Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/ZYxHxbyUqO0AcEc29yP0EJGRFzU.roa
File: ZYxHxbyUqO0AcEc29yP0EJGRFzU.roa (raw, json)
Hash identifier: o8vjrNrM+L4uM+B11Nia5Kt2L5CIxZ+RsDMwJFiGpTY=
Subject key identifier: 65:8C:47:C5:BC:94:A8:ED:00:70:47:36:F7:23:F4:10:91:91:17:35
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 019420684D93EFA1C486571E03173BA44F66
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/ZYxHxbyUqO0AcEc29yP0EJGRFzU.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48159
IP address blocks: 5.232.64.0/18 maxlen: 18
5.232.128.0/19 maxlen: 19
5.232.160.0/20 maxlen: 20
5.233.82.0/23 maxlen: 23
5.233.84.0/24 maxlen: 24
5.233.94.0/24 maxlen: 24
5.233.95.0/24 maxlen: 24
5.233.240.0/20 maxlen: 20
5.234.36.0/22 maxlen: 22
5.234.40.0/21 maxlen: 21
5.235.188.0/22 maxlen: 22
5.235.188.0/23 maxlen: 23
5.235.192.0/19 maxlen: 19
5.235.224.0/19 maxlen: 19
5.236.0.0/18 maxlen: 18
5.236.64.0/19 maxlen: 19
5.236.96.0/21 maxlen: 21
5.238.0.0/16 maxlen: 16
5.239.0.0/16 maxlen: 16
5.239.144.0/20 maxlen: 20
5.239.160.0/20 maxlen: 20
5.239.176.0/22 maxlen: 22
5.239.192.0/21 maxlen: 21
5.239.200.0/21 maxlen: 21
5.239.244.0/23 maxlen: 23
46.100.0.0/16 maxlen: 16
46.100.164.0/22 maxlen: 22
85.204.80.0/20 maxlen: 20
85.204.208.0/20 maxlen: 20
86.104.240.0/21 maxlen: 21
89.35.64.0/21 maxlen: 21
89.37.144.0/23 maxlen: 23
89.40.152.0/21 maxlen: 21
89.40.240.0/20 maxlen: 20
91.92.220.0/22 maxlen: 22
93.88.64.0/21 maxlen: 21
93.88.72.0/23 maxlen: 23
93.117.96.0/20 maxlen: 20
93.117.112.0/20 maxlen: 20
185.105.100.0/23 maxlen: 23
185.105.102.0/23 maxlen: 23
188.211.128.0/19 maxlen: 19
188.211.192.0/19 maxlen: 19
188.215.176.0/20 maxlen: 20
195.181.32.0/20 maxlen: 20
Validation: Failed, certificate revoked on Sun 09 Mar 2025 14:33:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4d:93:ef:a1:c4:86:57:1e:03:17:3b:a4:4f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=658c47c5bc94a8ed00704736f723f41091911735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:95:14:a6:b3:34:d1:83:c4:ad:d2:a4:6d:ee:
12:32:7a:44:31:41:07:fb:92:48:e8:5d:89:0a:79:
cb:2b:8b:a4:d5:ff:20:1b:53:d8:ff:13:d5:c4:9d:
59:ca:cd:44:95:47:6c:45:20:95:77:f6:88:87:fb:
12:70:43:5a:7e:42:dd:e6:83:f6:6b:c8:7a:e1:11:
04:0b:0f:6c:78:9b:dd:27:0c:9f:91:5e:17:dc:89:
82:04:1e:6e:2d:64:f5:89:bc:ed:68:06:0a:6a:ae:
a1:03:89:be:ac:95:0d:55:70:8f:4a:3c:13:23:f9:
bb:ad:53:0a:c1:58:43:9c:bb:0e:2d:0b:df:0a:89:
7f:a8:f7:71:3b:bc:3d:e0:c0:ed:2d:79:ca:48:e4:
cd:bf:32:fe:44:ad:d0:09:5c:f9:59:db:98:3c:f1:
e9:b9:ef:2f:0d:1c:13:bb:7e:64:88:b8:cd:8f:a8:
86:05:e9:1a:b1:aa:75:fd:8a:06:87:5c:bb:5f:ee:
58:db:b5:a6:f0:9c:3e:8a:c2:eb:7c:a2:ff:4b:b8:
9f:bf:b5:72:75:30:ee:5f:67:6e:40:34:48:c8:3f:
a7:95:48:28:48:a4:8e:25:20:83:4c:74:65:47:b7:
11:bf:21:81:9c:75:e1:f6:ee:11:14:64:1e:2c:2f:
d3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8C:47:C5:BC:94:A8:ED:00:70:47:36:F7:23:F4:10:91:91:17:35
