Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/KM4i7EiRbH5qpwONZlfRgjQVm-w.roa
File: KM4i7EiRbH5qpwONZlfRgjQVm-w.roa (raw, json)
Hash identifier: RXmNjdZ3oV7EtdD3k/9RZBVB2YTSSoNbq70BMHfsCSw=
Subject key identifier: 28:CE:22:EC:48:91:6C:7E:6A:A7:03:8D:66:57:D1:82:34:15:9B:EC
Certificate issuer: /CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Certificate serial: 0194DAAC83E6EB8EBEC57DC3C9D85E2ED29C
Authority key identifier: 9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/KM4i7EiRbH5qpwONZlfRgjQVm-w.roa
Signing time: Thu 06 Feb 2025 09:52:06 +0000
ROA not before: Thu 06 Feb 2025 09:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20676
IP address blocks: 62.8.128.0/17 maxlen: 17
62.8.168.0/21 maxlen: 21
62.8.176.0/20 maxlen: 20
62.145.0.0/19 maxlen: 19
62.206.0.0/16 maxlen: 16
62.206.164.0/24 maxlen: 24
62.206.165.0/24 maxlen: 24
62.206.166.0/24 maxlen: 24
83.236.0.0/16 maxlen: 16
83.236.0.0/20 maxlen: 20
83.236.16.0/20 maxlen: 20
83.236.32.0/21 maxlen: 21
84.245.128.0/18 maxlen: 18
85.8.132.0/22 maxlen: 22
87.193.0.0/16 maxlen: 16
87.234.0.0/16 maxlen: 16
92.192.0.0/13 maxlen: 13
92.192.0.0/16 maxlen: 16
92.192.0.0/17 maxlen: 17
92.192.128.0/17 maxlen: 17
92.193.0.0/16 maxlen: 16
92.193.0.0/17 maxlen: 17
92.193.128.0/17 maxlen: 17
92.194.0.0/15 maxlen: 15
92.194.0.0/17 maxlen: 17
92.195.0.0/17 maxlen: 17
92.195.128.0/17 maxlen: 17
92.196.0.0/14 maxlen: 14
92.196.0.0/17 maxlen: 17
92.197.130.0/24 maxlen: 24
92.198.96.0/19 maxlen: 19
92.198.144.0/20 maxlen: 20
92.198.160.0/19 maxlen: 19
92.198.192.0/20 maxlen: 20
92.198.208.0/20 maxlen: 20
92.198.224.0/20 maxlen: 20
92.198.240.0/20 maxlen: 20
92.199.16.0/20 maxlen: 20
92.199.64.0/20 maxlen: 20
92.199.96.0/20 maxlen: 20
92.199.112.0/20 maxlen: 20
92.199.128.0/20 maxlen: 20
92.199.144.0/20 maxlen: 20
92.199.176.0/20 maxlen: 20
92.199.208.0/20 maxlen: 20
92.200.0.0/16 maxlen: 16
92.200.0.0/17 maxlen: 17
92.200.128.0/17 maxlen: 17
185.144.188.0/22 maxlen: 22
194.9.127.0/24 maxlen: 24
194.140.96.0/20 maxlen: 20
195.32.128.0/17 maxlen: 17
195.80.192.0/19 maxlen: 19
195.90.0.0/19 maxlen: 19
195.90.8.0/21 maxlen: 21
195.158.160.0/19 maxlen: 19
212.4.160.0/19 maxlen: 19
212.4.176.0/20 maxlen: 20
212.5.0.0/19 maxlen: 19
212.5.8.0/21 maxlen: 21
212.5.16.0/20 maxlen: 20
212.60.192.0/18 maxlen: 18
212.63.32.0/19 maxlen: 19
212.84.208.0/20 maxlen: 20
212.84.224.0/19 maxlen: 19
212.105.192.0/19 maxlen: 19
212.110.192.0/19 maxlen: 19
212.202.0.0/16 maxlen: 16
212.202.0.0/19 maxlen: 19
212.202.40.0/21 maxlen: 21
212.202.48.0/20 maxlen: 20
212.202.168.0/21 maxlen: 21
212.202.176.0/20 maxlen: 20
213.148.128.0/19 maxlen: 19
213.148.128.0/24 maxlen: 24
213.148.129.0/24 maxlen: 24
213.148.130.0/24 maxlen: 24
