Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/7DM2hbO-hq6IK6AoAUuQ1ea2stU.roa
File: 7DM2hbO-hq6IK6AoAUuQ1ea2stU.roa (raw, json)
Hash identifier: +WzkExLJvB4whmsPOMItEHHQpSRKHyVLJlT/3lSLPVU=
Subject key identifier: EC:33:36:85:B3:BE:86:AE:88:2B:A0:28:01:4B:90:D5:E6:B6:B2:D5
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 019420684CB9CBA787F7A046B0F08C446A17
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/7DM2hbO-hq6IK6AoAUuQ1ea2stU.roa
Signing time: Wed 01 Jan 2025 05:48:13 +0000
ROA not before: Wed 01 Jan 2025 05:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12880
IP address blocks: 5.74.128.0/17 maxlen: 17
5.232.0.0/13 maxlen: 13
5.232.160.0/20 maxlen: 20
5.238.0.0/16 maxlen: 16
5.239.0.0/16 maxlen: 16
5.239.244.0/23 maxlen: 23
46.100.0.0/16 maxlen: 16
46.100.6.0/23 maxlen: 23
46.100.43.0/24 maxlen: 24
46.100.44.0/24 maxlen: 24
77.81.144.0/21 maxlen: 21
77.81.152.0/21 maxlen: 21
80.210.48.0/20 maxlen: 20
80.210.48.0/22 maxlen: 22
93.118.96.0/19 maxlen: 19
93.118.168.0/21 maxlen: 21
151.235.128.0/18 maxlen: 18
178.236.96.0/24 maxlen: 24
178.236.97.0/24 maxlen: 24
178.236.104.0/24 maxlen: 24
178.236.110.0/24 maxlen: 24
185.18.156.0/24 maxlen: 24
185.18.157.0/24 maxlen: 24
185.18.158.0/24 maxlen: 24
185.18.159.0/24 maxlen: 24
185.72.80.0/24 maxlen: 24
185.72.81.0/24 maxlen: 24
185.72.82.0/24 maxlen: 24
185.72.83.0/24 maxlen: 24
185.88.48.0/22 maxlen: 22
185.105.100.0/23 maxlen: 23
185.105.102.0/23 maxlen: 23
185.111.80.0/24 maxlen: 24
185.111.81.0/24 maxlen: 24
185.111.82.0/24 maxlen: 24
185.111.83.0/24 maxlen: 24
188.209.16.0/21 maxlen: 21
188.209.24.0/22 maxlen: 22
188.209.28.0/23 maxlen: 23
188.209.30.0/23 maxlen: 23
188.212.160.0/19 maxlen: 19
188.215.160.0/20 maxlen: 20
212.33.208.0/23 maxlen: 23
212.33.212.0/23 maxlen: 23
212.33.214.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 09 Mar 2025 14:24:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4c:b9:cb:a7:87:f7:a0:46:b0:f0:8c:44:6a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 1 05:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec333685b3be86ae882ba028014b90d5e6b6b2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1a:89:a6:46:1d:eb:2d:f3:30:74:1b:34:77:
9a:c0:b2:80:eb:82:ce:e6:2e:08:bd:17:51:00:a3:
0a:1b:7b:49:6a:22:ac:25:6c:1c:71:22:b6:86:64:
7b:06:28:8f:1a:59:c2:d7:fc:1d:9c:f8:43:f1:6f:
f7:6a:a8:fb:9a:35:73:80:e7:9b:7b:d8:23:2f:8b:
48:88:aa:74:ed:02:bc:89:7a:f9:e8:d5:32:c6:0b:
12:33:91:e2:26:7a:a1:67:19:d8:1c:e2:1d:dc:06:
42:21:09:f4:61:06:a2:8f:11:a9:1b:cf:46:36:ed:
15:81:aa:85:2f:6b:a4:dc:db:97:4d:d4:d2:05:d9:
35:c9:32:04:66:5e:54:da:51:79:dd:92:a4:63:5d:
2f:9f:b6:25:e1:55:74:a9:1c:5a:36:d5:e2:8c:6c:
f8:bc:92:a1:7c:fa:81:85:15:81:75:22:ed:04:2e:
79:92:a2:1b:e7:60:9d:19:94:a7:42:49:7f:6f:89:
ad:ec:17:5e:4c:22:8f:e6:bb:b1:43:ab:5a:6e:bd:
f6:f8:1e:17:af:f2:d0:17:b3:18:05:91:fd:81:34:
1e:75:66:cd:27:43:43:3f:c0:5a:8e:f4:13:1e:5e:
30:94:52:85:d1:0e:67:ca:dd:78:39:60:49:1c:b7:
23:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:33:36:85:B3:BE:86:AE:88:2B:A0:28:01:4B:90:D5:E6:B6:B2:D5
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/7DM2hbO-hq6IK6AoAUuQ1ea2stU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.74.128.0/17
5.232.0.0/13
46.100.0.0/16
77.81.144.0/20
80.210.48.0/20
93.118.96.0/19
93.118.168.0/21
151.235.128.0/18
178.236.96.0/23
178.236.104.0/24
178.236.110.0/24
185.18.156.0/22
185.72.80.0/22
185.88.48.0/22
185.105.100.0/22
185.111.80.0/22
188.209.16.0/20
188.212.160.0/19
188.215.160.0/20
212.33.208.0/23
212.33.212.0/22
Signature Algorithm: sha256WithRSAEncryption
79:20:c2:4a:67:87:9c:80:b9:e5:24:fc:0e:80:43:48:9a:38:
a5:5b:e9:8f:b9:db:33:27:1e:3d:e7:0e:74:1a:82:c3:5c:b1:
e7:37:06:d5:bb:ef:7a:cf:34:fb:cb:8a:99:80:04:24:cb:d5:
e5:52:81:fe:c4:83:ed:2c:bb:e5:36:ff:49:7d:11:8c:70:1d:
64:6e:c5:12:68:ea:76:52:52:fd:8c:60:ac:63:ca:2b:fb:ee:
62:4b:3b:2b:1b:e7:6f:d4:7c:f5:a2:a0:71:9b:0b:db:e7:37:
ce:10:90:45:b3:56:14:e3:e0:82:34:ac:8d:64:5d:f4:b4:a0:
93:00:47:49:a0:f1:13:80:d9:5a:71:86:95:dd:07:d8:ac:63:
c2:60:45:6f:92:a1:dc:7b:44:83:f1:7a:3e:af:0b:16:87:40:
fa:b7:f2:70:d2:34:40:92:b9:ff:11:4d:36:80:5e:0a:0a:b6:
e0:f4:b5:10:9a:da:0c:53:85:16:bc:aa:e3:0a:4c:ae:e1:24:
72:df:da:7a:f0:3d:65:0d:10:80:46:51:bd:35:19:0f:63:29:
64:a6:43:ef:c6:a0:b6:ea:e8:30:0a:e1:f6:fd:86:b5:a0:cc:
88:5e:20:14:6c:4b:b7:18:4b:10:9c:93:fc:11:d6:69:29:44:
e8:ff:5f:58
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZQgaEy5y6eH96BGsPCMRGoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjUwMTAxMDU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzMzMzY4NWIzYmU4NmFlODgyYmEwMjgwMTRiOTBkNWU2YjZiMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxqJpkYd6y3zMHQbNHeawLKA64LO
5i4IvRdRAKMKG3tJaiKsJWwccSK2hmR7BiiPGlnC1/wdnPhD8W/3aqj7mjVzgOeb
e9gjL4tIiKp07QK8iXr56NUyxgsSM5HiJnqhZxnYHOId3AZCIQn0YQaijxGpG89G
Nu0VgaqFL2uk3NuXTdTSBdk1yTIEZl5U2lF53ZKkY10vn7Yl4VV0qRxaNtXijGz4
vJKhfPqBhRWBdSLtBC55kqIb52CdGZSnQkl/b4mt7BdeTCKP5ruxQ6tabr32+B4X
r/LQF7MYBZH9gTQedWbNJ0NDP8BajvQTHl4wlFKF0Q5nyt14OWBJHLcjDwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFOwzNoWzvoauiCugKAFLkNXmtrLVMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvN0RNMmhiTy1ocTZJSzZBb0FVdVExZWEyc3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEBwVK
gAMDAwXoAwMALmQDBARNUZADBARQ0jADBAVddmADBANddqgDBAaX64ADBAGy7GAD
BACy7GgDBACy7G4DBAK5EpwDBAK5SFADBAK5WDADBAK5aWQDBAK5b1ADBAS80RAD
BAW81KADBAS816ADBAHUIdADBALUIdQwDQYJKoZIhvcNAQELBQADggEBAHkgwkpn
h5yAueUk/A6AQ0iaOKVb6Y+52zMnHj3nDnQagsNcsec3BtW773rPNPvLipmABCTL
1eVSgf7Eg+0su+U2/0l9EYxwHWRuxRJo6nZSUv2MYKxjyiv77mJLOysb52/UfPWi
oHGbC9vnN84QkEWzVhTj4II0rI1kXfS0oJMAR0mg8ROA2VpxhpXdB9isY8JgRW+S
odx7RIPxej6vCxaHQPq38nDSNECSuf8RTTaAXgoKtuD0tRCa2gxThRa8quMKTK7h
JHLf2nrwPWUNEIBGUb01GQ9jKWSmQ+/GoLbq6DAK4fb9hrWgzIheIBRsS7cYSxCc
k/wR1mkpROj/X1g=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:55:44 2025 by rpki-client