Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/UhFZX8mk55P2RxSLZqv_BElIg8g.roa
File: UhFZX8mk55P2RxSLZqv_BElIg8g.roa (raw, json)
Hash identifier: 8P+Y4O1KxYWCiaq8f1rkOUl/hcdYdxc1nJmAwJ8Gsoc=
Subject key identifier: 52:11:59:5F:C9:A4:E7:93:F6:47:14:8B:66:AB:FF:04:49:48:83:C8
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0196008F8CE7099D3ABB394315EE149D4EDB
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/UhFZX8mk55P2RxSLZqv_BElIg8g.roa
Signing time: Fri 04 Apr 2025 11:28:49 +0000
ROA not before: Fri 04 Apr 2025 11:28:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8359
IP address blocks: 5.144.96.0/19 maxlen: 19
5.144.125.0/24 maxlen: 24
5.189.208.0/21 maxlen: 21
31.40.112.0/20 maxlen: 20
37.208.120.0/21 maxlen: 21
62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
79.171.115.0/24 maxlen: 24
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
92.43.184.0/21 maxlen: 21
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
94.243.5.0/24 maxlen: 24
95.153.136.0/22 maxlen: 22
95.169.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
178.155.48.0/22 maxlen: 22
178.159.16.0/20 maxlen: 20
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
193.189.68.0/23 maxlen: 23
194.126.203.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
212.188.1.0/24 maxlen: 24
212.188.16.0/24 maxlen: 24
212.188.29.0/24 maxlen: 24
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.98.0/23 maxlen: 23
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.210.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa1::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 16 Apr 2025 08:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:8f:8c:e7:09:9d:3a:bb:39:43:15:ee:14:9d:4e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Apr 4 11:28:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5211595fc9a4e793f647148b66abff04494883c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:79:ec:53:75:a1:68:8a:4b:f5:87:23:81:58:
90:7b:62:47:1b:92:72:63:8e:4d:70:8e:c3:b9:ba:
64:cb:64:ac:61:37:38:97:7e:f1:19:ad:25:68:60:
c4:58:18:ed:76:6f:77:0b:4f:cc:87:cd:a3:3d:62:
ed:85:a1:4c:89:2b:b1:4e:f2:55:46:3e:09:b9:34:
58:96:15:0c:b5:ea:f2:f7:f5:36:3a:30:b8:2b:1b:
66:4d:e5:2d:1f:7d:f0:5f:af:f5:97:67:2d:66:f7:
6e:71:04:63:a6:c2:ea:a8:54:76:05:8c:85:11:21:
bd:b4:22:55:79:3c:ab:4c:1a:a0:76:3e:d9:4e:73:
b5:4a:18:d3:83:e1:c5:23:da:44:2b:8a:6c:c6:93:
fa:09:e5:1a:5b:9f:bf:94:b8:9a:86:68:e8:ea:cb:
cb:d3:c5:5d:0c:a3:c3:08:2b:06:35:be:8d:6d:e4:
e9:38:31:d8:95:f7:17:4a:38:8b:3d:8e:f3:fb:8f:
cd:d1:87:93:72:52:42:9a:24:ea:6f:fa:87:c4:8d:
f2:c2:dc:68:da:86:ed:01:7a:4f:39:77:f3:77:d6:
14:ba:ea:ec:d6:d7:a3:78:57:dc:41:81:a2:6f:3b:
b1:32:f5:ca:5e:9b:02:65:2e:00:25:dd:84:14:e7:
dd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:11:59:5F:C9:A4:E7:93:F6:47:14:8B:66:AB:FF:04:49:48:83:C8
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/UhFZX8mk55P2RxSLZqv_BElIg8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.96.0/19
