Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/95KsyyajxglLZ8i9YDe7xBqfrhw.roa
File: 95KsyyajxglLZ8i9YDe7xBqfrhw.roa (raw, json)
Hash identifier: SZhAZHs/TCE15rnr1bDuprJZ9/OXeVgAGhZydwg4yfY=
Subject key identifier: F7:92:AC:CB:26:A3:C6:09:4B:67:C8:BD:60:37:BB:C4:1A:9F:AE:1C
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01961399D20213F51AF003A83AB13AB35BCA
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/95KsyyajxglLZ8i9YDe7xBqfrhw.roa
Signing time: Tue 08 Apr 2025 04:12:49 +0000
ROA not before: Tue 08 Apr 2025 04:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.232.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.18.0/24 maxlen: 24
77.90.21.0/24 maxlen: 24
77.90.38.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.12.0/24 maxlen: 24
85.93.15.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
85.118.162.0/24 maxlen: 24
87.239.128.0/21 maxlen: 32
87.239.130.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.106.92.0/24 maxlen: 24
89.106.93.0/24 maxlen: 24
89.106.94.0/24 maxlen: 24
89.106.95.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.21.0/24 maxlen: 24
89.144.22.0/24 maxlen: 24
89.144.38.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.163.0/24 maxlen: 24
94.103.166.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.153.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.142.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
185.121.69.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
2a02:2fc0::/48 maxlen: 48
2a02:2fc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Apr 2025 07:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:13:99:d2:02:13:f5:1a:f0:03:a8:3a:b1:3a:b3:5b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 8 04:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f792accb26a3c6094b67c8bd6037bbc41a9fae1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b8:3f:6a:ab:bb:c4:01:e6:d8:20:6d:e4:a5:
9a:07:eb:4c:8e:03:e9:b9:ae:fb:0d:b2:e7:6d:79:
e3:9f:a6:f7:51:f4:5c:51:e3:6e:46:03:37:18:c1:
ae:b7:f7:09:97:b7:76:10:12:3d:5b:5a:34:5f:a2:
b4:9f:df:c4:53:88:58:a8:46:7d:bf:12:12:a3:ac:
95:a4:34:9f:39:c3:82:ee:a8:28:1b:0f:bf:86:55:
21:bf:53:27:95:68:b5:e6:75:f5:5a:7a:7b:6a:25:
30:25:05:84:4b:67:40:d8:66:e3:a7:dd:b2:90:63:
76:46:b3:0b:ff:d9:89:cd:a4:77:ce:1f:1e:f0:bc:
c3:86:0f:79:ce:0a:ac:b2:6a:cc:9f:0b:f4:71:6a:
33:41:5d:48:36:06:11:c8:13:ce:0b:b5:d5:5a:0d:
bd:d9:0f:e2:b9:a6:72:07:57:6b:21:76:f9:88:93:
44:60:54:38:6e:25:77:ca:1d:07:97:be:7a:64:21:
f1:3b:b8:74:99:54:c9:72:0e:bb:cb:3d:36:1d:f6:
b4:74:51:27:9e:de:f8:75:e9:87:e6:af:b5:e1:ef:
30:47:e7:05:42:3f:ce:bf:4c:66:04:43:e8:05:94:
22:03:d9:e9:70:5c:be:1a:6e:fe:eb:aa:62:4f:ae:
33:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:92:AC:CB:26:A3:C6:09:4B:67:C8:BD:60:37:BB:C4:1A:9F:AE:1C
