Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WyPmKdlgtfQ1E5wTN1LlHO54RAk.roa
File: WyPmKdlgtfQ1E5wTN1LlHO54RAk.roa (raw, json)
Hash identifier: D4iufWRvxBhxYu8Bo86+v2VzgNW2N7yEugNdVsbJRss=
Subject key identifier: 5B:23:E6:29:D9:60:B5:F4:35:13:9C:13:37:52:E5:1C:EE:78:44:09
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01946EE0B19C9994194660E67ED2EE022410
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WyPmKdlgtfQ1E5wTN1LlHO54RAk.roa
Signing time: Thu 16 Jan 2025 11:30:06 +0000
ROA not before: Thu 16 Jan 2025 11:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58272
IP address blocks: 37.18.0.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
37.18.78.0/24 maxlen: 24
37.230.130.0/24 maxlen: 24
37.230.132.0/24 maxlen: 24
37.230.134.0/24 maxlen: 24
37.230.135.0/24 maxlen: 24
37.230.151.0/24 maxlen: 24
37.230.163.0/24 maxlen: 24
37.230.176.0/24 maxlen: 24
37.230.178.0/24 maxlen: 24
37.230.182.0/24 maxlen: 24
37.230.183.0/24 maxlen: 24
37.230.187.0/24 maxlen: 24
37.230.254.0/24 maxlen: 24
46.243.138.0/24 maxlen: 24
46.243.139.0/24 maxlen: 24
46.243.140.0/24 maxlen: 24
46.243.149.0/24 maxlen: 24
46.243.204.0/24 maxlen: 24
46.243.214.0/24 maxlen: 24
46.243.215.0/24 maxlen: 24
46.243.220.0/24 maxlen: 24
46.243.221.0/24 maxlen: 24
46.243.222.0/24 maxlen: 24
46.243.223.0/24 maxlen: 24
46.243.224.0/24 maxlen: 24
46.243.225.0/24 maxlen: 24
46.243.236.0/24 maxlen: 24
46.243.237.0/24 maxlen: 24
46.243.238.0/24 maxlen: 24
46.243.239.0/24 maxlen: 24
46.243.240.0/24 maxlen: 24
46.243.241.0/24 maxlen: 24
46.243.242.0/24 maxlen: 24
46.243.243.0/24 maxlen: 24
46.243.246.0/23 maxlen: 23
46.243.246.0/24 maxlen: 24
46.243.247.0/24 maxlen: 24
46.243.248.0/24 maxlen: 24
46.243.249.0/24 maxlen: 24
46.243.250.0/24 maxlen: 24
46.243.251.0/24 maxlen: 24
128.0.71.0/24 maxlen: 24
141.101.132.0/24 maxlen: 24
141.101.133.0/24 maxlen: 24
141.101.135.0/24 maxlen: 24
141.101.136.0/24 maxlen: 24
141.101.138.0/23 maxlen: 23
141.101.143.0/24 maxlen: 24
141.101.144.0/24 maxlen: 24
141.101.145.0/24 maxlen: 24
141.101.146.0/24 maxlen: 24
141.101.147.0/24 maxlen: 24
141.101.148.0/24 maxlen: 24
141.101.149.0/24 maxlen: 24
141.101.150.0/24 maxlen: 24
141.101.153.0/24 maxlen: 24
141.101.154.0/24 maxlen: 24
141.101.155.0/24 maxlen: 24
141.101.156.0/24 maxlen: 24
141.101.157.0/24 maxlen: 24
141.101.158.0/24 maxlen: 24
141.101.159.0/24 maxlen: 24
141.101.160.0/24 maxlen: 24
141.101.161.0/24 maxlen: 24
141.101.162.0/24 maxlen: 24
141.101.163.0/24 maxlen: 24
141.101.164.0/24 maxlen: 24
141.101.165.0/24 maxlen: 24
141.101.166.0/24 maxlen: 24
141.101.167.0/24 maxlen: 24
141.101.168.0/24 maxlen: 24
141.101.169.0/24 maxlen: 24
141.101.170.0/24 maxlen: 24
141.101.171.0/24 maxlen: 24
141.101.172.0/24 maxlen: 24
141.101.173.0/24 maxlen: 24
141.101.174.0/24 maxlen: 24
141.101.179.0/24 maxlen: 24
141.101.191.0/24 maxlen: 24
141.101.199.0/24 maxlen: 24
141.101.235.0/24 maxlen: 24
