Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ZrGT8JKd4YPQ1TdTcB3Te1w33AY.roa
File: ZrGT8JKd4YPQ1TdTcB3Te1w33AY.roa (raw, json)
Hash identifier: IYz1tKDdoiOtDzjuW7iPJAnInya2TXXYfp3oZXJ0Rzg=
Subject key identifier: 66:B1:93:F0:92:9D:E1:83:D0:D5:37:53:70:1D:D3:7B:5C:37:DC:06
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019435D3791F5B90165FF87DC0E509175FAB
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ZrGT8JKd4YPQ1TdTcB3Te1w33AY.roa
Signing time: Sun 05 Jan 2025 09:37:19 +0000
ROA not before: Sun 05 Jan 2025 09:37:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 Jan 2025 20:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:35:d3:79:1f:5b:90:16:5f:f8:7d:c0:e5:09:17:5f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 5 09:37:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66b193f0929de183d0d53753701dd37b5c37dc06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:02:f8:e2:54:1a:ad:b6:84:78:82:f9:26:6f:
84:8b:61:64:a5:35:dd:33:12:c8:2c:ea:e0:5c:5c:
e8:71:76:10:90:70:61:6e:cc:08:6f:1e:4a:82:6a:
95:98:a4:a6:aa:0e:e4:fb:df:ac:2d:87:74:3e:07:
86:85:be:37:76:aa:2e:da:a7:a2:f9:e0:97:09:77:
9b:60:fe:1c:f6:27:0d:e2:d6:0f:ba:a5:71:6e:14:
1d:8c:85:0a:be:8f:63:5c:7d:0f:12:60:ae:95:dc:
3f:d0:e7:14:b1:e9:2f:f2:49:2b:f5:f5:31:b8:fc:
61:aa:6d:c2:81:68:58:b5:a7:38:ed:78:36:0a:83:
76:8f:4e:67:28:4e:e8:87:6a:88:89:67:9f:1f:ea:
b6:9c:40:b3:72:63:4a:79:2b:97:74:4c:a9:a9:e6:
c7:66:41:c7:88:73:43:79:a2:10:24:cc:e3:24:b3:
e2:2a:d0:b0:f8:4e:cb:d8:16:bd:3d:37:2c:b6:e8:
24:80:0c:aa:67:27:0a:4c:3f:ee:8a:84:d2:90:58:
62:20:28:5b:f4:1f:97:d5:d6:7e:5e:54:82:3f:1c:
1d:20:10:e6:c0:7b:00:e6:ee:08:db:9c:4f:cf:66:
d1:45:1e:fa:05:cb:e7:09:e7:a4:ed:23:69:b6:ca:
84:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B1:93:F0:92:9D:E1:83:D0:D5:37:53:70:1D:D3:7B:5C:37:DC:06
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ZrGT8JKd4YPQ1TdTcB3Te1w33AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.115.0/24
45.88.136.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
b3:c5:40:bc:4a:60:ee:1a:e9:26:32:e4:bc:f3:6b:8e:08:97:
45:ea:d7:ea:02:da:c9:de:65:b8:35:31:ea:46:2c:36:22:c9:
0c:d3:70:16:a7:76:7b:bc:17:6e:98:8e:15:92:6f:e1:ad:7e:
f8:d5:f6:ca:9a:03:c0:31:97:10:4d:7b:32:5e:3d:b0:b0:c8:
81:78:3d:70:c2:9d:b1:eb:9d:07:04:3a:9e:35:66:bb:fd:d9:
12:f8:db:33:c6:3f:6c:3e:b4:31:a5:e1:54:d4:e4:ad:09:0f:
c4:f4:9e:9c:74:a5:2c:bd:59:73:15:ea:52:55:91:04:8b:07:
1f:6a:8f:d3:ba:bc:b0:55:65:c0:79:8b:7f:76:38:ef:e4:38:
8e:4c:22:f6:25:a2:eb:2f:13:cc:b2:1d:7d:0f:55:7c:13:d3:
17:f7:cc:7d:2c:5f:d2:a3:6a:86:78:03:50:e4:63:62:f4:7b:
b9:27:0e:78:2c:30:70:10:57:c6:c4:c8:fb:05:f1:61:96:5c:
44:94:41:45:99:6e:d7:f4:50:2a:bd:2c:f5:f4:82:40:47:87:
ae:c0:ec:06:34:0e:b8:eb:3d:62:f9:44:99:26:9f:05:cf:ca:
15:bf:02:0f:2d:14:17:65:11:43:df:3f:07:51:de:84:28:70:
6d:d1:63:0a
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZQ103kfW5AWX/h9wOUJF1+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTA1MDkzNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmIxOTNmMDkyOWRlMTgzZDBkNTM3NTM3MDFkZDM3YjVjMzdkYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQL44lQarbaEeIL5Jm+Ei2FkpTXd
MxLILOrgXFzocXYQkHBhbswIbx5KgmqVmKSmqg7k+9+sLYd0PgeGhb43dqou2qei
+eCXCXebYP4c9icN4tYPuqVxbhQdjIUKvo9jXH0PEmCuldw/0OcUsekv8kkr9fUx
uPxhqm3CgWhYtac47Xg2CoN2j05nKE7oh2qIiWefH+q2nECzcmNKeSuXdEypqebH
ZkHHiHNDeaIQJMzjJLPiKtCw+E7L2Ba9PTcstugkgAyqZycKTD/uioTSkFhiIChb
9B+X1dZ+XlSCPxwdIBDmwHsA5u4I25xPz2bRRR76BcvnCeek7SNptsqEHQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFGaxk/CSneGD0NU3U3Ad03tcN9wGMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWnJHVDhKS2Q0WVBRMVRkVGNCM1RlMXczM0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCBmQQCAAEwgZID
BAACOG0DBAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1RcwMEAC1Y
iAMEAC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr+AMEALkr
+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYgMEAsOxXAMEAsPT
vDB2BAIAAjBwAwUAKgFxIAMFAyoHkgADBQAqCQNAAwUAKgkDQgMFACoJA0YDBQAq
CcRAAwUAKgxdQAMFAyoMpYADBQMqEN/AAwUAKhD6wAMFAyoRBYADBQAqERYAAwUA
KhEqgAMFACoROQADBQAqEdaAAwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAs8VA
vEpg7hrpJjLkvPNrjgiXRerX6gLayd5luDUx6kYsNiLJDNNwFqd2e7wXbpiOFZJv
4a1++NX2ypoDwDGXEE17Ml49sLDIgXg9cMKdseudBwQ6njVmu/3ZEvjbM8Y/bD60
MaXhVNTkrQkPxPSenHSlLL1ZcxXqUlWRBIsHH2qP07q8sFVlwHmLf3Y47+Q4jkwi
9iWi6y8TzLIdfQ9VfBPTF/fMfSxf0qNqhngDUORjYvR7uScOeCwwcBBXxsTI+wXx
YZZcRJRBRZlu1/RQKr0s9fSCQEeHrsDsBjQOuOs9YvlEmSafBc/KFb8CDy0UF2UR
Q98/B1HehChwbdFjCg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:44:47 2025 by rpki-client