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/95KsyyajxglLZ8i9YDe7xBqfrhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.143.0/24
5.175.218.0/23
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.237.0/24
5.175.239.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/22
185.121.69.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:3b:99:8c:bc:50:2d:1f:59:87:7c:92:d6:77:db:0c:b7:1c:
5b:47:83:e1:09:5e:ab:ef:6f:5d:02:b2:dc:ec:6b:cd:21:8e:
8b:67:81:c5:f1:84:c8:ab:17:1e:b8:25:2e:17:de:f9:86:b6:
51:6c:77:26:a9:f8:b8:c0:16:9c:8d:23:8d:9c:d8:f1:cd:61:
1f:c3:30:d2:87:6e:c7:00:4d:86:5d:de:79:92:c0:e8:dc:68:
58:26:59:fd:03:50:1f:c1:b0:c7:c8:e4:84:64:31:ab:b6:fa:
9c:f8:3d:4c:7c:d8:67:ca:3c:07:b5:6a:5d:37:e9:ca:c1:96:
09:3c:ed:84:7b:3f:87:3f:7f:58:ff:e8:b9:c1:f1:a8:e3:1e:
73:e1:c4:2e:e7:2a:28:08:4c:86:cf:99:3a:d5:26:cb:dc:9f:
5c:5e:2e:da:88:bb:2f:e1:38:36:6d:03:82:b5:29:2f:cd:87:
ab:78:e3:3d:be:3e:c4:c7:31:a3:56:f9:d7:43:b0:82:1b:de:
eb:ea:c3:cf:b0:25:23:d8:33:79:1c:f6:73:d5:56:bc:eb:b8:
e6:2b:c2:49:41:95:b2:cd:cf:74:1b:38:79:38:91:dc:b5:50:
e6:82:d0:6e:83:e9:d9:c7:56:bb:84:7e:06:77:cb:a5:af:5f:
fc:08:36:a4
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZYTmdICE/Ua8AOoOrE6s1vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA4MDQxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzkyYWNjYjI2YTNjNjA5NGI2N2M4YmQ2MDM3YmJjNDFhOWZhZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7g/aqu7xAHm2CBt5KWaB+tMjgPp
ua77DbLnbXnjn6b3UfRcUeNuRgM3GMGut/cJl7d2EBI9W1o0X6K0n9/EU4hYqEZ9
vxISo6yVpDSfOcOC7qgoGw+/hlUhv1MnlWi15nX1Wnp7aiUwJQWES2dA2Gbjp92y
kGN2RrML/9mJzaR3zh8e8LzDhg95zgqssmrMnwv0cWozQV1INgYRyBPOC7XVWg29
2Q/iuaZyB1drIXb5iJNEYFQ4biV3yh0Hl756ZCHxO7h0mVTJcg67yz02Hfa0dFEn
nt74demH5q+14e8wR+cFQj/Ov0xmBEPoBZQiA9npcFy+Gm7+66piT64zAwIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFPeSrMsmo8YJS2fIvWA3u8Qan64cMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvOTVLc3l5YWp4Z2xMWjhpOVlEZTd4QnFmcmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCBywQCAAEwgcQD
BAUFU4ADBAIFr4ADBAAFr4UDBAAFr48DBAEFr9owDAMEAAWv4QMEAAWv6AMEAAWv
6wMEAAWv7TAMAwQABa/vAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQD
U/NQAwQFVV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQC
X9cgAwQEshKQAwQCuQ2cAwQCuS+MAwQAuXlFAwQAuXlHAwQAwRz7AwQBw24OAwQE
2UWgMDAEAgACMCoDBQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMF
AyoCL8AwDQYJKoZIhvcNAQELBQADggEBACw7mYy8UC0fWYd8ktZ32wy3HFtHg+EJ
Xqvvb10Cstzsa80hjotngcXxhMirFx64JS4X3vmGtlFsdyap+LjAFpyNI42c2PHN
YR/DMNKHbscATYZd3nmSwOjcaFgmWf0DUB/BsMfI5IRkMau2+pz4PUx82GfKPAe1
al036crBlgk87YR7P4c/f1j/6LnB8ajjHnPhxC7nKigITIbPmTrVJsvcn1xeLtqI
uy/hODZtA4K1KS/Nh6t44z2+PsTHMaNW+ddDsIIb3uvqw8+wJSPYM3kc9nPVVrzr
uOYrwklBlbLNz3QbOHk4kdy1UOaC0G6D6dnHVruEfgZ3y6WvX/wINqQ=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:30:05 2025 by rpki-client