Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/u1NpPORk2el4GVJwDJj9R1RPO8Y.roa
File: u1NpPORk2el4GVJwDJj9R1RPO8Y.roa (raw, json)
Hash identifier: a4utcCaBByUXZygCPmwa0602JU189NrGTyFVgRaIU0g=
Subject key identifier: BB:53:69:3C:E4:64:D9:E9:78:19:52:70:0C:98:FD:47:54:4F:3B:C6
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01945C1955D267DA2D49F644424746E187FC
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/u1NpPORk2el4GVJwDJj9R1RPO8Y.roa
Signing time: Sun 12 Jan 2025 19:59:11 +0000
ROA not before: Sun 12 Jan 2025 19:59:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.138.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.44.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.130.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.103.163.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.148.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
95.215.32.0/24 maxlen: 24
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 13 Jan 2025 02:18:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5c:19:55:d2:67:da:2d:49:f6:44:42:47:46:e1:87:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 12 19:59:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb53693ce464d9e9781952700c98fd47544f3bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:03:f1:29:7e:c2:dd:af:cc:bb:47:10:ee:4c:
5f:44:e9:76:5f:d2:f9:6e:a8:dd:fc:56:ec:2e:59:
0a:ca:42:d2:5b:ee:4c:aa:ca:b8:ab:03:34:83:a2:
88:3b:1e:5c:e7:a0:be:11:ee:63:49:1a:b6:b1:1b:
a8:bd:e8:47:08:1f:3f:cd:dc:57:60:11:7c:53:af:
85:6c:86:7a:7e:1b:79:ea:a0:df:d3:71:13:f0:7e:
7a:f2:e6:5a:6a:a0:28:76:5e:c5:6d:dd:e5:d7:62:
23:3b:8b:66:4d:85:98:fa:ca:e7:1c:6a:b1:68:db:
48:18:ed:34:8a:8a:2a:47:e8:83:8a:80:10:4e:56:
da:72:98:b1:fd:a9:17:30:f8:83:9c:ab:9d:95:09:
ed:15:06:32:5b:29:b7:46:4c:2a:1d:fd:4c:40:52:
1b:a2:ff:4f:8c:1f:51:c4:a7:b9:b3:4f:f3:d8:2c:
c7:dc:e0:e6:cb:e7:e0:78:eb:39:2d:77:09:e8:e4:
7c:b7:08:95:c4:97:71:8e:f2:ae:47:d7:86:a0:a0:
2e:66:10:a9:78:ca:a2:ae:48:b6:15:6f:55:3b:22:
2e:53:21:15:e1:c4:55:60:16:65:5e:f7:5f:d6:75:
0b:48:aa:d1:a6:74:35:c5:3a:27:1f:98:38:bb:51:
ef:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:53:69:3C:E4:64:D9:E9:78:19:52:70:0C:98:FD:47:54:4F:3B:C6
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/u1NpPORk2el4GVJwDJj9R1RPO8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.138.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
e5:79:87:55:bf:07:bc:73:3a:71:fb:39:b6:db:f1:04:a0:47:
3b:c9:5f:6f:30:82:e4:51:47:81:f1:9b:9b:bc:32:cc:35:c8:
c1:7e:d9:92:7a:df:61:fc:b5:95:49:d1:94:3e:ba:80:1d:de:
c7:54:83:da:04:33:97:dc:43:6c:50:7a:91:2d:1a:1d:ff:0d:
7b:47:9e:f0:98:8b:72:fa:86:14:85:f2:3b:19:d9:59:6e:33:
fb:a1:84:a5:fd:ff:cc:34:53:b3:8b:2b:e8:61:72:f7:67:b6:
07:5e:56:92:d7:c0:b3:72:0a:33:6a:f8:35:2e:45:04:fa:cd:
e9:11:74:c5:12:37:95:74:f9:73:9a:0c:24:4b:a6:29:b0:3b:
1b:0e:40:07:27:20:78:df:18:68:fa:5f:68:c6:f0:16:a1:c6:
47:b4:3c:47:99:d3:82:e8:ac:71:14:66:42:f8:e9:3d:c3:44:
4f:71:19:d3:13:18:86:8e:ec:49:fd:6c:3a:13:61:7f:17:d0:
e7:10:1d:e7:e7:08:4a:98:2b:f5:bb:92:79:39:57:27:9b:f7:
9f:20:78:88:0e:c7:9d:cf:ee:a9:88:6f:94:7f:c1:92:03:ab:
a5:69:7e:f0:b1:4b:43:3b:bb:1d:16:fc:0d:1e:05:c7:61:52:
e9:de:a1:07
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZRcGVXSZ9otSfZEQkdG4Yf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTEyMTk1OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjUzNjkzY2U0NjRkOWU5NzgxOTUyNzAwYzk4ZmQ0NzU0NGYzYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgPxKX7C3a/Mu0cQ7kxfROl2X9L5
bqjd/FbsLlkKykLSW+5Mqsq4qwM0g6KIOx5c56C+Ee5jSRq2sRuovehHCB8/zdxX
YBF8U6+FbIZ6fht56qDf03ET8H568uZaaqAodl7Fbd3l12IjO4tmTYWY+srnHGqx
aNtIGO00iooqR+iDioAQTlbacpix/akXMPiDnKudlQntFQYyWym3RkwqHf1MQFIb
ov9PjB9RxKe5s0/z2CzH3ODmy+fgeOs5LXcJ6OR8twiVxJdxjvKuR9eGoKAuZhCp
eMqirki2FW9VOyIuUyEV4cRVYBZlXvdf1nULSKrRpnQ1xTonH5g4u1HvCwIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFLtTaTzkZNnpeBlScAyY/UdUTzvGMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdTFOcFBPUmsyZWw0R1ZKd0RKajlSMVJQTzhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgccEAgABMIHAAwQF
BVOAAwQCBa+AAwQABa+FAwQABa+KMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv
6AMEAAWv6zAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQD
U/NQAwQFVV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQC
X9cgAwQEshKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAE
AgACMCoDBQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8Aw
DQYJKoZIhvcNAQELBQADggEBAOV5h1W/B7xzOnH7Obbb8QSgRzvJX28wguRRR4Hx
m5u8Msw1yMF+2ZJ632H8tZVJ0ZQ+uoAd3sdUg9oEM5fcQ2xQepEtGh3/DXtHnvCY
i3L6hhSF8jsZ2VluM/uhhKX9/8w0U7OLK+hhcvdntgdeVpLXwLNyCjNq+DUuRQT6
zekRdMUSN5V0+XOaDCRLpimwOxsOQAcnIHjfGGj6X2jG8Bahxke0PEeZ04LorHEU
ZkL46T3DRE9xGdMTGIaO7En9bDoTYX8X0OcQHefnCEqYK/W7knk5Vyeb958geIgO
x53P7qmIb5R/wZIDq6VpfvCxS0M7ux0W/A0eBcdhUuneoQc=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:37 2025 by rpki-client