Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/DIWxo2FHPBsOUxN44cZ54q3-Csc.roa
File: DIWxo2FHPBsOUxN44cZ54q3-Csc.roa (raw, json)
Hash identifier: fo6/nWiqd7B/3El5Q4MSzOEQh7qJs1xhncBUTr1Ed9I=
Subject key identifier: 0C:85:B1:A3:61:47:3C:1B:0E:53:13:78:E1:C6:79:E2:AD:FE:0A:C7
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 019734C8B34CC417D4125D1A6DB0EF759FA0
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/DIWxo2FHPBsOUxN44cZ54q3-Csc.roa
Signing time: Tue 03 Jun 2025 07:54:17 +0000
ROA not before: Tue 03 Jun 2025 07:54:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13097
IP address blocks: 46.229.80.0/20 maxlen: 20
46.229.80.0/24 maxlen: 24
46.229.81.0/24 maxlen: 24
46.229.82.0/24 maxlen: 24
46.229.83.0/24 maxlen: 24
46.229.84.0/24 maxlen: 24
46.229.85.0/24 maxlen: 24
46.229.86.0/24 maxlen: 24
46.229.87.0/24 maxlen: 24
46.229.88.0/24 maxlen: 24
46.229.89.0/24 maxlen: 24
46.229.90.0/24 maxlen: 24
46.229.91.0/24 maxlen: 24
46.229.92.0/24 maxlen: 24
46.229.93.0/24 maxlen: 24
46.229.94.0/24 maxlen: 24
46.229.95.0/24 maxlen: 24
80.70.116.0/22 maxlen: 22
80.70.116.0/24 maxlen: 24
80.70.117.0/24 maxlen: 24
80.70.118.0/24 maxlen: 24
80.70.119.0/24 maxlen: 24
82.163.32.0/24 maxlen: 24
84.234.100.0/22 maxlen: 22
84.234.100.0/24 maxlen: 24
84.234.101.0/24 maxlen: 24
84.234.102.0/24 maxlen: 24
84.234.103.0/24 maxlen: 24
89.189.32.0/20 maxlen: 20
89.189.32.0/24 maxlen: 24
89.189.33.0/24 maxlen: 24
89.189.34.0/24 maxlen: 24
89.189.35.0/24 maxlen: 24
89.189.36.0/24 maxlen: 24
89.189.37.0/24 maxlen: 24
89.189.38.0/24 maxlen: 24
89.189.39.0/24 maxlen: 24
89.189.40.0/24 maxlen: 24
89.189.41.0/24 maxlen: 24
89.189.42.0/24 maxlen: 24
89.189.43.0/24 maxlen: 24
89.189.44.0/24 maxlen: 24
89.189.45.0/24 maxlen: 24
89.189.46.0/24 maxlen: 24
89.189.47.0/24 maxlen: 24
89.189.56.0/21 maxlen: 21
89.189.56.0/24 maxlen: 24
89.189.57.0/24 maxlen: 24
89.189.58.0/24 maxlen: 24
89.189.59.0/24 maxlen: 24
89.189.60.0/24 maxlen: 24
89.189.61.0/24 maxlen: 24
89.189.62.0/24 maxlen: 24
89.189.63.0/24 maxlen: 24
185.138.36.0/22 maxlen: 22
185.138.36.0/23 maxlen: 23
185.138.36.0/24 maxlen: 24
185.138.37.0/24 maxlen: 24
185.138.38.0/23 maxlen: 23
185.138.38.0/24 maxlen: 24
185.138.39.0/24 maxlen: 24
185.178.12.0/22 maxlen: 22
185.178.12.0/24 maxlen: 24
185.178.13.0/24 maxlen: 24
185.178.14.0/24 maxlen: 24
185.178.15.0/24 maxlen: 24
213.178.192.0/20 maxlen: 20
213.178.192.0/24 maxlen: 24
213.178.193.0/24 maxlen: 24
213.178.194.0/24 maxlen: 24
213.178.195.0/24 maxlen: 24
213.178.196.0/24 maxlen: 24
213.178.197.0/24 maxlen: 24
213.178.198.0/24 maxlen: 24
213.178.199.0/24 maxlen: 24
213.178.200.0/24 maxlen: 24
213.178.201.0/24 maxlen: 24
213.178.202.0/24 maxlen: 24
213.178.203.0/24 maxlen: 24
213.178.204.0/24 maxlen: 24
213.178.205.0/24 maxlen: 24
213.178.206.0/24 maxlen: 24
213.178.207.0/24 maxlen: 24
2a01:7540::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Jun 2025 09:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:34:c8:b3:4c:c4:17:d4:12:5d:1a:6d:b0:ef:75:9f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Jun 3 07:54:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c85b1a361473c1b0e531378e1c679e2adfe0ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:e6:47:d2:46:69:57:58:f2:ad:a1:75:13:
fb:7e:88:89:a1:b5:61:74:d8:43:f9:73:44:74:d0:
00:88:92:fe:72:c9:c9:60:06:f3:ca:05:b8:d7:40:
89:9f:16:92:4f:10:d8:d4:15:1c:21:94:7c:29:53:
ae:09:58:36:48:d1:c1:c2:ee:a1:3b:f8:32:69:86:
f0:91:2b:4a:03:9e:13:41:c7:9a:71:fb:b7:03:b9:
86:2e:a7:d5:93:81:56:15:a7:02:d2:98:f9:47:19:
13:5f:1d:c8:ef:71:3f:f2:5b:ae:5d:c5:ce:c2:7a:
e6:0e:b5:77:c1:5f:c5:37:aa:59:55:21:a2:da:e5:
62:16:71:c3:d4:db:b9:3c:b8:e1:3b:cb:98:f5:53:
cc:b1:ca:f6:d6:c3:46:58:b8:9e:dc:15:b7:11:08:
aa:8d:7e:cc:40:65:46:cb:ea:55:bb:bd:06:dc:4e:
b4:d5:6d:1b:c5:5f:8a:8a:58:2a:9d:13:b3:bb:59:
4c:d1:2a:e3:c4:53:92:52:2b:89:fa:a8:cf:3b:91:
65:64:fc:7a:4d:f5:5c:05:b5:7b:64:c7:d0:a3:3c:
f7:a0:34:db:e0:40:6e:19:fb:c3:61:be:f9:11:3e:
27:02:3c:1e:8c:8d:f8:69:d7:6e:47:ff:c3:bc:c0:
b1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:85:B1:A3:61:47:3C:1B:0E:53:13:78:E1:C6:79:E2:AD:FE:0A:C7
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/DIWxo2FHPBsOUxN44cZ54q3-Csc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.80.0/20
80.70.116.0/22
82.163.32.0/24
84.234.100.0/22
89.189.32.0/20
89.189.56.0/21
185.138.36.0/22
185.178.12.0/22
213.178.192.0/20
IPv6:
2a01:7540::/32
Signature Algorithm: sha256WithRSAEncryption
63:16:4b:7b:9f:12:66:6e:06:b0:31:be:e2:99:a8:5c:4f:a2:
a7:52:bf:8a:5f:32:51:77:46:52:e8:3d:17:cc:0c:f8:7e:a3:
25:4e:03:f9:22:35:3c:98:3f:ba:32:96:f0:52:1a:c6:98:0f:
48:a8:60:06:8d:7f:b6:be:60:39:76:94:81:75:8a:fc:f1:a9:
40:e3:13:e0:85:9d:1c:59:55:e9:e6:e8:9d:4c:90:10:69:85:
42:ff:c1:89:71:7f:d6:08:9c:fa:56:67:38:f4:05:35:c7:e5:
67:61:f7:30:8f:cf:1f:75:ee:4e:04:eb:b5:f8:82:4e:7a:4d:
0f:ba:90:b5:32:ba:b1:57:62:c0:cd:36:ca:e9:9d:eb:b7:4f:
be:6d:bb:35:da:1b:60:d6:dd:f0:d7:b1:a5:f2:4d:61:9c:00:
49:ee:de:7b:91:c5:ff:43:99:71:97:88:70:08:19:78:62:39:
ef:23:a7:99:fc:3b:41:0b:07:8f:3c:f0:03:80:25:49:6e:44:
ea:0b:45:fd:de:94:da:9f:a2:3c:18:3c:f0:f8:d5:54:d6:ef:
0a:76:27:46:21:c5:e5:ca:09:3c:ec:29:1c:59:33:6c:79:3d:
1f:08:a6:b2:24:f7:0d:22:04:bd:50:19:d2:7e:60:86:8b:db:
53:02:fd:bc
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZc0yLNMxBfUEl0abbDvdZ+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjUwNjAzMDc1NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg1YjFhMzYxNDczYzFiMGU1MzEzNzhlMWM2NzllMmFkZmUwYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvirmR9JGaVdY8q2hdRP7foiJobVh
dNhD+XNEdNAAiJL+csnJYAbzygW410CJnxaSTxDY1BUcIZR8KVOuCVg2SNHBwu6h
O/gyaYbwkStKA54TQceacfu3A7mGLqfVk4FWFacC0pj5RxkTXx3I73E/8luuXcXO
wnrmDrV3wV/FN6pZVSGi2uViFnHD1Nu5PLjhO8uY9VPMscr21sNGWLie3BW3EQiq
jX7MQGVGy+pVu70G3E601W0bxV+KilgqnROzu1lM0SrjxFOSUiuJ+qjPO5FlZPx6
TfVcBbV7ZMfQozz3oDTb4EBuGfvDYb75ET4nAjwejI34adduR//DvMCxhQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAyFsaNhRzwbDlMTeOHGeeKt/grHMB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvRElXeG8yRkhQQnNPVXhONDRjWjU0cTMtQ3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQELuVQAwQC
UEZ0AwQAUqMgAwQCVOpkAwQEWb0gAwQDWb04AwQCuYokAwQCubIMAwQE1bLAMA0E
AgACMAcDBQAqAXVAMA0GCSqGSIb3DQEBCwUAA4IBAQBjFkt7nxJmbgawMb7imahc
T6KnUr+KXzJRd0ZS6D0XzAz4fqMlTgP5IjU8mD+6MpbwUhrGmA9IqGAGjX+2vmA5
dpSBdYr88alA4xPghZ0cWVXp5uidTJAQaYVC/8GJcX/WCJz6Vmc49AU1x+VnYfcw
j88fde5OBOu1+IJOek0PupC1MrqxV2LAzTbK6Z3rt0++bbs12htg1t3w17Gl8k1h
nABJ7t57kcX/Q5lxl4hwCBl4YjnvI6eZ/DtBCwePPPADgCVJbkTqC0X93pTan6I8
GDzw+NVU1u8KdidGIcXlygk87CkcWTNseT0fCKayJPcNIgS9UBnSfmCGi9tTAv28
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:43:57 2025 by rpki-client