141.101.248.0/24 maxlen: 24
141.101.255.0/24 maxlen: 24
178.170.136.0/24 maxlen: 24
178.170.137.0/24 maxlen: 24
178.170.139.0/24 maxlen: 24
178.170.140.0/24 maxlen: 24
178.170.141.0/24 maxlen: 24
178.170.145.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
185.4.148.0/24 maxlen: 24
185.4.149.0/24 maxlen: 24
185.4.150.0/24 maxlen: 24
185.4.151.0/24 maxlen: 24
188.72.80.0/24 maxlen: 24
188.72.81.0/24 maxlen: 24
188.72.82.0/24 maxlen: 24
188.72.83.0/24 maxlen: 24
188.72.84.0/24 maxlen: 24
188.72.85.0/24 maxlen: 24
188.72.86.0/24 maxlen: 24
188.72.87.0/24 maxlen: 24
188.72.89.0/24 maxlen: 24
188.72.95.0/24 maxlen: 24
188.72.102.0/24 maxlen: 24
188.72.114.0/24 maxlen: 24
188.72.115.0/24 maxlen: 24
188.72.116.0/24 maxlen: 24
188.72.119.0/24 maxlen: 24
217.150.88.0/24 maxlen: 24
217.150.89.0/24 maxlen: 24
217.150.90.0/24 maxlen: 24
217.150.91.0/24 maxlen: 24
217.150.92.0/24 maxlen: 24
217.150.93.0/24 maxlen: 24
217.150.94.0/24 maxlen: 24
217.150.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 12:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:e0:b1:9c:99:94:19:46:60:e6:7e:d2:ee:02:24:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 16 11:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b23e629d960b5f435139c133752e51cee784409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:28:27:6d:fb:85:c3:cf:18:f4:e5:25:e2:
59:60:c9:75:79:54:03:a5:54:48:ce:ba:a7:75:59:
da:8c:b7:41:b0:72:58:15:59:00:92:f7:09:b9:f6:
13:a7:be:b1:64:79:af:fd:50:85:7d:4a:74:58:da:
df:b5:21:8d:22:e0:9a:92:70:33:e9:b1:eb:6d:2a:
52:11:f8:3f:cf:7a:f0:c3:c4:dd:a3:19:43:ab:7f:
3a:97:81:64:17:17:b7:8f:da:01:b5:0c:c6:a9:43:
04:fd:ab:ec:22:ff:49:38:8a:16:9e:d6:c7:f8:47:
97:6b:16:e6:93:fc:ef:cc:1b:21:f7:e9:3c:63:8f:
cf:c7:29:a9:cf:5c:c0:86:2e:d6:73:58:8a:c8:6c:
4c:d7:5c:8b:33:3d:12:e3:d9:8f:75:61:97:f4:46:
0d:1d:e4:c5:85:f3:1b:73:fe:62:25:d4:ee:32:c2:
fb:d3:cd:ca:e9:96:65:af:d6:eb:89:c3:18:88:77:
bc:f4:41:f1:02:6a:18:82:d9:99:af:71:5d:74:d7:
50:4a:67:5c:92:7d:0f:58:ef:9a:6f:08:12:4e:e3:
08:d3:1a:90:dc:0a:96:b4:44:40:e5:bf:7f:24:a7:
9d:03:13:92:14:7a:5d:5e:d4:c1:52:f9:b8:42:b1:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:23:E6:29:D9:60:B5:F4:35:13:9C:13:37:52:E5:1C:EE:78:44:09
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WyPmKdlgtfQ1E5wTN1LlHO54RAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.0.0/24
37.18.63.0/24
37.18.78.0/24
37.230.130.0/24
37.230.132.0/24
37.230.134.0/23
37.230.151.0/24
37.230.163.0/24
37.230.176.0/24
37.230.178.0/24
37.230.182.0/23
37.230.187.0/24
37.230.254.0/24
46.243.138.0-46.243.140.255
46.243.149.0/24
46.243.204.0/24
46.243.214.0/23
46.243.220.0-46.243.225.255
46.243.236.0-46.243.243.255
46.243.246.0-46.243.251.255
128.0.71.0/24
141.101.132.0/23
141.101.135.0-141.101.136.255
141.101.138.0/23
141.101.143.0-141.101.150.255
141.101.153.0-141.101.174.255
141.101.179.0/24
141.101.191.0/24
141.101.199.0/24
