Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gz7ZonPpbbxe-EAflsYA7c1CwQo.roa
File: gz7ZonPpbbxe-EAflsYA7c1CwQo.roa (raw, json)
Hash identifier: 1PuinXB0VZvePivzPpvCbwOyZTOk5bDAOyExstSws7Y=
Subject key identifier: 83:3E:D9:A2:73:E9:6D:BC:5E:F8:40:1F:96:C6:00:ED:CD:42:C1:0A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019711A7210BAF61E86B7DA38345304085EA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gz7ZonPpbbxe-EAflsYA7c1CwQo.roa
Signing time: Tue 27 May 2025 12:10:55 +0000
ROA not before: Tue 27 May 2025 12:10:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.5.189.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.217.0/24 maxlen: 24
82.153.231.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jun 2025 07:39:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:a7:21:0b:af:61:e8:6b:7d:a3:83:45:30:40:85:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 27 12:10:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=833ed9a273e96dbc5ef8401f96c600edcd42c10a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:48:55:50:91:27:66:bf:05:5d:e0:e3:24:dc:
e4:34:fd:b1:55:f9:b4:ce:7f:97:47:1e:e0:04:0a:
33:b8:80:97:dc:cc:1b:e8:b0:5f:c5:fb:f2:61:2d:
9c:b3:21:4b:fe:0b:e4:4a:e1:a7:fb:2e:ce:d5:de:
3b:16:e8:3a:9c:bd:d9:b7:f7:6a:58:cc:d2:af:7d:
cd:06:e3:d4:7f:82:25:47:c9:db:e0:26:8a:84:6e:
a7:f2:26:83:46:68:05:db:b4:e7:e0:11:4d:94:69:
69:d1:0a:6c:ef:ff:b0:35:2e:c1:5e:4f:2e:2c:fa:
d0:7a:d6:3e:e6:84:25:c4:b1:22:81:ea:35:17:e9:
e4:51:83:20:77:53:24:49:29:5b:69:64:c4:0b:fc:
7d:bd:e0:d2:09:3c:c0:f4:6c:63:74:9c:83:93:81:
c4:df:fc:9b:fb:f3:19:86:3b:9f:34:c9:f3:cc:8e:
e3:75:2e:d4:c3:66:3d:45:0e:80:84:e0:0c:f4:db:
d0:6b:7c:54:a6:af:2e:26:9c:6a:6d:37:c1:e9:b7:
af:6e:02:be:bf:62:67:d1:1f:c3:33:06:61:8b:9d:
90:cd:98:5e:e9:6f:f7:f0:68:4b:24:0b:2e:d8:7a:
3f:55:d7:74:74:be:9a:fa:31:86:ea:a0:7d:ce:37:
0a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:3E:D9:A2:73:E9:6D:BC:5E:F8:40:1F:96:C6:00:ED:CD:42:C1:0A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gz7ZonPpbbxe-EAflsYA7c1CwQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.8.0/24
82.152.176.0/23
82.153.69.0/24
82.153.136.0/22
82.153.217.0/24
82.153.231.0/24
82.153.255.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.212.0/24
89.213.224.0/24
89.213.228.0-89.213.239.255
109.176.14.0/24
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.239.0/24
213.218.244.0/22
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
56:bb:02:b4:d9:7d:5d:aa:13:a2:38:28:ca:a6:13:cb:f5:ae:
