Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/CXZeIkPeSW6npqNISAGu4JfPeTA.roa
File: CXZeIkPeSW6npqNISAGu4JfPeTA.roa (raw, json)
Hash identifier: Oop9zCUAxpp70nQvLAA2Kk5KbYTydPgPB+a16YKY+Eo=
Subject key identifier: 09:76:5E:22:43:DE:49:6E:A7:A6:A3:48:48:01:AE:E0:97:CF:79:30
Certificate issuer: /CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Certificate serial: 0194E22062F54D3D5DC1DB83F34FE270789C
Authority key identifier: 9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/CXZeIkPeSW6npqNISAGu4JfPeTA.roa
Signing time: Fri 07 Feb 2025 20:36:00 +0000
ROA not before: Fri 07 Feb 2025 20:36:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20676
IP address blocks: 62.8.128.0/17 maxlen: 17
62.8.168.0/21 maxlen: 21
62.8.176.0/20 maxlen: 20
62.145.0.0/19 maxlen: 19
62.206.0.0/16 maxlen: 16
62.206.164.0/24 maxlen: 24
62.206.165.0/24 maxlen: 24
62.206.166.0/24 maxlen: 24
83.236.0.0/16 maxlen: 16
83.236.0.0/20 maxlen: 20
83.236.16.0/20 maxlen: 20
83.236.32.0/21 maxlen: 21
84.245.128.0/18 maxlen: 18
85.8.132.0/22 maxlen: 22
87.193.0.0/16 maxlen: 16
87.234.0.0/16 maxlen: 16
92.192.0.0/13 maxlen: 13
92.192.0.0/16 maxlen: 16
92.192.0.0/17 maxlen: 17
92.192.128.0/17 maxlen: 17
92.193.0.0/16 maxlen: 16
92.193.0.0/17 maxlen: 17
92.193.128.0/17 maxlen: 17
92.194.0.0/15 maxlen: 15
92.194.0.0/17 maxlen: 17
92.194.128.0/17 maxlen: 17
92.195.0.0/17 maxlen: 17
92.195.128.0/17 maxlen: 17
92.196.0.0/14 maxlen: 14
92.196.0.0/17 maxlen: 17
92.196.128.0/20 maxlen: 20
92.196.144.0/20 maxlen: 20
92.196.160.0/20 maxlen: 20
92.196.176.0/20 maxlen: 20
92.196.192.0/20 maxlen: 20
92.196.208.0/20 maxlen: 20
92.196.224.0/19 maxlen: 19
92.197.130.0/24 maxlen: 24
92.198.96.0/19 maxlen: 19
92.198.144.0/20 maxlen: 20
92.198.160.0/19 maxlen: 19
92.198.192.0/20 maxlen: 20
92.198.208.0/20 maxlen: 20
92.198.224.0/20 maxlen: 20
92.198.240.0/20 maxlen: 20
92.199.16.0/20 maxlen: 20
92.199.64.0/20 maxlen: 20
92.199.96.0/20 maxlen: 20
92.199.112.0/20 maxlen: 20
92.199.128.0/20 maxlen: 20
92.199.144.0/20 maxlen: 20
92.199.176.0/20 maxlen: 20
92.199.208.0/20 maxlen: 20
92.200.0.0/16 maxlen: 16
92.200.0.0/17 maxlen: 17
92.200.128.0/17 maxlen: 17
185.144.188.0/22 maxlen: 22
194.9.127.0/24 maxlen: 24
194.140.96.0/20 maxlen: 20
195.32.128.0/17 maxlen: 17
195.80.192.0/19 maxlen: 19
195.90.0.0/19 maxlen: 19
195.90.8.0/21 maxlen: 21
195.158.160.0/19 maxlen: 19
212.4.160.0/19 maxlen: 19
212.4.176.0/20 maxlen: 20
212.5.0.0/19 maxlen: 19
212.5.8.0/21 maxlen: 21
212.5.16.0/20 maxlen: 20
212.60.192.0/18 maxlen: 18
212.63.32.0/19 maxlen: 19
212.84.208.0/20 maxlen: 20
212.84.224.0/19 maxlen: 19
212.105.192.0/19 maxlen: 19
212.110.192.0/19 maxlen: 19
212.202.0.0/16 maxlen: 16
212.202.0.0/19 maxlen: 19
212.202.40.0/21 maxlen: 21
212.202.48.0/20 maxlen: 20
