Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/m3H1-H0GlpV3LsyziOPIaF_Xg2k.roa
File: m3H1-H0GlpV3LsyziOPIaF_Xg2k.roa (raw, json)
Hash identifier: M2xevF+8BTQIYK+nokYb81mF0zvjnwUwN5/pVfUSi9M=
Subject key identifier: 9B:71:F5:F8:7D:06:96:95:77:2E:CC:B3:88:E3:C8:68:5F:D7:83:69
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 0194088DD05C75EFF30DE1CB77FC8E6E1648
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/m3H1-H0GlpV3LsyziOPIaF_Xg2k.roa
Signing time: Fri 27 Dec 2024 14:38:19 +0000
ROA not before: Fri 27 Dec 2024 14:38:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 5.182.252.0/22 maxlen: 24
37.18.160.0/20 maxlen: 24
37.58.128.0/17 maxlen: 24
37.157.8.0/23 maxlen: 24
37.157.10.0/24 maxlen: 24
37.157.12.0/22 maxlen: 24
37.157.60.0/22 maxlen: 24
45.142.172.0/22 maxlen: 24
45.145.124.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
62.102.224.0/19 maxlen: 24
62.244.70.0/23 maxlen: 24
62.244.72.0/22 maxlen: 24
62.244.80.0/23 maxlen: 24
62.244.90.0/23 maxlen: 24
62.244.92.0/23 maxlen: 24
79.98.96.0/21 maxlen: 24
81.22.216.0/21 maxlen: 24
91.103.232.0/21 maxlen: 24
91.205.156.0/24 maxlen: 24
91.206.156.0/23 maxlen: 24
91.217.94.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
103.73.172.0/22 maxlen: 24
103.77.32.0/22 maxlen: 24
103.229.36.0/23 maxlen: 24
103.232.172.0/22 maxlen: 24
109.69.192.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
128.127.128.0/20 maxlen: 24
146.247.88.0/21 maxlen: 24
149.255.136.0/21 maxlen: 24
178.249.160.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.42.132.0/22 maxlen: 24
185.49.120.0/23 maxlen: 24
185.49.122.0/24 maxlen: 24
185.65.224.0/22 maxlen: 24
185.67.88.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
185.90.96.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.138.104.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
185.204.140.0/22 maxlen: 24
185.208.248.0/22 maxlen: 24
185.247.248.0/22 maxlen: 24
188.66.56.0/22 maxlen: 24
193.27.194.0/23 maxlen: 24
193.41.95.0/24 maxlen: 24
193.47.139.0/24 maxlen: 24
193.108.197.0/24 maxlen: 24
193.222.142.0/23 maxlen: 24
193.222.188.0/23 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
212.51.160.0/19 maxlen: 24
213.108.64.0/21 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
2a00:bc80::/32 maxlen: 32
2a01:6d8::/32 maxlen: 32
2a01:728::/29 maxlen: 48
2a03:4c00::/29 maxlen: 48
2a03:bf40::/32 maxlen: 32
2a05:df00::/29 maxlen: 29
