Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/zrwWqHlNOKvC9deHdZUjax08_K4.roa
File: zrwWqHlNOKvC9deHdZUjax08_K4.roa (raw, json)
Hash identifier: Sh4ks0NCBERPmAVg5wV8RtKlR8qiqq0ni6P+RYIhKa4=
Subject key identifier: CE:BC:16:A8:79:4D:38:AB:C2:F5:D7:87:75:95:23:6B:1D:3C:FC:AE
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 019680882D66159841C0EBDED31A6DC855CF
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/zrwWqHlNOKvC9deHdZUjax08_K4.roa
Signing time: Tue 29 Apr 2025 07:52:10 +0000
ROA not before: Tue 29 Apr 2025 07:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.18.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
89.58.120.0/21 maxlen: 21
194.97.0.0/18 maxlen: 18
194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.164.0/22 maxlen: 22
195.4.0.0/17 maxlen: 17
195.4.16.0/22 maxlen: 22
195.4.16.0/24 maxlen: 24
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.176.0/21 maxlen: 24
195.4.176.0/24 maxlen: 24
195.4.178.0/23 maxlen: 23
195.4.216.0/21 maxlen: 21
195.4.224.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Apr 2025 10:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:88:2d:66:15:98:41:c0:eb:de:d3:1a:6d:c8:55:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Apr 29 07:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cebc16a8794d38abc2f5d7877595236b1d3cfcae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:1a:d9:06:c5:82:33:ad:71:cb:8c:df:cf:
1c:83:74:9f:1d:dc:32:06:2b:af:dc:d3:85:a6:2b:
a4:be:ea:bf:1d:67:48:40:79:f2:74:fd:f0:1c:95:
c9:e8:69:b5:b7:d7:9a:0f:0a:44:84:c3:4a:58:63:
e1:10:39:66:e5:95:69:c6:0e:18:22:1a:6e:d8:db:
35:c7:47:9b:6d:88:ea:cf:97:69:5c:9f:2d:e2:2a:
5c:a9:a2:1d:43:9a:eb:e9:06:02:a5:76:76:d4:4f:
2c:01:e0:9f:c6:46:ff:62:eb:76:4c:dd:dc:8c:fb:
c8:ba:14:fc:49:3a:d0:0e:b6:19:9e:de:47:6e:24:
4b:09:6b:ee:07:b4:4f:10:58:8e:59:c1:45:97:13:
d6:02:0c:0e:29:4a:56:aa:06:65:a9:59:78:db:72:
73:25:4b:f1:ee:e3:56:20:64:0c:89:3b:3e:78:74:
c1:de:6a:4b:3c:1e:f9:ae:6c:ec:b3:65:c9:c9:15:
6a:d3:89:6a:5c:e2:7a:c5:41:ec:79:3d:3b:d4:02:
49:fd:da:1b:cb:d2:9b:e6:bd:20:8f:fc:a7:5d:a4:
e8:08:b2:0e:bb:05:9f:23:17:0c:6b:bc:a4:aa:d6:
75:f1:65:fd:a8:37:37:d7:1d:bf:00:a2:4d:4f:ca:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BC:16:A8:79:4D:38:AB:C2:F5:D7:87:75:95:23:6B:1D:3C:FC:AE
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/zrwWqHlNOKvC9deHdZUjax08_K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.58.120.0/21
194.97.0.0/18
194.97.96.0/19
194.97.160.0/19
195.4.0.0/17
195.4.176.0/21
195.4.216.0-195.4.255.255
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
85:2c:34:9c:25:15:10:26:81:74:61:c2:3d:9d:bc:33:28:17:
df:db:8c:93:0b:2f:44:06:fb:81:76:56:01:28:0a:9e:2b:14:
2c:91:ae:1d:60:bd:38:7e:1d:88:0c:0c:f8:43:c5:fc:66:7a:
83:7f:f8:c6:f2:f9:1b:d4:a4:8e:53:02:55:1e:29:7d:58:1b:
4a:68:82:d7:f8:9d:01:39:b6:a1:68:40:e0:64:30:85:3b:34:
ca:c0:39:15:b9:f7:f9:08:f6:9f:8e:1d:b5:de:25:63:64:1c:
fb:93:88:bb:11:63:75:ca:fd:dd:e9:c2:15:08:a4:ac:bd:b9:
e0:b5:b2:94:d4:8c:af:7b:05:c3:b8:6a:b4:cc:c8:3a:0d:e3:
34:c4:fc:d9:a6:da:37:c2:4d:5f:e3:c6:88:4e:2c:74:6e:86:
5e:06:29:fb:74:f7:58:ab:67:62:22:aa:03:03:94:3b:38:b1:
6d:52:4e:94:ae:6c:8a:c1:e5:b9:16:82:00:1f:f2:20:ef:d5:
a3:1b:33:45:8e:d8:8b:a5:4e:4c:2e:74:c6:89:ae:ef:a5:60:
f8:7f:c4:b4:0b:8a:33:a9:78:26:cf:cf:71:b3:c3:32:9e:cf:
06:0d:0d:c0:a8:a6:7c:db:9c:e7:7e:28:ad:c7:bb:6f:9d:5d:
11:4c:ce:8e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZaAiC1mFZhBwOve0xptyFXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjUwNDI5MDc1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWJjMTZhODc5NGQzOGFiYzJmNWQ3ODc3NTk1MjM2YjFkM2NmY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Aa2QbFgjOtccuM388cg3SfHdwy
Biuv3NOFpiukvuq/HWdIQHnydP3wHJXJ6Gm1t9eaDwpEhMNKWGPhEDlm5ZVpxg4Y
Ihpu2Ns1x0ebbYjqz5dpXJ8t4ipcqaIdQ5rr6QYCpXZ21E8sAeCfxkb/Yut2TN3c
jPvIuhT8STrQDrYZnt5HbiRLCWvuB7RPEFiOWcFFlxPWAgwOKUpWqgZlqVl423Jz
JUvx7uNWIGQMiTs+eHTB3mpLPB75rmzss2XJyRVq04lqXOJ6xUHseT071AJJ/dob
y9Kb5r0gj/ynXaToCLIOuwWfIxcMa7ykqtZ18WX9qDc31x2/AKJNT8oJ8wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFM68Fqh5TTirwvXXh3WVI2sdPPyuMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvenJ3V3FIbE5PS3ZDOWRlSGRaVWpheDA4X0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAPmgDBANZ
OngDBAbCYQADBAXCYWADBAXCYaADBAfDBAADBAPDBLAwCwMEA8ME2AMDAMMEMA0E
AgACMAcDBQAgAQdIMA0GCSqGSIb3DQEBCwUAA4IBAQCFLDScJRUQJoF0YcI9nbwz
KBff24yTCy9EBvuBdlYBKAqeKxQska4dYL04fh2IDAz4Q8X8ZnqDf/jG8vkb1KSO
UwJVHil9WBtKaILX+J0BObahaEDgZDCFOzTKwDkVuff5CPafjh213iVjZBz7k4i7
EWN1yv3d6cIVCKSsvbngtbKU1IyvewXDuGq0zMg6DeM0xPzZpto3wk1f48aITix0
boZeBin7dPdYq2diIqoDA5Q7OLFtUk6UrmyKweW5FoIAH/Ig79WjGzNFjtiLpU5M
LnTGia7vpWD4f8S0C4ozqXgmz89xs8Myns8GDQ3AqKZ825znfiitx7tvnV0RTM6O
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:06:27 2025 by rpki-client