Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dtZoAL_OtxfLLnx_ZyeM8no39UM.roa
File: dtZoAL_OtxfLLnx_ZyeM8no39UM.roa (raw, json)
Hash identifier: 7aD4PcK+WGMHSfyCnrdzF52V4yfzD5Gijvdo/upJGFs=
Subject key identifier: 76:D6:68:00:BF:CE:B7:17:CB:2E:7C:7F:67:27:8C:F2:7A:37:F5:43
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01970DC1CF65A1A00EE72FAF8039152B758E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dtZoAL_OtxfLLnx_ZyeM8no39UM.roa
Signing time: Mon 26 May 2025 18:01:34 +0000
ROA not before: Mon 26 May 2025 18:01:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.5.189.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.217.0/24 maxlen: 24
82.153.231.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 May 2025 12:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:c1:cf:65:a1:a0:0e:e7:2f:af:80:39:15:2b:75:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 26 18:01:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76d66800bfceb717cb2e7c7f67278cf27a37f543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3e:30:57:6b:03:bf:37:4a:fc:ff:19:a6:63:
2c:25:77:dd:ca:a4:77:e2:59:34:f2:fc:c1:46:a2:
01:16:ce:19:13:5f:c0:e9:84:ab:f1:c8:10:fc:6d:
e5:95:42:69:72:68:ea:0c:84:c8:af:6d:c2:7a:e6:
a2:e9:36:29:87:85:9d:12:d7:06:6b:80:f6:e4:62:
8b:c4:d2:1f:9b:94:56:f9:e0:02:d9:0a:bd:92:f9:
d7:59:00:76:a9:c5:b4:c8:2b:e7:72:3a:f4:93:3a:
10:76:e9:e3:58:3c:3f:dc:86:ab:ad:1d:c9:31:65:
e4:22:be:da:41:9e:34:74:cd:d6:44:68:59:87:a3:
bb:ad:53:41:2a:18:25:be:96:9b:ba:f1:61:25:25:
3d:5f:18:12:d6:cd:ff:67:24:6e:49:4f:fc:8d:e3:
4d:ae:f9:fe:ca:b1:36:ab:ef:7c:b9:a3:a4:fe:d5:
cd:15:d7:fb:b5:40:bd:8f:ca:55:9a:e1:22:e6:fd:
eb:c5:e8:84:a8:1a:35:67:7e:ff:b5:38:2d:c0:ac:
09:fc:40:c1:6d:86:3e:4e:a8:d2:7f:1f:cf:8a:62:
85:d0:79:34:a4:2f:bb:a7:5a:3a:8f:36:4f:7f:0b:
59:99:88:d2:5f:49:0d:a4:89:a4:90:02:00:23:f3:
74:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D6:68:00:BF:CE:B7:17:CB:2E:7C:7F:67:27:8C:F2:7A:37:F5:43
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dtZoAL_OtxfLLnx_ZyeM8no39UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.8.0/24
82.152.176.0/23
82.153.69.0/24
82.153.136.0/22
82.153.217.0/24
82.153.231.0/24
82.153.255.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.212.0/24
89.213.224.0/24
89.213.228.0-89.213.239.255
109.176.14.0/24
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.239.0/24
213.218.244.0/22
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
62:84:27:c4:14:a6:cf:e9:5b:e6:59:9e:2e:f6:c5:9a:6d:7c:
8f:89:42:28:3e:7d:18:f8:53:32:a3:ea:9f:3a:e8:28:5d:ee:
2f:d0:21:db:91:6d:ea:e4:c9:41:0c:23:66:cb:ea:42:6c:07:
ad:d4:b6:67:f8:b5:cd:c4:b9:54:ca:1f:10:0b:62:c8:9e:d6:
d0:3e:5f:68:5e:f4:9f:2e:bb:8a:78:98:6f:62:6c:1f:14:cc:
c2:b7:5b:45:42:29:e1:b5:38:5b:1a:d6:a6:ea:6f:fd:44:4f:
96:e3:a7:f4:ce:f9:c2:a8:9b:2b:60:b9:a3:a7:6f:b9:fc:31:
3e:cd:ea:12:bd:b3:ed:74:58:c8:44:e6:f6:7b:3e:b5:1e:e1:
cd:2f:05:bb:36:b5:8e:f8:07:2c:65:63:d5:6e:da:2e:12:8e:
a6:57:ad:f1:ef:52:43:5b:80:2c:e7:a5:b0:42:14:06:75:e4:
8a:82:0b:a0:e7:0b:2a:c4:19:83:50:a4:c3:0e:fe:21:ae:4f:
57:6b:9e:e4:02:c9:82:f2:4f:47:c7:98:4d:51:1e:9c:c5:55:
fb:f0:8a:b3:f1:b5:06:8d:cd:18:c9:a1:cd:58:8c:12:2d:ce:
24:01:0e:03:95:56:4e:3e:ca:36:e4:40:d9:e6:4f:49:72:55:
07:51:f0:1c
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZcNwc9loaAO5y+vgDkVK3WOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTI2MTgwMTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQ2NjgwMGJmY2ViNzE3Y2IyZTdjN2Y2NzI3OGNmMjdhMzdmNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj4wV2sDvzdK/P8ZpmMsJXfdyqR3
4lk08vzBRqIBFs4ZE1/A6YSr8cgQ/G3llUJpcmjqDITIr23Ceuai6TYph4WdEtcG
a4D25GKLxNIfm5RW+eAC2Qq9kvnXWQB2qcW0yCvncjr0kzoQdunjWDw/3IarrR3J
MWXkIr7aQZ40dM3WRGhZh6O7rVNBKhglvpabuvFhJSU9XxgS1s3/ZyRuSU/8jeNN
rvn+yrE2q+98uaOk/tXNFdf7tUC9j8pVmuEi5v3rxeiEqBo1Z37/tTgtwKwJ/EDB
bYY+TqjSfx/PimKF0Hk0pC+7p1o6jzZPfwtZmYjSX0kNpImkkAIAI/N0zwIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFHbWaAC/zrcXyy58f2cnjPJ6N/VDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZHRab0FMX090eGZMTG54X1p5ZU04bm8zOVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCAU4EAgABMIIB
RgMEAFEFvQMEAFKYCAMEAVKYsAMEAFKZRQMEAlKZiAMEAFKZ2QMEAFKZ5wMEAFKZ
/wMEAVnVLDAMAwQBWdUyAwQCWdU4AwQAWdWBAwQAWdWEAwQAWdWLAwQAWdWPMAwD
BABZ1ZEDBABZ1ZIwDAMEAlnVlAMEBVnVgAMEAFnVogMEAFnVpAMEAFnVpwMEAFnV
qTAMAwQAWdWrAwQAWdWwAwQAWdW1AwQAWdW3AwQAWdW/MAwDBAJZ1cQDBARZ1cAD
BABZ1dQDBABZ1eAwDAMEAlnV5AMEBFnV4AMEAG2wDgMEA22wEAMEAm2wzAMEAW2w
8gMEAbkxfgMEALllLwMEBMJpUAMEANQmTwMEAdQmWAMEAtWChAMEANWYKwMEAtXS
NAMEANXa0wMEANXa7wMEAtXa9DAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3
DQEBCwUAA4IBAQBihCfEFKbP6VvmWZ4u9sWabXyPiUIoPn0Y+FMyo+qfOugoXe4v
0CHbkW3q5MlBDCNmy+pCbAet1LZn+LXNxLlUyh8QC2LIntbQPl9oXvSfLruKeJhv
YmwfFMzCt1tFQinhtThbGtam6m/9RE+W46f0zvnCqJsrYLmjp2+5/DE+zeoSvbPt
dFjIROb2ez61HuHNLwW7NrWO+AcsZWPVbtouEo6mV63x71JDW4As56WwQhQGdeSK
ggug5wsqxBmDUKTDDv4hrk9Xa57kAsmC8k9Hx5hNUR6cxVX78Iqz8bUGjc0YyaHN
WIwSLc4kAQ4DlVZOPso25EDZ5k9JclUHUfAc
-----END CERTIFICATE-----
Generated at Sat Jun 7 19:24:56 2025 by rpki-client