Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/zwF4iXiM1287B8O6R08WEbqVmtE.roa
File: zwF4iXiM1287B8O6R08WEbqVmtE.roa (raw, json)
Hash identifier: hNZ7jQ5qp5eRWvNhaMDgpKkYhJTxlm+ET6YkOzqxp80=
Subject key identifier: CF:01:78:89:78:8C:D7:6F:3B:07:C3:BA:47:4F:16:11:BA:95:9A:D1
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0195FA8AB786DC5D5AB7B42AE9E5346C240B
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/zwF4iXiM1287B8O6R08WEbqVmtE.roa
Signing time: Thu 03 Apr 2025 07:25:49 +0000
ROA not before: Thu 03 Apr 2025 07:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31500
IP address blocks: 94.124.182.0/24 maxlen: 24
94.124.183.0/24 maxlen: 24
95.140.80.0/24 maxlen: 32
95.140.82.0/24 maxlen: 24
95.140.83.0/24 maxlen: 24
95.140.88.0/24 maxlen: 24
95.140.89.0/24 maxlen: 24
95.140.90.0/24 maxlen: 24
95.140.91.0/24 maxlen: 24
95.140.93.0/24 maxlen: 24
95.140.95.0/24 maxlen: 24
95.161.128.0/24 maxlen: 24
95.161.240.0/20 maxlen: 24
109.239.128.0/24 maxlen: 24
109.239.129.0/24 maxlen: 24
109.239.130.0/24 maxlen: 24
109.239.130.128/25 maxlen: 25
109.239.131.0/24 maxlen: 24
109.239.132.0/24 maxlen: 24
109.239.133.0/24 maxlen: 24
109.239.134.0/24 maxlen: 24
109.239.135.0/24 maxlen: 24
109.239.138.0/24 maxlen: 24
109.239.139.0/24 maxlen: 24
109.239.140.0/24 maxlen: 24
109.239.141.0/24 maxlen: 24
109.239.142.0/24 maxlen: 24
109.239.143.0/24 maxlen: 24
178.18.228.0/24 maxlen: 24
178.18.229.0/24 maxlen: 24
178.18.231.0/24 maxlen: 24
178.18.232.0/24 maxlen: 24
2001:b28::/32 maxlen: 32
2001:b28:4::/48 maxlen: 48
2001:b28:7b0c::/48 maxlen: 48
2001:b28:9999::/48 maxlen: 48
2001:b28:9a9c::/48 maxlen: 48
2001:b28:a451::/48 maxlen: 48
2001:b28:ffff::/48 maxlen: 48
2a03:5f80::/46 maxlen: 46
2a03:5f80:2:10::/64 maxlen: 64
2a03:5f80:8::/46 maxlen: 46
2a03:5f80:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Apr 2025 14:57:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:8a:b7:86:dc:5d:5a:b7:b4:2a:e9:e5:34:6c:24:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Apr 3 07:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf017889788cd76f3b07c3ba474f1611ba959ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:93:76:c5:47:6f:e5:8f:2b:6a:2b:1b:9f:d2:
ca:06:ed:12:0b:6a:50:5d:41:1b:0f:09:af:3b:e6:
79:48:57:93:0d:aa:e6:f4:b6:a8:2b:5f:45:79:a4:
6b:18:1f:75:73:b1:9c:10:a7:8d:9a:1d:29:1f:d4:
98:83:88:10:be:f3:11:df:a6:c8:db:fb:77:b3:28:
42:75:83:63:1f:5a:39:a7:ca:d7:e0:b0:96:ef:1a:
53:7a:51:b5:91:09:9a:21:92:bd:ea:e7:10:a8:62:
0b:15:53:f9:8c:23:b7:98:53:10:df:f7:76:9d:b6:
26:90:75:36:32:67:77:be:d1:90:ff:b1:5e:9b:fb:
47:a9:00:e1:e7:56:98:be:fd:e0:01:fa:3e:98:70:
55:d6:26:4f:57:62:03:60:a3:cf:8b:20:0d:56:40:
74:52:04:f9:62:33:ba:51:a3:4e:91:ed:ad:b7:03:
19:40:55:a4:60:b9:3d:f7:c2:7e:41:80:0a:7c:17:
8d:12:21:21:0d:30:c4:ed:96:ad:fa:c4:19:39:c6:
d8:fb:d0:09:7c:47:a7:39:00:c5:a1:7c:10:9f:94:
6f:e6:93:f7:8e:ee:62:07:4f:f1:d8:bc:05:03:d0:
de:ab:8c:3c:37:ad:e3:11:58:a1:10:2b:0a:c9:1a:
c7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:01:78:89:78:8C:D7:6F:3B:07:C3:BA:47:4F:16:11:BA:95:9A:D1
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/zwF4iXiM1287B8O6R08WEbqVmtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.182.0/23
95.140.80.0/24
95.140.82.0/23
95.140.88.0/22
95.140.93.0/24
95.140.95.0/24
95.161.128.0/24
95.161.240.0/20
109.239.128.0/21
109.239.138.0-109.239.143.255
178.18.228.0/23
178.18.231.0-178.18.232.255
IPv6:
2001:b28::/32
2a03:5f80::/46
2a03:5f80:8::/46
Signature Algorithm: sha256WithRSAEncryption
69:b4:31:93:be:32:5a:26:b6:7c:2c:de:28:9f:57:df:14:75:
28:a9:c3:f2:dd:78:85:80:69:3c:f6:7a:0f:e7:83:f0:b7:be:
bf:0c:0b:59:75:14:32:ac:b3:7d:0a:5e:d8:54:b7:39:8a:04:
dc:56:bc:d4:65:1c:ef:88:44:60:ed:ac:97:c8:a5:a9:e7:e7:
26:7e:c8:5a:f7:a2:ff:0c:a2:1d:55:f8:c5:af:c7:7a:56:93:
31:e8:d3:11:7a:6f:66:fe:14:dc:ad:31:27:8c:86:1b:3d:ff:
a7:70:d8:46:29:3f:e9:d3:c4:e6:14:51:b5:02:a2:7b:14:cd:
96:fb:27:d5:97:a2:5d:0b:ea:47:97:9f:ef:bb:a7:53:8c:5a:
af:d9:c8:a8:70:ed:4f:f4:22:92:79:fc:ec:eb:60:61:5e:e2:
5a:c8:62:3d:3a:d2:ba:d3:d0:a0:ad:f9:2f:30:5b:d7:d4:59:
29:0f:b9:82:cb:d9:d1:c0:bc:c8:d8:eb:f6:a7:98:9a:cb:b3:
ac:9f:0e:6b:ac:59:fe:78:3d:eb:3a:a8:5f:f1:f3:a2:eb:3a:
37:e5:3d:cf:0b:ca:f7:ec:3f:16:3d:b5:00:4f:29:bc:05:05:
89:50:0d:dc:9e:76:d2:6f:63:d4:55:45:30:9d:89:97:f1:f4:
5b:49:20:b1
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZX6ireG3F1at7Qq6eU0bCQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwNDAzMDcyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAxNzg4OTc4OGNkNzZmM2IwN2MzYmE0NzRmMTYxMWJhOTU5YWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZN2xUdv5Y8raisbn9LKBu0SC2pQ
XUEbDwmvO+Z5SFeTDarm9LaoK19FeaRrGB91c7GcEKeNmh0pH9SYg4gQvvMR36bI
2/t3syhCdYNjH1o5p8rX4LCW7xpTelG1kQmaIZK96ucQqGILFVP5jCO3mFMQ3/d2
nbYmkHU2Mmd3vtGQ/7Fem/tHqQDh51aYvv3gAfo+mHBV1iZPV2IDYKPPiyANVkB0
UgT5YjO6UaNOke2ttwMZQFWkYLk998J+QYAKfBeNEiEhDTDE7Zat+sQZOcbY+9AJ
fEenOQDFoXwQn5Rv5pP3ju5iB0/x2LwFA9Deq4w8N63jEVihECsKyRrHWwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFM8BeIl4jNdvOwfDukdPFhG6lZrRMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvendGNGlYaU0xMjg3QjhPNlIwOFdFYnFWbXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBeBAIAATBYAwQBXny2
AwQAX4xQAwQBX4xSAwQCX4xYAwQAX4xdAwQAX4xfAwQAX6GAAwQEX6HwAwQDbe+A
MAwDBAFt74oDBARt74ADBAGyEuQwDAMEALIS5wMEALIS6DAfBAIAAjAZAwUAIAEL
KAMHAioDX4AAAAMHAioDX4AACDANBgkqhkiG9w0BAQsFAAOCAQEAabQxk74yWia2
fCzeKJ9X3xR1KKnD8t14hYBpPPZ6D+eD8Le+vwwLWXUUMqyzfQpe2FS3OYoE3Fa8
1GUc74hEYO2sl8ilqefnJn7IWvei/wyiHVX4xa/HelaTMejTEXpvZv4U3K0xJ4yG
Gz3/p3DYRik/6dPE5hRRtQKiexTNlvsn1ZeiXQvqR5ef77unU4xar9nIqHDtT/Qi
knn87OtgYV7iWshiPTrSutPQoK35LzBb19RZKQ+5gsvZ0cC8yNjr9qeYmsuzrJ8O
a6xZ/ng96zqoX/Hzous6N+U9zwvK9+w/Fj21AE8pvAUFiVAN3J520m9j1FVFMJ2J
l/H0W0kgsQ==
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:02:13 2025 by rpki-client