141.101.235.0/24
141.101.248.0/24
141.101.255.0/24
178.170.136.0/23
178.170.139.0-178.170.141.255
178.170.145.0/24
178.170.172.0/24
185.4.148.0/22
188.72.80.0/21
188.72.89.0/24
188.72.95.0/24
188.72.102.0/24
188.72.114.0-188.72.116.255
188.72.119.0/24
217.150.88.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:4b:66:fa:be:89:79:bf:26:66:aa:4b:4c:33:c6:6b:03:18:
d8:82:8d:fc:16:db:9a:1a:28:c2:37:fa:2e:00:9b:4e:89:86:
6d:26:da:47:46:f6:ac:1a:7d:30:f7:3d:a7:f3:d8:ee:19:ce:
88:88:a0:51:44:18:99:76:92:e1:19:5d:5c:3f:c9:0c:6f:d4:
10:8e:29:db:20:97:6b:3c:9e:11:e9:97:1e:86:cc:54:37:af:
51:39:b0:1e:d3:89:80:d6:9e:45:19:8d:9e:c3:ec:45:0c:ed:
d8:9c:3a:e4:ee:86:f4:75:87:0f:12:0b:72:05:08:40:7d:36:
9a:e4:39:5d:26:f5:10:96:f3:e5:57:2a:e3:6c:0e:b5:3b:fa:
67:b1:b1:91:11:cd:40:08:2d:79:25:fd:ca:42:59:ef:a3:ca:
af:f6:f2:26:f4:a0:2d:80:ba:a7:e7:cf:6c:f1:68:fd:0f:ab:
ab:ea:23:7c:46:81:1c:43:7f:a8:d7:95:17:b8:74:2d:df:7a:
71:95:bf:a7:f1:42:b5:19:fc:90:99:25:1c:ae:77:70:80:20:
a7:ff:9f:6b:7d:b0:2f:dc:00:9c:65:01:61:ce:2a:36:be:5b:
bc:c6:de:d7:a7:e7:27:cf:32:b6:98:d1:1f:04:d5:6f:2d:68:
0c:92:26:3e
-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgISAZRu4LGcmZQZRmDmftLuAiQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTE2MTEzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjIzZTYyOWQ5NjBiNWY0MzUxMzljMTMzNzUyZTUxY2VlNzg0NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcMoJ237hcPPGPTlJeJZYMl1eVQD
pVRIzrqndVnajLdBsHJYFVkAkvcJufYTp76xZHmv/VCFfUp0WNrftSGNIuCaknAz
6bHrbSpSEfg/z3rww8TdoxlDq386l4FkFxe3j9oBtQzGqUME/avsIv9JOIoWntbH
+EeXaxbmk/zvzBsh9+k8Y4/Pxympz1zAhi7Wc1iKyGxM11yLMz0S49mPdWGX9EYN
HeTFhfMbc/5iJdTuMsL7083K6ZZlr9bricMYiHe89EHxAmoYgtmZr3FddNdQSmdc
kn0PWO+abwgSTuMI0xqQ3AqWtERA5b9/JKedAxOSFHpdXtTBUvm4QrGAeQIDAQAB
o4IDXTCCA1kwHQYDVR0OBBYEFFsj5inZYLX0NROcEzdS5RzueEQJMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvV3lQbUtkbGd0ZlExRTV3VE4xTGxITzU0UkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcQYIKwYBBQUHAQcBAf8EggFgMIIBXDCCAVgEAgABMIIB
UAMEACUSAAMEACUSPwMEACUSTgMEACXmggMEACXmhAMEASXmhgMEACXmlwMEACXm
owMEACXmsAMEACXmsgMEASXmtgMEACXmuwMEACXm/jAMAwQBLvOKAwQALvOMAwQA
LvOVAwQALvPMAwQBLvPWMAwDBAIu89wDBAEu8+AwDAMEAi7z7AMEAi7z8DAMAwQB
LvP2AwQCLvP4AwQAgABHAwQBjWWEMAwDBACNZYcDBACNZYgDBAGNZYowDAMEAI1l
jwMEAI1lljAMAwQAjWWZAwQAjWWuAwQAjWWzAwQAjWW/AwQAjWXHAwQAjWXrAwQA
jWX4AwQAjWX/AwQBsqqIMAwDBACyqosDBAGyqowDBACyqpEDBACyqqwDBAK5BJQD
BAO8SFADBAC8SFkDBAC8SF8DBAC8SGYwDAMEAbxIcgMEALxIdAMEALxIdwMEA9mW
WDANBgkqhkiG9w0BAQsFAAOCAQEAb0tm+r6Jeb8mZqpLTDPGawMY2IKN/Bbbmhoo
wjf6LgCbTomGbSbaR0b2rBp9MPc9p/PY7hnOiIigUUQYmXaS4RldXD/JDG/UEI4p
2yCXazyeEemXHobMVDevUTmwHtOJgNaeRRmNnsPsRQzt2Jw65O6G9HWHDxILcgUI
QH02muQ5XSb1EJbz5Vcq42wOtTv6Z7GxkRHNQAgteSX9ykJZ76PKr/byJvSgLYC6
p+fPbPFo/Q+rq+ojfEaBHEN/qNeVF7h0Ld96cZW/p/FCtRn8kJklHK53cIAgp/+f
a32wL9wAnGUBYc4qNr5bvMbe16fnJ88ytpjRHwTVby1oDJImPg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:58:01 2025 by rpki-client