Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/39osDybR12bAjlb8RJ3zIMEVVPc.roa
File: 39osDybR12bAjlb8RJ3zIMEVVPc.roa (raw, json)
Hash identifier: WyTh6DNLDAD977HtsgqCFP3kKtDHi3kXkamTEr199BI=
Subject key identifier: DF:DA:2C:0F:26:D1:D7:66:C0:8E:56:FC:44:9D:F3:20:C1:15:54:F7
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 0196CE04E8CE0D1B136FFDD3004CF42A540E
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/39osDybR12bAjlb8RJ3zIMEVVPc.roa
Signing time: Wed 14 May 2025 08:59:10 +0000
ROA not before: Wed 14 May 2025 08:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
62.193.32.0/19 maxlen: 19
62.244.84.0/22 maxlen: 22
62.244.86.0/23 maxlen: 23
62.244.88.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
78.31.40.0/21 maxlen: 21
78.109.240.0/20 maxlen: 20
80.245.16.0/20 maxlen: 20
82.210.0.0/19 maxlen: 19
82.210.32.0/19 maxlen: 19
83.118.192.0/19 maxlen: 19
83.142.144.0/21 maxlen: 21
84.239.64.0/18 maxlen: 24
91.90.96.0/21 maxlen: 21
94.228.176.0/20 maxlen: 20
95.141.96.0/20 maxlen: 20
141.101.56.0/21 maxlen: 24
159.180.224.0/19 maxlen: 19
176.57.32.0/21 maxlen: 21
178.16.160.0/20 maxlen: 20
185.4.44.0/22 maxlen: 24
185.5.108.0/22 maxlen: 22
185.10.176.0/22 maxlen: 24
185.18.208.0/22 maxlen: 22
185.19.48.0/22 maxlen: 22
185.41.4.0/22 maxlen: 22
185.47.240.0/22 maxlen: 24
185.81.52.0/22 maxlen: 22
185.132.116.0/22 maxlen: 22
185.137.254.0/23 maxlen: 24
185.156.80.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.191.92.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.213.160.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
194.213.124.0/23 maxlen: 23
195.15.128.0/18 maxlen: 18
195.49.132.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
212.106.96.0/19 maxlen: 19
2001:ab8::/29 maxlen: 32
2a01:4e00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 14 May 2025 09:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ce:04:e8:ce:0d:1b:13:6f:fd:d3:00:4c:f4:2a:54:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: May 14 08:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfda2c0f26d1d766c08e56fc449df320c11554f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:39:39:2e:ec:bb:a6:9c:19:ca:9e:fe:7b:49:
ad:e7:2c:eb:78:99:b2:6c:02:7e:94:a9:52:f3:f5:
33:3d:3d:b7:f2:a8:0d:0d:7b:12:7d:de:3b:bb:3d:
3f:a7:33:52:5b:a3:72:fb:8d:28:8a:9d:2f:61:ca:
2c:4e:bd:e0:23:48:20:5a:cd:47:b0:11:dd:e8:3b:
c2:7a:14:96:35:69:1d:dd:1c:01:e7:0a:23:4b:64:
37:1c:df:5a:cf:a7:6b:ed:85:23:e2:9f:1f:15:d4:
05:75:27:ec:39:34:3b:00:36:8a:47:63:75:26:6b:
b5:24:bb:c3:3e:9d:52:11:33:62:6f:a4:03:80:49:
1d:18:9c:90:88:4d:b1:5d:d0:45:8c:08:7d:e7:e0:
ad:61:ad:39:36:21:b7:fe:50:da:05:75:5a:ba:ff:
ed:2f:a4:40:d8:22:ca:2d:c3:0e:71:03:4f:d4:77:
2e:d1:bd:3b:a2:23:c0:53:43:16:cc:e7:14:9b:a8:
45:8d:93:8c:50:15:18:2e:bf:08:38:0d:dd:32:3c:
b0:3d:28:4c:78:37:99:27:27:5f:34:18:19:74:6d:
bd:14:9c:7b:12:03:19:b1:a7:88:8e:ed:e8:34:9f:
95:77:a5:3b:bd:f3:36:42:f8:d6:55:b8:49:00:90:
2b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DA:2C:0F:26:D1:D7:66:C0:8E:56:FC:44:9D:F3:20:C1:15:54:F7
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/39osDybR12bAjlb8RJ3zIMEVVPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
