Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/bb9Iiu2p8le2rrsX8TsYS63bqQ0.roa
File: bb9Iiu2p8le2rrsX8TsYS63bqQ0.roa (raw, json)
Hash identifier: f8tfcLn0uV0AWxWxQm3gt4dwieSbpQOyzbU41MS0N44=
Subject key identifier: 6D:BF:48:8A:ED:A9:F2:57:B6:AE:BB:17:F1:3B:18:4B:AD:DB:A9:0D
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 019594C7627D7E9C06E7F7AB00B4C853B349
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/bb9Iiu2p8le2rrsX8TsYS63bqQ0.roa
Signing time: Fri 14 Mar 2025 13:10:49 +0000
ROA not before: Fri 14 Mar 2025 13:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202053
IP address blocks: 5.22.208.0/22 maxlen: 22
5.22.212.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
80.69.172.0/22 maxlen: 22
83.136.248.0/21 maxlen: 21
85.9.192.0/19 maxlen: 19
85.9.208.0/21 maxlen: 21
85.9.216.0/22 maxlen: 22
85.9.220.0/22 maxlen: 22
94.237.0.0/24 maxlen: 24
94.237.1.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.4.0/22 maxlen: 22
94.237.8.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
94.237.126.0/24 maxlen: 24
95.111.192.0/21 maxlen: 21
95.111.200.0/22 maxlen: 22
95.111.204.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
185.26.48.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
2a04:3540::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3544::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3545::/32 maxlen: 32
2a04:3546::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Mar 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:c7:62:7d:7e:9c:06:e7:f7:ab:00:b4:c8:53:b3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Mar 14 13:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dbf488aeda9f257b6aebb17f13b184baddba90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:09:db:90:55:4b:75:21:29:fc:81:80:fc:6e:
44:cc:ec:4a:77:59:b8:49:3e:93:b9:b6:ae:b5:77:
09:f8:62:de:de:28:ff:fe:cc:20:e1:7a:f2:a2:d4:
08:1f:df:b8:ee:97:52:4d:b6:19:ab:dc:4a:51:4f:
22:6b:36:9c:4c:08:f1:f2:b1:9a:ab:3b:2d:eb:76:
a6:75:5c:98:79:e1:44:7f:db:bc:64:18:75:96:1c:
db:02:b1:42:8a:89:40:43:c0:6c:84:92:cb:f1:c6:
5b:f2:d7:f7:cb:97:28:44:58:94:6d:c8:23:60:bf:
6d:30:b4:55:68:88:c1:b6:7d:74:36:ae:38:03:21:
80:0d:b8:98:80:aa:28:b0:1d:2f:3d:df:36:6d:8f:
db:83:b7:b5:27:2a:ca:32:e5:14:16:a0:74:a1:95:
16:83:13:25:df:05:76:5e:c2:49:51:5e:3b:89:e9:
08:f7:05:07:c1:1a:d0:8e:66:8b:7c:05:3e:b7:e7:
37:5d:3a:99:bb:e9:63:48:65:fc:fd:e2:46:93:5d:
7e:5a:d2:c2:3d:0f:0b:8f:09:94:81:20:99:e2:41:
47:46:ce:ae:55:06:20:e2:a0:0b:fe:10:8a:6f:05:
8f:c0:c3:4f:77:72:78:c3:35:a0:61:ef:b6:62:fb:
69:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BF:48:8A:ED:A9:F2:57:B6:AE:BB:17:F1:3B:18:4B:AD:DB:A9:0D
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/bb9Iiu2p8le2rrsX8TsYS63bqQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
85.9.192.0/19
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
66:e2:c7:b6:39:5b:39:92:dc:35:b5:9c:cc:9c:88:c3:a0:f6:
41:6c:95:65:81:49:22:04:8e:e8:60:e1:e9:52:83:ff:27:5b:
8b:53:6d:9c:d6:f0:9f:6f:ba:b8:3a:d5:e6:7f:dc:8a:ff:56:
2e:d3:c6:47:ec:b9:1d:62:80:57:a8:a2:b6:e7:85:8f:05:97:
0c:f1:8d:bd:9d:0b:d5:71:63:43:6b:6e:13:63:6a:a6:5e:d7:
fb:2f:3c:8c:91:94:b5:fd:1c:95:dd:43:da:d4:6a:bb:b0:8f:
79:ef:d7:32:87:d0:72:4f:01:6c:df:33:ad:41:fc:ac:88:88:
5d:7a:be:e1:a6:bb:1d:1a:df:d2:2e:ba:47:d1:2b:b6:65:7f:
31:80:fe:fc:02:21:6f:88:96:c1:c7:18:91:a0:2f:e1:14:c1:
bb:9d:6d:a1:55:84:ae:9c:18:7b:35:ee:75:2a:06:9b:17:d0:
c8:c3:ef:55:1e:cf:1f:61:1d:29:4a:16:d5:b6:bb:eb:d8:97:
c0:c7:e8:cc:84:0b:c2:50:b0:d0:03:2e:11:9a:c2:00:e3:10:
2d:ee:69:c6:dd:e8:aa:5c:ca:c6:ad:fd:6d:10:62:f4:1c:b7:
e9:b6:56:4f:39:83:97:54:f4:3c:d2:45:e6:ca:89:a0:61:6c:
7b:e1:8c:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZWUx2J9fpwG5/erALTIU7NJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjUwMzE0MTMxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGJmNDg4YWVkYTlmMjU3YjZhZWJiMTdmMTNiMTg0YmFkZGJhOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygnbkFVLdSEp/IGA/G5EzOxKd1m4
ST6TubautXcJ+GLe3ij//swg4XryotQIH9+47pdSTbYZq9xKUU8iazacTAjx8rGa
qzst63amdVyYeeFEf9u8ZBh1lhzbArFCiolAQ8BshJLL8cZb8tf3y5coRFiUbcgj
YL9tMLRVaIjBtn10Nq44AyGADbiYgKoosB0vPd82bY/bg7e1JyrKMuUUFqB0oZUW
gxMl3wV2XsJJUV47iekI9wUHwRrQjmaLfAU+t+c3XTqZu+ljSGX8/eJGk11+WtLC
PQ8LjwmUgSCZ4kFHRs6uVQYg4qAL/hCKbwWPwMNPd3J4wzWgYe+2Yvtp7wIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFG2/SIrtqfJXtq67F/E7GEut26kNMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvYmI5SWl1MnA4bGUycnJzWDhUc1lTNjNicVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwVwQCAAEwUQMEBAUW0AME
AlBFrAMEA1OI+AMEBVUJwDALAwMAXu0DBABe7X4wDAMEBl9vwAMEAl9v0AMEA19v
2AMEArkUiAMEArkaMAMEArlGxAMEAsI+YDAWBAIAAjAQMA4DBQYqBDVAAwUAKgQ1
RjANBgkqhkiG9w0BAQsFAAOCAQEAZuLHtjlbOZLcNbWczJyIw6D2QWyVZYFJIgSO
6GDh6VKD/ydbi1NtnNbwn2+6uDrV5n/civ9WLtPGR+y5HWKAV6iitueFjwWXDPGN
vZ0L1XFjQ2tuE2Nqpl7X+y88jJGUtf0cld1D2tRqu7CPee/XMofQck8BbN8zrUH8
rIiIXXq+4aa7HRrf0i66R9ErtmV/MYD+/AIhb4iWwccYkaAv4RTBu51toVWErpwY
ezXudSoGmxfQyMPvVR7PH2EdKUoW1ba769iXwMfozIQLwlCw0AMuEZrCAOMQLe5p
xt3oqlzKxq39bRBi9By36bZWTzmDl1T0PNJF5sqJoGFse+GMAg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:33:36 2025 by rpki-client