Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/CiGm87_-rcOTdY2Iu7bCoDJV0-I.roa
File: CiGm87_-rcOTdY2Iu7bCoDJV0-I.roa (raw, json)
Hash identifier: yN/DZOTxRYf+3iJASOD9s4DMl6FSpfU9pBiJ0OLcG24=
Subject key identifier: 0A:21:A6:F3:BF:FE:AD:C3:93:75:8D:88:BB:B6:C2:A0:32:55:D3:E2
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0194DB5239994020E843EE39D19432392C51
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/CiGm87_-rcOTdY2Iu7bCoDJV0-I.roa
Signing time: Thu 06 Feb 2025 12:53:06 +0000
ROA not before: Thu 06 Feb 2025 12:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8359
IP address blocks: 5.144.96.0/19 maxlen: 19
5.144.125.0/24 maxlen: 24
5.189.208.0/21 maxlen: 21
31.40.112.0/20 maxlen: 20
37.208.120.0/21 maxlen: 21
62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
79.171.115.0/24 maxlen: 24
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
92.43.184.0/21 maxlen: 21
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
94.243.5.0/24 maxlen: 24
95.153.136.0/22 maxlen: 22
95.169.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
178.155.48.0/22 maxlen: 22
178.159.16.0/20 maxlen: 20
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
212.188.1.0/24 maxlen: 24
212.188.16.0/24 maxlen: 24
212.188.29.0/24 maxlen: 24
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.98.0/23 maxlen: 23
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.210.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa1::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 04 Apr 2025 11:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:52:39:99:40:20:e8:43:ee:39:d1:94:32:39:2c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Feb 6 12:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a21a6f3bffeadc393758d88bbb6c2a03255d3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9b:86:93:ad:d7:7c:60:d9:38:0e:c6:e5:40:
a7:f4:43:38:86:6e:f3:8b:5a:47:8b:71:17:f0:75:
06:7d:10:a2:61:e6:1c:35:f0:c7:f2:a2:82:31:19:
9a:ce:d1:ce:0d:17:75:a2:9a:b0:21:fb:be:9f:3e:
60:be:bb:7d:16:19:93:af:89:13:ec:c7:3a:c1:66:
5c:cb:4a:37:74:03:a7:e4:b8:64:77:f8:4c:f9:64:
44:e0:06:f7:6c:a2:1e:6e:0e:eb:e0:ea:4b:be:8a:
7e:e9:bc:d9:c7:46:c5:f6:da:9f:89:c9:56:32:56:
75:ce:22:56:34:93:1f:29:b3:3c:72:63:aa:43:a3:
4e:9e:3d:a8:4e:2c:02:5f:90:f7:33:81:6c:13:25:
da:97:7a:51:f2:9b:36:b1:f3:c1:aa:6b:7a:01:ad:
92:41:33:10:3d:1a:0a:4e:46:94:65:72:b7:f5:4f:
ea:ef:d8:f3:26:02:14:84:47:9e:72:35:fe:6a:6d:
53:0d:65:a0:b1:60:0f:26:76:13:10:fd:b3:03:4c:
ba:57:1e:1e:85:5e:84:5a:70:a0:53:0f:b0:11:23:
f3:7e:21:df:0f:5d:b8:72:66:79:1b:32:19:48:bb:
db:97:24:3d:1e:73:b4:b7:af:57:d7:cf:d2:51:ca:
39:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:21:A6:F3:BF:FE:AD:C3:93:75:8D:88:BB:B6:C2:A0:32:55:D3:E2
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/CiGm87_-rcOTdY2Iu7bCoDJV0-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.96.0/19
