Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/oO-tdMxwxTcWJcACoyAQqqYfPw8.roa
File: oO-tdMxwxTcWJcACoyAQqqYfPw8.roa (raw, json)
Hash identifier: FrS4zksQ/1pmy9s91Ohn+pkg6Mt3xYCIg6y2W14Itik=
Subject key identifier: A0:EF:AD:74:CC:70:C5:37:16:25:C0:02:A3:20:10:AA:A6:1F:3F:0F
Certificate issuer: /CN=eb500c9002321f03964583710b7baa4597341213
Certificate serial: 019423699DB29DB8A686C5D301FED30DCB94
Authority key identifier: EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/oO-tdMxwxTcWJcACoyAQqqYfPw8.roa
Signing time: Wed 01 Jan 2025 19:48:31 +0000
ROA not before: Wed 01 Jan 2025 19:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 5.35.96.0/23 maxlen: 23
5.35.98.0/23 maxlen: 23
31.135.8.0/23 maxlen: 23
31.135.10.0/24 maxlen: 24
31.135.11.0/24 maxlen: 24
31.135.12.0/23 maxlen: 23
31.135.14.0/23 maxlen: 23
37.230.112.0/23 maxlen: 23
37.230.114.0/23 maxlen: 23
37.230.116.0/23 maxlen: 23
37.230.118.0/23 maxlen: 23
62.181.44.0/24 maxlen: 24
62.181.53.0/24 maxlen: 24
62.181.54.0/23 maxlen: 23
78.24.216.0/21 maxlen: 21
79.143.72.0/23 maxlen: 23
79.174.12.0/23 maxlen: 23
79.174.14.0/23 maxlen: 23
83.136.232.0/23 maxlen: 23
83.136.235.0/24 maxlen: 24
86.110.194.0/24 maxlen: 24
86.110.208.0/23 maxlen: 23
86.110.212.0/24 maxlen: 24
86.110.215.0/24 maxlen: 24
86.110.220.0/24 maxlen: 24
89.169.28.0/23 maxlen: 23
89.169.30.0/23 maxlen: 23
91.107.120.0/21 maxlen: 21
91.228.224.0/23 maxlen: 23
92.63.192.0/23 maxlen: 23
92.63.194.0/23 maxlen: 23
94.250.248.0/23 maxlen: 23
94.250.250.0/23 maxlen: 23
94.250.252.0/23 maxlen: 23
94.250.254.0/23 maxlen: 23
109.172.4.0/23 maxlen: 23
109.172.6.0/23 maxlen: 23
109.172.108.0/22 maxlen: 22
109.172.112.0/23 maxlen: 23
109.172.114.0/23 maxlen: 23
149.154.64.0/23 maxlen: 23
149.154.66.0/23 maxlen: 23
149.154.68.0/23 maxlen: 23
149.154.70.0/23 maxlen: 23
176.123.168.0/23 maxlen: 23
176.123.170.0/23 maxlen: 23
176.123.172.0/23 maxlen: 23
176.123.174.0/23 maxlen: 23
178.250.156.0/23 maxlen: 23
178.250.158.0/23 maxlen: 23
185.60.132.0/23 maxlen: 23
185.60.134.0/23 maxlen: 23
185.187.115.0/24 maxlen: 24
188.120.224.0/20 maxlen: 20
188.120.240.0/21 maxlen: 21
188.120.248.0/23 maxlen: 23
188.120.248.0/24 maxlen: 24
188.120.249.0/24 maxlen: 24
188.120.250.0/23 maxlen: 23
188.120.252.0/24 maxlen: 24
188.120.253.0/24 maxlen: 24
188.120.254.0/23 maxlen: 23
212.57.115.0/24 maxlen: 24
212.57.116.0/24 maxlen: 24
212.57.118.0/24 maxlen: 24
212.57.122.0/24 maxlen: 24
212.57.124.0/23 maxlen: 23
212.57.126.0/23 maxlen: 23
217.28.220.0/23 maxlen: 23
