Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/zAOgbJIl7bxAb0GCHTx4Z5YU3aw.roa
File: zAOgbJIl7bxAb0GCHTx4Z5YU3aw.roa (raw, json)
Hash identifier: 3z6hBrPuxSuVfENUrbAc7GlRAYUFte7BildQ+oNMY0s=
Subject key identifier: CC:03:A0:6C:92:25:ED:BC:40:6F:41:82:1D:3C:78:67:96:14:DD:AC
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0196C68E3414CBB17B0D538E166DCB34107A
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/zAOgbJIl7bxAb0GCHTx4Z5YU3aw.roa
Signing time: Mon 12 May 2025 22:12:10 +0000
ROA not before: Mon 12 May 2025 22:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
46.16.131.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.236.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:5::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:16::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:28::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
2a11:840:72::/48 maxlen: 48
2a11:840:73::/48 maxlen: 48
2a11:840:73:1b::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 20 May 2025 11:15:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c6:8e:34:14:cb:b1:7b:0d:53:8e:16:6d:cb:34:10:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: May 12 22:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc03a06c9225edbc406f41821d3c78679614ddac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2b:6d:10:68:bf:33:5c:c0:ca:d3:bd:f2:19:
6e:e6:09:c4:10:32:2b:e4:4c:90:4e:34:29:34:95:
86:be:53:24:23:e5:62:d2:83:62:18:18:fa:ff:0a:
32:6e:12:01:1e:1d:ac:4b:5a:40:48:d9:1a:3e:20:
48:61:ba:5b:6a:af:7a:e5:d7:ce:1d:6c:c6:ef:f2:
cb:e3:26:61:3e:74:32:73:33:27:95:a1:74:81:67:
d9:fa:4b:1a:2c:69:9d:a7:6f:bf:2a:27:3b:bb:ae:
e4:9e:e3:bf:5c:92:03:5e:bc:e9:12:26:b1:d1:bb:
13:5f:0a:ee:6a:fc:6e:97:aa:1d:94:fb:71:e2:0d:
ee:49:d6:9c:05:f5:37:d3:e5:db:ec:6c:15:15:8a:
30:84:5f:79:44:51:55:1f:c2:32:49:49:9a:af:7e:
3c:9f:12:e2:d6:cd:5c:a8:d6:da:04:24:b8:ec:f6:
f5:e1:b2:2e:f2:78:88:e2:e1:e2:2a:29:88:1e:e5:
7f:f7:2f:1c:bc:61:97:e8:69:68:19:97:b2:c2:bb:
0f:34:01:35:a1:07:d0:a1:74:82:e2:4d:f7:d1:4b:
aa:41:e0:c7:35:3c:e4:b1:74:aa:be:0f:1d:cb:d6:
30:c9:ff:c6:c6:f2:ca:bb:79:44:8b:05:e0:d8:c6:
de:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:03:A0:6C:92:25:ED:BC:40:6F:41:82:1D:3C:78:67:96:14:DD:AC
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/zAOgbJIl7bxAb0GCHTx4Z5YU3aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/22
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.236.0/22
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:1::/48
2a11:840:3::/48
2a11:840:5::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:16::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:28::/48
