Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3KHj3NLUG3OAWXoU9QP5YLwH_9I.roa
File: 3KHj3NLUG3OAWXoU9QP5YLwH_9I.roa (raw, json)
Hash identifier: dHkdQTWB/N1wfWKyEIC7MQGcraGJ9ilWmjD6VB4sNDg=
Subject key identifier: DC:A1:E3:DC:D2:D4:1B:73:80:59:7A:14:F5:03:F9:60:BC:07:FF:D2
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01946F255BE1EFB2266C4E9691446CD7E449
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3KHj3NLUG3OAWXoU9QP5YLwH_9I.roa
Signing time: Thu 16 Jan 2025 12:45:06 +0000
ROA not before: Thu 16 Jan 2025 12:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58272
IP address blocks: 37.18.0.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
37.18.78.0/24 maxlen: 24
37.230.130.0/24 maxlen: 24
37.230.132.0/24 maxlen: 24
37.230.134.0/24 maxlen: 24
37.230.135.0/24 maxlen: 24
37.230.151.0/24 maxlen: 24
37.230.163.0/24 maxlen: 24
37.230.176.0/24 maxlen: 24
37.230.178.0/24 maxlen: 24
37.230.182.0/24 maxlen: 24
37.230.183.0/24 maxlen: 24
37.230.187.0/24 maxlen: 24
37.230.254.0/24 maxlen: 24
46.243.138.0/24 maxlen: 24
46.243.139.0/24 maxlen: 24
46.243.140.0/24 maxlen: 24
46.243.148.0/24 maxlen: 24
46.243.149.0/24 maxlen: 24
46.243.150.0/24 maxlen: 24
46.243.163.0/24 maxlen: 24
46.243.204.0/24 maxlen: 24
46.243.214.0/24 maxlen: 24
46.243.215.0/24 maxlen: 24
46.243.220.0/24 maxlen: 24
46.243.221.0/24 maxlen: 24
46.243.222.0/24 maxlen: 24
46.243.223.0/24 maxlen: 24
46.243.224.0/24 maxlen: 24
46.243.225.0/24 maxlen: 24
46.243.236.0/24 maxlen: 24
46.243.237.0/24 maxlen: 24
46.243.238.0/24 maxlen: 24
46.243.239.0/24 maxlen: 24
46.243.240.0/24 maxlen: 24
46.243.241.0/24 maxlen: 24
46.243.242.0/24 maxlen: 24
46.243.243.0/24 maxlen: 24
46.243.246.0/23 maxlen: 23
46.243.246.0/24 maxlen: 24
46.243.247.0/24 maxlen: 24
46.243.248.0/24 maxlen: 24
46.243.249.0/24 maxlen: 24
46.243.250.0/24 maxlen: 24
46.243.251.0/24 maxlen: 24
128.0.71.0/24 maxlen: 24
141.101.132.0/24 maxlen: 24
141.101.133.0/24 maxlen: 24
141.101.135.0/24 maxlen: 24
141.101.136.0/24 maxlen: 24
141.101.138.0/23 maxlen: 23
141.101.143.0/24 maxlen: 24
141.101.144.0/24 maxlen: 24
141.101.145.0/24 maxlen: 24
141.101.146.0/24 maxlen: 24
141.101.147.0/24 maxlen: 24
141.101.148.0/24 maxlen: 24
141.101.149.0/24 maxlen: 24
141.101.150.0/24 maxlen: 24
141.101.153.0/24 maxlen: 24
141.101.154.0/24 maxlen: 24
141.101.155.0/24 maxlen: 24
141.101.156.0/24 maxlen: 24
141.101.157.0/24 maxlen: 24
141.101.158.0/24 maxlen: 24
141.101.159.0/24 maxlen: 24
141.101.160.0/24 maxlen: 24
141.101.161.0/24 maxlen: 24
141.101.162.0/24 maxlen: 24
141.101.163.0/24 maxlen: 24
141.101.164.0/24 maxlen: 24
141.101.165.0/24 maxlen: 24
141.101.166.0/24 maxlen: 24
141.101.167.0/24 maxlen: 24
141.101.168.0/24 maxlen: 24
141.101.169.0/24 maxlen: 24
141.101.170.0/24 maxlen: 24
141.101.171.0/24 maxlen: 24
141.101.172.0/24 maxlen: 24
141.101.173.0/24 maxlen: 24
141.101.174.0/24 maxlen: 24
141.101.179.0/24 maxlen: 24
141.101.191.0/24 maxlen: 24
