Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nx3cRZYjrZWp7fKbF-rPNoSnNuk.roa
File: nx3cRZYjrZWp7fKbF-rPNoSnNuk.roa (raw, json)
Hash identifier: nb7Bb0acBrAFdwFCKrrRDdn1iuuASRuKFxeZt/pd5SA=
Subject key identifier: 9F:1D:DC:45:96:23:AD:95:A9:ED:F2:9B:17:EA:CF:36:84:A7:36:E9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195501BE4F55AB2D097E55AF1C191D89B77
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nx3cRZYjrZWp7fKbF-rPNoSnNuk.roa
Signing time: Sat 01 Mar 2025 05:09:20 +0000
ROA not before: Sat 01 Mar 2025 05:09:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.139.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.238.0/24 maxlen: 24
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.15.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.69.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.21.0/24 maxlen: 24
89.144.38.0/24 maxlen: 24
89.144.39.0/24 maxlen: 24
89.144.40.0/24 maxlen: 24
89.144.41.0/24 maxlen: 24
89.144.42.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.163.0/24 maxlen: 24
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.143.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Sun 02 Mar 2025 05:07:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:50:1b:e4:f5:5a:b2:d0:97:e5:5a:f1:c1:91:d8:9b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 1 05:09:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f1ddc459623ad95a9edf29b17eacf3684a736e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ea:87:1a:4c:5a:52:ec:ef:a3:34:a9:fb:85:
88:b1:08:fe:4f:3c:35:76:16:be:d8:f7:8b:ba:ee:
e9:96:14:52:80:7a:cc:4d:64:8f:0a:0e:b3:15:14:
64:5b:29:d0:cc:cb:f1:94:c9:1c:b0:fb:0d:6a:40:
90:d7:b5:69:61:aa:a2:5d:95:de:bc:44:e8:b8:04:
b9:80:87:8d:dc:12:7f:b2:d1:7f:8f:ed:64:50:8c:
ee:be:54:d6:24:23:9d:62:9a:d6:31:01:c1:19:4b:
be:bf:df:f8:0e:ac:84:cb:65:cb:c2:12:2f:f0:76:
85:f1:3e:19:a4:51:3e:25:f0:0d:1a:85:af:fd:47:
db:5c:8f:6d:8b:02:31:e2:7d:c9:29:6f:8e:2f:16:
db:50:c6:74:71:a7:dc:84:4b:20:80:4b:05:93:fa:
5e:0a:a0:57:c2:d3:1d:47:26:14:bf:15:65:ae:85:
ab:07:9a:16:f8:88:e6:ef:b1:66:ef:14:11:90:2d:
4d:6f:a5:bd:e0:90:59:0f:f9:dc:30:1d:e6:87:c8:
76:94:0f:df:5e:5e:1a:a3:83:84:8e:9a:19:06:5e:
dd:ab:ea:a9:cf:d3:17:f5:18:a7:40:b6:96:e9:51:
b9:73:c4:8c:ad:26:67:24:8e:64:c4:56:e4:d9:50:
f5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1D:DC:45:96:23:AD:95:A9:ED:F2:9B:17:EA:CF:36:84:A7:36:E9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nx3cRZYjrZWp7fKbF-rPNoSnNuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0/23
