Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/OyvMAFPHVYm5hvJXHe8lRyGtdLE.roa
File: OyvMAFPHVYm5hvJXHe8lRyGtdLE.roa (raw, json)
Hash identifier: Vnxn1UqGjatD/v5W382wWvRFusO5GEys/6EUGyZFWD4=
Subject key identifier: 3B:2B:CC:00:53:C7:55:89:B9:86:F2:57:1D:EF:25:47:21:AD:74:B1
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0194CB65616EAC36CE4CE25EB5242FC44AA5
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/OyvMAFPHVYm5hvJXHe8lRyGtdLE.roa
Signing time: Mon 03 Feb 2025 10:40:06 +0000
ROA not before: Mon 03 Feb 2025 10:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8359
IP address blocks: 5.144.96.0/19 maxlen: 19
5.144.125.0/24 maxlen: 24
5.189.208.0/21 maxlen: 21
31.40.112.0/20 maxlen: 20
37.208.120.0/21 maxlen: 21
62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
79.171.115.0/24 maxlen: 24
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
92.43.184.0/21 maxlen: 21
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
95.153.136.0/22 maxlen: 22
95.169.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
178.155.48.0/22 maxlen: 22
178.159.16.0/20 maxlen: 20
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
212.188.1.0/24 maxlen: 24
212.188.16.0/24 maxlen: 24
212.188.29.0/24 maxlen: 24
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.98.0/23 maxlen: 23
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.210.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa1::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 06 Feb 2025 12:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:65:61:6e:ac:36:ce:4c:e2:5e:b5:24:2f:c4:4a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Feb 3 10:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b2bcc0053c75589b986f2571def254721ad74b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8f:e3:a7:12:e7:a1:55:2b:45:08:ec:21:8c:
07:1c:d4:1f:45:22:fe:4f:71:97:97:3a:a6:75:7e:
cc:9e:7e:3c:de:90:e6:13:54:bb:6c:2c:b2:1c:31:
9f:a4:66:31:8d:f4:c3:9d:f5:ae:4b:a3:c9:1c:dc:
b7:fe:5a:b6:1e:54:22:90:c3:29:f3:bd:87:12:6d:
66:6c:b7:cc:ba:2a:39:ca:0c:37:42:04:89:1b:e6:
39:50:79:87:09:1d:fc:f6:f1:64:fe:da:66:19:fb:
d4:a8:5d:35:19:ab:83:9d:49:b9:1e:b9:4b:f1:d0:
50:05:dd:57:d7:e7:4f:22:4b:87:6c:d3:24:7b:da:
d3:02:11:72:eb:47:f6:45:a6:80:bc:8e:b2:79:ca:
ce:aa:99:3b:b6:db:ac:19:a1:58:0c:c3:40:6e:b8:
09:46:d3:53:9d:18:e6:75:5d:97:ba:29:f0:2f:f3:
2a:20:c8:12:07:6f:3f:32:ab:84:1a:f5:39:e0:44:
dc:59:2c:d8:4d:c6:f9:09:1b:6d:40:b4:65:4f:36:
9a:fd:b2:26:d4:78:d4:7a:4e:30:c7:f6:70:7a:8a:
af:c7:18:16:de:64:f9:59:b1:bd:f2:97:73:a4:b7:
2a:f5:4b:c1:a2:be:1f:1c:c7:b2:37:64:ff:fb:14:
fe:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2B:CC:00:53:C7:55:89:B9:86:F2:57:1D:EF:25:47:21:AD:74:B1
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/OyvMAFPHVYm5hvJXHe8lRyGtdLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.96.0/19
