Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hQhFgVh4bw3vbAaFhcrteXHSAJY.roa
File: hQhFgVh4bw3vbAaFhcrteXHSAJY.roa (raw, json)
Hash identifier: t1DTKcWyZ8N9pX6zKo9zin22shDzSMBMXkC58oXk0IE=
Subject key identifier: 85:08:45:81:58:78:6F:0D:EF:6C:06:85:85:CA:ED:79:71:D2:00:96
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01961855B537EA6759FFB04D22507F632074
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hQhFgVh4bw3vbAaFhcrteXHSAJY.roa
Signing time: Wed 09 Apr 2025 02:16:32 +0000
ROA not before: Wed 09 Apr 2025 02:16:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.232.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.18.0/24 maxlen: 24
77.90.21.0/24 maxlen: 24
77.90.38.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.12.0/24 maxlen: 24
85.93.15.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
85.118.162.0/24 maxlen: 24
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.92.0/24 maxlen: 24
89.106.93.0/24 maxlen: 24
89.106.94.0/24 maxlen: 24
89.106.95.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.21.0/24 maxlen: 24
89.144.22.0/24 maxlen: 24
89.144.38.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.163.0/24 maxlen: 24
94.103.166.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.103.169.0/24 maxlen: 24
94.103.170.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.212.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.142.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
185.121.69.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
2a02:2fc0::/48 maxlen: 48
2a02:2fc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Apr 2025 04:07:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:18:55:b5:37:ea:67:59:ff:b0:4d:22:50:7f:63:20:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 9 02:16:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8508458158786f0def6c068585caed7971d20096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b2:f9:03:ba:98:c3:f6:89:67:a3:66:84:33:
69:29:ee:f7:89:09:de:b5:75:9a:27:ac:a0:9e:82:
47:87:ae:71:75:46:f0:d6:65:93:f8:46:ab:94:e6:
84:60:c4:98:a6:2f:28:a2:38:21:e2:60:fc:f0:72:
fe:5e:4c:d5:05:1f:2e:b0:6a:1f:a1:27:8f:00:ee:
dd:33:48:0a:f7:76:d1:26:8c:c2:8f:76:16:eb:1f:
b5:42:4e:d2:9c:24:60:c6:29:bc:49:be:a8:75:17:
2b:6d:c9:7d:cf:4b:d2:9c:41:d1:8a:bb:9c:01:72:
f0:8d:a7:4d:d9:ca:64:23:c6:0e:18:5a:fb:a2:c4:
71:ba:2c:7f:cd:c0:ca:29:3b:f0:ea:ae:72:54:c2:
b6:3c:17:18:16:91:31:93:00:7a:75:ca:7c:f3:4f:
a5:2e:20:f0:77:73:68:d3:ac:d1:36:5d:54:12:43:
4a:2d:f7:82:fd:86:71:ae:5d:b5:50:61:7b:4d:9a:
05:d9:57:b9:07:c3:80:c4:37:e9:11:07:c8:c6:af:
6a:e7:6a:a7:fb:55:b0:16:84:fd:83:2d:6c:f6:70:
84:c5:62:2d:62:d9:4b:e6:ab:50:31:4c:59:c8:3c:
d2:56:80:77:a3:32:4c:1f:c7:35:8e:57:c7:79:ae:
6d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:08:45:81:58:78:6F:0D:EF:6C:06:85:85:CA:ED:79:71:D2:00:96