84.239.64.0/18
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
141.101.56.0/21
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.4.44.0/22
185.5.108.0/22
185.10.176.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.47.240.0/22
185.81.52.0/22
185.132.116.0/22
185.137.254.0/23
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.213.160.0/22
185.218.248.0/22
185.249.28.0/22
194.213.124.0/23
195.15.128.0/18
195.49.132.0/22
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a01:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
94:7b:6b:47:01:29:cc:39:e8:76:36:75:ce:e4:77:d5:69:51:
90:ca:1f:72:82:67:48:b2:04:d5:3d:a9:30:e9:81:e4:86:18:
21:38:5a:b8:fc:fc:5f:1a:91:b7:f0:16:d3:24:2f:03:41:0c:
36:85:23:41:97:cc:e4:39:62:31:7e:dd:0e:6e:5a:0e:bd:56:
ec:38:cd:d3:f7:19:f6:e9:5d:18:27:1c:8f:ec:82:08:e6:11:
ba:d7:f1:47:19:45:97:08:e3:5f:c6:05:16:04:92:1b:33:c2:
42:f9:af:45:5e:6f:7c:e0:ab:b0:dd:b2:12:7c:94:94:f4:9c:
9c:81:72:01:79:d4:bf:ca:6f:ac:d0:0d:06:dc:2c:32:2b:11:
87:ab:f6:0a:ce:6c:1f:52:3f:cd:fe:7b:d3:27:bf:ad:7e:60:
50:b2:02:cd:07:2c:14:c8:16:71:be:c2:74:cf:b4:85:32:ff:
1f:65:86:bf:aa:37:6e:4a:38:bb:dd:ff:24:d1:0e:f1:f0:10:
cb:65:6a:bb:e0:e8:ee:f2:de:67:88:66:41:f3:2b:9a:da:ca:
2d:a8:b8:a4:7b:98:f6:54:11:4e:d0:b3:8c:76:5f:6c:2e:56:
ae:33:bc:19:ad:44:30:94:db:7b:ca:84:3a:1a:2b:d7:4b:ef:
3c:18:39:59
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgISAZbOBOjODRsTb/3TAEz0KlQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjUwNTE0MDg1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRhMmMwZjI2ZDFkNzY2YzA4ZTU2ZmM0NDlkZjMyMGMxMTU1NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDk5Luy7ppwZyp7+e0mt5yzreJmy
bAJ+lKlS8/UzPT238qgNDXsSfd47uz0/pzNSW6Ny+40oip0vYcosTr3gI0ggWs1H
sBHd6DvCehSWNWkd3RwB5wojS2Q3HN9az6dr7YUj4p8fFdQFdSfsOTQ7ADaKR2N1
Jmu1JLvDPp1SETNib6QDgEkdGJyQiE2xXdBFjAh95+CtYa05NiG3/lDaBXVauv/t
L6RA2CLKLcMOcQNP1Hcu0b07oiPAU0MWzOcUm6hFjZOMUBUYLr8IOA3dMjywPShM
eDeZJydfNBgZdG29FJx7EgMZsaeIju3oNJ+Vd6U7vfM2QvjWVbhJAJArLwIDAQAB
o4IDOTCCAzUwHQYDVR0OBBYEFN/aLA8m0ddmwI5W/ESd8yDBFVT3MB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvMzlvc0R5YlIxMmJBamxiOFJKM3pJTUVWVlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTQYIKwYBBQUHAQcBAf8EggE8MIIBODCCAR4EAgABMIIB
FgMEAgWFRAMEBT7BIDAMAwQCPvRUAwQBPvRYAwQCPvRgAwQCPvRwAwQAPvR1AwQA
PvR3AwQDTh8oAwQETm3wAwQEUPUQAwQGUtIAAwQFU3bAAwQDU46QAwQGVO9AAwQD
W1pgAwQEXuSwAwQEX41gAwQDjWU4AwQFn7TgAwQDsDkgAwQEshCgAwQCuQQsAwQC
uQVsAwQCuQqwAwQCuRLQAwQCuRMwAwQCuSkEAwQCuS/wAwQCuVE0AwQCuYR0AwQB
uYn+AwQCuZxQAwQCuaMcAwQCuaucAwQCubT0AwQCub9cAwQCudMYAwQCudWgAwQC
udr4AwQCufkcAwQBwtV8AwQGww+AAwQCwzGEAwQFw8igAwQF1GpgMBQEAgACMA4D
BQMgAQq4AwUAKgFOADANBgkqhkiG9w0BAQsFAAOCAQEAlHtrRwEpzDnodjZ1zuR3
1WlRkMofcoJnSLIE1T2pMOmB5IYYIThauPz8XxqRt/AW0yQvA0EMNoUjQZfM5Dli
MX7dDm5aDr1W7DjN0/cZ9uldGCccj+yCCOYRutfxRxlFlwjjX8YFFgSSGzPCQvmv
RV5vfOCrsN2yEnyUlPScnIFyAXnUv8pvrNANBtwsMisRh6v2Cs5sH1I/zf570ye/
rX5gULICzQcsFMgWcb7CdM+0hTL/H2WGv6o3bko4u93/JNEO8fAQy2Vqu+Do7vLe
Z4hmQfMrmtrKLai4pHuY9lQRTtCzjHZfbC5WrjO8Ga1EMJTbe8qEOhor10vvPBg5
WQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:13:14 2025 by rpki-client