5.189.208.0/21
31.40.112.0/20
37.208.120.0/21
62.118.0.0/16
62.168.224.0/19
79.171.115.0/24
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
92.43.184.0/21
93.90.224.0/20
94.140.128.0/19
95.153.136.0/22
95.169.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
178.159.16.0/20
185.168.236.0/22
193.104.128.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
1d:f8:f9:27:5e:6e:f8:57:15:c9:0b:4e:4f:74:12:a2:26:1c:
b4:92:fa:fa:62:1f:4c:9f:dc:01:39:ab:20:e0:04:90:a5:7d:
52:a1:28:5a:c6:52:5b:cd:1a:f0:67:1a:33:a8:a9:ea:dc:98:
ad:c5:a5:bd:74:7b:19:5c:bd:c1:d0:9f:05:66:c6:2e:07:87:
96:f2:0f:a8:c5:ec:78:96:e8:56:8b:ae:e0:1c:42:4a:b1:16:
b0:58:f0:24:8c:15:c8:bd:a1:58:ff:63:c4:7c:19:b9:df:41:
a5:c3:25:92:f8:75:68:b3:85:b2:89:59:d4:71:c3:3a:9c:77:
39:d2:fe:bb:a8:45:73:7a:d2:7b:f6:51:5f:b5:88:35:63:fb:
95:47:43:43:26:3e:0e:ce:d7:4a:df:de:4b:98:d3:a7:27:ac:
74:44:cf:96:21:73:b1:44:a2:a2:fc:8f:d5:7e:f5:a5:17:a0:
6b:5c:7e:97:0f:f6:57:15:18:72:b8:c7:cc:8b:6b:34:fa:a9:
bb:46:13:f7:ba:f6:9e:46:ad:10:4d:71:12:91:56:32:88:93:
3c:5a:29:8b:77:28:a5:96:bc:5a:12:26:0a:dc:e4:22:e4:db:
99:94:d2:22:f3:a1:a8:c7:15:88:2e:98:a7:c7:6b:96:79:66:
c4:75:98:cf
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZTLZWFurDbOTOJetSQvxEqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMjAzMTA0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjJiY2MwMDUzYzc1NTg5Yjk4NmYyNTcxZGVmMjU0NzIxYWQ3NGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio/jpxLnoVUrRQjsIYwHHNQfRSL+
T3GXlzqmdX7Mnn483pDmE1S7bCyyHDGfpGYxjfTDnfWuS6PJHNy3/lq2HlQikMMp
872HEm1mbLfMuio5ygw3QgSJG+Y5UHmHCR389vFk/tpmGfvUqF01GauDnUm5HrlL
8dBQBd1X1+dPIkuHbNMke9rTAhFy60f2RaaAvI6yecrOqpk7ttusGaFYDMNAbrgJ
RtNTnRjmdV2XuinwL/MqIMgSB28/MquEGvU54ETcWSzYTcb5CRttQLRlTzaa/bIm
1HjUek4wx/ZweoqvxxgW3mT5WbG98pdzpLcq9UvBor4fHMeyN2T/+xT+9wIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFDsrzABTx1WJuYbyVx3vJUchrXSxMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvT3l2TUFGUEhWWW01aHZKWEhlOGxSeUd0ZExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgdgEAgABMIHRAwQF
BZBgAwQDBb3QAwQEHyhwAwQDJdB4AwMAPnYDBAU+qOADBABPq3MDBABQU+0DBAVR
WyADAwBRwwMEBlJgwAMDAFPtAwMBVYwDBAVV6yADAwBZrwMDAltMAwQDXCu4AwQE
XVrgAwQFXoyAAwQCX5mIAwQFX6mAAwQFbcbgAwQDjWkYAwQAsN4RAwMAso0DBAey
mwADBASynxADBAK5qOwDBADBaIADBAbDIgADBAfUvAADAwDVVwMEBdWTIAMEAtWw
5DALAwQC2Ur0AwMA2UowFAQCAAIwDgMFAyoAH6ADBQMqAgAoMA0GCSqGSIb3DQEB
CwUAA4IBAQAd+PknXm74VxXJC05PdBKiJhy0kvr6Yh9Mn9wBOasg4ASQpX1SoSha
xlJbzRrwZxozqKnq3JitxaW9dHsZXL3B0J8FZsYuB4eW8g+oxex4luhWi67gHEJK
sRawWPAkjBXIvaFY/2PEfBm530GlwyWS+HVos4WyiVnUccM6nHc50v67qEVzetJ7
9lFftYg1Y/uVR0NDJj4OztdK395LmNOnJ6x0RM+WIXOxRKKi/I/VfvWlF6BrXH6X
D/ZXFRhyuMfMi2s0+qm7RhP3uvaeRq0QTXESkVYyiJM8WimLdyillrxaEiYK3OQi
5NuZlNIi86GoxxWILpinx2uWeWbEdZjP
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:39:06 2025 by rpki-client