Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/db45es-jWUbVmQtaeBF3o0iVF1o.roa
File: db45es-jWUbVmQtaeBF3o0iVF1o.roa (raw, json)
Hash identifier: crdDPfkHQn7U/TiEQWKS4emNU1dGWKgqdRp1oGuKqXo=
Subject key identifier: 75:BE:39:7A:CF:A3:59:46:D5:99:0B:5A:78:11:77:A3:48:95:17:5A
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 0196F709C5407C1C111A80794C4A045D06C6
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/db45es-jWUbVmQtaeBF3o0iVF1o.roa
Signing time: Thu 22 May 2025 08:08:54 +0000
ROA not before: Thu 22 May 2025 08:08:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
103.69.32.0/24 maxlen: 24
103.69.33.0/24 maxlen: 24
103.69.34.0/24 maxlen: 24
103.69.35.0/24 maxlen: 24
103.93.40.0/24 maxlen: 24
103.93.41.0/24 maxlen: 24
103.93.42.0/24 maxlen: 24
103.93.43.0/24 maxlen: 24
103.124.164.0/24 maxlen: 24
103.124.165.0/24 maxlen: 24
103.124.166.0/24 maxlen: 24
103.124.167.0/24 maxlen: 24
103.204.120.0/24 maxlen: 24
103.204.121.0/24 maxlen: 24
103.204.122.0/24 maxlen: 24
103.204.123.0/24 maxlen: 24
103.254.240.0/24 maxlen: 24
103.254.241.0/24 maxlen: 24
103.254.242.0/24 maxlen: 24
103.254.243.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a04:27c0:fffd::/48 maxlen: 48
2a04:27c0:fffe::/48 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:27c4::/32 maxlen: 32
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0d:4a46::/32 maxlen: 32
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:4f05::/32 maxlen: 32
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 May 2025 14:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:09:c5:40:7c:1c:11:1a:80:79:4c:4a:04:5d:06:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: May 22 08:08:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75be397acfa35946d5990b5a781177a34895175a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a4:1e:d8:1c:4a:2f:2b:68:97:1a:9d:08:fd:
04:02:3d:bc:eb:ad:8b:7e:fc:18:5c:ec:3f:ff:90:
34:5c:8f:b3:1b:a5:a8:30:f6:a0:88:4d:d8:b3:79:
33:08:45:ed:e4:fa:de:d8:a8:cb:a1:b2:36:81:80:
c8:86:a4:6f:ac:eb:6a:12:d2:83:3e:21:24:c9:ad:
1c:93:30:83:27:76:00:a6:2b:de:d7:8e:1c:78:f3:
4e:86:9c:dd:c9:1a:9e:8f:5a:7c:eb:3c:bf:21:2c:
39:9c:cf:51:1c:41:ae:92:4c:9c:5b:39:2d:24:dc:
37:26:4b:34:1b:cd:1e:c3:7d:e8:59:96:37:4a:d3:
3e:6c:8d:70:bb:9a:b2:bd:ee:27:99:d3:e7:0e:ec:
be:47:da:d7:b7:d7:23:b6:5c:91:6e:bb:f8:74:37:
90:9f:89:52:63:8f:c4:80:9d:40:30:35:5e:6f:33:
4a:14:06:fe:b9:1a:f0:03:4f:6f:0d:21:84:bc:c0:
b9:b4:79:cf:5a:64:15:d8:70:a7:fd:92:3b:88:cd:
a7:93:80:3a:e3:08:d6:aa:e1:ee:30:c3:cb:33:6b:
a0:1a:3d:7c:25:4c:02:cf:2b:24:30:85:58:54:f3:
04:1d:ad:d3:64:ca:ce:69:31:b6:8c:b5:b2:4e:54:
43:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BE:39:7A:CF:A3:59:46:D5:99:0B:5A:78:11:77:A3:48:95:17:5A