213.148.133.0/24 maxlen: 24
213.160.0.0/19 maxlen: 19
213.160.0.0/24 maxlen: 24
213.217.64.0/18 maxlen: 18
217.146.128.0/19 maxlen: 19
2001:658::/29 maxlen: 29
2001:1a80::/29 maxlen: 29
2001:1a80:800::/48 maxlen: 48
2001:1a80:801::/48 maxlen: 48
2001:1a80:802::/48 maxlen: 48
2001:1a81:1000::/36 maxlen: 40
2001:1a81:1000::/40 maxlen: 48
2001:1a81:2000::/36 maxlen: 40
2001:1a81:2000::/40 maxlen: 48
2001:1a81:3000::/36 maxlen: 40
2001:1a81:3000::/40 maxlen: 48
2001:1a81:4000::/36 maxlen: 40
2001:1a81:4000::/40 maxlen: 48
2001:1a81:5000::/36 maxlen: 40
2001:1a81:5000::/40 maxlen: 48
2001:1a81:6000::/36 maxlen: 40
2001:1a81:6000::/40 maxlen: 48
2001:1a81:7000::/36 maxlen: 40
2001:1a81:7000::/40 maxlen: 48
2a09:7100::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 07 Feb 2025 20:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:ac:83:e6:eb:8e:be:c5:7d:c3:c9:d8:5e:2e:d2:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Validity
Not Before: Feb 6 09:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28ce22ec48916c7e6aa7038d6657d18234159bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3d:5f:2d:7b:ea:1c:54:40:a6:8a:42:49:10:
2a:4c:27:bd:33:b0:2a:6e:41:b9:a2:87:b5:b0:98:
8e:4a:50:ca:52:40:bf:a2:ec:fa:e8:0c:56:01:9f:
8e:40:d1:0d:d6:2a:2a:33:b8:11:e1:65:14:73:08:
52:e9:0c:fc:38:ee:21:13:06:3d:b9:0a:19:93:c6:
36:3a:b9:c4:9e:c1:1f:88:e9:8f:ed:9c:6c:37:60:
eb:af:d8:d3:c4:64:00:88:3b:ef:3a:97:f9:0f:eb:
18:9d:0a:87:1b:72:9c:68:65:e1:b4:85:9e:05:2d:
bb:20:b9:3b:40:56:d2:ee:6c:14:2e:53:f4:80:28:
fe:1c:4c:42:d2:1c:a6:c3:79:68:95:dd:7e:d2:26:
be:ce:1a:aa:f5:a1:4d:9e:b8:af:5d:ba:c9:28:b7:
a3:55:63:bf:36:37:98:35:03:3a:a9:d3:94:82:5c:
ef:3a:57:f1:b3:56:b3:39:22:e7:74:3e:33:f4:1d:
bb:bf:a7:98:1f:76:c1:05:d7:9f:24:f8:5a:3d:6a:
b9:d7:9c:3c:38:bb:1d:13:e9:2b:9a:ee:c1:9b:eb:
db:e1:a0:60:d7:72:8c:ad:ed:fc:81:06:d1:98:ba:
64:19:98:2a:d5:6f:e5:d2:4c:67:fe:c1:e5:f2:9b:
db:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CE:22:EC:48:91:6C:7E:6A:A7:03:8D:66:57:D1:82:34:15:9B:EC
X509v3 Authority Key Identifier:
keyid:9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/KM4i7EiRbH5qpwONZlfRgjQVm-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/nQZsuEiNrn5CNKp8iSQw2tEf5bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.8.128.0/17
62.145.0.0/19
62.206.0.0/16
83.236.0.0/16
84.245.128.0/18
85.8.132.0/22
87.193.0.0/16
87.234.0.0/16
92.192.0.0-92.200.255.255
185.144.188.0/22
194.9.127.0/24
194.140.96.0/20
195.32.128.0/17
195.80.192.0/19
195.90.0.0/19
195.158.160.0/19
212.4.160.0/19
212.5.0.0/19
212.60.192.0/18
212.63.32.0/19
212.84.208.0-212.84.255.255
212.105.192.0/19
212.110.192.0/19
212.202.0.0/16
213.148.128.0/19
213.160.0.0/19
