Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mBKmJrJk_aL035vlMtdcplVCyds.roa
File: mBKmJrJk_aL035vlMtdcplVCyds.roa (raw, json)
Hash identifier: 3KvqweCeVAH5D2Xl8o7eWpzlm1q4RwmnboLtc7HWqew=
Subject key identifier: 98:12:A6:26:B2:64:FD:A2:F4:DF:9B:E5:32:D7:5C:A6:55:42:C9:DB
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196F75A56505A4E181F8139CBC73DC38ADB
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mBKmJrJk_aL035vlMtdcplVCyds.roa
Signing time: Thu 22 May 2025 09:36:54 +0000
ROA not before: Thu 22 May 2025 09:36:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.83.158.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.138.0/24 maxlen: 24
5.175.143.0/24 maxlen: 24
5.175.192.0/24 maxlen: 24
5.175.195.0/24 maxlen: 24
5.175.196.0/24 maxlen: 24
5.175.198.0/24 maxlen: 24
5.175.199.0/24 maxlen: 24
5.175.203.0/24 maxlen: 24
5.175.207.0/24 maxlen: 24
5.175.208.0/24 maxlen: 24
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.236.0/24 maxlen: 24
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.43.0/24 maxlen: 24
5.231.48.0/24 maxlen: 24
5.231.49.0/24 maxlen: 24
5.231.50.0/24 maxlen: 24
5.231.51.0/24 maxlen: 24
5.231.52.0/24 maxlen: 24
5.231.53.0/24 maxlen: 24
5.231.80.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.111.0/24 maxlen: 24
5.231.114.0/24 maxlen: 24
5.231.125.0/24 maxlen: 24
5.231.201.0/24 maxlen: 24
5.231.202.0/24 maxlen: 24
5.231.225.0/24 maxlen: 24
5.231.232.0/24 maxlen: 24
5.231.233.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.49.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.7.0/24 maxlen: 24
85.93.12.0/24 maxlen: 24
85.93.15.0/24 maxlen: 24
85.93.23.0/24 maxlen: 24
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.67.0/24 maxlen: 24
89.106.70.0/24 maxlen: 24
89.106.78.0/24 maxlen: 24
89.106.79.0/24 maxlen: 24
89.106.81.0/24 maxlen: 24
89.106.82.0/24 maxlen: 24
89.106.83.0/24 maxlen: 24
89.106.84.0/24 maxlen: 24
89.106.85.0/24 maxlen: 24
89.106.86.0/24 maxlen: 24
89.106.87.0/24 maxlen: 24
89.106.94.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.6.0/24 maxlen: 24
89.144.7.0/24 maxlen: 24
89.144.11.0/24 maxlen: 24
89.144.21.0/24 maxlen: 24
89.144.38.0/24 maxlen: 24
89.144.48.0/24 maxlen: 24
89.144.49.0/24 maxlen: 24
89.144.51.0/24 maxlen: 24
89.144.52.0/24 maxlen: 24
89.144.59.0/24 maxlen: 24
89.144.62.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.168.0/24 maxlen: 24
94.103.170.0/24 maxlen: 24
94.103.171.0/24 maxlen: 24
94.103.172.0/24 maxlen: 24
94.103.173.0/24 maxlen: 24
94.103.174.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.182.0/24 maxlen: 24
94.249.191.0/24 maxlen: 24
94.249.207.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.213.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.142.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
2a02:2fc0::/48 maxlen: 48
2a02:2fc0:1::/48 maxlen: 48
2a02:2fc0:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 May 2025 07:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:5a:56:50:5a:4e:18:1f:81:39:cb:c7:3d:c3:8a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 22 09:36:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9812a626b264fda2f4df9be532d75ca65542c9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:66:c3:e8:c6:21:c6:bd:70:28:c7:c9:2c:5b:
ed:42:0b:22:9c:70:6f:d6:b5:f8:84:08:af:15:20:
cc:05:95:97:33:5a:bd:47:66:96:c1:c0:ce:8b:2e:
fa:9c:ab:98:43:ce:be:71:af:74:ec:49:61:8b:b0:
6b:01:be:3d:c6:08:f4:96:49:67:91:61:c9:a4:7b:
38:e5:d8:3c:4a:41:ad:8d:c6:6f:66:4a:54:c0:90:
40:cf:87:58:8f:62:45:16:3a:7d:33:05:ad:cd:8e:
