Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/ov7zfiDkTNxUbGGkwi49JYNRN0I.roa
File: ov7zfiDkTNxUbGGkwi49JYNRN0I.roa (raw, json)
Hash identifier: RdvTBqOLRK0NFhVnHeQ1aXs+MGoVJtPwXs4lS5b/hOI=
Subject key identifier: A2:FE:F3:7E:20:E4:4C:DC:54:6C:61:A4:C2:2E:3D:25:83:51:37:42
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0195B2FFA39D9A66CB6C0DE863A016E25484
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/ov7zfiDkTNxUbGGkwi49JYNRN0I.roa
Signing time: Thu 20 Mar 2025 10:00:52 +0000
ROA not before: Thu 20 Mar 2025 10:00:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57344
IP address blocks: 5.104.168.0/23 maxlen: 23
5.104.174.0/24 maxlen: 24
77.76.8.0/24 maxlen: 24
77.76.10.0/24 maxlen: 24
77.76.11.0/24 maxlen: 24
78.128.0.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.67.0/24 maxlen: 24
78.128.72.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.79.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.92.0/24 maxlen: 24
78.128.94.0/24 maxlen: 24
78.128.98.0/24 maxlen: 24
78.128.108.0/23 maxlen: 23
78.142.1.0/24 maxlen: 24
78.142.4.0/23 maxlen: 23
78.142.17.0/24 maxlen: 24
78.142.20.0/24 maxlen: 24
78.142.24.0/24 maxlen: 24
78.142.33.0/24 maxlen: 24
78.142.34.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.48.0/24 maxlen: 24
78.142.60.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.0.0/24 maxlen: 24
79.124.15.0/24 maxlen: 24
79.124.20.0/23 maxlen: 23
79.124.23.0/24 maxlen: 24
79.124.24.0/22 maxlen: 24
79.124.28.0/24 maxlen: 24
79.124.47.0/24 maxlen: 24
79.124.50.0/24 maxlen: 24
79.124.51.0/24 maxlen: 24
79.124.73.0/24 maxlen: 24
79.124.74.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.79.0/24 maxlen: 24
79.124.82.0/24 maxlen: 24
82.118.224.0/24 maxlen: 24
82.118.236.0/24 maxlen: 24
82.118.238.0/24 maxlen: 24
82.118.244.0/24 maxlen: 24
82.118.246.0/23 maxlen: 23
87.246.2.0/24 maxlen: 24
91.148.131.0/24 maxlen: 24
91.148.140.0/24 maxlen: 24
91.148.160.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
91.191.216.0/23 maxlen: 24
94.72.145.0/24 maxlen: 24
94.72.148.0/22 maxlen: 24
94.72.158.0/24 maxlen: 24
94.72.159.0/24 maxlen: 24
130.185.224.0/24 maxlen: 24
130.185.226.0/24 maxlen: 24
130.185.229.0/24 maxlen: 24
130.185.235.0/24 maxlen: 24
130.185.236.0/24 maxlen: 24
130.185.237.0/24 maxlen: 24
130.185.248.0/24 maxlen: 24
130.185.250.0/24 maxlen: 24
176.241.176.0/23 maxlen: 24
178.132.80.0/24 maxlen: 24
178.132.81.0/24 maxlen: 24
178.132.82.0/23 maxlen: 24
178.132.84.0/23 maxlen: 24
185.148.160.0/22 maxlen: 22
185.232.159.0/24 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.148.0/24 maxlen: 24
217.174.149.0/24 maxlen: 24
217.174.150.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.152.0/24 maxlen: 24