213.217.64.0/18
217.146.128.0/19
IPv6:
2001:658::/29
2001:1a80::/29
2a09:7100::/29
Signature Algorithm: sha256WithRSAEncryption
27:69:d1:ec:bf:22:ee:bf:d3:be:22:0e:2a:2f:35:bc:8f:e1:
59:47:af:28:68:ef:81:9b:c0:1e:2c:69:9d:8a:62:9d:31:5c:
4d:71:5e:0b:d4:5f:30:69:8c:98:c9:95:29:ba:c2:43:4a:41:
78:fe:5d:f2:cf:c8:15:cd:cc:4d:b7:41:a3:3a:0d:04:2d:92:
25:7f:e4:4c:07:e8:e7:54:ba:14:43:58:3e:2d:5f:19:02:f9:
1f:df:0b:1d:aa:bd:62:c6:38:a9:82:0d:53:43:a4:90:8c:c5:
bc:10:40:4d:3f:98:f2:16:c1:40:ea:e9:ee:b4:83:71:8b:07:
4d:05:c2:5b:2c:0b:30:80:86:72:40:d9:5d:7a:ee:ac:3c:57:
e1:c4:70:3e:e7:2c:c2:22:29:ff:c2:48:94:77:0c:74:fb:21:
29:26:32:46:1a:64:74:2a:91:90:42:17:c5:44:e9:b5:48:95:
35:c9:12:5a:f0:0f:32:2f:9b:d7:51:9a:51:2d:51:29:4a:cd:
a5:99:02:1e:c2:7c:ae:34:41:e9:2a:ee:33:05:73:33:6f:40:
a0:9b:f3:9e:54:6e:9d:a2:e8:98:3c:14:a9:f1:fd:fd:8a:91:
b2:7d:b3:cb:92:ad:86:70:de:57:51:b2:74:83:1d:55:e0:c6:
d9:8a:ad:58
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZTarIPm646+xX3DydheLtKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMDY2Y2I4NDg4ZGFlN2U0MjM0YWE3Yzg5MjQzMGRhZDEx
ZmU1YjEwHhcNMjUwMjA2MDk1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNlMjJlYzQ4OTE2YzdlNmFhNzAzOGQ2NjU3ZDE4MjM0MTU5YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT1fLXvqHFRApopCSRAqTCe9M7Aq
bkG5ooe1sJiOSlDKUkC/ouz66AxWAZ+OQNEN1ioqM7gR4WUUcwhS6Qz8OO4hEwY9
uQoZk8Y2OrnEnsEfiOmP7ZxsN2Drr9jTxGQAiDvvOpf5D+sYnQqHG3KcaGXhtIWe
BS27ILk7QFbS7mwULlP0gCj+HExC0hymw3lold1+0ia+zhqq9aFNnrivXbrJKLej
VWO/NjeYNQM6qdOUglzvOlfxs1azOSLndD4z9B27v6eYH3bBBdefJPhaPWq515w8
OLsdE+krmu7Bm+vb4aBg13KMre38gQbRmLpkGZgq1W/l0kxn/sHl8pvbowIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFCjOIuxIkWx+aqcDjWZX0YI0FZvsMB8GA1UdIwQY
MBaAFJ0GbLhIja5+QjSqfIkkMNrRH+WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQt
M2VmMDJkNTE0MGI3LzEvS000aTdFaVJiSDVxcHdPTlpsZlJnalFWbS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQtM2VmMDJkNTE0MGI3
LzEvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbADBAc+
CIADBAU+kQADAwA+zgMDAFPsAwQGVPWAAwQCVQiEAwMAV8EDAwBX6jAKAwMGXMAD
AwBcyAMEArmQvAMEAMIJfwMEBMKMYAMEB8MggAMEBcNQwAMEBcNaAAMEBcOeoAME
BdQEoAMEBdQFAAMEBtQ8wAMEBdQ/IDALAwQE1FTQAwMA1FQDBAXUacADBAXUbsAD
AwDUygMEBdWUgAMEBdWgAAMEBtXZQAMEBdmSgDAbBAIAAjAVAwUDIAEGWAMFAyAB
GoADBQMqCXEAMA0GCSqGSIb3DQEBCwUAA4IBAQAnadHsvyLuv9O+Ig4qLzW8j+FZ
R68oaO+Bm8AeLGmdimKdMVxNcV4L1F8waYyYyZUpusJDSkF4/l3yz8gVzcxNt0Gj
Og0ELZIlf+RMB+jnVLoUQ1g+LV8ZAvkf3wsdqr1ixjipgg1TQ6SQjMW8EEBNP5jy
FsFA6unutINxiwdNBcJbLAswgIZyQNldeu6sPFfhxHA+5yzCIin/wkiUdwx0+yEp
JjJGGmR0KpGQQhfFROm1SJU1yRJa8A8yL5vXUZpRLVEpSs2lmQIewnyuNEHpKu4z
BXMzb0Cgm/OeVG6douiYPBSp8f39ipGyfbPLkq2GcN5XUbJ0gx1V4MbZiq1Y
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:20 2025 by rpki-client