Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/zLKQRHZf3fG32EfWoJFOkslcjo0.roa
File: zLKQRHZf3fG32EfWoJFOkslcjo0.roa (raw, json)
Hash identifier: 8DXgF4ccnrvXqZkw8rE2Q5WyZABWLqMaSRNTv7oxwd0=
Subject key identifier: CC:B2:90:44:76:5F:DD:F1:B7:D8:47:D6:A0:91:4E:92:C9:5C:8E:8D
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018F95391F939C9B8E4D1DA5D3DB8BB5C1C4
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/zLKQRHZf3fG32EfWoJFOkslcjo0.roa
Signing time: Mon 20 May 2024 08:58:19 +0000
ROA not before: Mon 20 May 2024 08:58:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/18 maxlen: 18
5.201.128.0/21 maxlen: 21
5.201.128.0/22 maxlen: 22
5.201.132.0/22 maxlen: 22
5.201.138.0/24 maxlen: 24
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.144.0/23 maxlen: 23
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
5.201.162.0/24 maxlen: 24
5.201.168.0/22 maxlen: 22
5.201.174.0/24 maxlen: 24
37.156.16.0/21 maxlen: 21
37.156.16.0/22 maxlen: 22
37.156.24.0/22 maxlen: 22
37.156.30.0/23 maxlen: 23
37.156.31.0/24 maxlen: 24
89.37.0.0/20 maxlen: 20
89.37.0.0/24 maxlen: 24
89.37.8.0/22 maxlen: 22
89.37.8.0/24 maxlen: 24
89.37.12.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
89.37.15.0/24 maxlen: 24
89.43.0.0/21 maxlen: 21
89.43.4.0/22 maxlen: 22
89.43.8.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.12.0/23 maxlen: 23
92.114.16.0/20 maxlen: 24
92.114.20.0/23 maxlen: 23
92.114.20.0/24 maxlen: 24
92.114.21.0/24 maxlen: 24
92.114.22.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
92.114.25.0/24 maxlen: 24
92.114.28.0/22 maxlen: 22
94.101.128.0/20 maxlen: 24
94.101.128.0/21 maxlen: 21
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/22 maxlen: 22
185.103.84.0/24 maxlen: 24
185.103.85.0/24 maxlen: 24
185.135.228.0/22 maxlen: 22
185.135.230.0/24 maxlen: 24
185.135.231.0/24 maxlen: 24
185.136.100.0/22 maxlen: 22
185.162.40.0/22 maxlen: 22
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
185.176.32.0/22 maxlen: 22
185.182.220.0/22 maxlen: 22
185.182.220.0/24 maxlen: 24
185.182.221.0/24 maxlen: 24
185.182.222.0/23 maxlen: 23
188.213.64.0/20 maxlen: 21
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
2a00:5ca0::/29 maxlen: 29
2a00:5ca0::/31 maxlen: 31
2a00:5ca0::/32 maxlen: 32
2a00:5ca2::/31 maxlen: 31
2a00:5ca4::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 20 May 2024 09:38:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:39:1f:93:9c:9b:8e:4d:1d:a5:d3:db:8b:b5:c1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: May 20 08:58:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccb29044765fddf1b7d847d6a0914e92c95c8e8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a4:a2:c5:02:ed:38:d7:0f:94:2b:e6:30:61:
00:a8:36:b7:7c:ba:07:ce:3b:a2:b3:87:d0:aa:90:
0b:6c:ac:bc:24:9d:02:4a:ee:e3:39:c5:57:b9:1e:
46:1c:45:79:07:4e:45:75:20:8e:bc:94:c4:41:e6:
61:e8:4d:71:98:c7:15:15:62:b3:25:07:07:3a:55:
40:e3:08:8e:68:9f:13:d7:b4:90:42:a7:37:15:02:
2d:0e:b9:6e:30:c0:63:bc:f2:f9:91:f5:70:84:a0:
a6:7e:a3:12:e5:15:60:08:09:ce:61:58:2a:08:7e:
51:b4:43:13:02:1e:b7:8d:fe:e3:50:bd:40:b8:f8:
bd:6c:fa:b0:cc:41:07:a7:e9:f2:7c:f1:7e:59:18:
23:73:5e:58:3b:2b:6b:7d:ac:aa:a1:64:03:cb:39:
ef:73:cc:49:aa:ed:6b:53:41:35:b5:1f:8e:cd:ca:
72:96:57:55:7e:31:6f:02:97:6a:bb:d1:8f:95:89:
65:33:2b:c1:be:eb:9e:b8:7a:d3:b6:78:31:63:22:
49:17:e4:6e:ea:f9:77:15:26:3b:54:ce:c5:23:dc:
1e:43:5a:f2:9f:bb:26:09:b5:89:57:43:63:a9:d4:
5c:29:1c:b0:c5:f0:e6:63:43:93:c9:42:15:4b:b3:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B2:90:44:76:5F:DD:F1:B7:D8:47:D6:A0:91:4E:92:C9:5C:8E:8D
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/zLKQRHZf3fG32EfWoJFOkslcjo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0-37.156.27.255
37.156.30.0/23
89.37.0.0/20
89.43.0.0-89.43.13.255
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:24:a1:c5:dd:c8:6e:4c:ba:41:6d:52:d9:21:86:24:92:3d:
7f:82:f7:ef:27:71:cf:73:99:3a:b4:87:c9:ed:21:de:e5:1b:
e6:e2:65:8d:05:1a:5e:97:db:53:2b:1d:e7:a7:a5:6f:e0:7f:
a8:a5:03:a8:8f:8a:9b:b5:9c:47:84:d0:e1:38:af:d4:9d:8a:
45:9e:eb:10:6e:78:cb:09:67:9b:d5:0e:3b:ae:4e:fd:38:a6:
1a:8f:8b:9a:79:d8:f8:7d:cf:45:bf:6b:f0:1c:c1:5c:78:38:
44:ee:42:c2:3a:34:aa:0a:66:bf:70:9c:8b:a9:7e:64:56:d2:
2d:4c:43:1a:db:a5:b5:96:05:7f:60:ab:3a:d7:12:b3:11:05:
fd:97:d4:44:21:2d:3b:a7:57:05:22:35:df:27:fc:9c:65:f8:
f8:eb:3e:ee:51:cb:c5:34:13:54:e9:f7:1b:c6:bd:ea:98:dd:
6f:b0:ef:23:45:ed:59:47:97:90:2a:12:9c:22:5c:2c:b3:c8:
e5:cd:e9:cf:6e:06:8c:c1:cf:c2:de:4c:c1:1c:bb:ad:1b:7c:
f8:76:cf:87:06:b6:30:50:68:cb:18:c9:a2:72:87:c9:a1:a5:
29:ff:f1:d3:5e:0f:88:26:b7:e0:7b:ab:82:f9:f6:9a:bc:59:
62:4a:f3:3a
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY+VOR+TnJuOTR2l09uLtcHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwNTIwMDg1ODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2IyOTA0NDc2NWZkZGYxYjdkODQ3ZDZhMDkxNGU5MmM5NWM4ZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6SixQLtONcPlCvmMGEAqDa3fLoH
zjuis4fQqpALbKy8JJ0CSu7jOcVXuR5GHEV5B05FdSCOvJTEQeZh6E1xmMcVFWKz
JQcHOlVA4wiOaJ8T17SQQqc3FQItDrluMMBjvPL5kfVwhKCmfqMS5RVgCAnOYVgq
CH5RtEMTAh63jf7jUL1AuPi9bPqwzEEHp+nyfPF+WRgjc15YOytrfayqoWQDyznv
c8xJqu1rU0E1tR+OzcpylldVfjFvApdqu9GPlYllMyvBvuueuHrTtngxYyJJF+Ru
6vl3FSY7VM7FI9weQ1ryn7smCbWJV0NjqdRcKRywxfDmY0OTyUIVS7PgBwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMyykER2X93xt9hH1qCRTpLJXI6NMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvekxLUVJIWmYzZkczMkVmV29KRk9rc2xjam8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQMqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQA+JKHF
3chuTLpBbVLZIYYkkj1/gvfvJ3HPc5k6tIfJ7SHe5Rvm4mWNBRpel9tTKx3np6Vv
4H+opQOoj4qbtZxHhNDhOK/UnYpFnusQbnjLCWeb1Q47rk79OKYaj4uaedj4fc9F
v2vwHMFceDhE7kLCOjSqCma/cJyLqX5kVtItTEMa26W1lgV/YKs61xKzEQX9l9RE
IS07p1cFIjXfJ/ycZfj46z7uUcvFNBNU6fcbxr3qmN1vsO8jRe1ZR5eQKhKcIlws
s8jlzenPbgaMwc/C3kzBHLutG3z4ds+HBrYwUGjLGMmicofJoaUp//HTXg+IJrfg
e6uC+faavFliSvM6
-----END CERTIFICATE-----
Generated at Sun May 11 20:09:36 2025 by rpki-client