Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/cZlWVN_rCgJHUfNpebs8Io3sK_k.roa
File: cZlWVN_rCgJHUfNpebs8Io3sK_k.roa (raw, json)
Hash identifier: +F1xPm+mJ5jb6tA890Kb4TkgqbtaX6fkLF8wNlXinB4=
Subject key identifier: 71:99:56:54:DF:EB:0A:02:47:51:F3:69:79:BB:3C:22:8D:EC:2B:F9
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 019666C68DF5B1E31CEAD514BFBAB6BDF7D5
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/cZlWVN_rCgJHUfNpebs8Io3sK_k.roa
Signing time: Thu 24 Apr 2025 07:50:10 +0000
ROA not before: Thu 24 Apr 2025 07:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.18.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
89.58.120.0/21 maxlen: 21
194.97.0.0/18 maxlen: 18
194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.164.0/22 maxlen: 22
195.4.0.0/17 maxlen: 17
195.4.16.0/22 maxlen: 22
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.176.0/21 maxlen: 24
195.4.176.0/24 maxlen: 24
195.4.178.0/23 maxlen: 23
195.4.216.0/21 maxlen: 21
195.4.224.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Apr 2025 07:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:c6:8d:f5:b1:e3:1c:ea:d5:14:bf:ba:b6:bd:f7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Apr 24 07:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71995654dfeb0a024751f36979bb3c228dec2bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:56:d3:93:d5:9a:5a:91:1c:43:9c:f2:b4:98:
01:b9:fc:1e:9a:09:6e:e1:c1:9d:17:29:d4:81:34:
ec:9b:8d:ce:21:77:55:cf:44:3a:05:cd:9c:e6:27:
5b:1b:8a:a0:ad:0f:70:ec:41:e5:f4:59:f5:35:b3:
d0:29:91:d7:97:62:ef:73:f5:b6:41:ac:28:c3:fc:
4c:ff:1f:52:40:1a:dd:3b:e0:ae:6e:b0:f3:1b:b9:
92:3b:3a:94:cb:8e:7e:b4:50:73:e5:19:9f:a1:48:
9d:65:6c:f9:a7:f2:ee:bd:24:ba:02:c0:25:c8:e1:
ea:dd:61:3f:b5:e5:13:10:e6:ce:6f:dc:6f:9f:12:
9b:4a:10:47:04:96:fb:bc:ea:56:2c:2f:8b:86:34:
54:ea:c3:83:82:eb:83:aa:8d:38:13:c1:05:33:4b:
29:14:29:93:92:aa:7b:e0:d7:6c:0c:52:e4:2f:78:
db:dd:cd:83:3f:ab:5e:f8:e1:d4:d1:de:c2:cb:7e:
d0:6f:0e:3c:a9:0e:f6:77:9a:a5:87:8d:4e:19:1d:
6a:4c:8f:61:77:fd:60:ad:ec:21:84:bc:82:d2:dc:
af:66:5a:e5:b4:ed:bb:15:68:b8:54:42:f4:7e:81:
de:ec:2e:2d:4a:5d:ac:d6:29:fe:61:fd:69:12:ee:
f3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:99:56:54:DF:EB:0A:02:47:51:F3:69:79:BB:3C:22:8D:EC:2B:F9
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/cZlWVN_rCgJHUfNpebs8Io3sK_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.58.120.0/21
194.97.0.0/18
194.97.96.0/19
194.97.160.0/19
195.4.0.0/17
195.4.176.0/21
195.4.216.0-195.4.255.255
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
7f:02:1d:d1:7b:17:f3:2e:e2:65:fd:bf:e3:d4:9d:a5:df:be:
86:99:54:32:4d:dd:97:dc:ea:52:1f:c5:d0:cd:b3:45:ef:bb:
b4:c7:f9:c4:05:c8:b5:c2:be:9d:22:7e:c9:d5:05:7e:67:72:
bc:ff:0d:5b:82:70:de:8a:b9:8e:94:ac:a1:1d:f0:3f:4e:15:
57:9d:c4:47:b9:66:75:2d:d7:08:4f:96:9e:a5:a8:87:ac:4f:
1f:ee:02:e3:77:e1:b9:dd:b0:48:9a:0a:76:20:56:71:36:df:
68:a5:5a:0d:88:18:b8:84:ee:ff:d0:5d:f9:6f:13:8e:b3:87:
17:d6:12:9b:1c:06:b1:f7:e2:49:0d:97:0a:0e:a4:ac:8f:4c:
bf:29:fc:fc:8d:41:46:47:a3:b4:93:72:6e:66:c6:80:6e:ac:
cd:03:a9:2d:3b:80:2c:e0:5e:64:b0:16:ee:50:7e:47:4d:f7:
d3:c4:81:f1:a4:a7:3c:d6:9e:81:be:a6:d2:42:41:ec:94:e4:
9f:fb:74:96:d4:7b:0e:32:fa:d2:74:84:62:c0:13:b3:80:eb:
4e:4e:8b:48:7a:d6:81:d9:35:f2:eb:90:aa:5c:79:ac:d3:fa:
17:b3:ed:34:51:57:85:08:9e:2b:2f:9c:ec:30:d1:37:7e:d0:
76:be:49:29
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZZmxo31seMc6tUUv7q2vffVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjUwNDI0MDc1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk5NTY1NGRmZWIwYTAyNDc1MWYzNjk3OWJiM2MyMjhkZWMyYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVbTk9WaWpEcQ5zytJgBufwemglu
4cGdFynUgTTsm43OIXdVz0Q6Bc2c5idbG4qgrQ9w7EHl9Fn1NbPQKZHXl2Lvc/W2
Qawow/xM/x9SQBrdO+CubrDzG7mSOzqUy45+tFBz5RmfoUidZWz5p/LuvSS6AsAl
yOHq3WE/teUTEObOb9xvnxKbShBHBJb7vOpWLC+LhjRU6sODguuDqo04E8EFM0sp
FCmTkqp74NdsDFLkL3jb3c2DP6te+OHU0d7Cy37Qbw48qQ72d5qlh41OGR1qTI9h
d/1grewhhLyC0tyvZlrltO27FWi4VEL0foHe7C4tSl2s1in+Yf1pEu7zHwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHGZVlTf6woCR1HzaXm7PCKN7Cv5MB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvY1psV1ZOX3JDZ0pIVWZOcGViczhJbzNzS19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAPmgDBANZ
OngDBAbCYQADBAXCYWADBAXCYaADBAfDBAADBAPDBLAwCwMEA8ME2AMDAMMEMA0E
AgACMAcDBQAgAQdIMA0GCSqGSIb3DQEBCwUAA4IBAQB/Ah3RexfzLuJl/b/j1J2l
376GmVQyTd2X3OpSH8XQzbNF77u0x/nEBci1wr6dIn7J1QV+Z3K8/w1bgnDeirmO
lKyhHfA/ThVXncRHuWZ1LdcIT5aepaiHrE8f7gLjd+G53bBImgp2IFZxNt9opVoN
iBi4hO7/0F35bxOOs4cX1hKbHAax9+JJDZcKDqSsj0y/Kfz8jUFGR6O0k3JuZsaA
bqzNA6ktO4As4F5ksBbuUH5HTffTxIHxpKc81p6BvqbSQkHslOSf+3SW1HsOMvrS
dIRiwBOzgOtOTotIetaB2TXy65CqXHms0/oXs+00UVeFCJ4rL5zsMNE3ftB2vkkp
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:57:02 2025 by rpki-client