Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/3lMm6EINKElryTvkAE1wjMGy_6I.roa
File: 3lMm6EINKElryTvkAE1wjMGy_6I.roa (raw, json)
Hash identifier: 19+u3/ZeUEZ4egbFnYa3A3B27WZZAHtfmQXwUchdluo=
Subject key identifier: DE:53:26:E8:42:0D:28:49:6B:C9:3B:E4:00:4D:70:8C:C1:B2:FF:A2
Certificate issuer: /CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Certificate serial: 0196B8CC2D0840B4C6C5CE1CFA13EDE244E2
Authority key identifier: 87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/3lMm6EINKElryTvkAE1wjMGy_6I.roa
Signing time: Sat 10 May 2025 06:05:10 +0000
ROA not before: Sat 10 May 2025 06:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132839
IP address blocks: 2.59.100.0/22 maxlen: 22
2.59.100.0/24 maxlen: 24
2.59.101.0/24 maxlen: 24
2.59.102.0/24 maxlen: 24
2.59.103.0/24 maxlen: 24
45.8.28.0/22 maxlen: 22
45.8.29.0/24 maxlen: 24
45.8.30.0/24 maxlen: 24
45.9.108.0/22 maxlen: 22
45.9.108.0/24 maxlen: 24
45.9.109.0/24 maxlen: 24
45.9.110.0/24 maxlen: 24
45.9.111.0/24 maxlen: 24
45.10.208.0/22 maxlen: 24
45.13.160.0/22 maxlen: 22
45.13.160.0/24 maxlen: 24
45.66.188.0/22 maxlen: 22
45.66.188.0/24 maxlen: 24
45.66.189.0/24 maxlen: 24
45.66.190.0/24 maxlen: 24
45.66.191.0/24 maxlen: 24
45.80.112.0/22 maxlen: 22
45.80.113.0/24 maxlen: 24
45.80.114.0/23 maxlen: 23
45.87.228.0/22 maxlen: 22
45.87.231.0/24 maxlen: 24
45.93.64.0/22 maxlen: 22
45.93.64.0/24 maxlen: 24
45.93.65.0/24 maxlen: 24
45.93.66.0/24 maxlen: 24
45.93.67.0/24 maxlen: 24
45.131.156.0/22 maxlen: 22
45.131.156.0/24 maxlen: 24
45.131.157.0/24 maxlen: 24
45.131.158.0/24 maxlen: 24
45.131.159.0/24 maxlen: 24
45.142.76.0/22 maxlen: 24
45.147.212.0/22 maxlen: 24
45.149.68.0/22 maxlen: 22
45.149.68.0/24 maxlen: 24
45.149.69.0/24 maxlen: 24
45.156.168.0/22 maxlen: 22
45.156.169.0/24 maxlen: 24
45.156.171.0/24 maxlen: 24
45.156.216.0/22 maxlen: 22
45.158.220.0/22 maxlen: 22
45.158.221.0/24 maxlen: 24
45.158.223.0/24 maxlen: 24
62.192.188.0/22 maxlen: 22
62.192.188.0/24 maxlen: 24
62.192.189.0/24 maxlen: 24
62.192.190.0/24 maxlen: 24
62.192.191.0/24 maxlen: 24
83.150.224.0/22 maxlen: 22
83.150.224.0/24 maxlen: 24
83.150.225.0/24 maxlen: 24
85.208.56.0/22 maxlen: 22
85.208.56.0/24 maxlen: 24
85.208.57.0/24 maxlen: 24
85.208.58.0/24 maxlen: 24
85.208.59.0/24 maxlen: 24
92.118.144.0/22 maxlen: 22
92.118.144.0/24 maxlen: 24
92.118.145.0/24 maxlen: 24
92.118.146.0/24 maxlen: 24
92.118.147.0/24 maxlen: 24