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/db45es-jWUbVmQtaeBF3o0iVF1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.25.0-45.142.27.255
103.69.32.0/22
103.93.40.0/22
103.124.164.0/22
103.204.120.0/22
103.254.240.0/22
109.104.132.0/24
109.104.135.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
1c:7b:99:1c:6c:77:75:a4:63:b9:0e:39:60:2b:31:76:1d:a2:
19:73:f0:ce:fb:c6:45:b7:2c:17:d9:d7:41:27:71:4f:3d:1c:
bd:61:e8:18:94:55:08:b6:5c:1b:9d:0e:b4:bf:fc:da:a3:b4:
cf:13:6c:71:1e:e3:bd:e9:62:39:95:34:6a:df:02:fb:78:19:
6c:d0:da:df:8c:36:b7:01:1b:3c:cb:b9:76:f5:15:73:fe:82:
35:cf:da:05:50:c2:22:07:e3:dc:4f:3e:81:6a:5d:e7:af:48:
c3:9e:c7:79:f8:68:96:e1:41:b7:4c:33:15:ae:55:a3:c0:6a:
d1:33:c3:50:f6:b4:cd:9e:7f:94:e7:82:94:69:0b:14:da:bf:
ed:5e:78:3e:6b:f3:bc:88:b3:a6:32:d8:94:fc:3b:80:c0:b3:
74:12:ef:82:51:30:d1:69:67:2f:f5:ca:28:81:c7:48:2e:18:
b3:6e:32:87:c6:68:8b:cd:28:86:e9:89:77:87:a3:bc:55:2b:
9c:65:50:04:7b:b2:cc:20:12:f4:99:66:e0:d0:83:fa:ce:a6:
66:32:04:45:b0:af:97:a8:a3:a5:ce:f9:74:d4:e3:24:3d:e2:
ee:56:32:5e:07:32:d7:5d:2a:cb:5d:ce:12:bd:7c:a0:be:36:
16:d8:46:d0
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZb3CcVAfBwRGoB5TEoEXQbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjUwNTIyMDgwODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJlMzk3YWNmYTM1OTQ2ZDU5OTBiNWE3ODExNzdhMzQ4OTUxNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKQe2BxKLytolxqdCP0EAj28662L
fvwYXOw//5A0XI+zG6WoMPagiE3Ys3kzCEXt5Pre2KjLobI2gYDIhqRvrOtqEtKD
PiEkya0ckzCDJ3YApive144cePNOhpzdyRqej1p86zy/ISw5nM9RHEGukkycWzkt
JNw3Jks0G80ew33oWZY3StM+bI1wu5qyve4nmdPnDuy+R9rXt9cjtlyRbrv4dDeQ
n4lSY4/EgJ1AMDVebzNKFAb+uRrwA09vDSGEvMC5tHnPWmQV2HCn/ZI7iM2nk4A6
4wjWquHuMMPLM2ugGj18JUwCzyskMIVYVPMEHa3TZMrOaTG2jLWyTlRDPQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFHW+OXrPo1lG1ZkLWngRd6NIlRdaMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvZGI0NWVzLWpXVWJWbVF0YWVCRjNvMGlWRjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzBkBAIAATBeAwQDH6uY
MAwDBAAtjhkDBAItjhgDBAJnRSADBAJnXSgDBAJnfKQDBAJnzHgDBAJn/vADBABt
aIQwDAMEAG1ohwMEBG1ogAMEAm1onAMEApAwNAMEArk1ZAMEArmZfDBTBAIAAjBN
AwUDKgQnwAMFAyoJbkADBQMqCW7AAwUDKg0nwAMFAyoNQsADBQMqDUpAAwUDKg4/
AAMFAyoOTwADBQMqDtTAAwUDKg9CwAMFAyoPqIAwDQYJKoZIhvcNAQELBQADggEB
ABx7mRxsd3WkY7kOOWArMXYdohlz8M77xkW3LBfZ10EncU89HL1h6BiUVQi2XBud
DrS//NqjtM8TbHEe473pYjmVNGrfAvt4GWzQ2t+MNrcBGzzLuXb1FXP+gjXP2gVQ
wiIH49xPPoFqXeevSMOex3n4aJbhQbdMMxWuVaPAatEzw1D2tM2ef5TngpRpCxTa
v+1eeD5r87yIs6Yy2JT8O4DAs3QS74JRMNFpZy/1yiiBx0guGLNuMofGaIvNKIbp
iXeHo7xVK5xlUAR7sswgEvSZZuDQg/rOpmYyBEWwr5eoo6XO+XTU4yQ94u5WMl4H
MtddKstdzhK9fKC+NhbYRtA=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:00:29 2025 by rpki-client