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/ZYxHxbyUqO0AcEc29yP0EJGRFzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.232.64.0-5.232.175.255
5.233.82.0-5.233.84.255
5.233.94.0/23
5.233.240.0/20
5.234.36.0-5.234.47.255
5.235.188.0-5.236.103.255
5.238.0.0/15
46.100.0.0/16
85.204.80.0/20
85.204.208.0/20
86.104.240.0/21
89.35.64.0/21
89.37.144.0/23
89.40.152.0/21
89.40.240.0/20
91.92.220.0/22
93.88.64.0-93.88.73.255
93.117.96.0/19
185.105.100.0/22
188.211.128.0/19
188.211.192.0/19
188.215.176.0/20
195.181.32.0/20
Signature Algorithm: sha256WithRSAEncryption
86:32:f8:ae:75:a5:fc:ee:98:8d:4e:87:a8:43:11:7f:c5:33:
a1:96:15:bd:4c:3b:27:4f:db:57:1d:b5:f6:70:8a:98:a6:14:
1a:65:b2:1e:b8:66:a8:34:19:aa:b6:12:c6:80:63:b7:08:8a:
6d:38:01:ca:62:61:2d:63:86:1a:d4:c5:03:75:6c:75:a4:23:
9d:b1:0b:5f:72:71:f5:a9:32:0c:99:3a:12:e8:4c:89:fb:da:
7b:aa:5b:8e:d6:b3:70:c4:54:75:0c:d6:b6:d6:3a:69:ba:c8:
61:f5:bd:ae:24:0f:11:57:d5:99:17:30:85:14:6f:3b:46:8e:
e0:bf:85:cb:55:4d:85:dd:75:96:f5:13:59:26:84:d2:a3:9a:
82:30:81:d6:9e:1f:7c:a7:e7:b6:af:7c:85:ae:fc:c4:b4:a8:
19:94:92:3e:e5:fc:d9:25:12:b1:85:57:36:7a:45:c2:7c:e3:
de:66:08:9f:bb:22:5f:6c:cd:6a:39:de:1a:38:c2:00:6c:fc:
82:f1:23:48:36:af:eb:00:7f:67:1c:4d:5c:9e:ca:03:eb:6b:
6c:26:be:1b:4f:58:02:da:1f:e3:77:c0:9a:7c:55:3b:f7:1f:
19:66:00:55:ff:9d:84:a5:be:e7:6b:af:fc:f9:86:95:f6:70:
1e:60:b7:e9
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZQgaE2T76HEhlceAxc7pE9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThjNDdjNWJjOTRhOGVkMDA3MDQ3MzZmNzIzZjQxMDkxOTExNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJUUprM00YPErdKkbe4SMnpEMUEH
+5JI6F2JCnnLK4uk1f8gG1PY/xPVxJ1Zys1ElUdsRSCVd/aIh/sScENafkLd5oP2
a8h64REECw9seJvdJwyfkV4X3ImCBB5uLWT1ibztaAYKaq6hA4m+rJUNVXCPSjwT
I/m7rVMKwVhDnLsOLQvfCol/qPdxO7w94MDtLXnKSOTNvzL+RK3QCVz5WduYPPHp
ue8vDRwTu35kiLjNj6iGBekasap1/YoGh1y7X+5Y27Wm8Jw+isLrfKL/S7ifv7Vy
dTDuX2duQDRIyD+nlUgoSKSOJSCDTHRlR7cRvyGBnHXh9u4RFGQeLC/TcQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFGWMR8W8lKjtAHBHNvcj9BCRkRc1MB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvWll4SHhieVVxTzBBY0VjMjl5UDBFSkdSRnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbAwDAME
BgXoQAMEBAXooDAMAwQBBelSAwQABelUAwQBBeleAwQEBenwMAwDBAIF6iQDBAQF
6iAwDAMEAgXrvAMEAwXsYAMDAQXuAwMALmQDBARVzFADBARVzNADBANWaPADBANZ
I0ADBAFZJZADBANZKJgDBARZKPADBAJbXNwwDAMEBl1YQAMEAV1YSAMEBV11YAME
ArlpZAMEBbzTgAMEBbzTwAMEBLzXsAMEBMO1IDANBgkqhkiG9w0BAQsFAAOCAQEA
hjL4rnWl/O6YjU6HqEMRf8UzoZYVvUw7J0/bVx219nCKmKYUGmWyHrhmqDQZqrYS
xoBjtwiKbTgBymJhLWOGGtTFA3VsdaQjnbELX3Jx9akyDJk6EuhMifvae6pbjtaz
cMRUdQzWttY6abrIYfW9riQPEVfVmRcwhRRvO0aO4L+Fy1VNhd11lvUTWSaE0qOa
gjCB1p4ffKfntq98ha78xLSoGZSSPuX82SUSsYVXNnpFwnzj3mYIn7siX2zNajne
GjjCAGz8gvEjSDav6wB/ZxxNXJ7KA+trbCa+G09YAtof43fAmnxVO/cfGWYAVf+d
hKW+52uv/PmGlfZwHmC36Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:50:20 2025 by rpki-client