Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/wzo3KmMcDMPQjudKY7t1dcveVJo.roa
File: wzo3KmMcDMPQjudKY7t1dcveVJo.roa (raw, json)
Hash identifier: ZbvEskVXeS0RH/ztTRKrG69DyK2dxAFnxMobABYDmZ4=
Subject key identifier: C3:3A:37:2A:63:1C:0C:C3:D0:8E:E7:4A:63:BB:75:75:CB:DE:54:9A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0196AFCF73EA3F8963F26679241F82ADD464
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/wzo3KmMcDMPQjudKY7t1dcveVJo.roa
Signing time: Thu 08 May 2025 12:12:10 +0000
ROA not before: Thu 08 May 2025 12:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
77.83.37.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 30 May 2025 12:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:cf:73:ea:3f:89:63:f2:66:79:24:1f:82:ad:d4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: May 8 12:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c33a372a631c0cc3d08ee74a63bb7575cbde549a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b1:15:db:bb:de:32:0b:cd:7a:00:56:a9:9a:
c3:73:bc:da:1e:9c:9b:fb:8a:9d:78:d0:ac:dd:9d:
b4:2c:3f:e4:08:6c:46:6b:dd:d5:40:d9:ba:51:26:
23:c9:f9:23:79:dd:9e:5f:cd:ef:8c:83:ed:87:07:
21:27:50:34:14:be:38:6b:63:2b:42:51:2a:c0:65:
e4:d5:1c:01:5c:01:66:ba:43:54:81:3e:8c:e1:9b:
c5:68:3c:ee:28:8e:1f:e7:81:47:3f:f3:da:02:34:
90:fd:87:7a:03:3b:f6:57:e8:af:c4:64:43:21:1a:
51:4d:42:33:b8:3b:93:5a:c7:83:3b:09:c9:d7:d9:
6f:b1:22:ff:a5:a6:fe:e7:26:3e:a1:a1:b1:96:a2:
e5:a8:90:6a:d0:49:58:66:e0:e9:9e:2f:2e:86:c2:
e4:c1:b2:15:80:c8:66:65:72:a0:0d:01:d9:57:eb:
91:3f:ef:57:a3:e8:1c:fe:fa:3f:ff:97:4e:9e:c7:
ad:ef:dd:7b:ef:80:fc:a5:b9:de:62:fc:9f:c6:94:
5c:0d:d8:2c:f5:ff:82:fd:12:b5:c5:aa:34:1b:ce:
ba:ce:42:68:d0:fe:80:0b:de:d8:ec:0b:9a:75:7b:
f8:58:e1:33:59:7a:f9:6d:ea:2b:45:4b:61:71:d4:
05:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:3A:37:2A:63:1C:0C:C3:D0:8E:E7:4A:63:BB:75:75:CB:DE:54:9A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/wzo3KmMcDMPQjudKY7t1dcveVJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.88.136.0/24
45.94.171.0/24
45.132.180.0/24
45.132.182.0/23
77.83.37.0/24
91.223.110.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.62.24.0/24
195.177.92.0/22
195.211.189.0-195.211.191.255
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
04:61:51:79:d3:fa:ad:17:a4:00:c2:c9:a7:1e:a1:4d:f6:73:
6a:a0:cc:4b:69:c6:e9:3a:aa:e2:ec:e1:9e:21:1a:9e:e9:3f:
e9:47:d1:13:09:47:8a:b7:5a:f3:c8:a2:0f:99:6a:60:a1:6c:
0e:27:3c:89:0e:7c:20:f1:88:0b:1d:99:38:72:94:71:2c:10:
62:83:c7:e9:ad:52:ed:a2:cb:3b:2d:51:c6:66:8a:09:72:79:
72:37:4b:e9:71:0b:1a:7d:4f:c1:14:0a:49:cc:57:4e:44:b5:
1d:76:7d:b3:81:da:28:78:90:52:84:39:e5:76:18:f0:14:5f:
3a:8d:40:96:7a:8f:0c:d3:62:fe:23:08:88:29:50:fd:cf:12:
53:b8:6e:31:b4:5f:27:51:68:a1:64:10:51:fb:9d:05:9a:95:
04:7d:c8:fb:f0:b0:07:eb:8c:5a:e3:5e:d7:77:d3:b8:e1:d7:
4a:7d:1b:20:99:a2:48:ce:6f:cd:20:60:3a:64:9d:00:07:68:
35:69:99:f5:84:bc:da:3b:0a:58:cb:56:c6:75:ba:b8:38:14:
3f:67:30:56:99:0b:0b:22:ce:9c:b0:09:89:be:7c:2a:e3:04:
f9:9e:4f:75:04:7a:28:b3:f8:67:15:b0:a4:60:6e:c6:ad:79:
1e:75:95:7d
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZavz3PqP4lj8mZ5JB+CrdRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNTA4MTIxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzNhMzcyYTYzMWMwY2MzZDA4ZWU3NGE2M2JiNzU3NWNiZGU1NDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7EV27veMgvNegBWqZrDc7zaHpyb
+4qdeNCs3Z20LD/kCGxGa93VQNm6USYjyfkjed2eX83vjIPthwchJ1A0FL44a2Mr
QlEqwGXk1RwBXAFmukNUgT6M4ZvFaDzuKI4f54FHP/PaAjSQ/Yd6Azv2V+ivxGRD
IRpRTUIzuDuTWseDOwnJ19lvsSL/pab+5yY+oaGxlqLlqJBq0ElYZuDpni8uhsLk
wbIVgMhmZXKgDQHZV+uRP+9Xo+gc/vo//5dOnset791774D8pbneYvyfxpRcDdgs
9f+C/RK1xao0G866zkJo0P6AC97Y7AuadXv4WOEzWXr5beorRUthcdQF7wIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFMM6NypjHAzD0I7nSmO7dXXL3lSaMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvd3pvM0ttTWNETVBRanVkS1k3dDFkY3ZlVkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCBmwQCAAEwgZQD
BAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1YiAMEAC1eqwMEAC2E
tAMEAS2EtgMEAE1TJQMEAFvfbgMEAJITfQMEAbkr+AMEALkr+wMEAbnIPgMEAMEe
8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYgMEAMM+GAMEAsOxXDAMAwQAw9O9AwQG
w9OAMHYEAgACMHADBQAqAXEgAwUDKgeSAAMFACoJA0ADBQAqCQNCAwUAKgkDRgMF
ACoJxEADBQAqDF1AAwUDKgylgAMFAyoQ38ADBQAqEPrAAwUDKhEFgAMFACoRFgAD
BQAqESqAAwUAKhE5AAMFACoR1oADBQAqEp8AMA0GCSqGSIb3DQEBCwUAA4IBAQAE
YVF50/qtF6QAwsmnHqFN9nNqoMxLacbpOqri7OGeIRqe6T/pR9ETCUeKt1rzyKIP
mWpgoWwOJzyJDnwg8YgLHZk4cpRxLBBig8fprVLtoss7LVHGZooJcnlyN0vpcQsa
fU/BFApJzFdORLUddn2zgdooeJBShDnldhjwFF86jUCWeo8M02L+IwiIKVD9zxJT
uG4xtF8nUWihZBBR+50FmpUEfcj78LAH64xa417Xd9O44ddKfRsgmaJIzm/NIGA6
ZJ0AB2g1aZn1hLzaOwpYy1bGdbq4OBQ/ZzBWmQsLIs6csAmJvnwq4wT5nk91BHoo
s/hnFbCkYG7GrXkedZV9
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:28:13 2025 by rpki-client