68:c1:b5:b3:5f:54:02:03:03:89:78:ad:fc:cd:27:
17:e0:11:5d:0a:5d:69:5e:ef:ac:68:85:4c:45:0b:
1f:e8:ec:4f:ad:b8:b8:7b:12:e3:54:ff:be:f0:ed:
77:f2:06:5b:50:53:1a:9e:01:7d:b3:d0:fd:51:5b:
cc:8f:b3:4c:65:88:d8:fa:7d:d5:42:7f:02:34:87:
41:01:5c:4f:c0:33:a3:2d:e4:a9:15:c7:f3:1d:9d:
8e:a9:9e:84:6a:1d:32:bd:9c:e6:38:93:c0:82:da:
12:a5:91:c2:c5:93:20:e2:0f:63:bb:6b:6c:a7:a8:
1d:10:5f:17:c3:41:e1:13:ad:9b:e6:df:04:fe:01:
dc:9d:87:2a:f7:80:59:73:48:eb:21:5f:ce:15:2f:
d0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:12:A6:26:B2:64:FD:A2:F4:DF:9B:E5:32:D7:5C:A6:55:42:C9:DB
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mBKmJrJk_aL035vlMtdcplVCyds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.138.0/24
5.175.143.0/24
5.175.192.0/24
5.175.195.0-5.175.196.255
5.175.198.0/23
5.175.203.0/24
5.175.207.0-5.175.208.255
5.175.225.0-5.175.232.255
5.175.235.0-5.175.236.255
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0-185.47.142.255
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
cf:f4:67:e5:fc:fc:9e:99:0e:26:61:4a:08:2f:b0:b1:fb:71:
eb:6f:b0:18:6f:e2:9a:a3:2d:26:2f:5b:d5:87:2c:67:2a:7a:
b4:ac:70:60:8f:74:c6:43:6e:cd:7a:83:b9:7c:80:18:48:04:
dc:48:c5:02:c2:85:d0:7e:97:65:27:f8:05:79:4f:19:a8:22:
a9:9c:e7:b9:b5:85:96:81:28:50:2a:00:39:2d:6f:9e:22:17:
45:01:d0:e9:3f:47:ed:67:33:b6:da:58:ec:b0:43:80:b1:46:
40:83:73:e8:fb:d2:72:63:63:19:6e:01:47:0f:5a:63:ee:d9:
8e:8d:70:bf:3c:12:77:fa:e1:be:81:5f:f2:10:f7:06:56:b9:
3a:dc:30:29:12:3d:be:08:21:64:52:00:66:ba:26:73:83:6d:
f0:4f:18:30:ad:80:24:88:fb:38:a7:93:17:a4:8a:0e:52:5d:
3a:e1:31:be:22:d5:d3:a4:de:43:06:86:13:4c:5e:9d:20:a7:
d2:46:13:a6:c3:e3:8a:62:16:81:62:2e:9c:e8:e9:b1:c2:b8:
a6:d0:6e:7c:53:88:c7:3b:52:ae:42:a1:06:02:39:e9:f7:a9:
15:ab:95:6b:cb:65:6c:6a:d4:99:4c:e8:4f:17:e2:23:f5:04:
56:4b:42:09
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZb3WlZQWk4YH4E5y8c9w4rbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTIyMDkzNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODEyYTYyNmIyNjRmZGEyZjRkZjliZTUzMmQ3NWNhNjU1NDJjOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2bD6MYhxr1wKMfJLFvtQgsinHBv
1rX4hAivFSDMBZWXM1q9R2aWwcDOiy76nKuYQ86+ca907Elhi7BrAb49xgj0lkln
kWHJpHs45dg8SkGtjcZvZkpUwJBAz4dYj2JFFjp9MwWtzY5owbWzX1QCAwOJeK38
zScX4BFdCl1pXu+saIVMRQsf6OxPrbi4exLjVP++8O138gZbUFMangF9s9D9UVvM
j7NMZYjY+n3VQn8CNIdBAVxPwDOjLeSpFcfzHZ2OqZ6Eah0yvZzmOJPAgtoSpZHC
xZMg4g9ju2tsp6gdEF8Xw0HhE62b5t8E/gHcnYcq94BZc0jrIV/OFS/QjQIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFJgSpiayZP2i9N+b5TLXXKZVQsnbMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbUJLbUpySmtfYUwwMzV2bE10ZGNwbFZDeWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCB/QQCAAEwgfYD
BAUFU4ADBAIFr4ADBAAFr4UDBAAFr4oDBAAFr48DBAAFr8AwDAMEAAWvwwMEAAWv
xAMEAQWvxgMEAAWvyzAMAwQABa/PAwQABa/QMAwDBAAFr+EDBAAFr+gwDAMEAAWv
6wMEAAWv7DAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQD
U/NQAwQFVV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQC
X9cgAwQEshKQAwQCuQ2cMAwDBAK5L4wDBAC5L44DBAC5eUcDBADBHPsDBAHDbg4D
BATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMFAyoBvUADBQMqAgeg
AwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAz/Rn5fz8npkOJmFKCC+wsftx62+w
GG/imqMtJi9b1YcsZyp6tKxwYI90xkNuzXqDuXyAGEgE3EjFAsKF0H6XZSf4BXlP
GagiqZznubWFloEoUCoAOS1vniIXRQHQ6T9H7WczttpY7LBDgLFGQINz6PvScmNj
GW4BRw9aY+7Zjo1wvzwSd/rhvoFf8hD3Bla5OtwwKRI9vgghZFIAZromc4Nt8E8Y
MK2AJIj7OKeTF6SKDlJdOuExviLV06TeQwaGE0xenSCn0kYTpsPjimIWgWIunOjp
scK4ptBufFOIxztSrkKhBgI56fepFauVa8tlbGrUmUzoTxfiI/UEVktCCQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 15:53:18 2025 by rpki-client