5.189.208.0/21
31.40.112.0/20
37.208.120.0/21
62.118.0.0/16
62.168.224.0/19
79.171.115.0/24
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
92.43.184.0/21
93.90.224.0/20
94.140.128.0/19
94.243.5.0/24
95.153.136.0/22
95.169.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
178.159.16.0/20
185.168.236.0/22
193.104.128.0/24
193.189.68.0/23
194.126.203.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
26:13:b7:dc:d4:4d:03:0e:12:f5:da:45:c6:51:02:02:49:c7:
1e:d8:58:b1:28:00:17:fc:1e:6f:0c:34:ac:eb:12:2b:ae:35:
3a:76:7e:64:45:b7:61:1b:46:f4:ca:fa:7d:09:d6:3a:65:f2:
90:0d:2b:61:12:28:9f:07:a9:c1:d1:a2:ef:ea:b1:3f:65:a6:
19:89:ee:93:2e:29:98:9b:b3:d3:c9:60:16:f4:ee:ee:2a:ec:
8e:c8:ae:a1:df:82:98:6e:e8:8b:8d:58:e7:81:50:3b:bb:fb:
a0:a2:60:b2:04:68:58:68:3f:61:49:80:8f:d7:68:8e:cc:62:
77:e3:aa:9b:fa:7c:8c:41:bb:c3:22:92:47:ba:0a:c6:19:8c:
8f:21:c6:36:77:bd:1e:50:36:ca:d9:82:93:e7:c5:90:95:9b:
fb:17:4b:37:85:be:12:13:34:c8:41:52:3f:ae:bb:d2:4a:a2:
a9:b5:2a:c2:90:a3:4b:7a:3d:d5:c1:3d:2a:39:75:c9:bd:60:
4c:29:f7:a8:b4:e1:f5:31:1b:95:0a:22:07:5c:43:23:d6:e3:
03:30:73:d0:f6:db:fb:dc:c3:fe:57:ed:91:8f:92:6b:db:df:
b3:5a:ca:1d:69:71:c3:a3:69:d6:b6:92:ed:a3:0c:bf:11:9b:
93:69:21:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAZYAj4znCZ06uzlDFe4UnU7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwNDA0MTEyODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjExNTk1ZmM5YTRlNzkzZjY0NzE0OGI2NmFiZmYwNDQ5NDg4M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXnsU3WhaIpL9YcjgViQe2JHG5Jy
Y45NcI7Dubpky2SsYTc4l37xGa0laGDEWBjtdm93C0/Mh82jPWLthaFMiSuxTvJV
Rj4JuTRYlhUMtery9/U2OjC4KxtmTeUtH33wX6/1l2ctZvducQRjpsLqqFR2BYyF
ESG9tCJVeTyrTBqgdj7ZTnO1ShjTg+HFI9pEK4psxpP6CeUaW5+/lLiahmjo6svL
08VdDKPDCCsGNb6NbeTpODHYlfcXSjiLPY7z+4/N0YeTclJCmiTqb/qHxI3ywtxo
2obtAXpPOXfzd9YUuurs1tejeFfcQYGibzuxMvXKXpsCZS4AJd2EFOfdYQIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFFIRWV/JpOeT9kcUi2ar/wRJSIPIMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvVWhGWlg4bWs1NVAyUnhTTFpxdl9CRWxJZzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB6gQCAAEwgeMD
BAUFkGADBAMFvdADBAQfKHADBAMl0HgDAwA+dgMEBT6o4AMEAE+rcwMEAFBT7QME
BVFbIAMDAFHDAwQGUmDAAwMAU+0DAwFVjAMEBVXrIAMDAFmvAwMCW0wDBANcK7gD
BARdWuADBAVejIADBABe8wUDBAJfmYgDBAVfqYADBAVtxuADBAONaRgDBACw3hED
AwCyjQMEB7KbAAMEBLKfEAMEArmo7AMEAMFogAMEAcG9RAMEAMJ+ywMEBsMiAAME
B9S8AAMDANVXAwQF1ZMgAwQC1bDkMAsDBALZSvQDAwDZSjAUBAIAAjAOAwUDKgAf
oAMFAyoCACgwDQYJKoZIhvcNAQELBQADggEBACYTt9zUTQMOEvXaRcZRAgJJxx7Y
WLEoABf8Hm8MNKzrEiuuNTp2fmRFt2EbRvTK+n0J1jpl8pANK2ESKJ8HqcHRou/q
sT9lphmJ7pMuKZibs9PJYBb07u4q7I7IrqHfgphu6IuNWOeBUDu7+6CiYLIEaFho
P2FJgI/XaI7MYnfjqpv6fIxBu8Mikke6CsYZjI8hxjZ3vR5QNsrZgpPnxZCVm/sX
SzeFvhITNMhBUj+uu9JKoqm1KsKQo0t6PdXBPSo5dcm9YEwp96i04fUxG5UKIgdc
QyPW4wMwc9D22/vcw/5X7ZGPkmvb37Nayh1pccOjada2ku2jDL8Rm5NpIQI=
-----END CERTIFICATE-----
Generated at Thu May 1 09:32:31 2025 by rpki-client