212.202.168.0/21 maxlen: 21
212.202.176.0/20 maxlen: 20
213.148.128.0/19 maxlen: 19
213.148.128.0/24 maxlen: 24
213.148.129.0/24 maxlen: 24
213.148.130.0/24 maxlen: 24
213.148.133.0/24 maxlen: 24
213.160.0.0/19 maxlen: 19
213.160.0.0/24 maxlen: 24
213.217.64.0/18 maxlen: 18
217.146.128.0/19 maxlen: 19
2001:658::/29 maxlen: 29
2001:1a80::/29 maxlen: 29
2001:1a80:800::/48 maxlen: 48
2001:1a80:801::/48 maxlen: 48
2001:1a80:802::/48 maxlen: 48
2001:1a81:1000::/36 maxlen: 40
2001:1a81:1000::/40 maxlen: 48
2001:1a81:2000::/36 maxlen: 40
2001:1a81:2000::/40 maxlen: 48
2001:1a81:3000::/36 maxlen: 40
2001:1a81:3000::/40 maxlen: 48
2001:1a81:4000::/36 maxlen: 40
2001:1a81:4000::/40 maxlen: 48
2001:1a81:5000::/36 maxlen: 40
2001:1a81:5000::/40 maxlen: 48
2001:1a81:6000::/36 maxlen: 40
2001:1a81:6000::/40 maxlen: 48
2001:1a81:7000::/36 maxlen: 40
2001:1a81:7000::/40 maxlen: 48
2a09:7100::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Feb 2025 22:15:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e2:20:62:f5:4d:3d:5d:c1:db:83:f3:4f:e2:70:78:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Validity
Not Before: Feb 7 20:36:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09765e2243de496ea7a6a3484801aee097cf7930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bb:7e:b5:02:3b:88:76:74:9a:19:06:08:b7:
ad:f1:8a:3b:d5:70:15:4e:a5:59:9f:99:8d:7a:9b:
a8:60:60:65:6f:15:67:91:60:3a:26:72:ef:c9:6b:
fc:03:43:ff:7b:48:9b:2e:60:af:1f:44:23:10:df:
79:e6:cd:68:3d:60:6e:5d:16:99:8d:de:37:b7:8e:
1e:07:11:d4:38:f1:25:11:53:02:5f:98:34:7a:18:
7b:e9:ca:c2:f5:aa:37:e2:76:13:08:41:9c:d1:00:
79:72:f0:af:80:8e:39:9b:3b:ef:06:98:f9:7f:fb:
3c:29:ab:4f:78:81:00:4c:42:af:13:a0:4c:bf:f8:
a6:8b:55:55:36:ed:b0:00:5a:60:64:39:a0:62:74:
13:d2:c3:e1:96:7a:74:37:aa:c7:a0:40:cd:7f:12:
09:9e:f2:bd:70:ec:d7:f4:ff:7e:fe:04:68:85:2d:
d7:b9:85:ed:f4:0f:a2:6a:f4:e0:7c:ae:6e:e6:b6:
72:cb:0e:c7:48:e2:ae:4e:78:8d:f9:92:96:5f:63:
00:96:08:65:c6:dd:91:28:e7:1f:29:b4:19:ec:d3:
83:bc:6c:4f:6d:8b:1b:88:77:e2:e9:2c:40:a3:85:
8e:1d:22:0c:2e:be:a0:64:6b:3d:0a:b8:1e:91:5a:
f0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:76:5E:22:43:DE:49:6E:A7:A6:A3:48:48:01:AE:E0:97:CF:79:30
X509v3 Authority Key Identifier:
keyid:9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/CXZeIkPeSW6npqNISAGu4JfPeTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/nQZsuEiNrn5CNKp8iSQw2tEf5bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.8.128.0/17
62.145.0.0/19
62.206.0.0/16
83.236.0.0/16
84.245.128.0/18
85.8.132.0/22
87.193.0.0/16
87.234.0.0/16
92.192.0.0-92.200.255.255
185.144.188.0/22
194.9.127.0/24
194.140.96.0/20
195.32.128.0/17
195.80.192.0/19
195.90.0.0/19
195.158.160.0/19
212.4.160.0/19
212.5.0.0/19
212.60.192.0/18
212.63.32.0/19
212.84.208.0-212.84.255.255
212.105.192.0/19
