Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qhGDvJH8cSdRfYDZyUzApiqFOQ4.roa
File: qhGDvJH8cSdRfYDZyUzApiqFOQ4.roa (raw, json)
Hash identifier: +yUcA0sj8evPMrfPlKZLVQJsG9X7Ch34mc5VYTtNVFA=
Subject key identifier: AA:11:83:BC:91:FC:71:27:51:7D:80:D9:C9:4C:C0:A6:2A:85:39:0E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01963CD4553BDF841D3B6B5E8BF08EC429F0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qhGDvJH8cSdRfYDZyUzApiqFOQ4.roa
Signing time: Wed 16 Apr 2025 04:21:10 +0000
ROA not before: Wed 16 Apr 2025 04:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.83.158.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 24
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.239.0/24 maxlen: 24
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.248.0/24 maxlen: 24
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.30.0/24 maxlen: 24
5.231.43.0/24 maxlen: 24
5.231.48.0/24 maxlen: 24
5.231.49.0/24 maxlen: 24
5.231.94.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.232.0/24 maxlen: 24
5.231.233.0/24 maxlen: 24
5.231.234.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.18.0/24 maxlen: 24
77.90.21.0/24 maxlen: 24
77.90.38.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.1.0/24 maxlen: 24
85.93.6.0/24 maxlen: 24
85.93.7.0/24 maxlen: 24
85.93.12.0/24 maxlen: 24
85.93.15.0/24 maxlen: 24
85.93.21.0/24 maxlen: 24
85.118.160.0/21 maxlen: 32
85.118.162.0/24 maxlen: 24
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.92.0/24 maxlen: 24
89.106.93.0/24 maxlen: 24
89.106.94.0/24 maxlen: 24
89.106.95.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.2.0/24 maxlen: 24
89.144.8.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.18.0/24 maxlen: 24
89.144.21.0/24 maxlen: 24
89.144.22.0/24 maxlen: 24
89.144.38.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.103.166.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.150.0/24 maxlen: 24
94.249.170.0/24 maxlen: 24
94.249.207.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
95.215.32.0/24 maxlen: 24
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 24
185.13.156.0/22 maxlen: 32
185.13.156.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.142.0/24 maxlen: 24
185.121.69.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
2a02:2fc0::/48 maxlen: 48
2a02:2fc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Apr 2025 15:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3c:d4:55:3b:df:84:1d:3b:6b:5e:8b:f0:8e:c4:29:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 16 04:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa1183bc91fc7127517d80d9c94cc0a62a85390e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c9:86:98:3b:82:ef:f8:f4:c0:1a:16:1f:95:
65:24:83:c0:ea:2b:64:85:d2:91:af:a4:dc:c9:10:
64:ba:c9:44:e3:f0:b1:01:2e:a6:f8:15:bd:2f:6e:
1b:38:57:40:e1:5d:6e:9f:6a:3c:09:07:ba:6c:89:
83:17:d2:99:db:40:ff:40:e0:ec:79:f4:5f:3c:7f:
8d:56:51:b1:24:b3:e8:2a:9f:b9:7b:20:90:e3:09:
cc:06:83:6f:88:ec:98:bf:d9:e8:b1:78:13:08:c7:
5c:bd:f9:04:ef:fa:f9:3c:9c:9a:e7:b1:3e:12:5e:
4a:03:39:eb:9e:b2:3f:db:eb:d9:5a:fa:d6:c2:18:
12:c5:c0:63:0a:25:1f:3f:f5:56:c5:b4:9d:ab:d7:
92:eb:87:40:b3:13:61:d1:5a:57:81:65:75:d5:9d:
7f:6b:ce:c6:3b:a7:da:28:72:fd:5e:f0:cf:cc:ce:
