Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/Z_6RHdL6NQZUN7lou_i_bvcMD4E.roa
File: Z_6RHdL6NQZUN7lou_i_bvcMD4E.roa (raw, json)
Hash identifier: lWxI87yRjgMKzh/grPjR+1DB+Cec4E4TST2W6D8lH5g=
Subject key identifier: 67:FE:91:1D:D2:FA:35:06:54:37:B9:68:BB:F8:BF:6E:F7:0C:0F:81
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 0194176BA866C75F394B828BC8057E26B7C1
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/Z_6RHdL6NQZUN7lou_i_bvcMD4E.roa
Signing time: Mon 30 Dec 2024 11:55:18 +0000
ROA not before: Mon 30 Dec 2024 11:55:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 5.182.252.0/22 maxlen: 24
37.18.160.0/20 maxlen: 24
37.58.128.0/17 maxlen: 24
37.157.8.0/23 maxlen: 24
37.157.10.0/24 maxlen: 24
37.157.12.0/22 maxlen: 24
37.157.60.0/22 maxlen: 24
45.142.172.0/22 maxlen: 24
45.145.124.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
62.102.224.0/19 maxlen: 24
62.244.70.0/23 maxlen: 24
62.244.72.0/22 maxlen: 24
62.244.80.0/23 maxlen: 24
62.244.90.0/23 maxlen: 24
62.244.92.0/23 maxlen: 24
79.98.96.0/21 maxlen: 24
81.22.216.0/21 maxlen: 24
91.103.232.0/21 maxlen: 24
91.205.156.0/24 maxlen: 24
91.206.156.0/23 maxlen: 24
91.217.94.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
103.73.172.0/22 maxlen: 24
103.77.32.0/22 maxlen: 24
103.229.36.0/23 maxlen: 24
103.232.172.0/22 maxlen: 24
109.69.192.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
128.127.128.0/20 maxlen: 24
146.247.88.0/21 maxlen: 24
149.255.136.0/21 maxlen: 24
178.249.160.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.42.132.0/22 maxlen: 24
185.49.120.0/23 maxlen: 24
185.49.122.0/24 maxlen: 24
185.65.224.0/22 maxlen: 24
185.67.88.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
185.90.96.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.138.104.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
185.204.140.0/22 maxlen: 24
185.208.248.0/22 maxlen: 24
185.247.248.0/22 maxlen: 24
188.66.56.0/22 maxlen: 24
193.27.194.0/23 maxlen: 24
193.41.95.0/24 maxlen: 24
193.47.139.0/24 maxlen: 24
193.84.100.0/24 maxlen: 24
193.108.197.0/24 maxlen: 24
193.222.142.0/23 maxlen: 24
193.222.188.0/23 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
212.51.160.0/19 maxlen: 24
213.108.64.0/21 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
2a00:bc80::/32 maxlen: 32
2a01:6d8::/32 maxlen: 32
2a01:728::/29 maxlen: 48
2a03:4c00::/29 maxlen: 48
2a03:bf40::/32 maxlen: 32
2a05:df00::/29 maxlen: 29