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.238.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.47.143.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:8f:7a:2a:bb:32:17:4e:a0:cf:5d:62:c4:27:70:58:96:ef:
3b:39:e8:67:98:84:fb:7a:27:57:88:ec:b1:03:1a:f3:1a:bf:
b0:3d:54:65:2a:df:6e:0e:dc:de:d7:95:5c:a2:6e:32:db:79:
2e:eb:2f:80:6c:4c:3e:b2:4e:17:68:d9:f9:b1:b1:c7:2c:c1:
16:73:18:9c:34:3a:a4:17:a6:55:5e:f6:b6:e2:b0:5b:b3:23:
32:a2:0e:1c:7d:db:47:65:a1:70:2a:21:da:e4:0e:2d:5d:de:
ab:77:d9:48:ec:9a:db:b5:b2:16:9d:8f:98:51:6c:59:47:8a:
6c:65:4e:db:a9:5a:41:39:4a:55:8f:51:6c:97:e8:45:af:a3:
6c:e5:49:5e:d4:e2:3b:be:5d:73:38:9a:ca:58:50:18:88:48:
f8:4e:60:21:68:41:d0:e0:63:bc:2f:ed:f3:15:e3:7e:63:d7:
f6:35:e4:fe:f2:e8:af:d9:b4:0d:31:30:08:78:b7:dc:5f:41:
88:7c:46:71:7f:cc:e8:46:15:09:c0:5d:20:41:32:cf:3e:0d:
67:5c:d0:06:9e:d7:6a:09:96:74:23:9c:d3:f4:d3:d5:f2:13:
f3:a7:19:93:3b:e5:a9:1e:c1:93:09:5d:b4:ed:0e:e2:4f:33:
99:0f:52:b0
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZVQG+T1WrLQl+Va8cGR2Jt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzAxMDUwOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjFkZGM0NTk2MjNhZDk1YTllZGYyOWIxN2VhY2YzNjg0YTczNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveqHGkxaUuzvozSp+4WIsQj+Tzw1
dha+2PeLuu7plhRSgHrMTWSPCg6zFRRkWynQzMvxlMkcsPsNakCQ17VpYaqiXZXe
vETouAS5gIeN3BJ/stF/j+1kUIzuvlTWJCOdYprWMQHBGUu+v9/4DqyEy2XLwhIv
8HaF8T4ZpFE+JfANGoWv/UfbXI9tiwIx4n3JKW+OLxbbUMZ0cafchEsggEsFk/pe
CqBXwtMdRyYUvxVlroWrB5oW+Ijm77Fm7xQRkC1Nb6W94JBZD/ncMB3mh8h2lA/f
Xl4ao4OEjpoZBl7dq+qpz9MX9RinQLaW6VG5c8SMrSZnJI5kxFbk2VD1WQIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFJ8d3EWWI62Vqe3ymxfqzzaEpzbpMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbngzY1JaWWpyWldwN2ZLYkYtclBOb1NuTnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgcUEAgABMIG+AwQF
BVOAAwQCBa+AAwQABa+FAwQBBa/aMAwDBAAFr+EDBAAFr+gDBAAFr+sDBAAFr+4w
DAMEBAWv8AMEAAWv9DALAwQABa/7AwMEBaADAwEF5gMEBk1aAAMEA1PzUAMEBVVd
AAMEA1V2oAMEA1fvgAMEBVlqQAMEBlmQAAMEBF5noAMEB175gAMEAl/XIAMEBLIS
kAMEArkNnAMEAbkvjAMEALkvjwMEALl5RwMEAMEc+wMEAcNuDgMEBNlFoDAwBAIA
AjAqAwUDKgAS2AMFAyoAGdADBQAqAM3AAwUDKgG9QAMFAyoCB6ADBQMqAi/AMA0G
CSqGSIb3DQEBCwUAA4IBAQB+j3oquzIXTqDPXWLEJ3BYlu87OehnmIT7eidXiOyx
AxrzGr+wPVRlKt9uDtze15Vcom4y23ku6y+AbEw+sk4XaNn5sbHHLMEWcxicNDqk
F6ZVXva24rBbsyMyog4cfdtHZaFwKiHa5A4tXd6rd9lI7JrbtbIWnY+YUWxZR4ps
ZU7bqVpBOUpVj1Fsl+hFr6Ns5Ule1OI7vl1zOJrKWFAYiEj4TmAhaEHQ4GO8L+3z
FeN+Y9f2NeT+8uiv2bQNMTAIeLfcX0GIfEZxf8zoRhUJwF0gQTLPPg1nXNAGntdq
CZZ0I5zT9NPV8hPzpxmTO+WpHsGTCV207Q7iTzOZD1Kw
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:34:37 2025 by rpki-client