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/46
Signature Algorithm: sha256WithRSAEncryption
9a:55:ce:30:4b:b1:09:4c:bc:7f:15:6c:68:52:51:55:6e:24:
ec:9a:bd:3c:f8:27:d4:2f:53:f4:97:39:9f:36:d1:4c:17:f0:
ec:89:ec:2f:d0:c7:32:c7:29:01:68:0f:0a:10:79:9d:03:ad:
f9:95:88:c9:9f:78:89:18:e3:a0:c8:92:fe:fa:b6:43:6d:c3:
0b:10:c0:80:50:8c:38:3a:ac:55:be:90:89:dd:fc:bf:61:f4:
da:89:58:6a:db:c7:d6:30:64:9a:66:a5:f1:9b:1f:36:49:6c:
13:7a:e2:56:ae:d1:0f:52:6b:ee:3e:29:24:ab:f2:43:0a:bc:
37:54:a3:e1:e3:c6:0f:7b:25:cb:43:15:99:81:78:e6:fc:42:
01:a6:2e:f9:79:87:36:e9:7a:cb:07:c6:07:2b:94:73:c3:08:
2a:40:33:e1:3a:8f:8c:8c:8c:ea:64:d7:38:39:1e:76:21:aa:
23:9f:29:50:9c:af:fc:63:42:fa:3e:c1:7d:f5:6b:48:34:43:
30:a7:c2:5d:93:d4:c7:f0:b3:8a:ab:09:f5:d0:c0:f5:7c:f0:
61:52:76:6e:1c:f6:43:38:03:4d:e7:67:79:88:bf:26:d9:4b:
a9:f6:c6:6a:58:1f:99:49:ed:52:bf:23:b3:16:a1:2f:a3:32:
a1:95:00:b2
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZbGjjQUy7F7DVOOFm3LNBB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjUwNTEyMjIxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzAzYTA2YzkyMjVlZGJjNDA2ZjQxODIxZDNjNzg2Nzk2MTRkZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArittEGi/M1zAytO98hlu5gnEEDIr
5EyQTjQpNJWGvlMkI+Vi0oNiGBj6/woybhIBHh2sS1pASNkaPiBIYbpbaq965dfO
HWzG7/LL4yZhPnQyczMnlaF0gWfZ+ksaLGmdp2+/Kic7u67knuO/XJIDXrzpEiax
0bsTXwruavxul6odlPtx4g3uSdacBfU30+Xb7GwVFYowhF95RFFVH8IySUmar348
nxLi1s1cqNbaBCS47Pb14bIu8niI4uHiKimIHuV/9y8cvGGX6GloGZeywrsPNAE1
oQfQoXSC4k330UuqQeDHNTzksXSqvg8dy9Ywyf/GxvLKu3lEiwXg2MbeWwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFMwDoGySJe28QG9Bgh08eGeWFN2sMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvekFPZ2JKSWw3YnhBYjBHQ0hUeDRaNVlVM2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTAwBAIAATAqAwQC
LhCAAwQBbWiYAwQAbWibAwQCk04AAwQCuX7sAwQBudUUAwQAudUXMIHQBAIAAjCB
yQMHACoRCEAAAQMHACoRCEAAAzASAwcAKhEIQAAFAwcAKhEIQAAIMBIDBwQqEQhA
ABADBwAqEQhAABQwEgMHASoRCEAAFgMHASoRCEAAGDASAwcFKhEIQAAgAwcAKhEI
QAAmAwcAKhEIQAAoAwcAKhEIQAAwAwcAKhEIQAAzAwcBKhEIQABAMBIDBwAqEQhA
AEcDBwAqEQhAAEgDBwAqEQhAAFQDBwAqEQhAAFcwEgMHBSoRCEAAYAMHASoRCEAA
aAMHAioRCEAAcDANBgkqhkiG9w0BAQsFAAOCAQEAmlXOMEuxCUy8fxVsaFJRVW4k
7Jq9PPgn1C9T9Jc5nzbRTBfw7InsL9DHMscpAWgPChB5nQOt+ZWIyZ94iRjjoMiS
/vq2Q23DCxDAgFCMODqsVb6Qid38v2H02olYatvH1jBkmmal8ZsfNklsE3riVq7R
D1Jr7j4pJKvyQwq8N1Sj4ePGD3sly0MVmYF45vxCAaYu+XmHNul6ywfGByuUc8MI
KkAz4TqPjIyM6mTXODkediGqI58pUJyv/GNC+j7BffVrSDRDMKfCXZPUx/CziqsJ
9dDA9XzwYVJ2bhz2QzgDTedneYi/JtlLqfbGalgfmUntUr8jsxahL6MyoZUAsg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:47:25 2025 by rpki-client