141.101.199.0/24 maxlen: 24
141.101.235.0/24 maxlen: 24
141.101.248.0/24 maxlen: 24
141.101.255.0/24 maxlen: 24
178.170.136.0/24 maxlen: 24
178.170.137.0/24 maxlen: 24
178.170.139.0/24 maxlen: 24
178.170.140.0/24 maxlen: 24
178.170.141.0/24 maxlen: 24
178.170.145.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
185.4.148.0/24 maxlen: 24
185.4.149.0/24 maxlen: 24
185.4.150.0/24 maxlen: 24
185.4.151.0/24 maxlen: 24
188.72.80.0/24 maxlen: 24
188.72.81.0/24 maxlen: 24
188.72.82.0/24 maxlen: 24
188.72.83.0/24 maxlen: 24
188.72.84.0/24 maxlen: 24
188.72.85.0/24 maxlen: 24
188.72.86.0/24 maxlen: 24
188.72.87.0/24 maxlen: 24
188.72.89.0/24 maxlen: 24
188.72.95.0/24 maxlen: 24
188.72.102.0/24 maxlen: 24
188.72.114.0/24 maxlen: 24
188.72.115.0/24 maxlen: 24
188.72.116.0/24 maxlen: 24
188.72.119.0/24 maxlen: 24
217.150.88.0/24 maxlen: 24
217.150.89.0/24 maxlen: 24
217.150.90.0/24 maxlen: 24
217.150.91.0/24 maxlen: 24
217.150.92.0/24 maxlen: 24
217.150.93.0/24 maxlen: 24
217.150.94.0/24 maxlen: 24
217.150.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 15:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:25:5b:e1:ef:b2:26:6c:4e:96:91:44:6c:d7:e4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 16 12:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dca1e3dcd2d41b7380597a14f503f960bc07ffd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4f:ed:ae:c9:06:63:e8:bb:cd:c0:d1:ec:22:
14:ca:fd:96:e8:84:5f:b0:3b:e5:23:52:85:bb:9d:
65:88:2a:5c:d6:2f:f9:f5:b9:e0:8b:55:eb:ec:00:
fa:fd:db:a8:e6:67:55:41:05:6b:d8:24:cf:86:d2:
36:f7:95:46:be:65:da:b5:b2:97:7b:07:d1:03:04:
9a:e8:d7:94:96:c3:27:8e:81:11:22:c2:5d:8b:72:
9d:76:a3:b1:9a:16:5d:91:33:e0:f0:45:6a:ed:7b:
16:dc:af:30:ab:b5:5b:a3:3e:d5:18:e2:a6:74:70:
9a:c0:f3:95:56:8b:a4:47:0b:6f:4e:51:a4:0f:5c:
dc:3e:52:93:05:5f:26:b9:11:5e:2c:cb:6a:35:ee:
b5:60:c9:57:ef:4c:df:31:7f:84:7b:00:ab:3c:b2:
47:c4:21:36:b9:6b:9b:d4:be:41:6e:d5:cf:54:3f:
e6:bd:cc:3a:94:b3:ac:77:4a:da:b7:e2:47:61:b1:
a0:6c:f4:88:4a:dd:62:58:63:a0:dd:a5:09:7e:7d:
5e:c2:14:e7:63:27:b4:20:88:d9:e9:79:ac:1e:4e:
38:c1:c4:2e:33:de:c5:e9:80:4d:7e:56:e0:ce:0d:
88:44:e9:90:b3:91:68:20:0b:06:dd:f2:04:b4:89:
7c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A1:E3:DC:D2:D4:1B:73:80:59:7A:14:F5:03:F9:60:BC:07:FF:D2
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3KHj3NLUG3OAWXoU9QP5YLwH_9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.0.0/24
37.18.63.0/24
37.18.78.0/24
37.230.130.0/24
37.230.132.0/24
37.230.134.0/23
37.230.151.0/24
37.230.163.0/24
37.230.176.0/24
37.230.178.0/24
37.230.182.0/23
37.230.187.0/24
37.230.254.0/24
46.243.138.0-46.243.140.255
46.243.148.0-46.243.150.255
46.243.163.0/24
46.243.204.0/24
46.243.214.0/23
46.243.220.0-46.243.225.255
46.243.236.0-46.243.243.255
46.243.246.0-46.243.251.255
128.0.71.0/24
141.101.132.0/23
141.101.135.0-141.101.136.255
141.101.138.0/23
141.101.143.0-141.101.150.255
141.101.153.0-141.101.174.255
141.101.179.0/24
