Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ICYQKQsmvYbH-ocqHLi7qnYYMsU.roa
File: ICYQKQsmvYbH-ocqHLi7qnYYMsU.roa (raw, json)
Hash identifier: 39EwH1aUisRMRo91cwxHpfdjl8LYus1GZhTJQZyAnUs=
Subject key identifier: 20:26:10:29:0B:26:BD:86:C7:FA:87:2A:1C:B8:BB:AA:76:18:32:C5
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0194FFFC2830CDD2049DE3C3CB21E56C364F
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ICYQKQsmvYbH-ocqHLi7qnYYMsU.roa
Signing time: Thu 13 Feb 2025 15:45:02 +0000
ROA not before: Thu 13 Feb 2025 15:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
46.165.64.0/18 maxlen: 24
62.8.0.0/19 maxlen: 24
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.62.169.0/24 maxlen: 24
62.85.128.0/19 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.84.0.0/16 maxlen: 24
77.128.0.0/13 maxlen: 24
77.136.0.0/16 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.137.224.0/19 maxlen: 24
77.140.0.0/14 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
77.233.96.0/19 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
78.159.0.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.132.32.0/19 maxlen: 24
79.174.192.0/18 maxlen: 24
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.124.0.0/15 maxlen: 24
80.185.0.0/16 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.185.0.0/16 maxlen: 24
81.220.0.0/16 maxlen: 24
82.151.0.0/19 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
85.68.0.0/15 maxlen: 24
85.117.128.0/19 maxlen: 24
85.168.0.0/14 maxlen: 24
85.192.192.0/18 maxlen: 24
86.63.224.0/19 maxlen: 24
86.64.0.0/12 maxlen: 24
87.100.0.0/17 maxlen: 24
87.231.0.0/16 maxlen: 24
87.255.128.0/19 maxlen: 24
88.136.0.0/13 maxlen: 24
88.219.0.0/16 maxlen: 24
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
89.170.0.0/16 maxlen: 24
89.185.160.0/19 maxlen: 24
91.68.0.0/14 maxlen: 24
91.88.0.0/16 maxlen: 24
91.91.0.0/16 maxlen: 24
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
93.182.192.0/18 maxlen: 24
93.191.80.0/21 maxlen: 24
95.136.128.0/17 maxlen: 24
95.157.128.0/18 maxlen: 24
95.157.192.0/18 maxlen: 18
95.168.0.0/19 maxlen: 24
95.171.128.0/19 maxlen: 24
95.174.160.0/19 maxlen: 24
95.175.160.0/19 maxlen: 24
95.181.220.0/22 maxlen: 24
109.0.0.0/11 maxlen: 24
130.0.96.0/19 maxlen: 19
141.170.216.0/21 maxlen: 24
159.20.8.0/21 maxlen: 24
176.52.224.0/20 maxlen: 20
178.18.176.0/20 maxlen: 24
178.19.0.0/20 maxlen: 24
185.39.216.0/22 maxlen: 24
185.147.204.0/22 maxlen: 24
185.147.232.0/22 maxlen: 22
185.150.120.0/22 maxlen: 24
188.7.0.0/16 maxlen: 24
188.141.128.0/17 maxlen: 24
188.224.0.0/17 maxlen: 24
194.6.128.0/19 maxlen: 24
194.153.88.0/23 maxlen: 24
194.153.90.0/24 maxlen: 24
194.153.92.0/24 maxlen: 24
194.153.97.0/24 maxlen: 24
194.183.192.0/19 maxlen: 24
194.242.176.0/20 maxlen: 24
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.23.160.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.176.192.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.222.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:5e80::/32 maxlen: 48
2a00:6200::/29 maxlen: 48
2a00:7180::/32 maxlen: 48
2a00:8380::/32 maxlen: 48
2a00:8d80::/32 maxlen: 48
2a00:9380::/32 maxlen: 32
2a00:a580::/32 maxlen: 48
2a00:ba80::/32 maxlen: 48