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hQhFgVh4bw3vbAaFhcrteXHSAJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.143.0/24
5.175.218.0/23
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.237.0/24
5.175.239.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/22
185.121.69.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
28:f4:bb:1f:85:c4:c6:41:7d:57:a6:a3:6b:85:20:47:34:7c:
0f:6e:3b:c4:5e:64:fb:13:18:77:13:0c:04:3c:18:10:e6:f9:
50:de:f7:b1:8d:d1:30:dd:0e:31:43:54:1c:dd:a1:d0:7e:20:
c6:8c:bb:54:1f:1c:27:58:42:20:4a:2a:98:e2:4d:c9:bc:ca:
31:e5:69:a3:48:21:6c:45:46:23:ba:aa:c2:ef:fe:4b:18:18:
cc:52:a6:50:3d:51:e3:41:cd:b2:11:bc:3b:62:28:69:1f:c6:
f1:00:3b:d8:fb:72:67:bb:f1:d0:58:0a:d6:cb:6b:82:20:be:
e2:e8:10:50:d0:49:ac:c0:df:c1:2e:7a:92:0f:09:a0:f1:b3:
5a:b5:58:b0:30:9e:e9:8c:83:4a:80:e4:74:54:7a:5b:bf:0c:
14:6c:e7:e3:79:74:8a:c3:4f:17:13:85:db:23:89:f2:72:97:
7c:7c:56:3d:20:ff:6a:62:58:4b:26:8f:7f:9b:76:b6:a1:c4:
da:8d:b6:45:d9:16:16:0c:c8:f6:a2:ab:7a:54:3f:1a:6b:2b:
38:c0:a1:8e:bb:32:96:db:69:c5:d1:7f:9e:cc:aa:05:56:dd:
55:b2:22:ba:07:5e:18:f8:c7:04:22:7d:f4:89:69:42:0c:c2:
12:85:ca:57
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZYYVbU36mdZ/7BNIlB/YyB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA5MDIxNjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA4NDU4MTU4Nzg2ZjBkZWY2YzA2ODU4NWNhZWQ3OTcxZDIwMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LL5A7qYw/aJZ6NmhDNpKe73iQne
tXWaJ6ygnoJHh65xdUbw1mWT+EarlOaEYMSYpi8oojgh4mD88HL+XkzVBR8usGof
oSePAO7dM0gK93bRJozCj3YW6x+1Qk7SnCRgxim8Sb6odRcrbcl9z0vSnEHRiruc
AXLwjadN2cpkI8YOGFr7osRxuix/zcDKKTvw6q5yVMK2PBcYFpExkwB6dcp880+l
LiDwd3No06zRNl1UEkNKLfeC/YZxrl21UGF7TZoF2Ve5B8OAxDfpEQfIxq9q52qn
+1WwFoT9gy1s9nCExWItYtlL5qtQMUxZyDzSVoB3ozJMH8c1jlfHea5tQwIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFIUIRYFYeG8N72wGhYXK7Xlx0gCWMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaFFoRmdWaDRidzN2YkFhRmhjcnRlWEhTQUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCBywQCAAEwgcQD
BAUFU4ADBAIFr4ADBAAFr4UDBAAFr48DBAEFr9owDAMEAAWv4QMEAAWv6AMEAAWv
6wMEAAWv7TAMAwQABa/vAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQD
U/NQAwQFVV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQC
X9cgAwQEshKQAwQCuQ2cAwQCuS+MAwQAuXlFAwQAuXlHAwQAwRz7AwQBw24OAwQE
2UWgMDAEAgACMCoDBQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMF
AyoCL8AwDQYJKoZIhvcNAQELBQADggEBACj0ux+FxMZBfVemo2uFIEc0fA9uO8Re
ZPsTGHcTDAQ8GBDm+VDe97GN0TDdDjFDVBzdodB+IMaMu1QfHCdYQiBKKpjiTcm8
yjHlaaNIIWxFRiO6qsLv/ksYGMxSplA9UeNBzbIRvDtiKGkfxvEAO9j7cme78dBY
CtbLa4IgvuLoEFDQSazA38EuepIPCaDxs1q1WLAwnumMg0qA5HRUelu/DBRs5+N5
dIrDTxcThdsjifJyl3x8Vj0g/2piWEsmj3+bdrahxNqNtkXZFhYMyPaiq3pUPxpr
KzjAoY67MpbbacXRf57MqgVW3VWyIroHXhj4xwQiffSJaUIMwhKFylc=
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:26:35 2025 by rpki-client