA0MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDczNjQyZjM1OWE0ZGJjNzQ2ZGNhNjhmYWFiNzAxZDJhZjEyNDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPGW6rj7/PpXdT2rCh06I3peJrhg
v1VIWcZLSFjo7qn+GaptFRtsm0DLrmDKOghG/unczwB+1/8e4RSlbgk6yT1Dg+Jn
gzg4hAUALDHdvolmz3UfAehWodCqkqDbUyV3I46EMyOj96PtQ9E7Txk1oggpmavj
bEZEIjONJ4tQbpQlmgtGw9vD09mAT5E7Bu37ymPeOzkZO+408iJYgOUk0hKq6iQ1
IY+CtutcPZRdlYD4Qme/Ng0Ng9OhSBe4kbamzM67Aa3oJZ/aiBWXWI0/Yjf4Pyus
BuwXnissfPZ2pVqMkVcawZWFhcxkKCKQziTld58k9Ms5SHBCQwm782tiiQIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFCRzZC81mk28dG3KaPqrcB0q8SQYMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSkhOa0x6V2FUYngwYmNwby1xdHdIU3J4SkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCBzQQCAAEwgcYD
BAUFU4ADBAIFr4ADBAAFr4UDBAEFr44wDAMEAQWv2gMEAAWv3DAMAwQABa/hAwQA
Ba/oAwQABa/rMAwDBAQFr/ADBAAFr/QwCwMEAAWv+wMDBAWgAwMBBeYDBAZNWgAD
BANT81ADBAVVXQADBANVdqADBANX74ADBAVZakADBAZZkAADBAReZ6ADBAde+YAD
BAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5L48DBAC5eUcDBADBHPsDBAHDbg4D
BATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMFAyoBvUADBQMqAgeg
AwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAMS6Uv7bnrxRcgt5TV2vl0gDiO1dj
U1PGrZhJ6/N6LIqZP/gxsWNi460S4KwlizW5r/qff5tz+LOTENs6KCcFD4NDG6bf
ldH/vv7TC8xLgdiVu1O6nCDWrXID9DTZBJj7XVZOMyg9FPlBf0Rn/kfVmTd8GGOB
ezTfCd58/kDMs8v8r7Vjq29YsKlseRApJyYyXkS4T5woG3aDXjFNy1uDCTFs/rhH
SMRsRe8XIMy4pV8kuo+KaHQP8cDTYZ/r5PHpit7DNqKeZLLykr4BOVVgYOdDPHhS
p0v38JL8OLv8iGE/HARdlkbUHLdQiunuvUlB5kmQbbesmOsvELdzFkJD8Q==
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:15:53 2025 by rpki-client