2a00:c780::/32 maxlen: 48
2a00:cc80::/32 maxlen: 48
2a00:e080::/32 maxlen: 48
2a00:e880::/32 maxlen: 48
2a00:ec80::/29 maxlen: 48
2a00:ec80::/32 maxlen: 48
2a00:ec81::/32 maxlen: 48
2a02:8400::/25 maxlen: 48
2a04:800::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Feb 2025 16:33:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:fc:28:30:cd:d2:04:9d:e3:c3:cb:21:e5:6c:36:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Feb 13 15:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=202610290b26bd86c7fa872a1cb8bbaa761832c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e8:4b:2e:7a:98:e8:60:95:38:97:36:be:f8:
e4:9d:a2:b3:60:15:b2:0f:d2:f5:3c:2b:d7:c3:8e:
6d:f4:19:e2:60:09:c4:85:2f:b3:61:2c:65:ec:d7:
8d:8e:85:84:69:16:95:f2:95:11:20:6b:c8:a8:fa:
d8:38:68:ee:dd:b1:1e:7d:fb:3e:61:7e:fb:8d:06:
0a:52:de:61:a2:05:9f:e6:c6:c0:3c:26:22:e3:e9:
75:e3:5e:52:26:8c:bf:04:98:fd:a4:01:cd:03:b1:
2c:e7:03:f8:26:ca:2d:86:e9:79:8d:14:93:a8:7a:
d1:e2:2a:2a:94:1e:b9:9a:f7:21:b6:d0:86:8d:eb:
63:df:85:02:99:1f:e0:93:a6:7c:ed:60:c2:57:c7:
8f:5e:55:fe:12:47:06:44:f1:3c:f3:9a:37:cb:ba:
5c:6b:42:e9:d2:98:a2:89:b5:ff:7d:69:87:b9:d3:
18:63:1d:53:e6:36:ae:a9:68:28:53:a0:b9:81:3c:
de:8f:1a:8b:2b:c4:f6:32:13:fb:ba:79:82:d3:59:
45:eb:bd:ab:c6:95:c5:3e:7b:cd:b1:3e:04:15:23:
b2:91:bc:6c:31:cf:fb:14:c5:bf:6c:9a:e5:0f:90:
47:35:4a:5b:4a:ec:4b:d8:06:43:55:19:e8:74:2f:
38:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:26:10:29:0B:26:BD:86:C7:FA:87:2A:1C:B8:BB:AA:76:18:32:C5
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ICYQKQsmvYbH-ocqHLi7qnYYMsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
46.165.64.0/18
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.85.128.0/19
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.84.0.0/16
77.128.0.0-77.136.255.255
77.137.196.0-77.137.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
77.233.96.0/19
78.112.0.0/12
78.155.128.0/19
78.159.0.0/19
79.80.0.0/12
79.132.32.0/19
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.185.0.0/16
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.151.0.0/19
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.117.128.0/19
85.168.0.0/14
85.192.192.0/18
86.63.224.0-86.79.255.255
87.100.0.0/17
87.231.0.0/16
87.255.128.0/19
88.136.0.0/13
88.219.0.0/16
89.2.0.0/15
89.156.0.0/14
89.170.0.0/16
89.185.160.0/19
91.68.0.0/14
91.88.0.0/16
91.91.0.0/16
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
93.182.192.0/18
93.191.80.0/21
95.136.128.0/17
95.157.128.0/17
95.168.0.0/19
95.171.128.0/19
95.174.160.0/19
95.175.160.0/19
95.181.220.0/22
109.0.0.0/11
130.0.96.0/19
141.170.216.0/21
159.20.8.0/21
176.52.224.0/20
178.18.176.0/20
178.19.0.0/20
185.39.216.0/22
185.147.204.0/22
185.147.232.0/22
185.150.120.0/22
188.7.0.0/16
188.141.128.0/17
188.224.0.0/17
194.6.128.0/19
194.153.88.0-194.153.90.255
194.153.92.0/24
194.153.97.0/24
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.23.160.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.176.192.0/19
213.203.64.0/18
213.222.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:5e80::/32
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:a580::/32
2a00:ba80::/32
2a00:c780::/32
2a00:cc80::/32
2a00:e080::/32
2a00:e880::/32
2a00:ec80::/29
2a02:8400::/25