ef:33:7a:02:f0:a6:c9:7d:35:c6:ab:25:b1:3a:d8:37:54:e0:
b8:01:1d:9b:fb:58:8f:03:67:42:c6:d5:ac:37:42:9b:9d:7e:
0c:d2:5e:10:ab:0c:05:ab:18:f7:28:72:ee:68:86:3b:6d:88:
42:e7:5b:2d:6c:92:04:87:a2:b7:d0:35:58:c5:9e:d5:e8:6d:
8d:60:35:67:47:da:00:b1:f2:13:d6:b2:e3:8d:6e:38:7a:c1:
07:17:67:d1:89:20:7b:69:a0:65:7e:d7:06:8d:5f:14:37:9d:
33:1d:b6:79:60:03:7d:1b:ff:d2:0f:49:2d:27:4b:bb:21:f7:
3b:6c:42:89:5f:70:0a:c5:7e:29:ce:f8:03:4a:cf:e4:ca:84:
28:c5:6d:d8:3a:ea:a0:c0:f6:ed:d9:2c:10:78:f7:55:1c:cd:
3b:ac:46:74:73:cb:41:c9:52:f5:62:52:8a:f5:d8:e0:75:b9:
26:30:22:d4:95:f4:5b:8b:10:3a:b8:8c:72:0b:f8:4f:aa:64:
39:f1:d3:8a:43:b7:db:90:70:15:a6:48:86:f7:83:4b:87:1a:
26:30:7e:c6:df:22:97:71:a5:cf:f6:cd:c2:d7:2f:82:0a:12:
01:b1:04:d1
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgISAZcRpyELr2Hoa32jg0UwQIXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTI3MTIxMDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzNlZDlhMjczZTk2ZGJjNWVmODQwMWY5NmM2MDBlZGNkNDJjMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6khVUJEnZr8FXeDjJNzkNP2xVfm0
zn+XRx7gBAozuICX3Mwb6LBfxfvyYS2csyFL/gvkSuGn+y7O1d47Fug6nL3Zt/dq
WMzSr33NBuPUf4IlR8nb4CaKhG6n8iaDRmgF27Tn4BFNlGlp0Qps7/+wNS7BXk8u
LPrQetY+5oQlxLEigeo1F+nkUYMgd1MkSSlbaWTEC/x9veDSCTzA9GxjdJyDk4HE
3/yb+/MZhjufNMnzzI7jdS7Uw2Y9RQ6AhOAM9NvQa3xUpq8uJpxqbTfB6bevbgK+
v2Jn0R/DMwZhi52QzZhe6W/38GhLJAsu2Ho/Vdd0dL6a+jGG6qB9zjcKUQIDAQAB
o4IDWTCCA1UwHQYDVR0OBBYEFIM+2aJz6W28XvhAH5bGAO3NQsEKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ3o3Wm9uUHBiYnhlLUVBZmxzWUE3YzFDd1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbQYIKwYBBQUHAQcBAf8EggFcMIIBWDCCAVQEAgABMIIB
TAMEAFEFvQMEAFKYCAMEAVKYsAMEAFKZRQMEAlKZiAMEAFKZ2QMEAFKZ5wMEAFKZ
/wMEAVnVLDAMAwQBWdUyAwQCWdU4AwQAWdV/AwQAWdWBAwQAWdWEAwQAWdWLAwQA
WdWPMAwDBABZ1ZEDBABZ1ZIwDAMEAlnVlAMEBVnVgAMEAFnVogMEAFnVpAMEAFnV
pwMEAFnVqTAMAwQAWdWrAwQAWdWwAwQAWdW1AwQAWdW3AwQAWdW/MAwDBAJZ1cQD
BARZ1cADBABZ1dQDBABZ1eAwDAMEAlnV5AMEBFnV4AMEAG2wDgMEA22wEAMEAm2w
zAMEAW2w8gMEAbkxfgMEALllLwMEBMJpUAMEANQmTwMEAdQmWAMEAtWChAMEANWY
KwMEAtXSNAMEANXa0wMEANXa7wMEAtXa9DAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0G
CSqGSIb3DQEBCwUAA4IBAQBWuwK02X1dqhOiOCjKphPL9a7vM3oC8KbJfTXGqyWx
Otg3VOC4AR2b+1iPA2dCxtWsN0KbnX4M0l4QqwwFqxj3KHLuaIY7bYhC51stbJIE
h6K30DVYxZ7V6G2NYDVnR9oAsfIT1rLjjW44esEHF2fRiSB7aaBlftcGjV8UN50z
HbZ5YAN9G//SD0ktJ0u7Ifc7bEKJX3AKxX4pzvgDSs/kyoQoxW3YOuqgwPbt2SwQ
ePdVHM07rEZ0c8tByVL1YlKK9djgdbkmMCLUlfRbixA6uIxyC/hPqmQ58dOKQ7fb
kHAVpkiG94NLhxomMH7G3yKXcaXP9s3C1y+CChIBsQTR
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:34:18 2025 by rpki-client