Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/ooE-CzkriG8dyAHw2VEoPf2hymM.roa
File: ooE-CzkriG8dyAHw2VEoPf2hymM.roa (raw, json)
Hash identifier: WoxXseWHvKkeS+GLhJ9Z5ab8hXqvccZV6MhBJF6pSQI=
Subject key identifier: A2:81:3E:0B:39:2B:88:6F:1D:C8:01:F0:D9:51:28:3D:FD:A1:CA:63
Certificate issuer: /CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Certificate serial: 0194236A01C1059A8C27F045DC8D5B4273D3
Authority key identifier: B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/ooE-CzkriG8dyAHw2VEoPf2hymM.roa
Signing time: Wed 01 Jan 2025 19:48:57 +0000
ROA not before: Wed 01 Jan 2025 19:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199081
IP address blocks: 5.172.192.0/20 maxlen: 20
5.172.192.0/22 maxlen: 22
5.172.192.0/24 maxlen: 24
5.172.193.0/24 maxlen: 24
5.172.194.0/24 maxlen: 24
5.172.195.0/24 maxlen: 24
5.172.196.0/22 maxlen: 22
5.172.196.0/24 maxlen: 24
5.172.197.0/24 maxlen: 24
5.172.198.0/24 maxlen: 24
5.172.199.0/24 maxlen: 24
5.172.200.0/22 maxlen: 22
5.172.201.0/24 maxlen: 24
5.172.202.0/24 maxlen: 24
5.172.203.0/24 maxlen: 24
5.172.204.0/22 maxlen: 22
5.172.204.0/24 maxlen: 24
5.172.205.0/24 maxlen: 24
5.172.206.0/24 maxlen: 24
45.66.185.0/24 maxlen: 24
45.66.186.0/24 maxlen: 24
45.66.187.0/24 maxlen: 24
91.193.60.0/22 maxlen: 22
91.193.60.0/24 maxlen: 24
91.193.61.0/24 maxlen: 24
91.193.62.0/24 maxlen: 24
91.193.63.0/24 maxlen: 24
109.68.144.0/21 maxlen: 21
109.68.144.0/24 maxlen: 24
109.68.145.0/24 maxlen: 24
109.68.147.0/24 maxlen: 24
109.68.149.0/24 maxlen: 24
109.68.150.0/24 maxlen: 24
109.68.151.0/24 maxlen: 24
178.21.168.0/21 maxlen: 21
178.21.168.0/22 maxlen: 22
178.21.168.0/24 maxlen: 24
178.21.169.0/24 maxlen: 24
178.21.170.0/24 maxlen: 24
178.21.171.0/24 maxlen: 24
178.21.172.0/22 maxlen: 22
178.21.172.0/24 maxlen: 24
178.21.173.0/24 maxlen: 24
178.21.174.0/24 maxlen: 24
178.21.175.0/24 maxlen: 24
185.70.76.0/22 maxlen: 22
185.70.76.0/24 maxlen: 24
185.70.77.0/24 maxlen: 24
185.70.78.0/23 maxlen: 23
185.70.78.0/24 maxlen: 24
185.70.79.0/24 maxlen: 24
185.88.23.0/24 maxlen: 24
185.118.125.0/24 maxlen: 24
185.168.36.0/22 maxlen: 22
185.168.38.0/23 maxlen: 23
185.168.38.0/24 maxlen: 24
185.168.39.0/24 maxlen: 24
185.205.96.0/22 maxlen: 22
185.205.96.0/24 maxlen: 24
185.205.97.0/24 maxlen: 24
185.205.98.0/24 maxlen: 24
185.205.99.0/24 maxlen: 24
195.35.92.0/22 maxlen: 22
2a02:4fc0::/32 maxlen: 32
2a02:4fc0:4000::/48 maxlen: 48
2a02:4fc0:4001::/48 maxlen: 48
2a02:4fc0:4100::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 25 Feb 2025 14:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:01:c1:05:9a:8c:27:f0:45:dc:8d:5b:42:73:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Validity
Not Before: Jan 1 19:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2813e0b392b886f1dc801f0d951283dfda1ca63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:90:ce:82:ec:3b:f2:0f:e1:50:b5:0a:c4:94:
e2:05:38:55:97:41:91:6b:48:d5:bf:38:10:9e:4f:
df:9e:d5:7b:6b:8a:4d:01:cb:8c:83:c7:c4:37:20:
3f:d9:95:7c:21:8e:60:cf:b4:61:f3:26:9d:be:ff:
b2:aa:b1:ec:7b:3c:7d:1a:ab:0b:32:d7:95:ee:60:
af:7a:7c:e0:3e:b0:51:72:1a:a6:e3:ca:81:4e:3e:
ea:e9:36:a2:ff:e5:08:4c:06:43:e0:29:c5:e1:62:
53:6a:8c:54:72:f0:32:e4:e0:30:a7:67:ac:88:a6:
37:71:57:c9:24:85:c8:80:2e:a7:1f:a6:b9:15:50:
aa:c7:24:b7:5d:2b:ae:e6:40:04:67:33:d5:29:12:
cb:0c:0f:29:05:d8:db:f6:89:2b:0b:77:f4:a4:c6:
50:0a:7c:3f:93:cb:0e:3d:7a:b2:8d:9f:4e:46:34:
36:a8:33:fb:85:0e:31:ec:4c:1e:be:55:8a:c1:47:
2f:c7:94:85:4e:76:fe:a8:95:d1:56:42:51:ad:0c:
21:1d:e7:39:c7:d0:45:a1:dd:13:ea:02:04:4b:c8:
2b:cb:18:1c:1a:77:47:0f:46:c9:df:72:c0:43:24:
26:fb:0a:52:cc:cf:46:7d:cb:a9:c0:67:7a:93:24:
92:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:81:3E:0B:39:2B:88:6F:1D:C8:01:F0:D9:51:28:3D:FD:A1:CA:63
X509v3 Authority Key Identifier:
keyid:B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/ooE-CzkriG8dyAHw2VEoPf2hymM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.192.0/20
45.66.185.0-45.66.187.255
91.193.60.0/22
109.68.144.0/21
178.21.168.0/21
185.70.76.0/22
185.88.23.0/24
185.118.125.0/24
185.168.36.0/22
185.205.96.0/22
195.35.92.0/22
IPv6:
2a02:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
15:5d:e7:af:8e:4d:c9:df:c8:f0:e2:f2:f7:f3:7a:7d:4c:b7:
0f:79:8c:b7:c1:4a:7e:03:26:52:ae:f7:e3:95:07:dd:8b:db:
53:26:04:e3:03:51:b3:60:42:3f:8d:95:19:2b:dc:66:6b:a7:
51:62:5c:55:9c:03:49:55:d8:2d:64:c4:bf:b9:9a:68:c9:9e:
41:c0:a7:2a:44:20:74:79:15:66:21:ac:f2:b7:d4:83:15:8e:
6e:83:60:2a:72:d0:b6:1a:6b:85:08:5f:a6:06:be:86:37:a5:
be:29:31:d5:c1:8c:a4:ee:ae:2a:8a:01:31:f5:90:19:83:14:
4e:51:67:bb:78:6d:93:5d:d8:f0:1d:be:c2:eb:b0:e8:18:6f:
ec:eb:93:2f:f5:7a:8d:3b:08:06:6e:c0:30:53:84:6b:50:ca:
69:3c:de:10:6f:0d:6d:40:6d:1a:59:13:67:28:81:28:be:b0:
17:ed:95:25:bb:2f:20:e4:7b:ae:73:1f:81:0a:db:bf:62:b4:
03:92:40:a0:1c:35:e6:d8:f0:76:2b:64:27:61:ea:19:65:99:
84:e0:59:4e:69:f3:d4:eb:5b:a6:90:da:05:25:23:e5:c4:0a:
04:52:1b:d8:81:b8:c7:09:2a:14:6d:bf:ea:e1:15:41:73:4f:
67:8e:0d:27
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQjagHBBZqMJ/BF3I1bQnPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzUxYjBjMDYzY2ZjMTY5NDNmYzlhNDdlMmM4MDU5OTBm
NmVhYWUwHhcNMjUwMTAxMTk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjgxM2UwYjM5MmI4ODZmMWRjODAxZjBkOTUxMjgzZGZkYTFjYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZDOguw78g/hULUKxJTiBThVl0GR
a0jVvzgQnk/fntV7a4pNAcuMg8fENyA/2ZV8IY5gz7Rh8yadvv+yqrHsezx9GqsL
MteV7mCvenzgPrBRchqm48qBTj7q6Tai/+UITAZD4CnF4WJTaoxUcvAy5OAwp2es
iKY3cVfJJIXIgC6nH6a5FVCqxyS3XSuu5kAEZzPVKRLLDA8pBdjb9okrC3f0pMZQ
Cnw/k8sOPXqyjZ9ORjQ2qDP7hQ4x7EwevlWKwUcvx5SFTnb+qJXRVkJRrQwhHec5
x9BFod0T6gIES8gryxgcGndHD0bJ33LAQyQm+wpSzM9GfcupwGd6kySSOwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFKKBPgs5K4hvHcgB8NlRKD39ocpjMB8GA1UdIwQY
MBaAFLPFGwwGPPwWlD/JpH4sgFmQ9uquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEt
ZmY1ZjFhZDY5MjY2LzEvb29FLUN6a3JpRzhkeUFIdzJWRW9QZjJoeW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEtZmY1ZjFhZDY5MjY2
LzEvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQEBazAMAwD
BAAtQrkDBAItQrgDBAJbwTwDBANtRJADBAOyFagDBAK5RkwDBAC5WBcDBAC5dn0D
BAK5qCQDBAK5zWADBALDI1wwDQQCAAIwBwMFACoCT8AwDQYJKoZIhvcNAQELBQAD
ggEBABVd56+OTcnfyPDi8vfzen1Mtw95jLfBSn4DJlKu9+OVB92L21MmBOMDUbNg
Qj+NlRkr3GZrp1FiXFWcA0lV2C1kxL+5mmjJnkHApypEIHR5FWYhrPK31IMVjm6D
YCpy0LYaa4UIX6YGvoY3pb4pMdXBjKTuriqKATH1kBmDFE5RZ7t4bZNd2PAdvsLr
sOgYb+zrky/1eo07CAZuwDBThGtQymk83hBvDW1AbRpZE2cogSi+sBftlSW7LyDk
e65zH4EK279itAOSQKAcNebY8HYrZCdh6hllmYTgWU5p89TrW6aQ2gUlI+XECgRS
G9iBuMcJKhRtv+rhFUFzT2eODSc=
-----END CERTIFICATE-----
Generated at Tue Apr 15 17:09:19 2025 by rpki-client