185.51.164.0/22 maxlen: 22
185.51.164.0/24 maxlen: 24
185.51.167.0/24 maxlen: 24
193.42.15.0/24 maxlen: 24
193.42.132.0/24 maxlen: 24
193.42.135.0/24 maxlen: 24
193.42.149.0/24 maxlen: 24
193.108.46.0/23 maxlen: 24
193.108.96.0/23 maxlen: 24
193.164.222.0/23 maxlen: 23
193.168.4.0/23 maxlen: 24
194.146.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 May 2025 15:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b8:cc:2d:08:40:b4:c6:c5:ce:1c:fa:13:ed:e2:44:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Validity
Not Before: May 10 06:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de5326e8420d28496bc93be4004d708cc1b2ffa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d0:c8:7e:30:fd:d8:a0:eb:82:b1:7b:bf:ac:
a7:04:88:18:c8:63:de:d1:4c:94:21:57:5b:ac:e0:
fe:ed:a6:6a:0f:e4:44:1c:1b:33:2e:bc:b3:98:7b:
45:4d:60:c3:a1:2c:1a:96:5b:f3:a3:56:4d:6c:ae:
63:5e:8e:07:b4:4b:15:24:0e:dc:61:dc:55:28:e1:
c7:cc:42:a4:ee:74:7f:7a:7e:2a:80:2f:98:43:e9:
52:8a:1e:37:45:d9:a8:ca:49:2f:42:51:dc:fc:5d:
5f:34:e4:bc:98:31:9a:4e:75:41:3e:58:e9:df:7a:
42:34:a2:b4:e8:49:d9:ee:36:56:33:44:d5:a6:dc:
87:97:eb:6f:9f:cb:78:73:df:c4:ec:79:f0:82:9d:
b8:74:1f:ed:cf:28:0e:c8:4e:c0:5f:65:65:4a:86:
45:79:ef:0c:97:97:66:83:11:17:8a:64:fc:3c:ce:
0d:0e:ea:72:77:6a:aa:ad:da:3a:68:b3:47:2d:99:
65:e9:91:d0:bd:50:1f:1e:88:c5:22:02:82:b4:c2:
68:09:de:38:2b:94:2f:53:e9:d2:6a:a2:18:9c:e2:
06:4f:a7:5e:45:39:e8:7f:db:5a:ed:91:70:6e:11:
84:74:30:af:32:85:4c:e3:91:ae:99:80:55:ff:de:
81:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:53:26:E8:42:0D:28:49:6B:C9:3B:E4:00:4D:70:8C:C1:B2:FF:A2
X509v3 Authority Key Identifier:
keyid:87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/3lMm6EINKElryTvkAE1wjMGy_6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.100.0/22
45.8.28.0/22
45.9.108.0/22
45.10.208.0/22
45.13.160.0/22
45.66.188.0/22
45.80.112.0/22
45.87.228.0/22
45.93.64.0/22
45.131.156.0/22
45.142.76.0/22
45.147.212.0/22
45.149.68.0/22
45.156.168.0/22
45.156.216.0/22
45.158.220.0/22
62.192.188.0/22
83.150.224.0/22
85.208.56.0/22
92.118.144.0/22
185.51.164.0/22
193.42.15.0/24
193.42.132.0/24
193.42.135.0/24
193.42.149.0/24
193.108.46.0/23
193.108.96.0/23
193.164.222.0/23
193.168.4.0/23
194.146.84.0/22
Signature Algorithm: sha256WithRSAEncryption
92:46:ad:c6:b8:00:d7:c8:c8:33:01:e0:2c:60:4b:eb:c1:bb:
a7:04:fb:0f:c9:43:8b:94:dc:75:48:19:67:4e:95:ec:d3:ca:
