Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/VES8LwlUtRIBVtSWiCyq-C8K5-w.roa
File: VES8LwlUtRIBVtSWiCyq-C8K5-w.roa (raw, json)
Hash identifier: 4e+cayEMsHFRiatLEHfSIstb/dI2eM4P+LWfK+4V9v0=
Subject key identifier: 54:44:BC:2F:09:54:B5:12:01:56:D4:96:88:2C:AA:F8:2F:0A:E7:EC
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194C8979C7DD5D313D2B8797EB460E0C8DA
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/VES8LwlUtRIBVtSWiCyq-C8K5-w.roa
Signing time: Sun 02 Feb 2025 21:36:06 +0000
ROA not before: Sun 02 Feb 2025 21:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.145.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.142.0/24 maxlen: 24
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.239.0/24 maxlen: 24
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.97.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.130.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Sun 02 Feb 2025 21:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c8:97:9c:7d:d5:d3:13:d2:b8:79:7e:b4:60:e0:c8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 2 21:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5444bc2f0954b5120156d496882caaf82f0ae7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:58:07:aa:30:75:db:b6:7f:0f:30:5d:b2:7f:
93:e1:9b:b8:7f:ae:59:17:c8:ce:b8:90:d6:de:e2:
ea:d0:0f:f9:50:98:d3:b6:fc:c1:57:a9:cf:86:f4:
c7:8f:05:89:27:ad:ce:66:80:47:cc:ec:9c:ee:3e:
b6:97:54:54:b1:e5:21:9e:cf:0a:36:66:3b:cc:f5:
ee:a5:57:2a:7e:84:b2:f8:95:ea:ec:7e:a6:5c:a2:
99:54:3a:08:e7:03:cd:c6:04:88:0a:f8:25:7b:51:
3a:4f:52:2e:74:ee:5d:b9:f9:54:90:05:6a:c1:ed:
06:15:49:83:97:77:fd:5e:fd:7e:c6:47:3a:c4:5f:
20:3e:3c:cd:b1:d4:bb:49:ab:f9:c0:4f:58:cf:0d:
bc:0d:f9:c1:12:a8:53:7b:93:14:81:ca:98:c1:b2:
df:65:11:18:08:ac:6d:41:74:20:f9:87:4b:8d:38:
ab:92:33:02:15:b4:d2:00:22:a2:68:ad:ef:e8:fc:
ba:80:03:0b:57:41:43:ea:95:1e:a9:0e:d4:11:7f:
8a:0b:c9:3d:8c:0f:33:64:35:32:55:73:1f:35:33:
46:d2:3c:9b:fe:7a:17:8b:3b:df:0f:dd:e8:fa:c7:
12:0b:e4:c6:67:33:e8:a7:54:3d:97:ee:9f:07:ff:
3a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:44:BC:2F:09:54:B5:12:01:56:D4:96:88:2C:AA:F8:2F:0A:E7:EC
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/VES8LwlUtRIBVtSWiCyq-C8K5-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.142.0/23
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.239.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
38:b5:55:f6:af:5c:17:cf:6a:89:04:cc:49:80:1a:48:ac:5e:
38:79:05:62:9a:69:b7:0d:33:8c:a2:5f:73:bd:3e:85:a2:96:
ba:9e:53:4a:25:3b:da:8b:e7:80:15:cc:6d:52:01:c6:71:76:
84:34:cc:96:56:14:c9:7d:68:16:ec:17:d2:6d:69:1f:c9:d4:
c2:64:7f:f1:0f:74:76:ac:32:a6:08:09:11:00:81:97:f0:5a:
20:b8:9a:f9:9d:c6:b5:95:cc:ac:7b:80:07:9d:2d:31:bb:07:
86:93:10:11:21:5b:2c:46:eb:83:b4:d6:81:f7:2c:de:c4:cd:
7c:10:4a:31:1a:2c:48:43:d5:06:5c:4d:82:b8:94:25:ed:58:
fb:ac:56:ad:a6:7b:9a:49:60:ff:ad:7f:44:13:c2:17:31:fc:
6f:70:28:e3:cc:36:71:97:51:b6:4e:ef:b0:98:00:14:9c:6d:
05:76:c8:c3:8b:bb:66:c3:f3:98:24:26:28:19:63:24:dd:8e:
97:15:c1:78:37:8e:89:2f:32:9c:4b:5f:9e:8a:ce:0e:62:b0:
94:1f:13:e6:f3:4d:5d:75:70:ea:72:c9:0e:ef:35:f2:3f:d5:
c8:23:c9:46:56:39:9e:30:ed:bc:26:5c:3a:9e:38:e2:38:e6:
c0:8a:cb:d4
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZTIl5x91dMT0rh5frRg4MjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjAyMjEzNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDQ0YmMyZjA5NTRiNTEyMDE1NmQ0OTY4ODJjYWFmODJmMGFlN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVgHqjB127Z/DzBdsn+T4Zu4f65Z
F8jOuJDW3uLq0A/5UJjTtvzBV6nPhvTHjwWJJ63OZoBHzOyc7j62l1RUseUhns8K
NmY7zPXupVcqfoSy+JXq7H6mXKKZVDoI5wPNxgSICvgle1E6T1IudO5duflUkAVq
we0GFUmDl3f9Xv1+xkc6xF8gPjzNsdS7Sav5wE9Yzw28DfnBEqhTe5MUgcqYwbLf
ZREYCKxtQXQg+YdLjTirkjMCFbTSACKiaK3v6Py6gAMLV0FD6pUeqQ7UEX+KC8k9
jA8zZDUyVXMfNTNG0jyb/noXizvfD93o+scSC+TGZzPop1Q9l+6fB/86CQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFFREvC8JVLUSAVbUlogsqvgvCufsMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVkVTOEx3bFV0UklCVnRTV2lDeXEtQzhLNS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgccEAgABMIHAAwQF
BVOAAwQCBa+AAwQABa+FAwQBBa+OMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv
6AMEAAWv6zAMAwQABa/vAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQD
U/NQAwQFVV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQC
X9cgAwQEshKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAE
AgACMCoDBQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8Aw
DQYJKoZIhvcNAQELBQADggEBADi1VfavXBfPaokEzEmAGkisXjh5BWKaabcNM4yi
X3O9PoWilrqeU0olO9qL54AVzG1SAcZxdoQ0zJZWFMl9aBbsF9JtaR/J1MJkf/EP
dHasMqYICREAgZfwWiC4mvmdxrWVzKx7gAedLTG7B4aTEBEhWyxG64O01oH3LN7E
zXwQSjEaLEhD1QZcTYK4lCXtWPusVq2me5pJYP+tf0QTwhcx/G9wKOPMNnGXUbZO
77CYABScbQV2yMOLu2bD85gkJigZYyTdjpcVwXg3jokvMpxLX56Kzg5isJQfE+bz
TV11cOpyyQ7vNfI/1cgjyUZWOZ4w7bwmXDqeOOI45sCKy9Q=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:32:16 2025 by rpki-client