Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fsq1PPFOJ1ipTSt24TSss-hJTic.roa
File: fsq1PPFOJ1ipTSt24TSss-hJTic.roa (raw, json)
Hash identifier: gfzZf8nZs/E/LLOkHhGVFsEKl4httf+EP+FLSrTCRRw=
Subject key identifier: 7E:CA:B5:3C:F1:4E:27:58:A9:4D:2B:76:E1:34:AC:B3:E8:49:4E:27
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01961AA4388326C48FAA332195C90FD2255A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fsq1PPFOJ1ipTSt24TSss-hJTic.roa
Signing time: Wed 09 Apr 2025 13:01:32 +0000
ROA not before: Wed 09 Apr 2025 13:01:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 24
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.232.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.18.0/24 maxlen: 24
77.90.21.0/24 maxlen: 24
77.90.38.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.12.0/24 maxlen: 24
85.93.15.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
85.118.162.0/24 maxlen: 24
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.92.0/24 maxlen: 24
89.106.93.0/24 maxlen: 24
89.106.94.0/24 maxlen: 24
89.106.95.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.21.0/24 maxlen: 24
89.144.22.0/24 maxlen: 24
89.144.38.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.163.0/24 maxlen: 24
94.103.166.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.103.169.0/24 maxlen: 24
94.103.170.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.212.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.142.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
185.121.69.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
2a02:2fc0::/48 maxlen: 48
2a02:2fc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Apr 2025 17:24:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:a4:38:83:26:c4:8f:aa:33:21:95:c9:0f:d2:25:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 9 13:01:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ecab53cf14e2758a94d2b76e134acb3e8494e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:59:38:cd:5d:e8:42:b5:28:46:1b:a4:71:1d:
4b:cb:9c:53:ed:0c:7c:fe:0e:69:9e:43:26:af:31:
0d:07:c7:e1:6b:c0:3e:e6:a7:5d:a6:99:04:0a:a8:
a2:62:67:05:43:5d:3e:5e:c3:ac:86:e1:a7:e7:7e:
00:ab:97:ec:50:31:80:6a:81:c6:8c:98:d7:c4:ce:
f3:43:10:fe:23:ac:9a:21:49:7f:14:e1:6f:f5:62:
30:90:29:cf:bc:e4:5d:7f:bc:b3:31:03:fc:57:4d:
c6:c8:12:fd:a2:9c:a2:cb:81:66:07:0a:da:f3:9e:
2a:cf:ed:19:12:79:28:a4:5f:74:fd:63:bb:d7:c5:
0f:f8:2e:1c:42:19:47:8a:b7:44:51:0e:7f:1d:11:
f8:cd:cc:03:13:79:c5:86:96:19:52:25:bc:33:5f:
d1:84:9c:dd:f0:67:28:d6:b3:3a:74:40:ae:db:34:
94:cf:db:a7:d0:66:2d:85:17:27:9e:9a:bf:1f:2a:
bf:3e:e8:b7:18:6d:67:56:a0:27:6b:f8:3b:83:d1:
41:c7:98:a3:d7:2d:dd:1f:7a:72:69:bd:81:71:1e:
2a:95:13:99:91:c8:49:4b:a8:10:54:60:70:dc:4e:
b4:ba:78:bc:9a:e1:0d:23:6c:d0:47:91:2e:c4:5d:
6c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CA:B5:3C:F1:4E:27:58:A9:4D:2B:76:E1:34:AC:B3:E8:49:4E:27