217.174.153.0/24 maxlen: 24
217.174.154.0/24 maxlen: 24
217.174.159.0/24 maxlen: 24
2a01:8740::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 04 Apr 2025 05:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b2:ff:a3:9d:9a:66:cb:6c:0d:e8:63:a0:16:e2:54:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Mar 20 10:00:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2fef37e20e44cdc546c61a4c22e3d2583513742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:1e:10:3d:01:67:41:45:6c:f4:29:52:29:
75:78:c6:b8:df:a4:9c:a3:0c:9e:ea:86:56:82:f6:
aa:f7:4e:b0:e6:a4:9f:ce:82:d6:eb:a2:fd:fc:73:
26:96:3c:19:08:10:e8:06:72:a4:77:0a:f5:84:a1:
1b:d9:9d:e1:47:9d:70:cd:fd:37:ed:c1:29:ce:e2:
fa:16:7d:83:6f:3f:1c:95:09:54:0c:2f:98:f3:2c:
e5:34:31:ec:f8:20:3d:39:29:2e:b4:1a:e2:0b:ce:
81:8c:71:27:bb:94:c6:4a:82:66:a7:c2:76:e6:ee:
d0:f5:cd:0e:37:46:11:4f:e3:46:84:d5:8a:11:ab:
e7:c2:72:f2:23:4d:dd:00:4b:6b:d6:e6:9a:2a:ad:
f9:7a:f8:77:a9:66:21:0c:ae:d4:a8:86:23:b2:4e:
cc:c9:5e:32:4a:73:5c:55:db:d7:6a:02:79:75:e6:
2c:1e:61:4c:61:a4:5e:8f:a2:22:1c:a3:e7:0b:f3:
43:21:07:d8:4f:d0:84:c4:d2:21:17:3e:9d:79:d7:
46:4d:57:97:59:70:d0:86:d4:f6:7d:8a:b8:ca:b2:
e0:8b:ad:9e:95:9d:28:db:ae:5c:6a:70:51:90:6d:
ad:78:ce:0e:27:19:01:24:c6:b5:77:32:b2:db:64:
40:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:FE:F3:7E:20:E4:4C:DC:54:6C:61:A4:C2:2E:3D:25:83:51:37:42
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/ov7zfiDkTNxUbGGkwi49JYNRN0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.168.0/23
5.104.174.0/24
77.76.8.0/24
77.76.10.0/23
78.128.0.0/24
78.128.8.0/24
78.128.43.0/24
78.128.60.0/24
78.128.67.0/24
78.128.72.0/24
78.128.76.0/24
78.128.79.0/24
78.128.81.0/24
78.128.92.0/24
78.128.94.0/24
78.128.98.0/24
78.128.108.0/23
78.142.1.0/24
78.142.4.0/23
78.142.17.0/24
78.142.20.0/24
78.142.24.0/24
78.142.33.0-78.142.34.255
78.142.47.0-78.142.48.255
78.142.60.0/24
78.142.63.0/24
79.124.0.0/24
79.124.15.0/24
79.124.20.0/23
79.124.23.0-79.124.28.255
79.124.47.0/24
79.124.50.0/23
79.124.73.0-79.124.74.255
79.124.76.0/24
79.124.79.0/24
79.124.82.0/24
82.118.224.0/24
82.118.236.0/24
82.118.238.0/24
82.118.244.0/24
82.118.246.0/23
87.246.2.0/24
91.148.131.0/24
91.148.140.0/24
91.148.160.0/24
91.148.168.0/24
91.191.216.0/23
94.72.145.0/24
94.72.148.0/22
94.72.158.0/23
130.185.224.0/24
130.185.226.0/24
130.185.229.0/24
130.185.235.0-130.185.237.255
130.185.248.0/24
130.185.250.0/24
176.241.176.0/23
178.132.80.0-178.132.85.255
185.148.160.0/22
185.232.159.0/24
217.174.148.0-217.174.150.255
217.174.152.0-217.174.154.255
217.174.159.0/24
IPv6:
2a01:8740::/32
Signature Algorithm: sha256WithRSAEncryption
11:ff:98:39:bd:45:7b:2f:5c:37:25:3f:20:b7:58:af:92:2a:
83:86:c4:fa:e8:30:d2:2e:c1:71:42:50:fb:21:d5:7a:45:9c:
de:70:f6:d7:4d:8c:b7:96:4c:5b:4f:d7:94:b7:52:b8:00:5f:
44:6b:57:3a:8d:7d:42:2b:09:79:76:33:58:6f:1d:4c:f7:c9:
25:f8:4a:d5:53:32:ab:8d:a0:34:27:74:41:78:f0:18:e7:0d:
7f:89:e9:d2:c0:bf:c4:22:78:47:56:52:a8:6e:e6:48:02:7c:
1c:78:89:2f:0e:67:2f:19:30:d0:94:7f:ac:b9:03:26:e4:4e:
f1:c0:b2:d7:ad:a3:c2:70:ec:d3:ca:b3:dd:62:aa:ba:7d:e3:
71:49:09:8c:ed:c7:40:35:39:58:5d:a5:1b:d4:7a:68:88:8c:
cf:54:fc:93:b7:fe:d8:60:09:99:f5:c0:d1:9a:66:cd:61:39:
43:9c:81:76:48:9d:1d:eb:fe:27:5a:7c:7c:21:34:52:df:ea:
78:66:f5:23:70:23:ea:38:0b:c3:4d:d2:c7:15:eb:2c:c5:8b:
57:e4:c7:51:e5:79:ea:88:7a:d7:85:8d:c8:bf:19:a4:69:3f:
0e:50:a5:97:22:72:f6:a4:51:91:41:d8:d0:a7:37:d9:38:c9:
18:5d:80:63
-----BEGIN CERTIFICATE-----
MIIGyjCCBbKgAwIBAgISAZWy/6OdmmbLbA3oY6AW4lSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMzIwMTAwMDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmZlZjM3ZTIwZTQ0Y2RjNTQ2YzYxYTRjMjJlM2QyNTgzNTEzNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCkeED0BZ0FFbPQpUil1eMa436Sc
owye6oZWgvaq906w5qSfzoLW66L9/HMmljwZCBDoBnKkdwr1hKEb2Z3hR51wzf03
7cEpzuL6Fn2Dbz8clQlUDC+Y8yzlNDHs+CA9OSkutBriC86BjHEnu5TGSoJmp8J2
5u7Q9c0ON0YRT+NGhNWKEavnwnLyI03dAEtr1uaaKq35evh3qWYhDK7UqIYjsk7M
yV4ySnNcVdvXagJ5deYsHmFMYaRej6IiHKPnC/NDIQfYT9CExNIhFz6deddGTVeX
WXDQhtT2fYq4yrLgi62elZ0o265canBRkG2teM4OJxkBJMa1dzKy22RAQQIDAQAB
o4ID1jCCA9IwHQYDVR0OBBYEFKL+834g5EzcVGxhpMIuPSWDUTdCMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvb3Y3emZpRGtUTnhVYkdHa3dpNDlKWU5STjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6gYIKwYBBQUHAQcBAf8EggHZMIIB1TCCAcIEAgABMIIB
ugMEAQVoqAMEAAVorgMEAE1MCAMEAU1MCgMEAE6AAAMEAE6ACAMEAE6AKwMEAE6A
PAMEAE6AQwMEAE6ASAMEAE6ATAMEAE6ATwMEAE6AUQMEAE6AXAMEAE6AXgMEAE6A
YgMEAU6AbAMEAE6OAQMEAU6OBAMEAE6OEQMEAE6OFAMEAE6OGDAMAwQATo4hAwQA
To4iMAwDBABOji8DBABOjjADBABOjjwDBABOjj8DBABPfAADBABPfA8DBAFPfBQw
DAMEAE98FwMEAE98HAMEAE98LwMEAU98MjAMAwQAT3xJAwQAT3xKAwQAT3xMAwQA
T3xPAwQAT3xSAwQAUnbgAwQAUnbsAwQAUnbuAwQAUnb0AwQBUnb2AwQAV/YCAwQA
W5SDAwQAW5SMAwQAW5SgAwQAW5SoAwQBW7/YAwQAXkiRAwQCXkiUAwQBXkieAwQA
grngAwQAgrniAwQAgrnlMAwDBACCuesDBAGCuewDBACCufgDBACCufoDBAGw8bAw
DAMEBLKEUAMEAbKEVAMEArmUoAMEALnonzAMAwQC2a6UAwQA2a6WMAwDBAPZrpgD
BADZrpoDBADZrp8wDQQCAAIwBwMFACoBh0AwDQYJKoZIhvcNAQELBQADggEBABH/
mDm9RXsvXDclPyC3WK+SKoOGxProMNIuwXFCUPsh1XpFnN5w9tdNjLeWTFtP15S3
UrgAX0RrVzqNfUIrCXl2M1hvHUz3ySX4StVTMquNoDQndEF48BjnDX+J6dLAv8Qi
eEdWUqhu5kgCfBx4iS8OZy8ZMNCUf6y5AybkTvHAsteto8Jw7NPKs91iqrp943FJ
CYztx0A1OVhdpRvUemiIjM9U/JO3/thgCZn1wNGaZs1hOUOcgXZInR3r/idafHwh
NFLf6nhm9SNwI+o4C8NN0scV6yzFi1fkx1HleeqIeteFjci/GaRpPw5QpZcicvak
UZFB2NCnN9k4yRhdgGM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:20 2025 by rpki-client