5.189.208.0/21
31.40.112.0/20
37.208.120.0/21
62.118.0.0/16
62.168.224.0/19
79.171.115.0/24
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
92.43.184.0/21
93.90.224.0/20
94.140.128.0/19
94.243.5.0/24
95.153.136.0/22
95.169.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
178.159.16.0/20
185.168.236.0/22
193.104.128.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
66:80:56:e9:bd:80:0a:d3:98:f5:88:b1:b8:07:2c:1c:ab:82:
b1:c2:ec:4a:9d:23:5c:d0:10:68:08:ce:25:e3:ef:8d:1d:8b:
71:ad:f2:b3:12:84:a5:5d:bc:82:9b:0f:c6:02:08:b5:1a:f4:
e8:15:be:09:07:93:96:c6:1b:ca:3b:4f:21:78:70:42:57:01:
0a:f7:0a:77:bd:cb:87:f3:b4:13:fd:03:4a:f9:21:59:92:21:
eb:b3:2d:5e:22:4d:b6:59:39:a1:c3:04:79:e6:e2:1b:f1:91:
9f:6b:8b:c4:3f:60:e5:fc:68:2e:e4:a4:5d:b0:60:28:20:fc:
99:82:82:bc:71:2a:66:c7:83:c2:49:79:92:68:e8:01:ef:31:
f0:69:35:4d:5b:d9:3d:e9:11:34:6b:f4:9a:cc:e5:53:cb:8a:
77:0d:7d:69:4b:7b:45:cf:71:36:68:15:fc:51:48:45:d2:19:
3f:7b:bb:1c:47:10:8d:59:4e:e2:41:35:47:d2:85:b3:96:d1:
83:c8:b9:dd:96:24:3c:fa:88:91:54:8e:1a:8a:0e:c5:55:ac:
4c:98:80:e8:f0:b5:14:ef:af:78:2b:57:22:d0:72:bb:62:d6:
c9:dd:82:ed:4d:03:3d:72:0a:15:67:9e:88:89:bb:1f:ea:98:
8e:0f:34:62
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZTbUjmZQCDoQ+450ZQyOSxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMjA2MTI1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTIxYTZmM2JmZmVhZGMzOTM3NThkODhiYmI2YzJhMDMyNTVkM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpuGk63XfGDZOA7G5UCn9EM4hm7z
i1pHi3EX8HUGfRCiYeYcNfDH8qKCMRmaztHODRd1opqwIfu+nz5gvrt9FhmTr4kT
7Mc6wWZcy0o3dAOn5Lhkd/hM+WRE4Ab3bKIebg7r4OpLvop+6bzZx0bF9tqficlW
MlZ1ziJWNJMfKbM8cmOqQ6NOnj2oTiwCX5D3M4FsEyXal3pR8ps2sfPBqmt6Aa2S
QTMQPRoKTkaUZXK39U/q79jzJgIUhEeecjX+am1TDWWgsWAPJnYTEP2zA0y6Vx4e
hV6EWnCgUw+wESPzfiHfD124cmZ5GzIZSLvblyQ9HnO0t69X18/SUco5AwIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFAohpvO//q3Dk3WNiLu2wqAyVdPiMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvQ2lHbTg3Xy1yY09UZFkySXU3YkNvREpWMC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8Egfowgfcwgd4EAgABMIHXAwQF
BZBgAwQDBb3QAwQEHyhwAwQDJdB4AwMAPnYDBAU+qOADBABPq3MDBABQU+0DBAVR
WyADAwBRwwMEBlJgwAMDAFPtAwMBVYwDBAVV6yADAwBZrwMDAltMAwQDXCu4AwQE
XVrgAwQFXoyAAwQAXvMFAwQCX5mIAwQFX6mAAwQFbcbgAwQDjWkYAwQAsN4RAwMA
so0DBAeymwADBASynxADBAK5qOwDBADBaIADBAbDIgADBAfUvAADAwDVVwMEBdWT
IAMEAtWw5DALAwQC2Ur0AwMA2UowFAQCAAIwDgMFAyoAH6ADBQMqAgAoMA0GCSqG
SIb3DQEBCwUAA4IBAQBmgFbpvYAK05j1iLG4Bywcq4KxwuxKnSNc0BBoCM4l4++N
HYtxrfKzEoSlXbyCmw/GAgi1GvToFb4JB5OWxhvKO08heHBCVwEK9wp3vcuH87QT
/QNK+SFZkiHrsy1eIk22WTmhwwR55uIb8ZGfa4vEP2Dl/Ggu5KRdsGAoIPyZgoK8
cSpmx4PCSXmSaOgB7zHwaTVNW9k96RE0a/SazOVTy4p3DX1pS3tFz3E2aBX8UUhF
0hk/e7scRxCNWU7iQTVH0oWzltGDyLndliQ8+oiRVI4aig7FVaxMmIDo8LUU7694
K1ci0HK7YtbJ3YLtTQM9cgoVZ56Iibsf6piODzRi
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:29:09 2025 by rpki-client