06:b4:df:fc:25:6e:7b:8e:74:67:be:8e:5c:e5:41:3a:85:d7:
35:34:0c:9d:31:a6:82:ef:75:f4:d6:b4:20:ca:93:d1:61:99:
e4:2c:48:33:ad:08:7f:96:cc:96:cf:d8:09:0c:ed:24:64:73:
36:63:ac:c2:4f:49:d4:7f:4b:63:71:10:8d:af:1e:11:31:6b:
fc:8c:2e:44:09:2b:68:37:32:a4:7a:f7:78:b6:f1:79:53:fd:
5e:fb:62:d9:60:db:42:07:e6:5f:95:78:cc:3b:36:0b:25:7e:
5d:9a:72:a3:47:0d:ad:71:5a:86:cf:51:c1:76:13:09:dd:0e:
78:f1:d2:26:18:a5:b3:09:6a:49:c1:9f:f9:6b:ca:b6:41:b4:
e4:c5:50:32:13:89:be:27:bb:e0:b2:6c:40:3a:68:96:5d:0f:
93:57:b9:1f:fe:d3:0b:80:ce:84:23:59:6c:c7:6d:c0:cf:a7:
85:28:0b:5a:23:e3:f2:02:14:97:2e:32:35:41:8d:75:5c:6a:
f6:66:8c:88:d2:b4:d7:d9:09:ef:a9:6f:53:1f:dd:08:ac:3b:
bf:66:19:75
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZa4zC0IQLTGxc4c+hPt4kTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGFiYjI5OTc3YTY1YjE0MGNhY2I2ZTcyYWIyNGNlZGRk
NGU4YzUwHhcNMjUwNTEwMDYwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTUzMjZlODQyMGQyODQ5NmJjOTNiZTQwMDRkNzA4Y2MxYjJmZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtDIfjD92KDrgrF7v6ynBIgYyGPe
0UyUIVdbrOD+7aZqD+REHBszLryzmHtFTWDDoSwallvzo1ZNbK5jXo4HtEsVJA7c
YdxVKOHHzEKk7nR/en4qgC+YQ+lSih43RdmoykkvQlHc/F1fNOS8mDGaTnVBPljp
33pCNKK06EnZ7jZWM0TVptyHl+tvn8t4c9/E7Hnwgp24dB/tzygOyE7AX2VlSoZF
ee8Ml5dmgxEXimT8PM4NDupyd2qqrdo6aLNHLZll6ZHQvVAfHojFIgKCtMJoCd44
K5QvU+nSaqIYnOIGT6deRTnof9ta7ZFwbhGEdDCvMoVM45GumYBV/96BjQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFN5TJuhCDShJa8k75ABNcIzBsv+iMB8GA1UdIwQY
MBaAFIeKuymXemWxQMrLbnKrJM7d1OjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2Et
YWM4NjQ3ZDA1NThhLzEvM2xNbTZFSU5LRWxyeVR2a0FFMXdqTUd5XzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2EtYWM4NjQ3ZDA1NThh
LzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAIC
O2QDBAItCBwDBAItCWwDBAItCtADBAItDaADBAItQrwDBAItUHADBAItV+QDBAIt
XUADBAItg5wDBAItjkwDBAItk9QDBAItlUQDBAItnKgDBAItnNgDBAItntwDBAI+
wLwDBAJTluADBAJV0DgDBAJcdpADBAK5M6QDBADBKg8DBADBKoQDBADBKocDBADB
KpUDBAHBbC4DBAHBbGADBAHBpN4DBAHBqAQDBALCklQwDQYJKoZIhvcNAQELBQAD
ggEBAJJGrca4ANfIyDMB4CxgS+vBu6cE+w/JQ4uU3HVIGWdOlezTyga03/wlbnuO
dGe+jlzlQTqF1zU0DJ0xpoLvdfTWtCDKk9FhmeQsSDOtCH+WzJbP2AkM7SRkczZj
rMJPSdR/S2NxEI2vHhExa/yMLkQJK2g3MqR693i28XlT/V77Ytlg20IH5l+VeMw7
Ngslfl2acqNHDa1xWobPUcF2EwndDnjx0iYYpbMJaknBn/lryrZBtOTFUDITib4n
u+CybEA6aJZdD5NXuR/+0wuAzoQjWWzHbcDPp4UoC1oj4/ICFJcuMjVBjXVcavZm
jIjStNfZCe+pb1Mf3QisO79mGXU=
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:36:08 2025 by rpki-client