Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/PxmxbjDo4ld_LpQlBIImvTBCGQo.roa
File: PxmxbjDo4ld_LpQlBIImvTBCGQo.roa (raw, json)
Hash identifier: JEoZS4ChBX6LhNbOSp/Oqghn+r+iFDQ5qgpRHocx1xU=
Subject key identifier: 3F:19:B1:6E:30:E8:E2:57:7F:2E:94:25:04:82:26:BD:30:42:19:0A
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 0196A0A7725A02C36C87B48FF9F480BDBBA9
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/PxmxbjDo4ld_LpQlBIImvTBCGQo.roa
Signing time: Mon 05 May 2025 13:34:10 +0000
ROA not before: Mon 05 May 2025 13:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
103.69.32.0/24 maxlen: 24
103.69.33.0/24 maxlen: 24
103.69.34.0/24 maxlen: 24
103.69.35.0/24 maxlen: 24
103.93.40.0/24 maxlen: 24
103.93.41.0/24 maxlen: 24
103.93.42.0/24 maxlen: 24
103.93.43.0/24 maxlen: 24
103.204.120.0/24 maxlen: 24
103.204.121.0/24 maxlen: 24
103.204.122.0/24 maxlen: 24
103.204.123.0/24 maxlen: 24
103.254.240.0/24 maxlen: 24
103.254.241.0/24 maxlen: 24
103.254.242.0/24 maxlen: 24
103.254.243.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a04:27c0:fffd::/48 maxlen: 48
2a04:27c0:fffe::/48 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:27c4::/32 maxlen: 32
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0d:4a46::/32 maxlen: 32
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:4f05::/32 maxlen: 32
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 May 2025 08:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:a7:72:5a:02:c3:6c:87:b4:8f:f9:f4:80:bd:bb:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: May 5 13:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f19b16e30e8e2577f2e9425048226bd3042190a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:10:a5:83:34:89:85:cb:24:33:1d:4f:59:11:
06:c3:7d:e8:55:72:83:92:b5:5a:a0:22:4a:f2:ef:
1d:6c:8c:c1:a1:2b:66:85:76:76:4e:6d:ff:cd:51:
f5:85:c7:96:02:2e:1c:76:0e:69:83:c4:53:7b:80:
09:26:e3:8f:d1:bc:ff:0e:87:5c:ef:4f:35:98:f6:
af:8b:a9:f2:34:ca:c9:bf:6e:38:3e:dc:38:97:da:
c0:4d:dd:f4:5b:7a:90:c3:8a:d4:c2:c7:fd:78:10:
f6:15:23:ce:9d:26:0b:be:60:b4:30:a0:e1:86:dc:
e6:1e:a5:1f:44:9a:e4:1d:0d:22:0c:51:1b:00:f9:
e6:9d:d1:d7:48:f0:6d:a8:ed:0c:10:3a:a8:0e:9e:
65:cc:4a:5d:a8:51:22:12:3c:c5:dd:8b:ae:5f:4e:
a2:6c:4b:db:4e:b9:63:db:45:01:a0:da:84:0f:13:
f4:59:3a:0a:86:4d:3a:15:24:3f:ff:e5:a6:87:fb:
82:bd:1b:b7:9d:45:b3:58:91:cd:3c:47:54:b0:86:
e7:17:82:8e:d6:a1:62:08:1f:ad:1b:f9:8c:81:26:
18:a6:96:e3:a1:89:d6:80:82:cb:56:4c:33:8b:ae:
d8:8f:80:30:12:20:58:4b:20:13:1a:22:b9:fa:59:
22:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:19:B1:6E:30:E8:E2:57:7F:2E:94:25:04:82:26:BD:30:42:19:0A
