Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/19511d-537e-4241-a0d8-2d91cfd7aaf4/1/5HClSJwq3p1wbXNOJw2H6Tk3PwU.roa
File: 5HClSJwq3p1wbXNOJw2H6Tk3PwU.roa (raw, json)
Hash identifier: MkIWXGzyhLKK7XG/b/LLC4Yzk0APDlvPkUhsoc1QFVU=
Subject key identifier: E4:70:A5:48:9C:2A:DE:9D:70:6D:73:4E:27:0D:87:E9:39:37:3F:05
Certificate issuer: /CN=2ac943517f5e3b747e7530320789a03444b43912
Certificate serial: 01961B8744727CB97AFC5AAD8934B02F7B38
Authority key identifier: 2A:C9:43:51:7F:5E:3B:74:7E:75:30:32:07:89:A0:34:44:B4:39:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KslDUX9eO3R-dTAyB4mgNES0ORI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/19511d-537e-4241-a0d8-2d91cfd7aaf4/1/5HClSJwq3p1wbXNOJw2H6Tk3PwU.roa
Signing time: Wed 09 Apr 2025 17:09:31 +0000
ROA not before: Wed 09 Apr 2025 17:09:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49033
IP address blocks: 94.46.216.0/22 maxlen: 24
94.46.216.0/23 maxlen: 23
94.46.218.0/23 maxlen: 23
103.104.60.0/22 maxlen: 24
113.212.72.0/22 maxlen: 24
185.91.92.0/22 maxlen: 24
185.91.92.0/23 maxlen: 23
185.91.94.0/23 maxlen: 23
185.116.144.0/22 maxlen: 24
185.116.144.0/24 maxlen: 24
185.166.88.0/22 maxlen: 22
185.166.88.0/24 maxlen: 24
185.166.89.0/24 maxlen: 24
185.166.90.0/23 maxlen: 24
185.166.90.0/24 maxlen: 24
185.166.91.0/24 maxlen: 24
185.171.48.0/22 maxlen: 24
185.171.48.0/23 maxlen: 23
185.171.50.0/23 maxlen: 23
185.232.160.0/22 maxlen: 24
185.232.163.0/24 maxlen: 24
185.238.108.0/22 maxlen: 24
185.238.108.0/23 maxlen: 23
185.238.110.0/23 maxlen: 23
204.8.80.0/22 maxlen: 24
204.8.80.0/23 maxlen: 23
204.8.82.0/23 maxlen: 23
2a0f:dcc0::/29 maxlen: 48
2a0f:ddc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Apr 2025 17:10:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:87:44:72:7c:b9:7a:fc:5a:ad:89:34:b0:2f:7b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac943517f5e3b747e7530320789a03444b43912
Validity
Not Before: Apr 9 17:09:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e470a5489c2ade9d706d734e270d87e939373f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:71:3d:e5:e5:fc:55:45:cb:2f:4b:1b:de:d1:
77:01:67:fc:31:73:f4:ab:1d:dd:f0:c4:56:c2:5d:
7d:62:66:f3:65:45:df:5b:07:9a:c0:67:80:a2:09:
d3:3b:4d:23:4c:6c:8c:01:90:82:1a:55:78:ce:db:
ca:9a:01:4a:95:1c:8d:b2:4f:cd:56:3c:f6:ab:c7:
d5:fc:28:55:16:44:5f:71:2b:3c:7e:f2:b3:46:ef:
93:bc:63:d0:28:25:47:36:54:8e:cb:c8:bb:c1:13:
90:80:eb:6f:2e:ba:65:c8:c3:80:07:92:a4:e0:ac:
df:85:1d:5f:40:69:db:77:27:cb:76:b1:e6:69:93:
ee:ab:80:97:5e:8f:cf:30:15:ed:d3:8e:3a:62:1b:
56:fb:b3:71:15:cc:10:91:ed:ca:ea:41:d3:74:f9:
29:f0:40:ef:61:84:07:73:3e:84:7a:0b:11:84:85:
57:67:17:e1:14:e2:43:d0:5d:75:0d:34:34:0e:2c:
ed:a4:11:1e:02:98:fa:9f:4e:e8:3c:ed:36:43:0e:
53:52:f5:28:03:d3:0a:83:d4:1c:d0:4f:b0:87:c6:
01:7e:b8:fb:85:96:35:ea:6a:bd:33:88:f6:03:da:
55:88:c3:61:46:dd:63:17:15:23:ea:ae:05:f5:e6:
41:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:70:A5:48:9C:2A:DE:9D:70:6D:73:4E:27:0D:87:E9:39:37:3F:05
X509v3 Authority Key Identifier:
keyid:2A:C9:43:51:7F:5E:3B:74:7E:75:30:32:07:89:A0:34:44:B4:39:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KslDUX9eO3R-dTAyB4mgNES0ORI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/19511d-537e-4241-a0d8-2d91cfd7aaf4/1/5HClSJwq3p1wbXNOJw2H6Tk3PwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/19511d-537e-4241-a0d8-2d91cfd7aaf4/1/KslDUX9eO3R-dTAyB4mgNES0ORI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.46.216.0/22
103.104.60.0/22
113.212.72.0/22
185.91.92.0/22
185.116.144.0/22
185.166.88.0/22
185.171.48.0/22
185.232.160.0/22
185.238.108.0/22
204.8.80.0/22
IPv6:
2a0f:dcc0::/29
2a0f:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:1f:42:af:fd:ae:71:04:4d:2c:01:f0:18:39:64:c0:75:d9:
d5:62:59:60:fe:f5:db:34:75:ac:36:5a:41:a4:f7:21:56:64:
78:df:02:b7:d9:55:ae:9f:13:a2:e0:e4:9d:1b:91:ad:95:34:
5b:46:19:98:7c:0f:5a:42:70:1d:d7:8b:ed:15:83:b3:88:48:
c6:4c:20:66:a3:79:d3:86:c6:86:6e:ad:14:f6:80:9f:15:cd:
7e:11:8c:a1:d1:ed:a8:cf:89:82:2e:09:2b:58:46:7c:b4:93:
d3:bf:7e:99:5d:0b:6f:72:a6:f3:da:96:b7:4c:07:c3:23:33:
9b:49:4a:72:98:ae:6f:70:9a:ad:85:aa:8f:e8:94:c3:89:01:
58:35:94:dc:53:ef:14:fa:cf:b7:6f:ef:17:ff:c2:fe:cd:01:
ea:fb:29:92:a3:51:6e:11:c1:48:d7:ab:ee:f1:33:87:5d:68:
f9:11:a8:2f:89:4a:1c:5f:30:5a:dd:0c:3d:a2:21:61:50:6c:
65:9c:ec:ee:b9:16:8c:a2:1f:41:7c:f9:08:12:11:10:a9:41:
1f:85:39:d3:f0:ff:5f:96:db:ca:c4:53:0c:c2:7c:e5:b5:fb:
5f:bc:a4:7c:b8:b6:89:4e:d8:a1:0f:c5:67:14:a2:a5:d2:4e:
52:ca:4a:b1
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZYbh0RyfLl6/FqtiTSwL3s4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzk0MzUxN2Y1ZTNiNzQ3ZTc1MzAzMjA3ODlhMDM0NDRi
NDM5MTIwHhcNMjUwNDA5MTcwOTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDcwYTU0ODljMmFkZTlkNzA2ZDczNGUyNzBkODdlOTM5MzczZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHE95eX8VUXLL0sb3tF3AWf8MXP0
qx3d8MRWwl19YmbzZUXfWweawGeAognTO00jTGyMAZCCGlV4ztvKmgFKlRyNsk/N
Vjz2q8fV/ChVFkRfcSs8fvKzRu+TvGPQKCVHNlSOy8i7wROQgOtvLrplyMOAB5Kk
4KzfhR1fQGnbdyfLdrHmaZPuq4CXXo/PMBXt0446YhtW+7NxFcwQke3K6kHTdPkp
8EDvYYQHcz6EegsRhIVXZxfhFOJD0F11DTQ0DiztpBEeApj6n07oPO02Qw5TUvUo
A9MKg9Qc0E+wh8YBfrj7hZY16mq9M4j2A9pViMNhRt1jFxUj6q4F9eZBMQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFORwpUicKt6dcG1zTicNh+k5Nz8FMB8GA1UdIwQY
MBaAFCrJQ1F/Xjt0fnUwMgeJoDREtDkSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NsRFVYOWVPM1ItZFRBeUI0bWdORVMwT1JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xOTUxMWQtNTM3ZS00MjQxLWEwZDgt
MmQ5MWNmZDdhYWY0LzEvNUhDbFNKd3EzcDF3YlhOT0p3Mkg2VGszUHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xOTUxMWQtNTM3ZS00MjQxLWEwZDgtMmQ5MWNmZDdhYWY0
LzEvS3NsRFVYOWVPM1ItZFRBeUI0bWdORVMwT1JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQCXi7YAwQC
Z2g8AwQCcdRIAwQCuVtcAwQCuXSQAwQCuaZYAwQCuaswAwQCueigAwQCue5sAwQC
zAhQMBQEAgACMA4DBQMqD9zAAwUDKg/dwDANBgkqhkiG9w0BAQsFAAOCAQEATh9C
r/2ucQRNLAHwGDlkwHXZ1WJZYP712zR1rDZaQaT3IVZkeN8Ct9lVrp8TouDknRuR
rZU0W0YZmHwPWkJwHdeL7RWDs4hIxkwgZqN504bGhm6tFPaAnxXNfhGModHtqM+J
gi4JK1hGfLST079+mV0Lb3Km89qWt0wHwyMzm0lKcpiub3CarYWqj+iUw4kBWDWU
3FPvFPrPt2/vF//C/s0B6vspkqNRbhHBSNer7vEzh11o+RGoL4lKHF8wWt0MPaIh
YVBsZZzs7rkWjKIfQXz5CBIREKlBH4U50/D/X5bbysRTDMJ85bX7X7ykfLi2iU7Y
oQ/FZxSipdJOUspKsQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:13:00 2025 by rpki-client