Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/DiZva8PkQZ4ByaF0mF06SJMWMmg.roa
File: DiZva8PkQZ4ByaF0mF06SJMWMmg.roa (raw, json)
Hash identifier: pAAo69OH79CeTKTmIx8wckHlC8dNqDHrw6zN7QGHG0Y=
Subject key identifier: 0E:26:6F:6B:C3:E4:41:9E:01:C9:A1:74:98:5D:3A:48:93:16:32:68
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 01963E8DD938BC564C5C05A3CA6D7080E3D9
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/DiZva8PkQZ4ByaF0mF06SJMWMmg.roa
Signing time: Wed 16 Apr 2025 12:23:25 +0000
ROA not before: Wed 16 Apr 2025 12:23:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 5.250.176.0/20 maxlen: 24
46.16.72.0/21 maxlen: 24
78.137.96.0/21 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
85.184.248.0/22 maxlen: 24
87.106.0.0/16 maxlen: 24
157.97.104.0/21 maxlen: 24
157.97.104.0/24 maxlen: 32
157.97.105.0/24 maxlen: 32
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
194.164.4.0/22 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.164.88.0/21 maxlen: 24
194.164.120.0/21 maxlen: 24
194.164.160.0/20 maxlen: 24
194.164.192.0/20 maxlen: 24
195.20.224.0/19 maxlen: 24
212.132.64.0/18 maxlen: 24
212.227.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
213.244.192.0/24 maxlen: 24
217.72.192.0/20 maxlen: 24
217.154.0.0/21 maxlen: 24
217.154.8.0/22 maxlen: 24
217.154.13.0/24 maxlen: 24
217.154.14.0/23 maxlen: 24
217.154.16.0/21 maxlen: 24
217.154.50.0/23 maxlen: 24
217.154.52.0/22 maxlen: 24
217.154.56.0/21 maxlen: 24
217.154.64.0/21 maxlen: 24
217.154.74.0/23 maxlen: 24
217.154.76.0/22 maxlen: 24
217.154.80.0/21 maxlen: 24
217.154.88.0/23 maxlen: 24
217.154.91.0/24 maxlen: 24
217.154.92.0/22 maxlen: 24
217.154.240.0/22 maxlen: 24
217.154.247.0/24 maxlen: 24
217.160.0.0/16 maxlen: 24
217.160.124.0/23 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Apr 2025 13:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:8d:d9:38:bc:56:4c:5c:05:a3:ca:6d:70:80:e3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Apr 16 12:23:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e266f6bc3e4419e01c9a174985d3a4893163268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a5:68:c9:fe:fc:c5:d0:08:32:6e:11:56:ad:
23:9c:16:90:27:2f:c3:22:47:c9:55:da:08:af:2b:
cb:3d:29:5f:3c:b5:27:f9:72:b7:2e:37:74:91:6d:
2c:50:1a:a9:85:1e:fe:9c:8b:c3:4a:9a:3f:e8:96:
10:e1:b7:68:a6:cb:c6:71:f3:8b:10:27:d4:6b:96:
c6:f0:03:96:87:5e:86:2d:5a:2d:33:c6:53:3d:f1:
54:14:3b:18:8e:26:9d:b1:75:4c:ce:56:0b:10:94:
14:d7:f7:71:ac:d4:46:e4:17:93:c7:09:66:cd:d1:
50:d6:21:b7:d9:a6:3c:2f:c6:a6:4d:a2:59:b3:d3:
2d:42:f5:47:06:0e:b5:4d:c1:a8:65:24:a5:28:67:
cd:42:c3:16:cf:09:9a:1d:12:16:c4:4e:4b:a2:e4:
d2:9b:02:45:fc:bc:9e:fd:54:21:0d:92:79:88:8d:
eb:44:d9:b5:9e:df:40:55:b4:b8:93:66:fa:d6:69:
f9:5b:0d:61:dd:9d:c8:43:4a:49:54:a2:fa:ac:2a:
58:5b:91:2d:08:22:55:4b:f5:f9:38:47:86:7c:ca:
97:9f:06:c2:13:c7:6d:23:c4:a9:61:1e:75:10:73:
cf:b4:70:dc:89:8e:05:ea:9a:fb:7f:81:38:4f:17:
88:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:26:6F:6B:C3:E4:41:9E:01:C9:A1:74:98:5D:3A:48:93:16:32:68
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/DiZva8PkQZ4ByaF0mF06SJMWMmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.154.0.0-217.154.11.255
217.154.13.0-217.154.23.255
217.154.50.0-217.154.71.255
217.154.74.0-217.154.89.255
217.154.91.0-217.154.95.255
217.154.240.0/22
217.154.247.0/24
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
67:02:ba:eb:d2:09:14:dd:50:b7:8d:e8:aa:3a:29:8f:58:3c:
f8:df:e7:10:52:4e:ea:6e:14:40:57:7b:b6:8e:25:f1:f4:94:
80:43:d3:21:a2:e3:00:c1:2e:3a:53:76:e5:cb:08:81:5d:a4:
64:c0:b7:71:8b:23:6c:14:2b:df:8f:e4:2b:97:e4:66:56:77:
e1:d1:71:9c:5a:09:a7:39:c5:2e:f1:b1:4b:e1:83:2c:d5:d4:
4b:97:8d:c2:8c:38:f7:17:ba:8f:7d:52:55:e1:b5:26:b2:11:
f1:09:20:45:ad:82:71:54:64:8d:b5:f0:88:f8:a3:95:d3:f9:
16:3b:56:46:7b:39:4d:6d:e3:c7:44:66:a4:c6:43:25:6a:ac:
be:9f:7d:17:d6:ce:2b:41:ac:85:cc:8d:9a:2d:da:38:6b:92:
e8:20:f8:e6:be:bb:8f:53:e5:b9:de:f6:6c:67:82:93:21:df:
16:13:b7:37:b8:00:d1:d5:5d:7e:03:12:38:77:00:3c:b1:06:
61:28:45:2f:8c:ee:9e:87:f3:23:91:37:7b:67:aa:f4:3a:f7:
68:40:5f:bd:30:4d:b8:13:7c:8f:dc:65:83:74:e7:d4:82:7a:
76:08:59:0b:35:df:3a:67:c9:f1:99:2f:62:53:b7:f3:29:25:
5c:05:88:5c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZY+jdk4vFZMXAWjym1wgOPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjUwNDE2MTIyMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTI2NmY2YmMzZTQ0MTllMDFjOWExNzQ5ODVkM2E0ODkzMTYzMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KVoyf78xdAIMm4RVq0jnBaQJy/D
IkfJVdoIryvLPSlfPLUn+XK3Ljd0kW0sUBqphR7+nIvDSpo/6JYQ4bdopsvGcfOL
ECfUa5bG8AOWh16GLVotM8ZTPfFUFDsYjiadsXVMzlYLEJQU1/dxrNRG5BeTxwlm
zdFQ1iG32aY8L8amTaJZs9MtQvVHBg61TcGoZSSlKGfNQsMWzwmaHRIWxE5LouTS
mwJF/Lye/VQhDZJ5iI3rRNm1nt9AVbS4k2b61mn5Ww1h3Z3IQ0pJVKL6rCpYW5Et
CCJVS/X5OEeGfMqXnwbCE8dtI8SpYR51EHPPtHDciY4F6pr7f4E4TxeIjwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFA4mb2vD5EGeAcmhdJhdOkiTFjJoMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvRGladmE4UGtRWjRCeWFGMG1GMDZTSk1XTW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCB7AQCAAEwgeUD
BAQF+rADBAMuEEgDBANOiWADBAJRrXADAwBSpQMEAlW4+AMDAFdqAwQDnWFoAwQC
uTB0AwQAwn7OMAwDBALCpAQDBALCpAgDBATCpBADBATCpDADBAPCpFgDBAPCpHgD
BATCpKADBATCpMADBAXDFOADBAbUhEADAwDU4wMEBdWlQAMEANX0wAMEBNlIwDAL
AwMB2ZoDBALZmggwDAMEANmaDQMEA9maEDAMAwQB2ZoyAwQD2ZpAMAwDBAHZmkoD
BAHZmlgwDAMEANmaWwMEBdmaQAMEAtma8AMEANma9wMDANmgMBQEAgACMA4DBQAg
AQjYAwUDKgIkeDANBgkqhkiG9w0BAQsFAAOCAQEAZwK669IJFN1Qt43oqjopj1g8
+N/nEFJO6m4UQFd7to4l8fSUgEPTIaLjAMEuOlN25csIgV2kZMC3cYsjbBQr34/k
K5fkZlZ34dFxnFoJpznFLvGxS+GDLNXUS5eNwow49xe6j31SVeG1JrIR8QkgRa2C
cVRkjbXwiPijldP5FjtWRns5TW3jx0RmpMZDJWqsvp99F9bOK0GshcyNmi3aOGuS
6CD45r67j1Plud72bGeCkyHfFhO3N7gA0dVdfgMSOHcAPLEGYShFL4zunofzI5E3
e2eq9Dr3aEBfvTBNuBN8j9xlg3Tn1IJ6dghZCzXfOmfJ8ZkvYlO38yklXAWIXA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:34:30 2025 by rpki-client