Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/RYw9MOGUWBq5hhumUi-ng4G7_nk.roa
File: RYw9MOGUWBq5hhumUi-ng4G7_nk.roa (raw, json)
Hash identifier: Wmkrbhtw4uLh0xb4GMNPZzV6b/WdT9UEnr6LTzJylQg=
Subject key identifier: 45:8C:3D:30:E1:94:58:1A:B9:86:1B:A6:52:2F:A7:83:81:BB:FE:79
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0196382B65D84207900D58ACDB5CD7984A0B
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/RYw9MOGUWBq5hhumUi-ng4G7_nk.roa
Signing time: Tue 15 Apr 2025 06:38:10 +0000
ROA not before: Tue 15 Apr 2025 06:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.10.192.0/24 maxlen: 32
45.10.193.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.153.157.0/24 maxlen: 24
45.153.158.0/23 maxlen: 32
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
87.239.255.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
103.204.222.0/23 maxlen: 32
104.36.50.0/24 maxlen: 32
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 23 Apr 2025 06:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:2b:65:d8:42:07:90:0d:58:ac:db:5c:d7:98:4a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Apr 15 06:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=458c3d30e194581ab9861ba6522fa78381bbfe79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:25:6a:38:20:53:cf:cf:be:43:5d:55:1d:a4:
fe:a7:89:ba:47:26:46:79:55:9f:1c:c3:ce:cc:7d:
71:6c:43:5b:52:70:75:d8:7c:6f:ad:57:df:55:44:
be:e5:be:ea:8c:29:04:26:5e:08:0c:d0:c8:00:14:
97:49:07:1c:5c:fa:12:aa:c2:8d:f3:95:90:23:41:
b6:3a:b3:e3:9b:8c:f1:6c:6b:6e:84:21:a8:83:c7:
8c:c4:92:50:44:03:bd:c4:ba:85:e2:d2:9c:27:30:
6b:48:68:70:82:93:d4:b5:3a:fe:2e:5d:f0:9d:e1:
69:98:d9:72:85:5d:85:b4:00:df:44:84:56:28:54:
61:ae:a2:6a:b5:d5:33:e9:8c:92:48:a7:eb:20:bf:
ba:f6:ae:b0:e5:62:dc:af:4d:64:a2:c2:e9:74:c1:
e1:d9:01:89:74:25:8f:9c:e1:2f:5d:fb:47:cd:63:
90:31:62:29:e0:28:d5:7f:fe:a8:b7:e2:52:00:81:
5f:b0:d2:8b:66:0b:45:6e:a0:77:5c:c1:48:9e:c2:
f5:d4:93:66:63:ef:a6:08:aa:4f:43:c7:f3:89:7a:
e4:c6:38:28:8d:1d:6f:ca:6f:e2:f6:3e:4a:b8:69:
f8:ec:84:e2:78:31:94:9c:6e:fd:a6:a8:01:83:f0:
79:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8C:3D:30:E1:94:58:1A:B9:86:1B:A6:52:2F:A7:83:81:BB:FE:79
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/RYw9MOGUWBq5hhumUi-ng4G7_nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.10.192.0/23
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.153.157.0-45.153.159.255
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.255.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
103.204.222.0/23
104.36.50.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
