Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/kWzNL6vDcECqRYf_vo9blIIMe_M.roa
File: kWzNL6vDcECqRYf_vo9blIIMe_M.roa (raw, json)
Hash identifier: 5cb8MVdyVZZJzK0ustHPpzjf/rmPiijZZ80ImYb0hNQ=
Subject key identifier: 91:6C:CD:2F:AB:C3:70:40:AA:45:87:FF:BE:8F:5B:94:82:0C:7B:F3
Certificate issuer: /CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Certificate serial: 0194266B432B105C57AFF1E58F124B594925
Authority key identifier: AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/kWzNL6vDcECqRYf_vo9blIIMe_M.roa
Signing time: Thu 02 Jan 2025 09:49:11 +0000
ROA not before: Thu 02 Jan 2025 09:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12552
IP address blocks: 62.102.144.0/22 maxlen: 22
62.109.32.0/19 maxlen: 19
62.209.160.0/19 maxlen: 19
65.99.128.0/18 maxlen: 18
82.99.0.0/18 maxlen: 18
83.145.0.0/18 maxlen: 18
85.112.160.0/19 maxlen: 19
85.112.184.0/22 maxlen: 22
94.246.64.0/18 maxlen: 18
146.185.8.0/21 maxlen: 21
178.248.24.0/22 maxlen: 22
185.178.140.0/22 maxlen: 22
185.178.143.0/24 maxlen: 24
185.181.216.0/22 maxlen: 22
185.183.152.0/22 maxlen: 22
185.190.144.0/22 maxlen: 22
185.199.168.0/22 maxlen: 22
185.205.224.0/22 maxlen: 22
185.205.226.0/24 maxlen: 24
212.16.160.0/19 maxlen: 19
212.37.0.0/19 maxlen: 19
212.112.160.0/19 maxlen: 19
213.80.0.0/18 maxlen: 18
213.80.64.0/19 maxlen: 19
213.132.96.0/19 maxlen: 19
213.212.0.0/18 maxlen: 18
217.140.112.0/20 maxlen: 20
2a01:2b0::/29 maxlen: 29
2a0a:6380::/29 maxlen: 29
2a0a:a040::/29 maxlen: 29
2a0a:a040::/32 maxlen: 32
2a0a:a041::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 27 Jan 2025 07:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:43:2b:10:5c:57:af:f1:e5:8f:12:4b:59:49:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Validity
Not Before: Jan 2 09:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=916ccd2fabc37040aa4587ffbe8f5b94820c7bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ee:86:53:98:92:2d:8a:21:b2:c7:48:50:0e:
cc:1b:2e:98:50:25:34:44:5d:bc:3d:93:0e:5c:b5:
cf:f1:ce:06:d3:dc:76:b9:2d:b3:55:6b:bd:ff:a0:
e9:8c:c8:d8:ac:9a:62:8c:14:b7:15:28:ce:e2:f4:
2d:b7:9f:39:07:9e:de:60:7a:b4:1d:00:3f:ed:bc:
6e:6b:10:a9:d3:8b:e2:d8:9a:2f:3b:ac:f6:cd:65:
bd:b1:f5:5e:6d:81:b3:fe:18:26:ec:7c:8b:fa:62:
10:25:a7:8b:ae:eb:23:4e:d3:ba:01:26:3a:ac:52:
9e:37:05:16:60:74:f6:3a:98:8e:ff:cc:cb:90:1a:
db:45:86:a8:94:70:6e:4d:b1:c4:63:f7:ab:31:4b:
3c:19:05:4e:f7:af:57:b3:aa:c7:73:9b:ef:be:79:
bb:48:69:76:34:bb:3c:d1:40:7e:0e:74:54:3b:01:
e1:08:19:dc:f7:40:dc:3d:72:17:06:69:15:be:4f:
2a:eb:75:35:62:31:fd:16:8c:ad:2a:d0:99:3a:28:
50:a4:eb:7b:d5:75:37:9f:30:fc:b2:e6:21:3b:0b:
08:10:d6:37:0a:f7:73:e9:2f:1d:00:4c:14:04:f3:
97:a5:f9:4d:f2:db:5a:6d:9b:6d:0a:b1:99:8a:63:
a1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:6C:CD:2F:AB:C3:70:40:AA:45:87:FF:BE:8F:5B:94:82:0C:7B:F3
X509v3 Authority Key Identifier:
keyid:AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/kWzNL6vDcECqRYf_vo9blIIMe_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.102.144.0/22