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
1d:fe:40:00:63:a9:35:d3:73:75:7e:c7:98:48:d8:86:ff:8a:
82:18:fc:e9:8d:e7:65:9e:a0:21:1b:81:48:3d:1c:3f:7b:43:
b1:0c:47:0d:c4:1e:9f:62:20:00:df:46:91:32:95:db:c4:8f:
ad:27:07:59:e3:81:64:99:06:d6:61:96:8b:66:0d:6f:b0:60:
41:5e:a9:12:7c:b8:50:aa:66:4e:d5:ff:ee:d3:08:30:5b:c6:
74:b7:cb:26:f0:32:99:65:ef:d6:98:60:ff:94:99:64:11:f3:
35:cf:db:33:00:71:42:5d:b1:ea:74:f1:5e:c2:c7:9e:55:d2:
bd:0d:02:70:56:32:91:76:95:d2:f2:fb:cb:aa:5d:1a:b2:d1:
11:98:be:12:e9:82:b8:d2:e3:1b:ed:1b:58:c0:e1:d5:ed:c3:
af:1b:ca:ed:00:9d:20:e3:df:22:82:6c:45:76:13:d9:02:07:
89:b9:bc:82:1f:a5:c9:d2:d1:09:cc:c9:c7:de:cd:09:da:e2:
56:98:46:8c:2a:2f:83:5a:3d:5b:47:4f:76:9a:a8:c1:8c:d9:
a9:ab:33:a2:e4:62:59:3c:c2:f6:cf:a7:31:93:41:95:5c:93:
86:cf:b0:16:94:a5:cc:8f:9a:0c:69:3e:0f:1b:0b:a2:59:03:
9c:fb:2c:a4
-----BEGIN CERTIFICATE-----
MIIH/zCCBuegAwIBAgISAZT//CgwzdIEnePDyyHlbDZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMjEzMTU0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDI2MTAyOTBiMjZiZDg2YzdmYTg3MmExY2I4YmJhYTc2MTgzMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+hLLnqY6GCVOJc2vvjknaKzYBWy
D9L1PCvXw45t9BniYAnEhS+zYSxl7NeNjoWEaRaV8pURIGvIqPrYOGju3bEeffs+
YX77jQYKUt5hogWf5sbAPCYi4+l1415SJoy/BJj9pAHNA7Es5wP4Jsothul5jRST
qHrR4ioqlB65mvchttCGjetj34UCmR/gk6Z87WDCV8ePXlX+EkcGRPE885o3y7pc
a0Lp0piiibX/fWmHudMYYx1T5jauqWgoU6C5gTzejxqLK8T2MhP7unmC01lF672r
xpXFPnvNsT4EFSOykbxsMc/7FMW/bJrlD5BHNUpbSuxL2AZDVRnodC84DwIDAQAB
o4IFCzCCBQcwHQYDVR0OBBYEFCAmECkLJr2Gx/qHKhy4u6p2GDLFMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvSUNZUUtRc212WWJILW9jcUhMaTdxbllZTXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIDHwYIKwYBBQUHAQcBAf8EggMOMIIDCjCCApUEAgABMIIC
jQMDAyVAAwQFLiMAAwQGLqVAAwQFPggAAwMAPicDBAc+PoADBAU+VYADBAc+aoAD
BAU+gaADBAY+8UADAwBNVDAKAwMHTYADAwBNiDALAwQCTYnEAwMBTYgwCgMDAk2M
AwMFTYADAwRNwAMEBU3pYAMDBE5wAwQFTpuAAwQFTp8AAwMET1ADBAVPhCADBAZP
rsADBARQRiADAwFQdgMDAVB8AwMAULkDBAdQ7AADBAZRAQADAwJRQAMDAFG5AwMA
UdwDBAVSlwADAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFVRAME
BVV1gAMDAlWoAwQGVcDAMAsDBAVWP+ADAwRWQAMEB1dkAAMDAFfnAwQFV/+AAwMD
WIgDAwBY2wMDAVkCAwMCWZwDAwBZqgMEBVm5oAMDAltEAwMAW1gDAwBbWwMEBFuX
cAMDA1xYAwMFXQADBAZdtsADBANdv1ADBAdfiIADBAdfnYADBAVfqAADBAVfq4AD
BAVfrqADBAVfr6ADBAJftdwDAwVtAAMEBYIAYAMEA42q2AMEA58UCAMEBLA04AME
BLISsAMEBLITAAMEArkn2AMEArmTzAMEArmT6AMEArmWeAMDALwHAwQHvI2AAwQH
vOAAAwQFwgaAMAwDBAPCmVgDBADCmVoDBADCmVwDBADCmWEDBAXCt8ADBATC8rAD
BAbDAwADBAXDB2ADBAXDYmADAwDDcwMDAMOEAwQFw5LAAwQF1BegAwQF1B5gAwQF
1CeAAwQF1F6gAwMA1MYDBAXVgCADBAXVkMADBAXVqaADBAXVsMADBAbVy0ADBAbV
3kADAwDV3wMDANX1AwQE2RPAAwQE2UZQAwQE2XDgMG8EAgACMGkDBQAqAF6AAwUD
KgBiAAMFACoAcYADBQAqAIOAAwUAKgCNgAMFACoAk4ADBQAqAKWAAwUAKgC6gAMF
ACoAx4ADBQAqAMyAAwUAKgDggAMFACoA6IADBQMqAOyAAwUHKgKEAAMFAyoECAAw
DQYJKoZIhvcNAQELBQADggEBAB3+QABjqTXTc3V+x5hI2Ib/ioIY/OmN52WeoCEb
gUg9HD97Q7EMRw3EHp9iIADfRpEyldvEj60nB1njgWSZBtZhlotmDW+wYEFeqRJ8
uFCqZk7V/+7TCDBbxnS3yybwMpll79aYYP+UmWQR8zXP2zMAcUJdsep08V7Cx55V
0r0NAnBWMpF2ldLy+8uqXRqy0RGYvhLpgrjS4xvtG1jA4dXtw68byu0AnSDj3yKC
bEV2E9kCB4m5vIIfpcnS0QnMycfezQna4laYRowqL4NaPVtHT3aaqMGM2amrM6Lk
Ylk8wvbPpzGTQZVck4bPsBaUpcyPmgxpPg8bC6JZA5z7LKQ=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:42:54 2025 by rpki-client