ab:ac:10:00:a8:0c:75:b7:25:6e:02:1d:5e:67:e7:20:ee:21:
67:d3:3f:5c:59:cf:c5:61:0f:96:ec:56:d9:bc:13:a8:f5:55:
1b:a0:10:87:37:21:7d:89:c9:71:c1:1d:c8:d8:25:fd:a3:5d:
c9:e1:6f:09:be:f2:93:d8:61:74:dc:e4:d7:77:59:59:8e:13:
c5:12:2b:e2:21:b6:6b:72:96:03:c7:6e:fd:e4:38:85:43:8c:
bb:28:b5:bb:48:a1:3c:e2:ea:a6:86:4f:fc:f6:e6:a8:3d:fe:
45:85:26:3d:6c:c7:c7:fe:db:54:2f:d4:b6:50:e3:fc:86:ca:
57:28:2a:ab:f8:a2:8c:12:f2:68:50:ac:37:52:51:f4:ef:0d:
91:ba:1c:5d:60:b1:1d:90:4e:b6:76:93:dd:84:c9:75:b6:80:
f4:3a:78:2e:84:b9:6c:db:85:92:8d:db:55:7d:2c:0e:ed:ed:
da:d8:7e:9f:14:e1:a0:62:63:fe:56:cb:4a:0d:03:d7:40:82:
32:b2:84:32:5f:88:cf:4f:e0:ed:78:a1:90:4f:b6:97:54:7d:
89:79:47:8a:7d:84:db:ce:cd:0b:8c:38:7a:32:16:b3:dc:95:
50:2e:c5:af:5a:d0:4f:f5:ca:77:0b:b4:d4:53:93:48:c8:a0:
a8:ac:b4:b3
-----BEGIN CERTIFICATE-----
MIIGUjCCBTqgAwIBAgISAZY4K2XYQgeQDVis21zXmEoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwNDE1MDYzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NThjM2QzMGUxOTQ1ODFhYjk4NjFiYTY1MjJmYTc4MzgxYmJmZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iVqOCBTz8++Q11VHaT+p4m6RyZG
eVWfHMPOzH1xbENbUnB12HxvrVffVUS+5b7qjCkEJl4IDNDIABSXSQccXPoSqsKN
85WQI0G2OrPjm4zxbGtuhCGog8eMxJJQRAO9xLqF4tKcJzBrSGhwgpPUtTr+Ll3w
neFpmNlyhV2FtADfRIRWKFRhrqJqtdUz6YySSKfrIL+69q6w5WLcr01kosLpdMHh
2QGJdCWPnOEvXftHzWOQMWIp4CjVf/6ot+JSAIFfsNKLZgtFbqB3XMFInsL11JNm
Y++mCKpPQ8fziXrkxjgojR1vym/i9j5KuGn47ITieDGUnG79pqgBg/B57wIDAQAB
o4IDXjCCA1owHQYDVR0OBBYEFEWMPTDhlFgauYYbplIvp4OBu/55MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvUll3OU1PR1VXQnE1aGh1bVVpLW5nNEc3X25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcgYIKwYBBQUHAQcBAf8EggFhMIIBXTCB2wQCAAEwgdQD
BAAFmq4DBAEtCsADBAItXxgDBAItkFgDBAItlRwwDAMEAC2ZnQMEBS2ZgAMEAi2c
4AMEAFD2HgMEAFZptwMEAFfv/wMEAFkj+QMEAFkoGAMEAFkszQMEAFvk2AMEAF4u
zgMEAWfM3gMEAGgkMgMEALkk/gMEALlgogMEAblsaAMEArmTjAMEArmYJAMEArmY
+AMEALmZlwMEArmgLAMEALmmVAMEALm45AMEALm8PQMEALnJvAMEArnZQAMEALny
2QMEALx3mgMEAMEkWQMEAMMvwjB9BAIAAjB3AwUAKgFHQAMFAyoFKMADBQMqBfTA
AwUDKgYwQAMFAyoGRsADBQMqBkoAAwUDKgZQAAMFAyoGVwADBQMqBt+AAwUDKgbk
gAMFAyoHR4ADBQMqB5yAAwUDKgfywAMFAyoKMIADBQMqCz9AAwUDKgzYwAMFAyoM
7EAwDQYJKoZIhvcNAQELBQADggEBAKusEACoDHW3JW4CHV5n5yDuIWfTP1xZz8Vh
D5bsVtm8E6j1VRugEIc3IX2JyXHBHcjYJf2jXcnhbwm+8pPYYXTc5Nd3WVmOE8US
K+IhtmtylgPHbv3kOIVDjLsotbtIoTzi6qaGT/z25qg9/kWFJj1sx8f+21Qv1LZQ
4/yGylcoKqv4oowS8mhQrDdSUfTvDZG6HF1gsR2QTrZ2k92EyXW2gPQ6eC6EuWzb
hZKN21V9LA7t7drYfp8U4aBiY/5Wy0oNA9dAgjKyhDJfiM9P4O14oZBPtpdUfYl5
R4p9hNvOzQuMOHoyFrPclVAuxa9a0E/1yncLtNRTk0jIoKistLM=
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:05:29 2025 by rpki-client