2a0d:4240::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 30 Dec 2024 11:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:8d:d0:5c:75:ef:f3:0d:e1:cb:77:fc:8e:6e:16:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Dec 27 14:38:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b71f5f87d069695772eccb388e3c8685fd78369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a6:57:6c:93:39:d1:11:14:27:50:50:16:e8:
45:5f:5a:f8:8b:82:04:53:4a:3c:ef:b9:3a:4a:50:
c9:98:6d:ea:4d:53:4e:73:01:26:53:22:6c:29:78:
2c:c2:19:27:34:db:40:40:ad:12:a8:92:80:09:7d:
40:d1:cb:be:d8:13:5c:41:8a:d6:71:d1:d3:a1:1d:
3b:ea:ef:e5:58:51:3d:7c:4e:7c:61:53:be:80:31:
e6:7c:1e:df:27:ca:db:41:ab:6e:bc:42:20:10:85:
d8:a7:35:32:43:96:65:08:a0:5e:dd:89:01:84:50:
f3:0e:6c:68:6a:ac:06:3f:1f:8a:f8:34:e2:56:72:
d2:20:37:fb:80:b5:60:ea:4b:e1:0d:67:18:59:a9:
62:2a:1f:c7:22:d3:a0:d0:cf:a6:6c:4a:ae:cf:18:
7c:be:16:ea:9b:2e:20:a5:95:41:bf:a0:f3:e5:4b:
a8:9e:28:3e:23:e5:f8:78:bd:7c:7c:46:3d:16:4b:
59:5c:f3:a0:4e:b3:a1:cd:f9:bf:6e:aa:e3:fb:d4:
ac:e5:d5:aa:30:71:44:9e:84:25:1f:f0:56:14:73:
5b:23:13:1e:69:ab:fa:9a:82:ae:63:9d:4b:4f:46:
17:98:93:ac:5e:2f:b0:96:08:24:ce:74:ce:81:af:
e8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:71:F5:F8:7D:06:96:95:77:2E:CC:B3:88:E3:C8:68:5F:D7:83:69
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/m3H1-H0GlpV3LsyziOPIaF_Xg2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
37.157.8.0-37.157.10.255
37.157.12.0/22
37.157.60.0/22
45.142.172.0/22
45.145.124.0/22
46.20.160.0/20
62.102.224.0/19
62.244.70.0-62.244.75.255
62.244.80.0/23
62.244.90.0-62.244.93.255
79.98.96.0/21
81.22.216.0/21
91.103.232.0/21
91.205.156.0/24
91.206.156.0/23
91.217.94.0/23
91.229.230.0/23
92.61.72.0/21
94.127.8.0/21
103.73.172.0/22
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.15.128.0/22
185.42.132.0/22
185.49.120.0-185.49.122.255
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.90.96.0/22
185.95.120.0/22
185.138.104.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
185.204.140.0/22
185.208.248.0/22
185.247.248.0/22
188.66.56.0/22
193.27.194.0/23
193.41.95.0/24
193.47.139.0/24
193.108.197.0/24
193.222.142.0/23
193.222.188.0/23
194.177.32.0/19
195.214.240.0/21
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a00:bc80::/32
2a01:6d8::/32
2a01:728::/29
2a03:4c00::/29
2a03:bf40::/32
2a05:df00::/29
2a0d:4240::/29
Signature Algorithm: sha256WithRSAEncryption
4b:2d:91:7c:77:a4:8a:fe:95:a1:58:a9:75:d4:80:98:57:d3:
83:ba:fa:b9:13:80:c1:1b:d2:bd:7a:93:26:8c:65:16:db:1f:
93:f8:55:05:b7:0c:fa:a0:20:3a:fb:79:84:46:7f:80:42:18:
ed:37:4a:13:ae:02:3c:30:7b:ab:df:c3:05:31:a5:5a:f7:40:
87:45:45:1b:3a:b4:30:60:de:cb:c8:26:e5:e3:98:d2:1c:2a:
d5:d0:9a:cb:f1:5f:82:ff:7b:c5:cc:84:18:f8:50:e9:ca:1f:
74:74:0d:af:8e:6b:ae:48:91:5b:3b:f2:08:13:c9:07:37:86:
05:e0:ff:ce:ef:09:1c:5a:a8:4f:05:a8:1b:96:c1:c3:cd:d1:
e2:25:65:d8:9d:2c:eb:3b:48:4b:45:60:d0:50:19:ac:dd:19:
97:23:6f:4d:c4:ed:9d:15:13:22:cf:74:68:3b:a1:6a:8e:8e:
1b:2f:30:62:ad:91:9a:dd:a3:46:af:1e:53:ca:a5:7f:35:43:
aa:0f:f2:23:af:25:9b:6b:09:7d:6f:c6:e7:7f:ee:2f:a9:36:
6e:1b:02:25:48:7f:c5:cb:6b:4d:04:fa:6b:36:0f:89:36:a8:
9e:bf:04:5e:e4:19:88:83:52:f0:bc:50:e2:50:bf:a6:21:d3:
80:a5:72:ec
-----BEGIN CERTIFICATE-----
MIIG0DCCBbigAwIBAgISAZQIjdBcde/zDeHLd/yObhZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQxMjI3MTQzODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjcxZjVmODdkMDY5Njk1NzcyZWNjYjM4OGUzYzg2ODVmZDc4MzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6ZXbJM50REUJ1BQFuhFX1r4i4IE
U0o877k6SlDJmG3qTVNOcwEmUyJsKXgswhknNNtAQK0SqJKACX1A0cu+2BNcQYrW
cdHToR076u/lWFE9fE58YVO+gDHmfB7fJ8rbQatuvEIgEIXYpzUyQ5ZlCKBe3YkB
hFDzDmxoaqwGPx+K+DTiVnLSIDf7gLVg6kvhDWcYWaliKh/HItOg0M+mbEquzxh8
vhbqmy4gpZVBv6Dz5Uuonig+I+X4eL18fEY9FktZXPOgTrOhzfm/bqrj+9Ss5dWq
MHFEnoQlH/BWFHNbIxMeaav6moKuY51LT0YXmJOsXi+wlggkznTOga/omwIDAQAB
o4ID3DCCA9gwHQYDVR0OBBYEFJtx9fh9BpaVdy7Ms4jjyGhf14NpMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvbTNIMS1IMEdscFYzTHN5emlPUElhRl9YZzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB8AYIKwYBBQUHAQcBAf8EggHfMIIB2zCCAZ4EAgABMIIB
lgMEAgW2/AMEBCUSoAMEByU6gDAMAwQDJZ0IAwQAJZ0KAwQCJZ0MAwQCJZ08AwQC
LY6sAwQCLZF8AwQELhSgAwQFPmbgMAwDBAE+9EYDBAI+9EgDBAE+9FAwDAMEAT70
WgMEAT70XAMEA09iYAMEA1EW2AMEA1tn6AMEAFvNnAMEAVvOnAMEAVvZXgMEAVvl
5gMEA1w9SAMEA15/CAMEAmdJrAMEAmdNIAMEAWflJAMEAmforAMEA21FwAMEBG3t
8AMEBIB/gAMEA5L3WAMEA5X/iAMEA7L5oAMEArkPgAMEArkqhDAMAwQDuTF4AwQA
uTF6AwQCuUHgAwQCuUNYAwQCuU+UAwQCuVpgAwQCuV94AwQCuYpoAwQCuZUIAwQC
uawQAwQCucT4AwQCucyMAwQCudD4AwQCuff4AwQCvEI4AwQBwRvCAwQAwSlfAwQA
wS+LAwQAwWzFAwQBwd6OAwQBwd68AwQFwrEgAwQDw9bwAwQF1DOgAwQD1WxAAwQA
1ZemAwQB1ZeoMAwDBADVl6sDBATVl6AwNwQCAAIwMQMFACoAvIADBQAqAQbYAwUD
KgEHKAMFAyoDTAADBQAqA79AAwUDKgXfAAMFAyoNQkAwDQYJKoZIhvcNAQELBQAD
ggEBAEstkXx3pIr+laFYqXXUgJhX04O6+rkTgMEb0r16kyaMZRbbH5P4VQW3DPqg
IDr7eYRGf4BCGO03ShOuAjwwe6vfwwUxpVr3QIdFRRs6tDBg3svIJuXjmNIcKtXQ
msvxX4L/e8XMhBj4UOnKH3R0Da+Oa65IkVs78ggTyQc3hgXg/87vCRxaqE8FqBuW
wcPN0eIlZdidLOs7SEtFYNBQGazdGZcjb03E7Z0VEyLPdGg7oWqOjhsvMGKtkZrd
o0avHlPKpX81Q6oP8iOvJZtrCX1vxud/7i+pNm4bAiVIf8XLa00E+ms2D4k2qJ6/
BF7kGYiDUvC8UOJQv6Yh04Clcuw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:49:56 2025 by rpki-client