2a0d:4240::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:6b:a8:66:c7:5f:39:4b:82:8b:c8:05:7e:26:b7:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Dec 30 11:55:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67fe911dd2fa35065437b968bbf8bf6ef70c0f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:72:18:cf:3f:09:ac:64:b1:42:de:c5:15:cc:
91:c4:a6:02:f2:86:d9:0f:32:db:b3:45:c3:98:d6:
b2:a9:f7:b9:f9:f4:b9:3a:50:20:94:ea:0d:fa:12:
57:6e:b4:b4:2e:78:7e:ed:b4:89:7e:28:2e:71:eb:
23:fe:84:fe:7f:ac:90:a8:f4:77:ac:ef:ec:eb:b9:
a3:42:c7:a7:26:50:d1:3c:6f:17:75:61:7a:ee:5c:
26:b5:01:ed:08:17:3c:97:e3:60:aa:86:75:35:c0:
96:f5:1b:ea:c0:82:93:0b:5a:65:66:a6:22:89:ba:
e9:c3:81:cc:a3:08:81:61:3c:9f:dd:8c:9d:51:6d:
de:92:c1:05:11:9c:ba:15:c6:d7:0e:b5:51:90:de:
74:fe:a3:4d:59:92:e5:75:0d:a4:ea:4b:92:13:6f:
31:5f:27:10:a2:c6:50:22:59:e1:d9:1a:55:94:e8:
49:fc:1b:41:05:e4:8b:20:e1:f6:87:16:7a:cb:9c:
18:07:30:5c:42:d8:43:6d:be:f9:58:f6:c8:72:85:
f4:73:9f:45:0a:eb:8d:36:25:64:b0:32:39:bc:8e:
b9:bc:47:2c:94:24:f0:73:5f:71:1a:09:5e:82:a7:
00:83:92:b3:3d:a4:66:3c:d2:cf:c2:5c:01:81:51:
a1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FE:91:1D:D2:FA:35:06:54:37:B9:68:BB:F8:BF:6E:F7:0C:0F:81
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/Z_6RHdL6NQZUN7lou_i_bvcMD4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
37.157.8.0-37.157.10.255
37.157.12.0/22
37.157.60.0/22
45.142.172.0/22
45.145.124.0/22
46.20.160.0/20
62.102.224.0/19
62.244.70.0-62.244.75.255
62.244.80.0/23
62.244.90.0-62.244.93.255
79.98.96.0/21
81.22.216.0/21
91.103.232.0/21
91.205.156.0/24
91.206.156.0/23
91.217.94.0/23
91.229.230.0/23
92.61.72.0/21
94.127.8.0/21
103.73.172.0/22
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.15.128.0/22
185.42.132.0/22
185.49.120.0-185.49.122.255
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.90.96.0/22
185.95.120.0/22
185.138.104.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
185.204.140.0/22
185.208.248.0/22
185.247.248.0/22
188.66.56.0/22
193.27.194.0/23
193.41.95.0/24
193.47.139.0/24
193.84.100.0/24
193.108.197.0/24
193.222.142.0/23
193.222.188.0/23
194.177.32.0/19
195.214.240.0/21
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a00:bc80::/32
2a01:6d8::/32
2a01:728::/29
2a03:4c00::/29
2a03:bf40::/32
2a05:df00::/29
2a0d:4240::/29
Signature Algorithm: sha256WithRSAEncryption
6d:18:5d:45:23:71:94:2f:ff:68:c5:bf:e6:2c:73:c2:85:7f:
48:49:97:b5:f6:55:e9:45:65:38:86:d3:04:45:5d:b8:64:94:
e6:42:2b:3e:00:30:30:20:fb:44:47:43:15:42:af:fe:4b:81:
ca:39:78:e9:a7:d3:d9:b7:85:f5:ae:0b:56:07:23:06:ed:4c:
1b:5a:97:f8:5e:c7:43:56:53:fb:b7:89:51:10:e0:ec:fa:5e:
1e:85:53:de:26:0c:cb:51:50:11:ae:f3:66:a3:44:3c:99:87:
3e:47:e0:93:b5:f5:01:15:e1:df:f4:17:01:73:4c:93:78:26:
9f:ef:ab:68:22:01:d3:51:3c:3a:a1:b5:d0:9c:ff:fd:d8:13:
a3:f1:49:e6:31:1d:e5:6a:60:4a:8f:73:b7:81:2c:79:fd:46:
3f:15:64:31:4f:50:30:4f:b5:9e:31:0a:14:c9:29:73:bb:dc:
8e:71:d1:de:01:cd:ae:32:81:d2:f1:73:3b:87:18:8f:0d:27:
35:86:7f:03:62:9f:76:98:3a:0b:ee:50:ab:31:e9:7a:2d:59:
c6:45:11:5a:73:63:7b:67:da:56:47:09:d1:cf:bc:86:80:9d:
bd:1a:5b:ff:ab:56:59:d8:bd:2f:c7:e5:22:b9:ec:ad:e3:4c:
00:6a:cd:ba
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgISAZQXa6hmx185S4KLyAV+JrfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQxMjMwMTE1NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZlOTExZGQyZmEzNTA2NTQzN2I5NjhiYmY4YmY2ZWY3MGMwZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXIYzz8JrGSxQt7FFcyRxKYC8obZ
DzLbs0XDmNayqfe5+fS5OlAglOoN+hJXbrS0Lnh+7bSJfigucesj/oT+f6yQqPR3
rO/s67mjQsenJlDRPG8XdWF67lwmtQHtCBc8l+NgqoZ1NcCW9RvqwIKTC1plZqYi
ibrpw4HMowiBYTyf3YydUW3eksEFEZy6FcbXDrVRkN50/qNNWZLldQ2k6kuSE28x
XycQosZQIlnh2RpVlOhJ/BtBBeSLIOH2hxZ6y5wYBzBcQthDbb75WPbIcoX0c59F
CuuNNiVksDI5vI65vEcslCTwc19xGglegqcAg5KzPaRmPNLPwlwBgVGhKQIDAQAB
o4ID4jCCA94wHQYDVR0OBBYEFGf+kR3S+jUGVDe5aLv4v273DA+BMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvWl82UkhkTDZOUVpVTjdsb3VfaV9idmNNRDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB9gYIKwYBBQUHAQcBAf8EggHlMIIB4TCCAaQEAgABMIIB
nAMEAgW2/AMEBCUSoAMEByU6gDAMAwQDJZ0IAwQAJZ0KAwQCJZ0MAwQCJZ08AwQC
LY6sAwQCLZF8AwQELhSgAwQFPmbgMAwDBAE+9EYDBAI+9EgDBAE+9FAwDAMEAT70
WgMEAT70XAMEA09iYAMEA1EW2AMEA1tn6AMEAFvNnAMEAVvOnAMEAVvZXgMEAVvl
5gMEA1w9SAMEA15/CAMEAmdJrAMEAmdNIAMEAWflJAMEAmforAMEA21FwAMEBG3t
8AMEBIB/gAMEA5L3WAMEA5X/iAMEA7L5oAMEArkPgAMEArkqhDAMAwQDuTF4AwQA
uTF6AwQCuUHgAwQCuUNYAwQCuU+UAwQCuVpgAwQCuV94AwQCuYpoAwQCuZUIAwQC
uawQAwQCucT4AwQCucyMAwQCudD4AwQCuff4AwQCvEI4AwQBwRvCAwQAwSlfAwQA
wS+LAwQAwVRkAwQAwWzFAwQBwd6OAwQBwd68AwQFwrEgAwQDw9bwAwQF1DOgAwQD
1WxAAwQA1ZemAwQB1ZeoMAwDBADVl6sDBATVl6AwNwQCAAIwMQMFACoAvIADBQAq
AQbYAwUDKgEHKAMFAyoDTAADBQAqA79AAwUDKgXfAAMFAyoNQkAwDQYJKoZIhvcN
AQELBQADggEBAG0YXUUjcZQv/2jFv+Ysc8KFf0hJl7X2VelFZTiG0wRFXbhklOZC
Kz4AMDAg+0RHQxVCr/5Lgco5eOmn09m3hfWuC1YHIwbtTBtal/hex0NWU/u3iVEQ
4Oz6Xh6FU94mDMtRUBGu82ajRDyZhz5H4JO19QEV4d/0FwFzTJN4Jp/vq2giAdNR
PDqhtdCc//3YE6PxSeYxHeVqYEqPc7eBLHn9Rj8VZDFPUDBPtZ4xChTJKXO73I5x
0d4Bza4ygdLxczuHGI8NJzWGfwNin3aYOgvuUKsx6XotWcZFEVpzY3tn2lZHCdHP
vIaAnb0aW/+rVlnYvS/H5SK57K3jTABqzbo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:54 2025 by rpki-client