Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rNAzXm6kPecdcu23HcOLh9756fE.roa
File: rNAzXm6kPecdcu23HcOLh9756fE.roa (raw, json)
Hash identifier: ycBO+Sppo8M6xDqxYPyM7VC3Hf6SvMqCPjP3R0R0oTg=
Subject key identifier: AC:D0:33:5E:6E:A4:3D:E7:1D:72:ED:B7:1D:C3:8B:87:DE:F9:E9:F1
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019496B6C15004557D581D4AE23B6E15235B
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rNAzXm6kPecdcu23HcOLh9756fE.roa
Signing time: Fri 24 Jan 2025 05:09:06 +0000
ROA not before: Fri 24 Jan 2025 05:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.129.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.246.0/24 maxlen: 24
5.175.247.0/24 maxlen: 24
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.130.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.103.163.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.143.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Fri 24 Jan 2025 20:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:96:b6:c1:50:04:55:7d:58:1d:4a:e2:3b:6e:15:23:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 24 05:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acd0335e6ea43de71d72edb71dc38b87def9e9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:83:4f:91:89:04:87:91:92:70:b6:34:4c:4f:
9b:f2:bd:7a:03:96:e4:0e:8f:69:9f:73:2f:52:f8:
2d:7f:aa:2f:27:0e:1d:cf:35:c2:fe:a0:31:68:81:
f2:24:1a:59:a6:7d:e6:0a:bb:e0:81:19:ab:87:f4:
4f:4e:80:be:93:a7:91:b1:1a:2a:d2:f1:cc:35:a4:
15:7c:ee:84:eb:66:c8:96:93:be:c6:5a:d4:02:bc:
1a:d6:b4:e2:63:f4:25:18:ff:e1:77:e4:3e:c1:a7:
31:95:30:e3:f4:2d:97:b5:3f:0d:a7:26:d1:9d:76:
0c:8e:51:33:94:5f:27:6c:32:a8:eb:68:99:45:0d:
bd:99:13:9c:42:a9:40:fa:6e:fe:07:68:a3:cd:ba:
a3:15:09:11:d9:68:b8:9a:64:29:dd:b2:14:79:e6:
b0:71:30:c8:53:4b:f7:b9:b4:1c:7e:77:e9:92:ac:
57:40:12:e3:51:26:80:cb:c7:77:47:6a:78:b2:da:
94:16:ce:1d:94:e1:60:0d:0b:b2:2a:fe:6e:ea:94:
d3:14:bd:0c:3d:11:54:22:b9:a1:7d:54:27:15:2c:
6e:3e:f9:34:ff:e4:cc:79:54:64:82:98:6c:bb:78:
b5:e0:3b:71:75:14:6f:62:4e:d6:ba:ce:52:d4:79:
9c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D0:33:5E:6E:A4:3D:E7:1D:72:ED:B7:1D:C3:8B:87:DE:F9:E9:F1
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rNAzXm6kPecdcu23HcOLh9756fE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.246.0/23
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.47.143.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
20:88:9d:0d:d2:3a:bc:cc:81:4c:ab:55:64:38:26:25:07:51:
e7:44:ac:64:d4:f3:73:13:52:55:13:c0:ef:b2:4f:ec:31:e0:
51:23:07:e4:2b:0e:d8:92:9b:a7:4f:e3:ae:7b:f7:58:c2:6a:
3f:39:42:f8:ce:38:2f:a6:73:76:6a:2f:3f:21:18:05:a3:ed:
50:9f:ae:06:ed:8b:41:bf:be:24:21:3f:86:b6:72:9f:34:d2:
b1:c9:13:3e:b0:0f:90:bb:95:6f:b6:cb:36:6b:ba:dc:3e:52:
8f:29:99:e1:db:88:5e:23:a3:5d:d9:ac:7e:70:59:f2:3a:45:
47:09:75:c4:f8:d1:6d:42:b1:92:06:c8:ee:23:bc:ea:61:61:
12:a3:b4:85:f8:51:77:01:dd:67:18:f3:e6:7a:a3:43:74:6b:
ef:69:c8:3f:75:fa:26:83:8b:02:d9:4a:99:fe:8b:bc:86:a4:
6f:0b:b1:09:ce:7a:d7:0c:09:de:8c:53:9e:4e:ca:9b:52:3d:
af:2b:6c:4f:ed:c6:e1:2b:72:08:89:8f:fc:07:c1:b4:c1:20:
d1:97:0c:7e:ab:a7:b7:6d:76:42:b1:24:4d:c4:0a:f0:10:b1:
55:36:ef:4c:c8:27:0c:66:32:f3:f0:a9:a5:ba:6f:69:b6:e5:
b8:c3:78:5a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZSWtsFQBFV9WB1K4jtuFSNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTI0MDUwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2QwMzM1ZTZlYTQzZGU3MWQ3MmVkYjcxZGMzOGI4N2RlZjllOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoNPkYkEh5GScLY0TE+b8r16A5bk
Do9pn3MvUvgtf6ovJw4dzzXC/qAxaIHyJBpZpn3mCrvggRmrh/RPToC+k6eRsRoq
0vHMNaQVfO6E62bIlpO+xlrUArwa1rTiY/QlGP/hd+Q+wacxlTDj9C2XtT8NpybR
nXYMjlEzlF8nbDKo62iZRQ29mROcQqlA+m7+B2ijzbqjFQkR2Wi4mmQp3bIUeeaw
cTDIU0v3ubQcfnfpkqxXQBLjUSaAy8d3R2p4stqUFs4dlOFgDQuyKv5u6pTTFL0M
PRFUIrmhfVQnFSxuPvk0/+TMeVRkgphsu3i14DtxdRRvYk7Wus5S1HmcQQIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFKzQM15upD3nHXLttx3Di4fe+enxMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvck5BelhtNmtQZWNkY3UyM0hjT0xoOTc1NmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCBzQQCAAEwgcYD
BAUFU4ADBAIFr4ADBAAFr4UwDAMEAQWv2gMEAAWv3DAMAwQABa/hAwQABa/oAwQA
Ba/rMAwDBAQFr/ADBAAFr/QDBAEFr/YwCwMEAAWv+wMDBAWgAwMBBeYDBAZNWgAD
BANT81ADBAVVXQADBANVdqADBANX74ADBAVZakADBAZZkAADBAReZ6ADBAde+YAD
BAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5L48DBAC5eUcDBADBHPsDBAHDbg4D
BATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMFAyoBvUADBQMqAgeg
AwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAIIidDdI6vMyBTKtVZDgmJQdR50Ss
ZNTzcxNSVRPA77JP7DHgUSMH5CsO2JKbp0/jrnv3WMJqPzlC+M44L6ZzdmovPyEY
BaPtUJ+uBu2LQb++JCE/hrZynzTSsckTPrAPkLuVb7bLNmu63D5SjymZ4duIXiOj
XdmsfnBZ8jpFRwl1xPjRbUKxkgbI7iO86mFhEqO0hfhRdwHdZxjz5nqjQ3Rr72nI
P3X6JoOLAtlKmf6LvIakbwuxCc561wwJ3oxTnk7Km1I9rytsT+3G4StyCImP/AfB
tMEg0ZcMfqunt212QrEkTcQK8BCxVTbvTMgnDGYy8/CppbpvabbluMN4Wg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:22:47 2025 by rpki-client