Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LByeid6L9CHAtPDqy1GTW7lGyxw.roa
File: LByeid6L9CHAtPDqy1GTW7lGyxw.roa (raw, json)
Hash identifier: Z7L/uy5bL66qsSjliGVVQk2CnzvpsoLpGp2ga+G+WhM=
Subject key identifier: 2C:1C:9E:89:DE:8B:F4:21:C0:B4:F0:EA:CB:51:93:5B:B9:46:CB:1C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019422FBB744A0D359C931D0ECD7B60259F0
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LByeid6L9CHAtPDqy1GTW7lGyxw.roa
Signing time: Wed 01 Jan 2025 17:48:29 +0000
ROA not before: Wed 01 Jan 2025 17:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 05 Jan 2025 09:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b7:44:a0:d3:59:c9:31:d0:ec:d7:b6:02:59:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 17:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c1c9e89de8bf421c0b4f0eacb51935bb946cb1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2e:ec:df:b4:71:69:18:b8:da:40:f2:8d:e5:
12:4b:4a:6b:c2:9f:e0:43:72:4a:40:b1:14:ad:d3:
70:57:e0:de:63:fb:37:81:43:e4:5f:55:fa:bb:0f:
82:1f:ff:37:ca:f5:22:09:8f:5a:7c:e7:51:62:19:
3a:81:a9:8d:7f:c6:e9:3e:ee:6a:be:3a:cc:37:eb:
ff:1a:b6:fe:5e:c9:f5:3c:83:50:6b:6e:f2:0d:dd:
ff:27:3d:ec:9b:a3:ff:e7:e7:4e:51:92:e4:97:09:
48:5f:6c:53:76:68:10:91:54:a5:73:aa:67:df:8c:
61:cd:f6:f3:e3:fa:a5:f5:fd:42:a2:60:c0:a6:c5:
a1:3f:58:cd:cc:5d:29:92:48:7c:ae:fb:1f:50:e2:
3e:ad:ea:78:20:01:bf:f2:98:88:89:ee:ac:49:48:
cf:8f:fd:5d:8d:bd:ca:da:b1:ee:51:08:9e:cb:69:
2d:62:ed:5a:ef:e8:12:15:89:de:4a:d0:c1:63:bd:
37:6b:6e:1f:72:e0:89:d7:35:93:9a:93:67:ef:6b:
a7:a9:bd:b1:b0:64:00:18:06:2e:85:56:5b:4e:e2:
d1:f4:b3:e1:b5:cb:84:94:b3:02:be:77:8c:c5:d0:
a5:22:4d:86:f9:b0:c2:25:3d:2b:78:dd:95:c0:86:
ef:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1C:9E:89:DE:8B:F4:21:C0:B4:F0:EA:CB:51:93:5B:B9:46:CB:1C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LByeid6L9CHAtPDqy1GTW7lGyxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.115.0/24
45.88.136.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
0b:66:4f:6e:48:dc:75:7c:8d:87:fc:e5:93:f9:f1:34:c4:2c:
22:6d:c7:c2:6e:81:ea:01:55:0e:17:c9:db:fb:5a:f8:a3:68:
6a:f6:49:7d:63:fc:d3:9f:2f:8b:c8:fe:60:2b:72:ae:61:6d:
d4:55:7f:5d:8e:2c:80:4b:b0:52:3f:77:d2:44:cd:72:10:61:
97:5a:30:f6:ac:5c:ff:7d:0a:a8:e3:f2:dd:e7:8c:29:19:65:
fb:85:7a:61:4a:b2:2d:36:6d:b4:f8:9b:73:d9:f2:3f:c4:c8:
8d:e4:98:a9:9a:96:81:1f:64:6d:89:a9:29:b2:c7:c2:d4:09:
95:d4:e7:20:7f:f0:63:1d:dc:0e:f7:46:ee:f0:8c:6d:99:78:
10:42:ed:3a:cb:9a:d2:fc:c6:48:14:ef:68:02:1b:24:81:cd:
04:19:5c:06:0a:0d:92:3b:63:45:35:98:7f:ee:78:94:50:70:
fa:84:29:1a:40:b2:25:1b:07:f4:3d:d4:3e:e3:84:55:cc:fd:
eb:89:ea:4b:c7:aa:49:a5:6c:6c:b8:42:ff:17:3c:00:90:6c:
a0:81:80:4f:cb:61:c6:a4:b5:f6:b8:6c:d9:e4:cd:46:a8:1e:
28:05:84:a6:c5:b1:33:8a:36:1b:58:c2:be:1d:bb:1a:17:ac:
eb:85:12:c2
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZQi+7dEoNNZyTHQ7Ne2AlnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTAxMTc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzFjOWU4OWRlOGJmNDIxYzBiNGYwZWFjYjUxOTM1YmI5NDZjYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC7s37RxaRi42kDyjeUSS0prwp/g
Q3JKQLEUrdNwV+DeY/s3gUPkX1X6uw+CH/83yvUiCY9afOdRYhk6gamNf8bpPu5q
vjrMN+v/Grb+Xsn1PINQa27yDd3/Jz3sm6P/5+dOUZLklwlIX2xTdmgQkVSlc6pn
34xhzfbz4/ql9f1ComDApsWhP1jNzF0pkkh8rvsfUOI+rep4IAG/8piIie6sSUjP
j/1djb3K2rHuUQiey2ktYu1a7+gSFYneStDBY703a24fcuCJ1zWTmpNn72unqb2x
sGQAGAYuhVZbTuLR9LPhtcuElLMCvneMxdClIk2G+bDCJT0reN2VwIbvYwIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFCwcnonei/QhwLTw6stRk1u5RsscMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTEJ5ZWlkNkw5Q0hBdFBEcXkxR1RXN2xHeXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCBoQQCAAEwgZoD
BAACOG0DBAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1RcwMEAC1Y
iAMEAC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr+AMEALkr
+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYjAMAwQCw7FcAwQA
w7FeAwQCw9O8MHYEAgACMHADBQAqAXEgAwUDKgeSAAMFACoJA0ADBQAqCQNCAwUA
KgkDRgMFACoJxEADBQAqDF1AAwUDKgylgAMFAyoQ38ADBQAqEPrAAwUDKhEFgAMF
ACoRFgADBQAqESqAAwUAKhE5AAMFACoR1oADBQAqEp8AMA0GCSqGSIb3DQEBCwUA
A4IBAQALZk9uSNx1fI2H/OWT+fE0xCwibcfCboHqAVUOF8nb+1r4o2hq9kl9Y/zT
ny+LyP5gK3KuYW3UVX9djiyAS7BSP3fSRM1yEGGXWjD2rFz/fQqo4/Ld54wpGWX7
hXphSrItNm20+Jtz2fI/xMiN5JipmpaBH2RtiakpssfC1AmV1Ocgf/BjHdwO90bu
8IxtmXgQQu06y5rS/MZIFO9oAhskgc0EGVwGCg2SO2NFNZh/7niUUHD6hCkaQLIl
Gwf0PdQ+44RVzP3riepLx6pJpWxsuEL/FzwAkGyggYBPy2HGpLX2uGzZ5M1GqB4o
BYSmxbEzijYbWMK+HbsaF6zrhRLC
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:54:24 2025 by rpki-client