Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BAyyVNWWqMWGtjO5pe7JjIU2CRM.roa
File: BAyyVNWWqMWGtjO5pe7JjIU2CRM.roa (raw, json)
Hash identifier: gXq7VN39tD3vFlj/XyJE/thUpSToE/VEMUMUEYoI1g0=
Subject key identifier: 04:0C:B2:54:D5:96:A8:C5:86:B6:33:B9:A5:EE:C9:8C:85:36:09:13
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194FDB44807A6EC89207D8B98D3C7A7E6DD
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BAyyVNWWqMWGtjO5pe7JjIU2CRM.roa
Signing time: Thu 13 Feb 2025 05:07:18 +0000
ROA not before: Thu 13 Feb 2025 05:07:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.145.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.83.159.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.142.0/24 maxlen: 24
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.46.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.130.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
89.144.61.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Thu 13 Feb 2025 17:47:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fd:b4:48:07:a6:ec:89:20:7d:8b:98:d3:c7:a7:e6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 13 05:07:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=040cb254d596a8c586b633b9a5eec98c85360913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:62:be:8f:69:04:f2:75:fc:68:02:be:39:
51:6e:67:f9:3a:ac:c5:4b:09:4c:48:6c:7d:4a:af:
84:21:ef:d8:3e:85:2b:1d:66:42:88:b9:ab:b1:45:
aa:53:e2:36:cf:84:2d:54:1b:5f:fd:c4:92:4a:3d:
0a:86:42:ca:8b:6b:9b:ec:7c:22:a0:a3:67:33:2f:
8d:dd:ad:85:f0:06:e0:54:14:52:4a:83:20:bc:70:
fc:99:9c:a7:3e:89:f3:b9:51:17:d0:d6:92:03:88:
d7:08:c5:95:b7:3b:c4:70:65:92:22:cf:e6:66:ee:
96:24:5e:54:98:c0:05:7c:c2:80:b6:7f:e4:27:3f:
fe:3a:f9:e5:05:e5:99:75:24:1d:2e:06:f0:a7:cd:
2c:a3:35:d4:3a:f9:0e:2d:d8:55:a2:3f:31:99:c2:
73:73:68:05:0e:0e:95:56:de:d3:9a:32:4f:90:81:
98:d9:87:ac:59:5b:c3:2e:77:ce:f3:ba:d7:33:0c:
f6:51:c9:b4:c7:ec:a8:39:7b:04:9b:f0:72:f0:c4:
fb:d1:ac:7e:6a:d7:ba:cf:9b:6e:5f:8a:d1:6a:6b:
9e:d2:9f:d1:69:41:8a:ba:86:2e:a4:69:a5:42:79:
2f:1f:fe:9c:7b:70:d5:55:a1:b8:46:78:98:d5:58:
71:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0C:B2:54:D5:96:A8:C5:86:B6:33:B9:A5:EE:C9:8C:85:36:09:13
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BAyyVNWWqMWGtjO5pe7JjIU2CRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.142.0/23
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
dc:a9:ef:33:3a:3d:ae:74:72:85:b5:ff:3e:45:23:be:49:96:
b1:08:36:fd:7f:65:c0:eb:e9:c3:aa:4d:06:b8:67:e5:88:2f:
fa:5b:3d:f9:eb:25:d2:31:8c:e7:36:92:d5:f7:7d:ec:4e:bd:
d6:75:74:ec:8c:dc:88:11:d0:f4:aa:4b:28:7a:14:88:54:c7:
1d:d4:99:d5:02:d9:31:76:13:d8:0b:89:a7:1b:68:3a:b1:89:
3f:38:37:a8:65:9a:5d:fd:c0:45:5f:07:8e:33:e3:56:97:70:
67:a5:7f:cb:b0:0a:66:53:b1:cd:08:dd:11:d8:f0:43:b7:2f:
0e:8f:80:9a:47:e6:21:36:e8:a7:78:ec:10:01:29:2e:16:7e:
fd:03:c0:09:21:2d:8b:7e:45:3a:7c:52:d4:3a:65:35:81:9c:
b8:51:3b:20:a5:cd:ef:51:a6:96:c1:ad:4d:64:a9:9e:a5:33:
f8:83:f5:73:49:e0:51:99:b1:3d:4c:25:48:d3:38:60:ea:56:
ce:ff:8e:04:f8:6b:90:c6:df:e1:95:da:48:fa:3e:1b:a1:dc:
6e:81:ad:43:84:ec:f3:00:97:3b:6b:85:b6:67:f2:9c:c0:1d:
a8:d4:0b:36:a1:31:b1:58:7e:9a:68:24:62:5e:5d:9b:55:89:
db:3e:9d:e9
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZT9tEgHpuyJIH2LmNPHp+bdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjEzMDUwNzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDBjYjI1NGQ1OTZhOGM1ODZiNjMzYjlhNWVlYzk4Yzg1MzYwOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/hivo9pBPJ1/GgCvjlRbmf5OqzF
SwlMSGx9Sq+EIe/YPoUrHWZCiLmrsUWqU+I2z4QtVBtf/cSSSj0KhkLKi2ub7Hwi
oKNnMy+N3a2F8AbgVBRSSoMgvHD8mZynPonzuVEX0NaSA4jXCMWVtzvEcGWSIs/m
Zu6WJF5UmMAFfMKAtn/kJz/+OvnlBeWZdSQdLgbwp80sozXUOvkOLdhVoj8xmcJz
c2gFDg6VVt7TmjJPkIGY2YesWVvDLnfO87rXMwz2Ucm0x+yoOXsEm/By8MT70ax+
ate6z5tuX4rRamue0p/RaUGKuoYupGmlQnkvH/6ce3DVVaG4RniY1VhxVQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFAQMslTVlqjFhrYzuaXuyYyFNgkTMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQkF5eVZOV1dxTVdHdGpPNXBlN0pqSVUyQ1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgccEAgABMIHAAwQF
BVOAAwQCBa+AAwQABa+FAwQBBa+OMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv
6AMEAAWv6zAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQD
U/NQAwQFVV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQC
X9cgAwQEshKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAE
AgACMCoDBQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8Aw
DQYJKoZIhvcNAQELBQADggEBANyp7zM6Pa50coW1/z5FI75JlrEINv1/ZcDr6cOq
TQa4Z+WIL/pbPfnrJdIxjOc2ktX3fexOvdZ1dOyM3IgR0PSqSyh6FIhUxx3UmdUC
2TF2E9gLiacbaDqxiT84N6hlml39wEVfB44z41aXcGelf8uwCmZTsc0I3RHY8EO3
Lw6PgJpH5iE26Kd47BABKS4Wfv0DwAkhLYt+RTp8UtQ6ZTWBnLhROyClze9RppbB
rU1kqZ6lM/iD9XNJ4FGZsT1MJUjTOGDqVs7/jgT4a5DG3+GV2kj6Phuh3G6BrUOE
7PMAlztrhbZn8pzAHajUCzahMbFYfppoJGJeXZtVids+nek=
-----END CERTIFICATE-----
Generated at Tue Jun 17 20:17:37 2025 by rpki-client