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fsq1PPFOJ1ipTSt24TSss-hJTic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.143.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.237.0/24
5.175.239.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/22
185.121.69.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
c1:c8:95:ec:22:88:76:20:24:93:ff:70:57:df:1d:2d:04:58:
f0:38:fa:39:e6:5e:f0:fa:9e:40:b2:4c:3f:c0:e0:e8:d5:0b:
9d:59:16:21:17:7b:df:5d:fd:9a:88:b3:e6:36:3d:c6:e5:0f:
fb:33:36:36:2d:0a:3c:d4:d8:6d:da:66:74:55:ba:ea:9b:2b:
a2:93:c3:7a:2f:28:6f:35:48:a5:ad:69:9f:33:92:15:2b:46:
d1:13:1e:dc:16:72:8d:8a:bb:4f:8f:2f:6f:52:d5:b7:db:16:
51:70:d3:3b:7d:c9:b0:bd:3c:18:17:c0:4a:2e:b2:8a:f5:52:
ee:ce:66:be:39:ba:dd:ee:67:9c:18:b6:43:82:00:0e:18:6f:
f0:80:cb:ce:3e:c4:78:e7:b6:2f:c7:8a:e9:90:4a:05:53:3c:
30:12:88:f7:cc:55:62:a8:7a:43:e1:f3:48:c1:0c:47:f7:07:
3a:bd:6a:50:d4:16:60:96:92:02:90:a4:99:81:cd:c1:b0:04:
25:e2:5b:79:9c:4b:08:aa:5d:f8:da:db:5e:5c:2e:10:7c:21:
e5:80:94:e0:88:87:36:f3:0b:89:aa:40:8a:9a:de:df:2e:74:
08:c2:98:e0:bb:17:6e:e1:98:a8:78:86:e3:9d:03:1b:fa:00:
dc:63:e7:5a
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAZYapDiDJsSPqjMhlckP0iVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA5MTMwMTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNhYjUzY2YxNGUyNzU4YTk0ZDJiNzZlMTM0YWNiM2U4NDk0ZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFk4zV3oQrUoRhukcR1Ly5xT7Qx8
/g5pnkMmrzENB8fha8A+5qddppkECqiiYmcFQ10+XsOshuGn534Aq5fsUDGAaoHG
jJjXxM7zQxD+I6yaIUl/FOFv9WIwkCnPvORdf7yzMQP8V03GyBL9opyiy4FmBwra
854qz+0ZEnkopF90/WO718UP+C4cQhlHirdEUQ5/HRH4zcwDE3nFhpYZUiW8M1/R
hJzd8Gco1rM6dECu2zSUz9un0GYthRcnnpq/Hyq/Pui3GG1nVqAna/g7g9FBx5ij
1y3dH3pyab2BcR4qlROZkchJS6gQVGBw3E60uni8muENI2zQR5EuxF1sKQIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFH7KtTzxTidYqU0rduE0rLPoSU4nMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZnNxMVBQRk9KMWlwVFN0MjRUU3NzLWhKVGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHQYIKwYBBQUHAQcBAf8EggEMMIIBCDCB0wQCAAEwgcwD
BAUFU4ADBAIFr4ADBAAFr4UDBAAFr48wDAMEAQWv2gMEAAWv3DAMAwQABa/hAwQA
Ba/oAwQABa/rAwQABa/tMAwDBAAFr+8DBAAFr/QwCwMEAAWv+wMDBAWgAwMBBeYD
BAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakADBAZZkAADBAReZ6AD
BAde+YADBAJf1yADBASyEpADBAK5DZwDBAK5L4wDBAC5eUUDBAC5eUcDBADBHPsD
BAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMFAyoBvUAD
BQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAwciV7CKIdiAkk/9wV98d
LQRY8Dj6OeZe8PqeQLJMP8Dg6NULnVkWIRd73139moiz5jY9xuUP+zM2Ni0KPNTY
bdpmdFW66psropPDei8obzVIpa1pnzOSFStG0RMe3BZyjYq7T48vb1LVt9sWUXDT
O33JsL08GBfASi6yivVS7s5mvjm63e5nnBi2Q4IADhhv8IDLzj7EeOe2L8eK6ZBK
BVM8MBKI98xVYqh6Q+HzSMEMR/cHOr1qUNQWYJaSApCkmYHNwbAEJeJbeZxLCKpd
+NrbXlwuEHwh5YCU4IiHNvMLiapAipre3y50CMKY4LsXbuGYqHiG450DG/oA3GPn
Wg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:34:27 2025 by rpki-client