17:27:c6:fc:8c:c4:cb:03:85:d6:bf:97:a7:3b:eb:
8d:c9:af:7e:e5:0b:8f:84:4e:d2:33:8a:4b:42:ba:
b8:df:f4:20:16:6e:00:b0:3d:c1:73:8c:72:3d:fd:
e5:3b:5f:17:e6:13:a1:40:ef:84:38:84:9c:81:93:
b0:96:89:74:8b:89:ca:b4:a3:61:35:62:2e:12:c0:
67:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:11:83:BC:91:FC:71:27:51:7D:80:D9:C9:4C:C0:A6:2A:85:39:0E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qhGDvJH8cSdRfYDZyUzApiqFOQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.143.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.239.0-5.175.244.255
5.175.248.0/24
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0-185.47.142.255
185.121.69.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:e4:2e:7d:2d:61:63:54:6a:f4:e0:76:ca:4d:52:da:10:96:
e3:d4:1c:b9:47:3f:23:6a:18:0a:41:13:9c:38:96:7d:52:97:
58:1c:53:51:01:19:c8:87:c8:16:a1:af:10:43:55:16:f0:57:
4f:1b:46:a8:a3:17:7f:3b:1a:6c:4f:0f:aa:5e:78:cd:ec:1f:
42:27:98:f6:3a:96:c3:d8:b0:2c:fa:a5:4a:34:02:62:f9:09:
f5:3e:f6:d5:73:82:93:42:37:7d:84:d2:46:b5:64:9f:7e:ed:
8e:53:be:8c:3e:6b:17:9a:85:a4:30:68:55:74:a0:e8:6a:47:
2f:d1:96:f5:d9:26:91:de:4c:08:97:f6:be:99:a4:f9:f8:15:
6b:08:70:79:a9:c1:44:d5:d4:e7:e4:47:e3:93:ad:be:8e:d9:
3a:2a:b7:6e:a7:f0:c1:be:37:fc:9c:91:86:dd:31:2c:1d:a9:
0e:43:76:90:f4:68:d2:c1:c2:45:22:5f:f7:a6:02:c5:8b:c0:
7b:b9:9b:7f:b3:42:5c:4f:32:95:2f:1f:e2:6a:1c:a8:40:97:
4f:f2:cd:0b:b1:54:b7:a1:7c:21:33:a1:f4:b3:da:dc:f3:59:
a8:34:6e:38:3e:a7:21:c8:34:88:1e:4d:6d:16:f8:7d:00:82:
12:e8:1c:e5
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZY81FU734QdO2tei/COxCnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDE2MDQyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTExODNiYzkxZmM3MTI3NTE3ZDgwZDljOTRjYzBhNjJhODUzOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcmGmDuC7/j0wBoWH5VlJIPA6itk
hdKRr6TcyRBkuslE4/CxAS6m+BW9L24bOFdA4V1un2o8CQe6bImDF9KZ20D/QODs
efRfPH+NVlGxJLPoKp+5eyCQ4wnMBoNviOyYv9nosXgTCMdcvfkE7/r5PJya57E+
El5KAznrnrI/2+vZWvrWwhgSxcBjCiUfP/VWxbSdq9eS64dAsxNh0VpXgWV11Z1/
a87GO6faKHL9XvDPzM4XJ8b8jMTLA4XWv5enO+uNya9+5QuPhE7SM4pLQrq43/Qg
Fm4AsD3Bc4xyPf3lO18X5hOhQO+EOIScgZOwlol0i4nKtKNhNWIuEsBnaQIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFKoRg7yR/HEnUX2A2clMwKYqhTkOMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvcWhHRHZKSDhjU2RSZllEWnlVekFwaXFGT1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCB2wQCAAEwgdQD
BAUFU4ADBAIFr4ADBAAFr4UDBAAFr48wDAMEAQWv2gMEAAWv3DAMAwQABa/hAwQA
Ba/oAwQABa/rMAwDBAAFr+8DBAAFr/QDBAAFr/gwCwMEAAWv+wMDBAWgAwMBBeYD
BAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakADBAZZkAADBAReZ6AD
BAde+YADBAJf1yADBASyEpADBAK5DZwwDAMEArkvjAMEALkvjgMEALl5RQMEALl5
RwMEAMEc+wMEAcNuDgMEBNlFoDAwBAIAAjAqAwUDKgAS2AMFAyoAGdADBQAqAM3A
AwUDKgG9QAMFAyoCB6ADBQMqAi/AMA0GCSqGSIb3DQEBCwUAA4IBAQAK5C59LWFj
VGr04HbKTVLaEJbj1By5Rz8jahgKQROcOJZ9UpdYHFNRARnIh8gWoa8QQ1UW8FdP
G0aooxd/OxpsTw+qXnjN7B9CJ5j2OpbD2LAs+qVKNAJi+Qn1PvbVc4KTQjd9hNJG
tWSffu2OU76MPmsXmoWkMGhVdKDoakcv0Zb12SaR3kwIl/a+maT5+BVrCHB5qcFE
1dTn5Efjk62+jtk6Krdup/DBvjf8nJGG3TEsHakOQ3aQ9GjSwcJFIl/3pgLFi8B7
uZt/s0JcTzKVLx/iahyoQJdP8s0LsVS3oXwhM6H0s9rc81moNG44PqchyDSIHk1t
Fvh9AIIS6Bzl
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:23:02 2025 by rpki-client