141.101.191.0/24
141.101.199.0/24
141.101.235.0/24
141.101.248.0/24
141.101.255.0/24
178.170.136.0/23
178.170.139.0-178.170.141.255
178.170.145.0/24
178.170.172.0/24
185.4.148.0/22
188.72.80.0/21
188.72.89.0/24
188.72.95.0/24
188.72.102.0/24
188.72.114.0-188.72.116.255
188.72.119.0/24
217.150.88.0/21
Signature Algorithm: sha256WithRSAEncryption
42:78:8e:74:51:9a:d5:e5:c2:ab:55:82:8f:4a:6e:1a:b5:d7:
90:ab:9e:84:55:ce:f6:ab:88:da:e3:7f:02:b1:8a:2c:75:8e:
bf:8d:e4:db:da:cd:5c:6f:8a:2c:ef:11:73:61:16:b5:41:c1:
db:99:ad:a2:4a:1c:1f:d8:fc:7a:3a:eb:8e:96:a8:e0:0b:82:
47:5d:46:d9:9c:fd:ed:f7:68:51:5d:6a:22:a9:0d:99:56:7e:
64:bb:3b:d3:6d:c4:4b:be:11:0c:75:39:6f:36:c6:a8:9a:aa:
a6:1f:25:48:a3:d9:28:ff:0b:a1:e5:5c:34:f9:f5:e1:40:38:
39:fa:65:de:90:db:37:87:ff:04:c4:19:29:46:e7:7a:eb:f6:
f6:0c:13:98:7e:36:86:f0:21:c8:f7:ca:61:fa:c2:91:53:40:
e9:3b:65:6c:67:7c:8c:12:42:df:e6:6a:a4:42:6b:98:b7:ed:
75:0a:28:89:f1:7e:6a:57:87:06:2e:85:e6:fd:9c:a8:10:19:
b5:49:2d:06:2e:28:43:03:96:1b:3e:a6:ea:14:c8:a7:05:de:
2b:09:a4:1c:ad:7e:f1:7b:0e:57:b2:93:d1:19:0b:4b:6c:b5:
d7:af:76:f4:f7:58:28:7e:91:e9:bf:86:e2:d5:a5:76:e6:cf:
da:0e:7a:8f
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAZRvJVvh77ImbE6WkURs1+RJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTE2MTI0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ExZTNkY2QyZDQxYjczODA1OTdhMTRmNTAzZjk2MGJjMDdmZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE/trskGY+i7zcDR7CIUyv2W6IRf
sDvlI1KFu51liCpc1i/59bngi1Xr7AD6/duo5mdVQQVr2CTPhtI295VGvmXatbKX
ewfRAwSa6NeUlsMnjoERIsJdi3KddqOxmhZdkTPg8EVq7XsW3K8wq7Vboz7VGOKm
dHCawPOVVoukRwtvTlGkD1zcPlKTBV8muRFeLMtqNe61YMlX70zfMX+EewCrPLJH
xCE2uWub1L5BbtXPVD/mvcw6lLOsd0rat+JHYbGgbPSISt1iWGOg3aUJfn1ewhTn
Yye0IIjZ6XmsHk44wcQuM97F6YBNflbgzg2IROmQs5FoIAsG3fIEtIl82QIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFNyh49zS1BtzgFl6FPUD+WC8B//SMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvM0tIajNOTFVHM09BV1hvVTlRUDVZTHdIXzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCAWYEAgABMIIB
XgMEACUSAAMEACUSPwMEACUSTgMEACXmggMEACXmhAMEASXmhgMEACXmlwMEACXm
owMEACXmsAMEACXmsgMEASXmtgMEACXmuwMEACXm/jAMAwQBLvOKAwQALvOMMAwD
BAIu85QDBAAu85YDBAAu86MDBAAu88wDBAEu89YwDAMEAi7z3AMEAS7z4DAMAwQC
LvPsAwQCLvPwMAwDBAEu8/YDBAIu8/gDBACAAEcDBAGNZYQwDAMEAI1lhwMEAI1l
iAMEAY1lijAMAwQAjWWPAwQAjWWWMAwDBACNZZkDBACNZa4DBACNZbMDBACNZb8D
BACNZccDBACNZesDBACNZfgDBACNZf8DBAGyqogwDAMEALKqiwMEAbKqjAMEALKq
kQMEALKqrAMEArkElAMEA7xIUAMEALxIWQMEALxIXwMEALxIZjAMAwQBvEhyAwQA
vEh0AwQAvEh3AwQD2ZZYMA0GCSqGSIb3DQEBCwUAA4IBAQBCeI50UZrV5cKrVYKP
Sm4atdeQq56EVc72q4ja438CsYosdY6/jeTb2s1cb4os7xFzYRa1QcHbma2iShwf
2Px6OuuOlqjgC4JHXUbZnP3t92hRXWoiqQ2ZVn5kuzvTbcRLvhEMdTlvNsaomqqm
HyVIo9ko/wuh5Vw0+fXhQDg5+mXekNs3h/8ExBkpRud66/b2DBOYfjaG8CHI98ph
+sKRU0DpO2VsZ3yMEkLf5mqkQmuYt+11CiiJ8X5qV4cGLoXm/ZyoEBm1SS0GLihD
A5YbPqbqFMinBd4rCaQcrX7xew5XspPRGQtLbLXXr3b091gofpHpv4bi1aV25s/a
DnqP
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:08:03 2025 by rpki-client