Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ut-FOjef7BXrgXUfnwr4QL7qyis.roa
File: Ut-FOjef7BXrgXUfnwr4QL7qyis.roa (raw, json)
Hash identifier: 8N0MukgpL9jc7WdpGOlv6b0JUOrbZJ/AB9pNehG+RgA=
Subject key identifier: 52:DF:85:3A:37:9F:EC:15:EB:81:75:1F:9F:0A:F8:40:BE:EA:CA:2B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019543430ED78F9CC6FB2567A9C13F075931
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ut-FOjef7BXrgXUfnwr4QL7qyis.roa
Signing time: Wed 26 Feb 2025 17:17:03 +0000
ROA not before: Wed 26 Feb 2025 17:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.148.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.15.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.69.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.30.0/24 maxlen: 24
89.144.31.0/24 maxlen: 24
89.144.33.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.143.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 26 Feb 2025 20:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:43:0e:d7:8f:9c:c6:fb:25:67:a9:c1:3f:07:59:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 26 17:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52df853a379fec15eb81751f9f0af840beeaca2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d6:b6:03:7d:14:59:6c:c0:61:65:1d:f7:ce:
10:8c:e6:03:f9:f9:c5:5d:e7:82:e5:95:d8:9f:c7:
12:dc:40:b4:db:dd:ad:a9:94:18:a9:14:98:56:4c:
03:d9:0c:d8:be:ff:b3:c4:74:c4:19:89:c1:81:43:
ea:bd:66:39:73:04:5c:02:ce:0e:16:e1:ab:96:c3:
5f:86:d8:f8:c9:50:b3:d4:06:34:f9:2c:74:8d:de:
3f:9b:94:0f:1c:e6:8d:73:b8:6a:df:ec:25:51:d1:
e4:56:c6:f0:a0:87:c0:8a:c1:96:4a:7f:9c:8b:7f:
ed:46:02:2c:df:91:c4:1f:4b:2d:6f:3c:8e:d2:0f:
4c:ac:ab:48:89:af:be:38:fa:60:25:2f:e5:76:b0:
33:37:78:99:4d:ad:15:1c:7f:55:09:1a:05:a0:6b:
64:cf:1c:00:fd:a0:04:5d:82:05:3d:92:40:98:05:
a3:32:2a:71:c3:d6:de:03:8d:9f:6a:6c:34:1f:80:
4a:ce:54:84:7c:2d:ad:74:8c:cb:02:86:96:50:0e:
88:d6:80:62:29:61:c5:60:12:ae:fd:38:a3:fc:0e:
9d:3d:81:c4:d1:ff:ea:3c:88:1b:ed:dd:d9:a9:74:
ab:f5:bb:d8:77:df:96:9b:e9:c9:5b:5b:3a:60:fa:
f9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DF:85:3A:37:9F:EC:15:EB:81:75:1F:9F:0A:F8:40:BE:EA:CA:2B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ut-FOjef7BXrgXUfnwr4QL7qyis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0/23
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.47.143.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
63:cf:9b:af:46:27:82:ab:06:d8:68:a3:5a:c5:7e:86:3a:ca:
18:9b:20:62:5e:0f:0b:d8:e9:9b:0c:3f:02:ed:a5:ce:bf:04:
2c:ba:6f:2a:88:04:af:e0:7b:30:e6:5f:0b:80:f5:a1:38:2d:
a0:aa:3c:71:35:07:0a:d0:a2:73:f0:d3:e1:32:79:32:f9:9d:
1b:27:5a:2a:52:97:2f:99:b0:4e:5b:b2:d3:53:69:c3:e4:3d:
27:aa:9b:fb:5d:fd:cb:57:d5:02:54:ab:03:4f:38:67:84:50:
a6:a7:c4:08:1d:87:8e:4b:68:45:63:e3:f3:69:2a:77:3f:41:
1c:6b:61:ae:e2:3a:77:33:e5:93:39:59:eb:38:18:4f:00:cf:
32:62:3c:9a:c0:c0:06:5d:52:cf:58:2d:1a:48:17:c4:7e:13:
72:dd:56:78:a8:ed:88:bf:68:10:0e:d0:e4:f3:8e:b6:59:44:
ad:c5:65:e0:a9:f5:c9:cf:bd:b1:10:7d:4e:59:e9:e8:06:9a:
a4:52:58:ad:60:07:59:18:61:c7:dd:b8:aa:e1:a1:3b:70:23:
17:34:08:d5:47:9e:7e:b5:06:70:46:87:68:a6:a3:5f:d6:7e:
eb:82:04:43:71:a0:48:b4:a7:d0:be:44:22:ea:81:f8:38:8b:
d6:f3:4f:c0
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAZVDQw7Xj5zG+yVnqcE/B1kxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjI2MTcxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRmODUzYTM3OWZlYzE1ZWI4MTc1MWY5ZjBhZjg0MGJlZWFjYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvta2A30UWWzAYWUd984QjOYD+fnF
XeeC5ZXYn8cS3EC0292tqZQYqRSYVkwD2QzYvv+zxHTEGYnBgUPqvWY5cwRcAs4O
FuGrlsNfhtj4yVCz1AY0+Sx0jd4/m5QPHOaNc7hq3+wlUdHkVsbwoIfAisGWSn+c
i3/tRgIs35HEH0stbzyO0g9MrKtIia++OPpgJS/ldrAzN3iZTa0VHH9VCRoFoGtk
zxwA/aAEXYIFPZJAmAWjMipxw9beA42famw0H4BKzlSEfC2tdIzLAoaWUA6I1oBi
KWHFYBKu/Tij/A6dPYHE0f/qPIgb7d3ZqXSr9bvYd9+Wm+nJW1s6YPr5cwIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFFLfhTo3n+wV64F1H58K+EC+6sorMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVXQtRk9qZWY3QlhyZ1hVZm53cjRRTDdxeWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgb8EAgABMIG4AwQF
BVOAAwQCBa+AAwQABa+FAwQBBa/aMAwDBAAFr+EDBAAFr+gDBAAFr+swDAMEBAWv
8AMEAAWv9DALAwQABa/7AwMEBaADAwEF5gMEBk1aAAMEA1PzUAMEBVVdAAMEA1V2
oAMEA1fvgAMEBVlqQAMEBlmQAAMEBF5noAMEB175gAMEAl/XIAMEBLISkAMEArkN
nAMEAbkvjAMEALkvjwMEALl5RwMEAMEc+wMEAcNuDgMEBNlFoDAwBAIAAjAqAwUD
KgAS2AMFAyoAGdADBQAqAM3AAwUDKgG9QAMFAyoCB6ADBQMqAi/AMA0GCSqGSIb3
DQEBCwUAA4IBAQBjz5uvRieCqwbYaKNaxX6GOsoYmyBiXg8L2OmbDD8C7aXOvwQs
um8qiASv4Hsw5l8LgPWhOC2gqjxxNQcK0KJz8NPhMnky+Z0bJ1oqUpcvmbBOW7LT
U2nD5D0nqpv7Xf3LV9UCVKsDTzhnhFCmp8QIHYeOS2hFY+PzaSp3P0Eca2Gu4jp3
M+WTOVnrOBhPAM8yYjyawMAGXVLPWC0aSBfEfhNy3VZ4qO2Iv2gQDtDk8462WUSt
xWXgqfXJz72xEH1OWenoBpqkUlitYAdZGGHH3biq4aE7cCMXNAjVR55+tQZwRodo
pqNf1n7rggRDcaBItKfQvkQi6oH4OIvW80/A
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:34:30 2025 by rpki-client