Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WkO2YQea0H9N3z28U3E-rEIsjxo.roa
File: WkO2YQea0H9N3z28U3E-rEIsjxo.roa (raw, json)
Hash identifier: OLcFC4jrW6vUeR8TE0ibJV9XuGx62p5F4s8F6cimjdo=
Subject key identifier: 5A:43:B6:61:07:9A:D0:7F:4D:DF:3D:BC:53:71:3E:AC:42:2C:8F:1A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01944795121EA2D7CF98BFF43A99822416E6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WkO2YQea0H9N3z28U3E-rEIsjxo.roa
Signing time: Wed 08 Jan 2025 20:22:19 +0000
ROA not before: Wed 08 Jan 2025 20:22:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 22 Jan 2025 12:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:95:12:1e:a2:d7:cf:98:bf:f4:3a:99:82:24:16:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 8 20:22:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a43b661079ad07f4ddf3dbc53713eac422c8f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d1:b9:4d:e9:e9:37:03:d9:67:cf:65:9c:f3:
92:c9:16:07:06:3e:32:99:fd:14:f2:4f:4f:b2:09:
67:45:62:ce:c7:84:a5:18:ac:c2:ec:df:48:92:cd:
d3:e1:7f:c8:69:28:60:ce:0a:8b:a3:96:36:4e:ec:
71:96:5b:68:d6:ae:4b:e7:e2:7f:1a:c4:18:8d:21:
82:13:60:a4:c5:53:6a:aa:d8:12:c9:8c:5b:f4:1f:
1e:3a:31:20:e8:62:93:2c:83:f3:c5:a8:99:79:33:
fd:16:88:67:95:d6:47:4b:88:41:e3:2a:72:b1:58:
31:84:40:bc:ff:f4:e7:c3:fb:7f:7a:05:38:e9:69:
c3:40:58:d5:35:a7:72:a5:5e:f6:4a:20:b4:d8:68:
04:ee:cc:83:f9:30:03:a6:b8:bc:73:4b:8c:ef:da:
02:af:b0:80:01:12:94:b7:91:6b:93:05:ed:23:65:
5f:46:c0:bd:82:ef:04:24:87:23:ce:87:37:81:1f:
5e:7e:6b:47:83:f8:2f:a4:c3:3b:cf:ab:8c:29:f0:
63:07:84:6d:c5:fc:86:17:9c:c6:c7:ed:ab:24:a6:
d2:33:a3:87:93:1e:50:6e:bb:71:f5:7d:7f:70:3b:
dc:cf:82:71:34:6b:23:39:6f:a2:9c:73:b9:5a:ef:
04:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:43:B6:61:07:9A:D0:7F:4D:DF:3D:BC:53:71:3E:AC:42:2C:8F:1A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WkO2YQea0H9N3z28U3E-rEIsjxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.88.136.0/24
45.94.171.0/24
45.132.180.0/24
45.132.182.0/23
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
6c:78:a3:1c:36:5e:b8:3d:9a:39:fe:be:63:cf:7c:26:98:05:
88:fe:d3:e6:3a:6e:db:d1:4b:25:41:5a:f1:81:1b:73:38:2b:
28:7c:7c:04:6f:d1:5e:64:47:18:0d:58:83:e2:bc:96:ee:62:
1a:e9:bc:51:e2:d6:8b:2b:76:0a:c1:cf:fb:8c:ff:6d:4c:ba:
55:38:43:3a:2c:53:e2:07:2b:87:06:61:57:15:70:83:70:c7:
14:8e:6b:8b:03:0b:c0:3c:47:85:3e:b7:e3:85:bf:35:4d:45:
66:3e:31:8e:b1:87:a9:69:03:ab:c4:e0:69:92:87:0e:e0:ac:
d0:21:ea:03:52:81:f6:a2:f3:d2:74:c0:47:57:00:29:70:56:
01:5f:d0:c8:52:a0:26:00:c2:a9:81:31:46:fb:f9:9d:2d:b3:
92:b8:c8:d8:86:38:31:e8:2e:bf:b4:f7:a6:1f:ae:95:c6:75:
bd:de:ea:b9:7c:41:76:b9:4f:97:88:08:c7:4f:b7:25:0c:82:
4f:6f:fd:c4:f3:4f:d8:f7:fa:75:4d:85:96:fd:05:5c:d7:f2:
c5:5c:38:d6:bf:59:d9:55:0a:2a:7b:05:bb:ac:1d:e7:11:45:
4b:5a:da:93:c6:93:b0:d3:21:8e:09:a4:04:ef:ee:2a:ff:ed:
23:eb:9f:bb
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZRHlRIeotfPmL/0OpmCJBbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTA4MjAyMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQzYjY2MTA3OWFkMDdmNGRkZjNkYmM1MzcxM2VhYzQyMmM4ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8NG5TenpNwPZZ89lnPOSyRYHBj4y
mf0U8k9PsglnRWLOx4SlGKzC7N9Iks3T4X/IaShgzgqLo5Y2Tuxxllto1q5L5+J/
GsQYjSGCE2CkxVNqqtgSyYxb9B8eOjEg6GKTLIPzxaiZeTP9FohnldZHS4hB4ypy
sVgxhEC8//Tnw/t/egU46WnDQFjVNadypV72SiC02GgE7syD+TADpri8c0uM79oC
r7CAARKUt5FrkwXtI2VfRsC9gu8EJIcjzoc3gR9efmtHg/gvpMM7z6uMKfBjB4Rt
xfyGF5zGx+2rJKbSM6OHkx5Qbrtx9X1/cDvcz4JxNGsjOW+inHO5Wu8EpwIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFFpDtmEHmtB/Td89vFNxPqxCLI8aMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvV2tPMllRZWEwSDlOM3oyOFUzRS1yRUlzanhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCBkwQCAAEwgYwD
BAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1YiAMEAC1eqwMEAC2E
tAMEAS2EtgMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr+AMEALkr+wMEAbnI
PgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYgMEAsOxXAMEAsPTvDB2BAIA
AjBwAwUAKgFxIAMFAyoHkgADBQAqCQNAAwUAKgkDQgMFACoJA0YDBQAqCcRAAwUA
KgxdQAMFAyoMpYADBQMqEN/AAwUAKhD6wAMFAyoRBYADBQAqERYAAwUAKhEqgAMF
ACoROQADBQAqEdaAAwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAbHijHDZeuD2a
Of6+Y898JpgFiP7T5jpu29FLJUFa8YEbczgrKHx8BG/RXmRHGA1Yg+K8lu5iGum8
UeLWiyt2CsHP+4z/bUy6VThDOixT4gcrhwZhVxVwg3DHFI5riwMLwDxHhT6344W/
NU1FZj4xjrGHqWkDq8TgaZKHDuCs0CHqA1KB9qLz0nTAR1cAKXBWAV/QyFKgJgDC
qYExRvv5nS2zkrjI2IY4Meguv7T3ph+ulcZ1vd7quXxBdrlPl4gIx0+3JQyCT2/9
xPNP2Pf6dU2Flv0FXNfyxVw41r9Z2VUKKnsFu6wd5xFFS1rak8aTsNMhjgmkBO/u
Kv/tI+ufuw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:13 2025 by rpki-client