Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/KEVsze6fcisISL1NRs4g9pkLeVU.roa
File: KEVsze6fcisISL1NRs4g9pkLeVU.roa (raw, json)
Hash identifier: BtmFZYOq9RN2YKAlM+h6IUIvpjmJOXuPrzGDj+X175g=
Subject key identifier: 28:45:6C:CD:EE:9F:72:2B:08:48:BD:4D:46:CE:20:F6:99:0B:79:55
Certificate issuer: /CN=09e5518e68467b4290c3509268b6d6d664962c86
Certificate serial: 0195A88259C2043CFF9808567C29E811A111
Authority key identifier: 09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/KEVsze6fcisISL1NRs4g9pkLeVU.roa
Signing time: Tue 18 Mar 2025 09:07:49 +0000
ROA not before: Tue 18 Mar 2025 09:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31515
IP address blocks: 161.30.0.0/16 maxlen: 16
161.30.5.0/24 maxlen: 24
161.30.7.0/24 maxlen: 24
161.30.8.0/24 maxlen: 24
161.30.9.0/24 maxlen: 24
161.30.10.0/24 maxlen: 24
161.30.12.0/22 maxlen: 22
161.30.16.0/22 maxlen: 22
161.30.20.0/24 maxlen: 24
161.30.22.0/23 maxlen: 23
161.30.28.0/24 maxlen: 24
161.30.29.0/24 maxlen: 24
161.30.33.0/24 maxlen: 24
161.30.40.0/23 maxlen: 23
161.30.42.0/23 maxlen: 24
161.30.44.0/23 maxlen: 24
161.30.112.0/23 maxlen: 23
161.30.114.0/23 maxlen: 23
161.30.115.0/24 maxlen: 24
161.30.116.0/23 maxlen: 23
161.30.118.0/24 maxlen: 24
161.30.119.0/24 maxlen: 24
161.30.120.0/24 maxlen: 24
161.30.121.0/24 maxlen: 24
161.30.124.0/23 maxlen: 23
161.30.126.0/23 maxlen: 23
161.30.128.0/23 maxlen: 23
161.30.129.0/24 maxlen: 24
161.30.130.0/24 maxlen: 24
161.30.155.0/24 maxlen: 24
161.30.164.0/24 maxlen: 24
161.30.165.0/24 maxlen: 24
161.30.166.0/24 maxlen: 24
161.30.169.0/24 maxlen: 24
161.30.171.0/24 maxlen: 24
161.30.176.0/20 maxlen: 20
161.30.193.0/24 maxlen: 24
161.30.194.0/23 maxlen: 23
161.30.201.0/24 maxlen: 24
161.30.202.0/24 maxlen: 24
161.30.203.0/24 maxlen: 24
161.30.220.0/24 maxlen: 24
161.30.221.0/24 maxlen: 24
161.30.236.0/22 maxlen: 24
161.30.236.0/24 maxlen: 24
161.30.237.0/24 maxlen: 24
161.30.238.0/24 maxlen: 24
161.30.239.0/24 maxlen: 24
161.30.240.0/24 maxlen: 24
161.30.246.0/24 maxlen: 24
161.30.250.0/24 maxlen: 24
161.30.251.0/24 maxlen: 24
2a11:ae00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Mar 2025 13:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:82:59:c2:04:3c:ff:98:08:56:7c:29:e8:11:a1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e5518e68467b4290c3509268b6d6d664962c86
Validity
Not Before: Mar 18 09:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28456ccdee9f722b0848bd4d46ce20f6990b7955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:30:26:e7:0c:71:eb:b4:f5:42:e2:fd:16:8a:
7f:24:46:1b:7a:8c:83:cd:b0:18:9b:41:4a:23:c2:
d9:bd:11:0e:d9:e3:d6:5a:79:c3:63:ac:4e:5e:54:
de:2e:a7:d3:a3:78:9a:8e:0a:ff:48:ec:4e:50:c7:
af:35:65:fb:45:8d:cc:79:29:74:69:5a:16:34:4a:
f1:35:5b:a8:3c:89:10:29:c9:d2:4a:a2:67:b5:d9:
f3:d0:8f:75:0e:3b:33:82:b5:64:0a:70:44:0c:72:
57:59:a6:39:72:c9:33:09:57:82:59:0f:43:9a:a8:
d0:76:3d:69:ac:35:a2:6f:8e:77:9f:43:cb:19:6a:
aa:05:bd:14:71:16:14:bb:e9:6a:85:33:2b:86:5c:
21:1a:be:af:4e:51:b5:ff:d4:14:da:c9:b5:cc:25:
66:f6:e9:09:1d:be:e9:ec:9b:92:79:8b:fd:58:0c:
18:a6:7c:5a:f7:ee:26:04:1b:61:7f:2b:44:22:43:
d6:d5:8e:10:c7:19:e3:6f:10:56:17:1a:fa:a9:0d:
4e:0c:69:8c:60:7e:f5:7f:e2:5d:bb:a3:6b:22:59:
72:ff:ff:c9:1a:4d:47:51:1b:a6:8e:df:4c:1b:9f:
71:d2:18:50:ce:0f:cb:0c:3f:33:a6:fe:c0:6a:ca:
1b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:45:6C:CD:EE:9F:72:2B:08:48:BD:4D:46:CE:20:F6:99:0B:79:55
X509v3 Authority Key Identifier:
keyid:09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/KEVsze6fcisISL1NRs4g9pkLeVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/CeVRjmhGe0KQw1CSaLbW1mSWLIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.30.0.0/16
IPv6:
2a11:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
3c:bb:0d:0c:77:c9:28:76:a3:c8:f4:82:6d:a9:f1:ca:ce:f8:
e0:e7:33:1d:e8:3f:7a:fb:52:c8:42:2d:9c:61:f2:f2:fc:b6:
64:24:19:2a:87:7a:0c:8b:c1:a8:c4:c7:df:2b:3c:db:5b:50:
a8:2f:5c:94:48:d7:4d:b9:8b:37:44:48:c9:aa:ba:a6:2d:17:
87:85:d6:3a:f0:dc:df:1a:14:bc:e6:3b:4f:0f:66:bd:d1:d6:
67:b8:07:8e:57:30:fa:47:9b:a9:ea:1e:72:3e:aa:41:26:5e:
5f:58:9b:8c:fc:41:6f:2e:89:92:85:71:68:25:9e:3d:80:9c:
e2:08:37:ed:18:8a:13:4b:47:fd:c2:46:0d:8a:1a:96:58:19:
17:28:26:8f:7a:2c:de:60:93:52:fc:2f:49:7b:e7:ae:93:ea:
3a:22:22:8c:8f:2c:f9:5d:ab:d0:fd:0f:af:b9:bb:83:7d:e3:
86:bc:b2:35:f0:5d:fc:93:65:0f:39:81:1f:b7:37:ac:f2:89:
ca:cf:41:fe:e9:ab:8c:3f:46:e7:bb:d8:a0:37:4c:12:b2:ba:
ae:9f:1b:cf:40:c2:51:23:e9:c7:5e:12:c6:9f:93:ee:e2:da:
ac:ec:a3:c3:81:76:36:4d:8c:91:01:b9:61:4b:fe:81:38:f5:
b2:7f:25:57
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZWoglnCBDz/mAhWfCnoEaERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU1MThlNjg0NjdiNDI5MGMzNTA5MjY4YjZkNmQ2NjQ5
NjJjODYwHhcNMjUwMzE4MDkwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODQ1NmNjZGVlOWY3MjJiMDg0OGJkNGQ0NmNlMjBmNjk5MGI3OTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDAm5wxx67T1QuL9Fop/JEYbeoyD
zbAYm0FKI8LZvREO2ePWWnnDY6xOXlTeLqfTo3iajgr/SOxOUMevNWX7RY3MeSl0
aVoWNErxNVuoPIkQKcnSSqJntdnz0I91DjszgrVkCnBEDHJXWaY5cskzCVeCWQ9D
mqjQdj1prDWib453n0PLGWqqBb0UcRYUu+lqhTMrhlwhGr6vTlG1/9QU2sm1zCVm
9ukJHb7p7JuSeYv9WAwYpnxa9+4mBBthfytEIkPW1Y4QxxnjbxBWFxr6qQ1ODGmM
YH71f+Jdu6NrIlly///JGk1HURumjt9MG59x0hhQzg/LDD8zpv7Aasob8QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFChFbM3un3IrCEi9TUbOIPaZC3lVMB8GA1UdIwQY
MBaAFAnlUY5oRntCkMNQkmi21tZkliyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWUmptaEdlMEtRdzFDU2FMYlcxbVNXTElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDI4MmMtM2M4Mi00NzMwLWI5NWUt
ZTc0NTk0ODk4M2VkLzEvS0VWc3plNmZjaXNJU0wxTlJzNGc5cGtMZVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDI4MmMtM2M4Mi00NzMwLWI5NWUtZTc0NTk0ODk4M2Vk
LzEvQ2VWUmptaEdlMEtRdzFDU2FMYlcxbVNXTElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAoR4wDQQC
AAIwBwMFACoRrgAwDQYJKoZIhvcNAQELBQADggEBADy7DQx3ySh2o8j0gm2p8crO
+ODnMx3oP3r7UshCLZxh8vL8tmQkGSqHegyLwajEx98rPNtbUKgvXJRI1025izdE
SMmquqYtF4eF1jrw3N8aFLzmO08PZr3R1me4B45XMPpHm6nqHnI+qkEmXl9Ym4z8
QW8uiZKFcWglnj2AnOIIN+0YihNLR/3CRg2KGpZYGRcoJo96LN5gk1L8L0l7566T
6joiIoyPLPldq9D9D6+5u4N944a8sjXwXfyTZQ85gR+3N6zyicrPQf7pq4w/Rue7
2KA3TBKyuq6fG89AwlEj6cdeEsafk+7i2qzso8OBdjZNjJEBuWFL/oE49bJ/JVc=
-----END CERTIFICATE-----
Generated at Tue Jun 10 18:49:38 2025 by rpki-client