217.28.222.0/23 maxlen: 23
2a01:230::/48 maxlen: 48
2a01:230:1::/48 maxlen: 48
2a01:230:2::/48 maxlen: 48
2a01:230:3::/48 maxlen: 48
2a01:230:4::/48 maxlen: 48
2a01:230:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Jan 2025 07:20:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:9d:b2:9d:b8:a6:86:c5:d3:01:fe:d3:0d:cb:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb500c9002321f03964583710b7baa4597341213
Validity
Not Before: Jan 1 19:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0efad74cc70c5371625c002a32010aaa61f3f0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bd:d1:76:f1:a2:36:c0:a4:f8:38:20:e0:55:
b9:70:03:94:b5:04:74:db:50:bd:70:d6:10:84:84:
cc:09:a3:9c:67:6a:2c:a1:ac:70:57:19:d3:ec:8a:
d3:4c:cb:0f:32:11:69:de:f7:55:cd:2b:ec:2d:96:
74:a9:cf:20:8a:9e:49:88:97:f4:bc:6b:31:b2:3d:
fa:4e:be:db:31:f8:71:3f:6c:20:a9:fd:4a:73:a7:
49:a3:01:49:3f:b2:55:a8:82:41:10:e7:41:d6:04:
34:5a:cd:05:a3:62:68:5f:a0:13:73:56:7d:3a:c0:
a7:53:41:46:f8:94:16:43:79:18:04:c5:64:11:ad:
4b:93:70:0d:1a:4d:23:53:4f:80:31:c4:c1:84:ad:
62:8e:7e:28:21:76:0a:46:65:0a:4f:30:a7:a0:13:
61:56:1d:9a:bb:af:84:52:ef:b0:b7:d7:73:0f:b5:
fd:5f:c0:95:97:65:28:28:03:55:81:3c:c6:93:68:
60:8a:d0:df:47:6a:7a:94:22:50:b9:bc:26:66:2a:
f7:d5:12:f5:70:bc:91:e5:34:db:96:5e:fc:01:f9:
f9:c4:bf:77:f7:43:b9:3e:50:34:43:c5:74:62:51:
dd:c5:9c:9e:a6:8d:66:87:cc:57:29:3b:a6:3e:36:
9e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EF:AD:74:CC:70:C5:37:16:25:C0:02:A3:20:10:AA:A6:1F:3F:0F
X509v3 Authority Key Identifier:
keyid:EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/oO-tdMxwxTcWJcACoyAQqqYfPw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/61AMkAIyHwOWRYNxC3uqRZc0EhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.96.0/22
31.135.8.0/21
37.230.112.0/21
62.181.44.0/24
62.181.53.0-62.181.55.255
78.24.216.0/21
79.143.72.0/23
79.174.12.0/22
83.136.232.0/23
83.136.235.0/24
86.110.194.0/24
86.110.208.0/23
86.110.212.0/24
86.110.215.0/24
86.110.220.0/24
89.169.28.0/22
91.107.120.0/21
91.228.224.0/23
92.63.192.0/22
94.250.248.0/21
109.172.4.0/22
109.172.108.0-109.172.115.255
149.154.64.0/21
176.123.168.0/21
178.250.156.0/22
185.60.132.0/22
185.187.115.0/24
188.120.224.0/19
212.57.115.0-212.57.116.255
212.57.118.0/24
212.57.122.0/24
212.57.124.0/22
217.28.220.0/22
IPv6:
2a01:230::-2a01:230:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
44:39:eb:88:4a:4e:2f:c1:a8:f4:ae:74:bb:5f:23:97:4a:e3:
e3:b0:29:21:6a:18:9d:5d:1a:37:3f:fc:c9:2b:40:85:91:70:
05:c4:5d:22:ba:07:e4:47:53:d0:d4:5f:71:1b:c0:22:11:fa:
09:67:fe:f2:d0:9e:35:d5:4a:c7:40:72:7e:e4:84:3d:03:a3:
ca:4f:e9:98:b7:16:37:90:fc:0c:30:0a:04:5f:ff:29:3a:9f:
6a:03:d5:81:d2:38:95:ce:5d:2b:92:dc:87:39:34:36:8b:af:
b6:8b:d8:32:b8:6c:a4:12:c8:e0:07:1a:fc:49:b8:48:2e:d7:
7c:8b:7b:0b:37:4d:eb:69:62:de:33:27:a5:d2:ca:77:e8:55:
71:69:f5:21:6e:77:b8:fd:b3:73:83:c7:ae:c5:23:a3:5d:47:
a9:f3:26:49:fa:c2:6e:b5:be:0d:46:1b:ec:8d:07:f3:f7:cb:
ce:79:0f:d2:6a:1d:76:c5:7b:d0:df:5b:29:4c:5f:97:5e:c7:
4a:28:37:4b:07:88:ee:80:71:ae:7a:5d:34:e6:51:83:42:59:
dd:d3:9e:8e:bf:0b:4a:e4:c9:e4:77:55:08:00:72:61:f8:9a:
b1:c4:e5:cf:5b:5a:63:e1:37:10:ec:ba:62:a1:ec:d7:b8:c9:
36:3e:b0:15
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZQjaZ2ynbimhsXTAf7TDcuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTAwYzkwMDIzMjFmMDM5NjQ1ODM3MTBiN2JhYTQ1OTcz
NDEyMTMwHhcNMjUwMTAxMTk0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGVmYWQ3NGNjNzBjNTM3MTYyNWMwMDJhMzIwMTBhYWE2MWYzZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb3RdvGiNsCk+Dgg4FW5cAOUtQR0
21C9cNYQhITMCaOcZ2osoaxwVxnT7IrTTMsPMhFp3vdVzSvsLZZ0qc8gip5JiJf0
vGsxsj36Tr7bMfhxP2wgqf1Kc6dJowFJP7JVqIJBEOdB1gQ0Ws0Fo2JoX6ATc1Z9
OsCnU0FG+JQWQ3kYBMVkEa1Lk3ANGk0jU0+AMcTBhK1ijn4oIXYKRmUKTzCnoBNh
Vh2au6+EUu+wt9dzD7X9X8CVl2UoKANVgTzGk2hgitDfR2p6lCJQubwmZir31RL1
cLyR5TTbll78Afn5xL9390O5PlA0Q8V0YlHdxZyepo1mh8xXKTumPjaekwIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFKDvrXTMcMU3FiXAAqMgEKqmHz8PMB8GA1UdIwQY
MBaAFOtQDJACMh8DlkWDcQt7qkWXNBITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYt
NGE2ODU5NjJmM2U4LzEvb08tdGRNeHd4VGNXSmNBQ295QVFxcVlmUHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYtNGE2ODU5NjJmM2U4
LzEvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB5QQCAAEwgd4D
BAIFI2ADBAMfhwgDBAMl5nADBAA+tSwwDAMEAD61NQMEAz61MAMEA04Y2AMEAU+P
SAMEAk+uDAMEAVOI6AMEAFOI6wMEAFZuwgMEAVZu0AMEAFZu1AMEAFZu1wMEAFZu
3AMEAlmpHAMEA1treAMEAVvk4AMEAlw/wAMEA176+AMEAm2sBDAMAwQCbaxsAwQC
baxwAwQDlZpAAwQDsHuoAwQCsvqcAwQCuTyEAwQAubtzAwQFvHjgMAwDBADUOXMD
BADUOXQDBADUOXYDBADUOXoDBALUOXwDBALZHNwwGAQCAAIwEjAQAwUEKgECMAMH
ASoBAjAABDANBgkqhkiG9w0BAQsFAAOCAQEARDnriEpOL8Go9K50u18jl0rj47Ap
IWoYnV0aNz/8yStAhZFwBcRdIroH5EdT0NRfcRvAIhH6CWf+8tCeNdVKx0ByfuSE
PQOjyk/pmLcWN5D8DDAKBF//KTqfagPVgdI4lc5dK5Lchzk0NouvtovYMrhspBLI
4Aca/Em4SC7XfIt7CzdN62li3jMnpdLKd+hVcWn1IW53uP2zc4PHrsUjo11HqfMm
SfrCbrW+DUYb7I0H8/fLznkP0moddsV70N9bKUxfl17HSig3SweI7oBxrnpdNOZR
g0JZ3dOejr8LSuTJ5HdVCAByYfiascTlz1taY+E3EOy6YqHs17jJNj6wFQ==
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:06:27 2025 by rpki-client