Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/mcMOpdYO06FcwCwPat2vWDqrqmw.roa
File: mcMOpdYO06FcwCwPat2vWDqrqmw.roa (raw, json)
Hash identifier: ytCjGmiasLi2lzfrWih4rpbZmNiNNo0UqOo8KymUaEc=
Subject key identifier: 99:C3:0E:A5:D6:0E:D3:A1:5C:C0:2C:0F:6A:DD:AF:58:3A:AB:AA:6C
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0195A3D96B45B0B11B493313B65CFE4B741C
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/mcMOpdYO06FcwCwPat2vWDqrqmw.roa
Signing time: Mon 17 Mar 2025 11:24:49 +0000
ROA not before: Mon 17 Mar 2025 11:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202053
IP address blocks: 5.22.208.0/22 maxlen: 22
5.22.212.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
80.69.172.0/22 maxlen: 22
83.136.248.0/21 maxlen: 21
85.9.192.0/19 maxlen: 19
85.9.208.0/21 maxlen: 21
85.9.216.0/22 maxlen: 22
85.9.220.0/22 maxlen: 22
94.237.0.0/24 maxlen: 24
94.237.1.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.4.0/22 maxlen: 22
94.237.8.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
94.237.126.0/24 maxlen: 24
95.111.192.0/21 maxlen: 21
95.111.200.0/22 maxlen: 22
95.111.204.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
185.26.48.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
213.163.192.0/20 maxlen: 20
2a04:3540::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3544::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3545::/32 maxlen: 32
2a04:3546::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Mar 2025 08:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:d9:6b:45:b0:b1:1b:49:33:13:b6:5c:fe:4b:74:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Mar 17 11:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99c30ea5d60ed3a15cc02c0f6addaf583aabaa6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3e:1b:bc:57:cc:09:93:ed:9c:96:d1:0f:9b:
94:e6:68:64:02:51:96:90:51:df:85:3d:73:bf:9b:
a4:a3:33:0e:e4:e9:7e:33:39:a8:8f:fe:dc:be:1b:
00:ba:b2:c3:67:70:96:9f:6a:24:65:5d:3c:71:aa:
57:bf:4f:ad:26:e0:3a:7d:4c:bc:64:4c:9b:08:05:
be:f6:ef:5c:e9:93:d8:23:ab:ca:c1:dd:d9:d1:66:
cf:d5:cc:e4:24:9d:08:3f:a5:6c:f4:20:31:e9:5e:
68:86:74:ad:fa:ef:4a:b5:e1:c9:ae:bb:4a:25:8b:
76:58:7f:d7:59:5b:4d:0d:17:dd:71:47:4c:c5:88:
37:6e:f5:56:ad:20:eb:68:0a:de:ca:5f:64:58:ac:
62:98:11:de:31:dc:ef:43:db:cf:6b:4b:98:75:65:
81:e4:5e:84:90:57:36:e1:83:a8:7d:a5:80:29:7b:
9f:b7:45:23:72:b5:60:50:16:0d:77:fb:26:7e:95:
ec:2e:df:a3:73:c6:8c:1d:ff:87:20:5e:09:51:2d:
1d:7c:37:7a:65:e0:64:80:c6:fd:95:3a:25:67:b4:
ed:fd:00:32:e1:19:70:7a:f7:8d:0a:a6:0b:9c:bc:
fb:93:a2:63:80:fc:b9:11:3b:2f:aa:b3:50:e7:1f:
6e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C3:0E:A5:D6:0E:D3:A1:5C:C0:2C:0F:6A:DD:AF:58:3A:AB:AA:6C
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/mcMOpdYO06FcwCwPat2vWDqrqmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
85.9.192.0/19
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
213.163.192.0/20
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
54:29:bb:15:57:e5:de:49:62:7d:ca:68:16:f8:9b:af:23:f6:
0f:47:9f:09:8c:e5:d0:fe:3a:85:ac:84:66:c9:a6:bc:19:9c:
72:34:89:21:3a:13:71:8a:67:d5:35:8a:83:d6:a1:05:21:ba:
9e:3f:86:12:41:4e:4b:2e:ca:0e:26:c9:89:d5:65:5f:03:f8:
f3:f1:0f:98:a6:a9:af:69:2d:b0:5f:68:50:54:fe:7c:6f:4f:
8f:9a:50:63:96:80:50:8b:6c:0b:59:ab:ce:d3:89:9f:f5:b0:
4b:7d:c2:fa:19:ab:37:03:8b:57:46:a1:61:e6:d0:84:32:f8:
48:0b:da:9b:d2:fb:51:35:0e:a5:c5:5f:e5:cd:fe:46:40:f0:
ce:4f:5e:19:cd:9b:17:c4:f5:86:e5:3b:97:cc:99:91:d3:c8:
b6:50:22:92:73:eb:04:d8:43:16:6b:d9:1b:3c:dc:80:a5:eb:
48:29:60:e7:52:48:47:95:14:99:1c:30:41:c6:fd:7f:41:57:
da:11:27:96:1a:d2:db:b3:b6:1c:03:b3:03:01:80:fa:30:ee:
8c:ec:bf:cb:b2:de:ab:71:86:b4:9e:a4:36:42:10:09:89:49:
cb:e8:d8:7e:40:87:61:1e:ea:29:55:b5:7f:40:71:cb:8a:0f:
35:5c:dd:b2
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZWj2WtFsLEbSTMTtlz+S3QcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjUwMzE3MTEyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWMzMGVhNWQ2MGVkM2ExNWNjMDJjMGY2YWRkYWY1ODNhYWJhYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD4bvFfMCZPtnJbRD5uU5mhkAlGW
kFHfhT1zv5ukozMO5Ol+Mzmoj/7cvhsAurLDZ3CWn2okZV08capXv0+tJuA6fUy8
ZEybCAW+9u9c6ZPYI6vKwd3Z0WbP1czkJJ0IP6Vs9CAx6V5ohnSt+u9KteHJrrtK
JYt2WH/XWVtNDRfdcUdMxYg3bvVWrSDraAreyl9kWKximBHeMdzvQ9vPa0uYdWWB
5F6EkFc24YOofaWAKXuft0UjcrVgUBYNd/smfpXsLt+jc8aMHf+HIF4JUS0dfDd6
ZeBkgMb9lTolZ7Tt/QAy4RlweveNCqYLnLz7k6JjgPy5ETsvqrNQ5x9uKQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFJnDDqXWDtOhXMAsD2rdr1g6q6psMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvbWNNT3BkWU8wNkZjd0N3UGF0MnZXRHFycW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwXQQCAAEwVwMEBAUW0AME
AlBFrAMEA1OI+AMEBVUJwDALAwMAXu0DBABe7X4wDAMEBl9vwAMEAl9v0AMEA19v
2AMEArkUiAMEArkaMAMEArlGxAMEAsI+YAMEBNWjwDAWBAIAAjAQMA4DBQYqBDVA
AwUAKgQ1RjANBgkqhkiG9w0BAQsFAAOCAQEAVCm7FVfl3klifcpoFvibryP2D0ef
CYzl0P46hayEZsmmvBmccjSJIToTcYpn1TWKg9ahBSG6nj+GEkFOSy7KDibJidVl
XwP48/EPmKapr2ktsF9oUFT+fG9Pj5pQY5aAUItsC1mrztOJn/WwS33C+hmrNwOL
V0ahYebQhDL4SAvam9L7UTUOpcVf5c3+RkDwzk9eGc2bF8T1huU7l8yZkdPItlAi
knPrBNhDFmvZGzzcgKXrSClg51JIR5UUmRwwQcb9f0FX2hEnlhrS27O2HAOzAwGA
+jDujOy/y7Leq3GGtJ6kNkIQCYlJy+jYfkCHYR7qKVW1f0Bxy4oPNVzdsg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:21:01 2025 by rpki-client