212.110.192.0/19
212.202.0.0/16
213.148.128.0/19
213.160.0.0/19
213.217.64.0/18
217.146.128.0/19
IPv6:
2001:658::/29
2001:1a80::/29
2a09:7100::/29
Signature Algorithm: sha256WithRSAEncryption
75:dd:f0:c4:eb:33:27:35:d4:c5:54:1e:3c:83:46:9c:1e:06:
bf:78:f9:66:0a:7f:96:a5:21:4f:16:a0:e6:9b:f8:4b:29:a3:
53:5a:8e:69:80:79:41:72:1f:03:5d:3c:91:a8:c5:77:09:75:
25:76:b4:1a:33:59:6b:e0:e6:f5:2a:97:f8:ea:84:73:68:11:
eb:cc:43:6e:64:a3:ec:60:ce:0a:43:9a:e2:43:91:b6:33:51:
f7:6b:41:7d:e9:83:6b:df:a8:47:43:d1:61:40:dd:07:af:1a:
16:6a:ad:bb:12:63:d0:10:fe:cf:76:49:98:3e:36:e7:6d:58:
4a:6a:df:5e:77:c9:ff:b8:86:80:c3:a4:ab:6f:d0:ec:26:ff:
b0:ef:78:a4:2b:f7:e0:84:be:19:19:dd:3d:cc:a4:67:1b:2e:
35:1b:7a:27:5b:00:0f:c0:f0:70:8b:bb:c0:40:f2:48:b4:25:
6b:36:5d:9b:65:f9:27:27:30:6d:a5:d7:4f:b0:93:b3:75:17:
ed:3f:2f:32:59:15:fc:9b:1a:00:57:0b:ff:45:47:d7:14:d5:
de:33:9f:08:31:e8:75:0b:5a:5c:bd:69:2b:79:6c:f6:90:ef:
27:4d:9c:34:d1:9b:d1:5c:c9:14:ae:b6:d4:a9:35:e0:98:cb:
a2:d9:0a:b1
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZTiIGL1TT1dwduD80/icHicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMDY2Y2I4NDg4ZGFlN2U0MjM0YWE3Yzg5MjQzMGRhZDEx
ZmU1YjEwHhcNMjUwMjA3MjAzNjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc2NWUyMjQzZGU0OTZlYTdhNmEzNDg0ODAxYWVlMDk3Y2Y3OTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbt+tQI7iHZ0mhkGCLet8Yo71XAV
TqVZn5mNepuoYGBlbxVnkWA6JnLvyWv8A0P/e0ibLmCvH0QjEN955s1oPWBuXRaZ
jd43t44eBxHUOPElEVMCX5g0ehh76crC9ao34nYTCEGc0QB5cvCvgI45mzvvBpj5
f/s8KatPeIEATEKvE6BMv/imi1VVNu2wAFpgZDmgYnQT0sPhlnp0N6rHoEDNfxIJ
nvK9cOzX9P9+/gRohS3XuYXt9A+iavTgfK5u5rZyyw7HSOKuTniN+ZKWX2MAlghl
xt2RKOcfKbQZ7NODvGxPbYsbiHfi6SxAo4WOHSIMLr6gZGs9CrgekVrwgQIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFAl2XiJD3klup6ajSEgBruCXz3kwMB8GA1UdIwQY
MBaAFJ0GbLhIja5+QjSqfIkkMNrRH+WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQt
M2VmMDJkNTE0MGI3LzEvQ1haZUlrUGVTVzZucHFOSVNBR3U0SmZQZVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQtM2VmMDJkNTE0MGI3
LzEvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbADBAc+
CIADBAU+kQADAwA+zgMDAFPsAwQGVPWAAwQCVQiEAwMAV8EDAwBX6jAKAwMGXMAD
AwBcyAMEArmQvAMEAMIJfwMEBMKMYAMEB8MggAMEBcNQwAMEBcNaAAMEBcOeoAME
BdQEoAMEBdQFAAMEBtQ8wAMEBdQ/IDALAwQE1FTQAwMA1FQDBAXUacADBAXUbsAD
AwDUygMEBdWUgAMEBdWgAAMEBtXZQAMEBdmSgDAbBAIAAjAVAwUDIAEGWAMFAyAB
GoADBQMqCXEAMA0GCSqGSIb3DQEBCwUAA4IBAQB13fDE6zMnNdTFVB48g0acHga/
ePlmCn+WpSFPFqDmm/hLKaNTWo5pgHlBch8DXTyRqMV3CXUldrQaM1lr4Ob1Kpf4
6oRzaBHrzENuZKPsYM4KQ5riQ5G2M1H3a0F96YNr36hHQ9FhQN0HrxoWaq27EmPQ
EP7PdkmYPjbnbVhKat9ed8n/uIaAw6Srb9DsJv+w73ikK/fghL4ZGd09zKRnGy41
G3onWwAPwPBwi7vAQPJItCVrNl2bZfknJzBtpddPsJOzdRftPy8yWRX8mxoAVwv/
RUfXFNXeM58IMeh1C1pcvWkreWz2kO8nTZw00ZvRXMkUrrbUqTXgmMui2Qqx
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:26:03 2025 by rpki-client