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/PxmxbjDo4ld_LpQlBIImvTBCGQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.25.0-45.142.27.255
103.69.32.0/22
103.93.40.0/22
103.204.120.0/22
103.254.240.0/22
109.104.132.0/24
109.104.135.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
16:12:c7:c8:3a:a5:d1:9f:a4:70:fe:36:e1:ae:e1:ef:ab:ab:
6d:50:df:d9:92:38:ea:04:d7:15:ea:9d:67:d3:79:76:c4:4e:
ee:f5:58:65:9d:37:44:c4:03:8b:6b:6c:49:f5:9b:37:fa:60:
2b:d3:67:26:46:fb:de:98:54:87:fe:6c:64:d5:8c:dd:32:1b:
73:5d:3a:4b:69:a5:9f:bc:d5:5a:ea:34:38:f3:fb:c2:8a:c2:
06:93:94:e4:da:45:1b:00:47:2f:b2:c5:23:da:bb:a5:64:8d:
4c:b8:12:58:50:7d:dd:a0:d7:54:ef:ab:1e:73:d5:f0:55:5a:
c8:65:0f:b3:6e:54:f5:ca:44:e0:d0:70:e8:e2:6d:2d:fb:22:
3a:c8:dc:95:36:01:72:6b:c1:6f:7b:5b:3c:df:f0:58:e7:80:
ea:9b:30:3f:17:89:19:76:78:af:b5:f8:79:65:b1:27:21:6d:
4d:ed:e7:b5:60:12:1d:87:18:39:25:16:1d:cc:45:a8:19:30:
fd:d7:ef:92:ed:07:b0:09:11:da:32:5c:2f:52:6e:a3:ae:a7:
d2:1e:1b:a8:ff:b0:e0:b1:bd:38:89:66:42:ca:09:99:14:aa:
fd:a0:4f:de:b6:44:39:8e:3c:5c:fe:8c:14:ae:b9:b8:18:fe:
ea:68:00:df
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAZagp3JaAsNsh7SP+fSAvbupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjUwNTA1MTMzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjE5YjE2ZTMwZThlMjU3N2YyZTk0MjUwNDgyMjZiZDMwNDIxOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxClgzSJhcskMx1PWREGw33oVXKD
krVaoCJK8u8dbIzBoStmhXZ2Tm3/zVH1hceWAi4cdg5pg8RTe4AJJuOP0bz/Dodc
7081mPavi6nyNMrJv244Ptw4l9rATd30W3qQw4rUwsf9eBD2FSPOnSYLvmC0MKDh
htzmHqUfRJrkHQ0iDFEbAPnmndHXSPBtqO0MEDqoDp5lzEpdqFEiEjzF3YuuX06i
bEvbTrlj20UBoNqEDxP0WToKhk06FSQ//+Wmh/uCvRu3nUWzWJHNPEdUsIbnF4KO
1qFiCB+tG/mMgSYYppbjoYnWgILLVkwzi67Yj4AwEiBYSyATGiK5+lkimwIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFD8ZsW4w6OJXfy6UJQSCJr0wQhkKMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvUHhteGJqRG80bGRfTHBRbEJJSW12VEJDR1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTBeBAIAATBYAwQDH6uY
MAwDBAAtjhkDBAItjhgDBAJnRSADBAJnXSgDBAJnzHgDBAJn/vADBABtaIQwDAME
AG1ohwMEBG1ogAMEAm1onAMEApAwNAMEArk1ZAMEArmZfDBTBAIAAjBNAwUDKgQn
wAMFAyoJbkADBQMqCW7AAwUDKg0nwAMFAyoNQsADBQMqDUpAAwUDKg4/AAMFAyoO
TwADBQMqDtTAAwUDKg9CwAMFAyoPqIAwDQYJKoZIhvcNAQELBQADggEBABYSx8g6
pdGfpHD+NuGu4e+rq21Q39mSOOoE1xXqnWfTeXbETu71WGWdN0TEA4trbEn1mzf6
YCvTZyZG+96YVIf+bGTVjN0yG3NdOktppZ+81VrqNDjz+8KKwgaTlOTaRRsARy+y
xSPau6VkjUy4ElhQfd2g11Tvqx5z1fBVWshlD7NuVPXKRODQcOjibS37IjrI3JU2
AXJrwW97Wzzf8FjngOqbMD8XiRl2eK+1+HllsSchbU3t57VgEh2HGDklFh3MRagZ
MP3X75LtB7AJEdoyXC9SbqOup9IeG6j/sOCxvTiJZkLKCZkUqv2gT962RDmOPFz+
jBSuubgY/upoAN8=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:19:07 2025 by rpki-client