Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/R3gJl42qrellsM1C3nczgMqQZJw.roa
File: R3gJl42qrellsM1C3nczgMqQZJw.roa (raw, json)
Hash identifier: h03r6RLxEO9GHdL/8pTDTV/p36Amboni6L/vBGQwgbo=
Subject key identifier: 47:78:09:97:8D:AA:AD:E9:65:B0:CD:42:DE:77:33:80:CA:90:64:9C
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0194206871614E84DF56736D48557809E3E1
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/R3gJl42qrellsM1C3nczgMqQZJw.roa
Signing time: Wed 01 Jan 2025 05:48:23 +0000
ROA not before: Wed 01 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.86.0/24 maxlen: 24
89.23.88.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.145.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 08 Apr 2025 12:36:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:71:61:4e:84:df:56:73:6d:48:55:78:09:e3:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 1 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=477809978daaade965b0cd42de773380ca90649c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:81:f6:ca:1a:a2:e5:82:8c:a3:a6:47:99:c3:
e6:2b:64:61:de:b7:65:55:f6:29:54:61:6e:22:0b:
24:b1:fc:fd:90:b7:ac:72:02:0c:c1:2d:61:13:22:
16:ae:31:9b:5a:88:99:f2:32:0d:df:c0:9c:e1:43:
44:8f:87:c5:ef:94:0b:7d:a2:b9:63:f4:fb:46:43:
f0:d3:bc:e2:10:69:27:12:66:67:cf:c5:86:24:94:
ab:cf:34:f8:ad:5e:3d:40:0d:a0:74:4a:a4:bb:06:
3b:eb:15:e5:47:ca:c2:78:6a:76:1a:f4:c7:3f:99:
71:6d:b1:a3:57:58:64:2a:96:11:82:c7:66:a0:2e:
94:7e:17:1a:b7:93:ad:9f:c1:19:5d:9d:a8:35:86:
71:11:db:4e:59:5a:ce:32:ed:9b:57:02:c0:1f:30:
27:88:c7:e6:9e:d6:ee:2e:6f:d4:75:27:bb:c0:5b:
03:fc:a3:af:8e:6e:90:f7:00:4d:35:6e:2b:87:42:
6b:99:36:f1:22:57:16:1b:b0:b1:3f:3e:4c:58:aa:
3f:23:ef:90:b1:18:09:3f:25:23:38:ba:04:c8:e0:
58:f0:d7:d1:f7:27:98:e0:f2:6a:1e:42:b0:ea:bf:
01:87:bd:9f:b6:ec:fe:b4:8d:72:47:da:cd:39:bf:
f3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:78:09:97:8D:AA:AD:E9:65:B0:CD:42:DE:77:33:80:CA:90:64:9C
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/R3gJl42qrellsM1C3nczgMqQZJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.78.255
89.23.83.0-89.23.84.255
89.23.86.0/24
89.23.88.0/24
89.23.90.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.250.255
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
24:d7:51:fc:45:23:ad:b2:8d:fe:34:fd:1f:e3:be:db:95:d8:
68:b4:84:49:b6:46:c2:29:f5:5b:89:0e:05:73:ec:ef:bb:e7:
df:a5:ba:76:60:ec:7b:7e:57:64:a7:da:ea:ef:27:18:99:4b:
17:5c:6b:99:d1:c0:98:33:e8:fb:de:0b:a9:d4:6b:44:18:df:
eb:4b:05:de:fd:ea:a6:40:96:a6:23:10:68:7d:83:03:df:1c:
38:ef:e3:1d:a5:14:ef:f2:e0:d3:b9:6d:7f:4a:df:d6:c0:97:
2a:86:17:66:57:49:b4:2b:70:80:71:0b:f0:c7:5f:17:d1:e1:
03:a1:e8:71:56:39:0c:08:12:a8:9d:14:17:47:cf:0f:01:d0:
c7:7d:7c:ff:01:6e:97:4e:fe:c9:c0:7a:70:16:c7:04:6c:28:
54:f2:20:52:95:40:4c:85:28:c0:59:34:ca:c0:a0:87:d9:86:
3e:08:f5:75:28:fa:8f:1d:eb:ee:d5:81:74:66:ff:b8:bb:d9:
0c:40:d8:af:90:6d:8f:4a:bc:a9:e1:61:8e:50:b7:6c:13:f1:
e7:ac:07:1b:6c:d9:da:ab:a8:60:32:db:a7:67:62:37:34:f3:
58:b4:5a:31:95:2c:4f:f4:7c:cb:34:c3:94:41:91:59:1a:32:
d3:a1:2c:c2
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZQgaHFhToTfVnNtSFV4CePhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwMTAxMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzc4MDk5NzhkYWFhZGU5NjViMGNkNDJkZTc3MzM4MGNhOTA2NDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IH2yhqi5YKMo6ZHmcPmK2Rh3rdl
VfYpVGFuIgsksfz9kLescgIMwS1hEyIWrjGbWoiZ8jIN38Cc4UNEj4fF75QLfaK5
Y/T7RkPw07ziEGknEmZnz8WGJJSrzzT4rV49QA2gdEqkuwY76xXlR8rCeGp2GvTH
P5lxbbGjV1hkKpYRgsdmoC6Ufhcat5Otn8EZXZ2oNYZxEdtOWVrOMu2bVwLAHzAn
iMfmntbuLm/UdSe7wFsD/KOvjm6Q9wBNNW4rh0JrmTbxIlcWG7CxPz5MWKo/I++Q
sRgJPyUjOLoEyOBY8NfR9yeY4PJqHkKw6r8Bh72ftuz+tI1yR9rNOb/zHwIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFEd4CZeNqq3pZbDNQt53M4DKkGScMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvUjNnSmw0MnFyZWxsc00xQzNuY3pnTXFRWkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCB/wQCAAEwgfgw
DAMEAAWsIQMEAwWsIDAMAwQAWRdBAwQAWRdGAwQBWRdKMAwDBABZF00DBABZF04w
DAMEAFkXUwMEAFkXVAMEAFkXVgMEAFkXWAMEAFkXWgMEAFkXXQMEA1wq+AMEA11d
wDAMAwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v8wMEAG1v
+jAMAwQCbW/8AwQAbW/+AwQFsv6AAwQAsv6jAwQAsv6lAwQAsv6pAwQAsv6sAwQA
sv6vAwQAsv6xMAwDBAGy/rYDBACy/rgwDAMEALL+uwMEBrL+gAMEALmdLAMEAMFo
RAMEBNmp0DANBAIAAjAHAwUAKgILWDANBgkqhkiG9w0BAQsFAAOCAQEAJNdR/EUj
rbKN/jT9H+O+25XYaLSESbZGwin1W4kOBXPs77vn36W6dmDse35XZKfa6u8nGJlL
F1xrmdHAmDPo+94LqdRrRBjf60sF3v3qpkCWpiMQaH2DA98cOO/jHaUU7/Lg07lt
f0rf1sCXKoYXZldJtCtwgHEL8MdfF9HhA6HocVY5DAgSqJ0UF0fPDwHQx318/wFu
l07+ycB6cBbHBGwoVPIgUpVATIUowFk0ysCgh9mGPgj1dSj6jx3r7tWBdGb/uLvZ
DEDYr5Btj0q8qeFhjlC3bBPx56wHG2zZ2quoYDLbp2diNzTzWLRaMZUsT/R8yzTD
lEGRWRoy06Eswg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:11:24 2025 by rpki-client