62.109.32.0/19
62.209.160.0/19
65.99.128.0/18
82.99.0.0/18
83.145.0.0/18
85.112.160.0/19
94.246.64.0/18
146.185.8.0/21
178.248.24.0/22
185.178.140.0/22
185.181.216.0/22
185.183.152.0/22
185.190.144.0/22
185.199.168.0/22
185.205.224.0/22
212.16.160.0/19
212.37.0.0/19
212.112.160.0/19
213.80.0.0-213.80.95.255
213.132.96.0/19
213.212.0.0/18
217.140.112.0/20
IPv6:
2a01:2b0::/29
2a0a:6380::/29
2a0a:a040::/29
Signature Algorithm: sha256WithRSAEncryption
45:93:5f:4c:46:86:e4:26:25:14:29:51:4c:fb:17:02:6d:2c:
d8:70:6a:c0:72:63:72:56:1a:6a:c9:b2:c7:71:28:ef:0e:f0:
1b:3a:8e:09:9b:5a:cf:31:c1:8a:2c:ef:45:bb:b8:e0:4d:a8:
9e:8a:6f:e8:82:b6:61:19:f6:92:d2:be:e7:b7:dd:ac:bc:7c:
99:6a:ce:71:85:06:25:85:62:f8:63:94:2e:bc:b8:e6:a7:f2:
fc:43:1b:3b:d9:56:da:74:cf:2a:b8:bd:a7:a3:3e:f7:e9:56:
d3:ba:4a:13:ba:fb:c8:9e:ca:43:a7:fc:d6:b6:35:f8:1a:7f:
78:68:fa:37:07:cf:85:c7:b1:d6:4b:05:29:25:48:ee:ea:8e:
7b:58:2e:90:56:05:e2:c5:bd:59:39:76:e7:8d:05:dc:5d:50:
7e:76:94:02:e1:72:2c:8d:41:44:5b:46:f0:6a:84:90:c1:ca:
08:fc:c0:67:54:d5:98:67:d9:2c:ec:59:91:85:2e:f1:41:1b:
2f:b8:f5:c3:ab:7a:c6:fc:f5:3f:a6:55:c4:ba:1e:74:ec:b1:
01:83:10:d1:fb:3d:d7:54:35:da:86:88:cf:45:17:99:1b:62:
24:a0:e3:a9:e8:1c:ae:f6:66:f2:bc:22:9f:f0:25:22:c6:e8:
07:5e:45:a6
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZQma0MrEFxXr/HljxJLWUklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM4NTAzZDcyOTMxNjI2ZGNiOGQxZTk0NmIyYWUwNmE3
M2QwMmUwHhcNMjUwMTAyMDk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTZjY2QyZmFiYzM3MDQwYWE0NTg3ZmZiZThmNWI5NDgyMGM3YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu6GU5iSLYohssdIUA7MGy6YUCU0
RF28PZMOXLXP8c4G09x2uS2zVWu9/6DpjMjYrJpijBS3FSjO4vQtt585B57eYHq0
HQA/7bxuaxCp04vi2JovO6z2zWW9sfVebYGz/hgm7HyL+mIQJaeLrusjTtO6ASY6
rFKeNwUWYHT2OpiO/8zLkBrbRYaolHBuTbHEY/erMUs8GQVO969Xs6rHc5vvvnm7
SGl2NLs80UB+DnRUOwHhCBnc90DcPXIXBmkVvk8q63U1YjH9FoytKtCZOihQpOt7
1XU3nzD8suYhOwsIENY3Cvdz6S8dAEwUBPOXpflN8ttabZttCrGZimOh9QIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFJFszS+rw3BAqkWH/76PW5SCDHvzMB8GA1UdIwQY
MBaAFK+ThQPXKTFibcuNHpRrKuBqc9AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYt
M2I4YjBkMWE1OWE5LzEva1d6Tkw2dkRjRUNxUllmX3ZvOWJsSUlNZV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYtM2I4YjBkMWE1OWE5
LzEvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBmAQCAAEwgZEDBAI+
ZpADBAU+bSADBAU+0aADBAZBY4ADBAZSYwADBAZTkQADBAVVcKADBAZe9kADBAOS
uQgDBAKy+BgDBAK5sowDBAK5tdgDBAK5t5gDBAK5vpADBAK5x6gDBAK5zeADBAXU
EKADBAXUJQADBAXUcKAwCwMDBNVQAwQF1VBAAwQF1YRgAwQG1dQAAwQE2YxwMBsE
AgACMBUDBQMqAQKwAwUDKgpjgAMFAyoKoEAwDQYJKoZIhvcNAQELBQADggEBAEWT
X0xGhuQmJRQpUUz7FwJtLNhwasByY3JWGmrJssdxKO8O8Bs6jgmbWs8xwYos70W7
uOBNqJ6Kb+iCtmEZ9pLSvue33ay8fJlqznGFBiWFYvhjlC68uOan8vxDGzvZVtp0
zyq4vaejPvfpVtO6ShO6+8ieykOn/Na2Nfgaf3ho+jcHz4XHsdZLBSklSO7qjntY
LpBWBeLFvVk5dueNBdxdUH52lALhciyNQURbRvBqhJDBygj8wGdU1Zhn2SzsWZGF
LvFBGy+49cOresb89T+mVcS6HnTssQGDENH7PddUNdqGiM9FF5kbYiSg46noHK72
ZvK8Ip/wJSLG6AdeRaY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:37:00 2025 by rpki-client