Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/t2Lag5IlYwRxZPJwSYHMNBshpRk.roa
File: t2Lag5IlYwRxZPJwSYHMNBshpRk.roa (raw, json)
Hash identifier: 59SdcevSNjoSZ3PYFxXhtk2jtZlHmv9aYg2Vsiymru4=
Subject key identifier: B7:62:DA:83:92:25:63:04:71:64:F2:70:49:81:CC:34:1B:21:A5:19
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 0196A4AE542D885CEECC0B5B18EE303BC457
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/t2Lag5IlYwRxZPJwSYHMNBshpRk.roa
Signing time: Tue 06 May 2025 08:20:10 +0000
ROA not before: Tue 06 May 2025 08:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49544
IP address blocks: 5.180.216.0/23 maxlen: 23
5.180.218.0/23 maxlen: 23
5.200.0.0/19 maxlen: 24
31.204.128.0/19 maxlen: 24
31.204.132.0/22 maxlen: 22
31.204.136.0/23 maxlen: 23
31.204.144.0/24 maxlen: 24
89.104.168.0/23 maxlen: 23
89.104.170.0/23 maxlen: 23
89.104.172.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
91.198.152.0/24 maxlen: 24
91.216.207.0/24 maxlen: 24
104.153.84.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
138.128.136.0/22 maxlen: 22
138.128.140.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
162.245.204.0/22 maxlen: 22
185.41.140.0/22 maxlen: 22
185.50.104.0/22 maxlen: 22
185.52.12.0/22 maxlen: 24
185.179.200.0/23 maxlen: 24
185.179.202.0/23 maxlen: 24
185.197.24.0/22 maxlen: 23
188.122.64.0/19 maxlen: 24
193.43.218.0/23 maxlen: 23
212.19.224.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
213.179.204.0/22 maxlen: 22
213.179.209.0/24 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/23 maxlen: 23
2a00:1630::/29 maxlen: 32
2a00:1630::/32 maxlen: 48
2a00:1631::/32 maxlen: 32
2a00:1632::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
2a00:1d20::/34 maxlen: 34
2a00:1d20:4000::/34 maxlen: 34
2a00:1d26::/32 maxlen: 34
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
Validation: Failed, certificate revoked on Tue 06 May 2025 09:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:ae:54:2d:88:5c:ee:cc:0b:5b:18:ee:30:3b:c4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: May 6 08:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b762da83922563047164f2704981cc341b21a519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e8:a9:4d:e6:a6:a4:45:cc:56:bc:f3:d6:01:
76:62:e8:35:89:d9:58:f0:7d:74:3c:3c:94:8b:eb:
73:d1:0c:46:6b:6b:1f:5a:95:87:4c:7c:24:f3:90:
08:ce:9d:62:5f:84:8f:a2:1a:c1:8d:39:2c:20:63:
f1:61:52:62:11:09:ee:c9:3d:17:38:48:ce:e6:d3:
69:f7:2c:13:37:92:ae:81:80:c0:9d:1f:29:28:12:
cd:b7:a8:90:0c:bd:9c:3c:46:20:5e:b5:5a:3f:f5:
32:0c:5d:71:25:e5:7f:c1:57:52:71:a0:9c:42:bd:
29:e3:ee:14:27:b1:8a:10:bc:3a:ea:a8:1c:79:ed:
00:24:37:fa:5d:ee:85:f2:38:20:32:29:ff:3b:21:
ea:8a:69:84:71:86:11:1a:d8:90:a5:9f:14:67:6d:
c9:46:f1:89:ea:20:fc:dd:ef:b5:62:af:be:f9:d0:
d8:c8:ab:55:8e:88:7b:76:3b:5f:37:1a:d5:5d:50:
b8:e1:15:2d:84:e0:bb:40:74:e2:95:eb:0b:a2:3d:
86:4d:d1:f2:10:64:f2:33:e2:81:23:0a:26:0c:39:
cb:5f:17:68:55:6a:a1:02:33:1a:92:0a:f3:a1:8b:
03:88:4a:41:52:ce:e9:be:ba:16:70:15:d2:4a:7b:
04:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:62:DA:83:92:25:63:04:71:64:F2:70:49:81:CC:34:1B:21:A5:19
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/t2Lag5IlYwRxZPJwSYHMNBshpRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
89.104.168.0/21
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
12:90:f5:60:d5:f6:03:43:16:2a:a1:85:52:11:b1:a5:46:66:
67:3c:87:25:43:0d:0d:52:e3:0e:29:96:d7:c1:74:b4:53:ca:
fe:e4:61:05:a5:a9:45:41:5d:42:cc:7c:f9:47:53:0b:a9:c9:
e7:e0:4b:3c:22:2e:57:28:1b:fc:d5:20:39:68:36:92:7c:97:
32:2e:a3:9c:c0:02:0b:36:50:56:1d:d1:d2:68:e6:d2:3e:60:
72:95:2c:2a:b5:3d:44:2f:ea:c5:58:01:94:0c:b7:39:40:a3:
e1:05:14:cc:09:81:c6:77:41:95:9a:e1:80:b6:6b:20:59:f8:
ac:2d:df:77:19:22:7e:30:df:be:fe:f4:ed:cc:5d:07:39:c8:
92:4f:4a:14:ca:cc:a8:c2:aa:c7:de:29:7e:02:4d:73:29:71:
61:59:ed:2d:7f:bc:f9:05:cc:10:70:fb:91:81:8a:9e:e3:8d:
45:e4:ac:d0:1e:89:ca:8d:8a:40:b5:c1:a3:d9:a5:25:10:49:
26:b6:87:a1:81:29:34:08:1d:ad:1b:fc:c6:04:01:cd:4f:83:
ad:a5:fd:80:e0:47:e1:a8:11:ad:cb:22:61:13:16:28:b4:f0:
73:e3:e4:d2:df:c4:e8:51:96:9f:75:3f:92:2b:19:4c:92:fc:
b0:91:a2:e6
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZakrlQtiFzuzAtbGO4wO8RXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjUwNTA2MDgyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzYyZGE4MzkyMjU2MzA0NzE2NGYyNzA0OTgxY2MzNDFiMjFhNTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+ipTeampEXMVrzz1gF2Yug1idlY
8H10PDyUi+tz0QxGa2sfWpWHTHwk85AIzp1iX4SPohrBjTksIGPxYVJiEQnuyT0X
OEjO5tNp9ywTN5KugYDAnR8pKBLNt6iQDL2cPEYgXrVaP/UyDF1xJeV/wVdScaCc
Qr0p4+4UJ7GKELw66qgcee0AJDf6Xe6F8jggMin/OyHqimmEcYYRGtiQpZ8UZ23J
RvGJ6iD83e+1Yq+++dDYyKtVjoh7djtfNxrVXVC44RUthOC7QHTilesLoj2GTdHy
EGTyM+KBIwomDDnLXxdoVWqhAjMakgrzoYsDiEpBUs7pvroWcBXSSnsEOQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFLdi2oOSJWMEcWTycEmBzDQbIaUZMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvdDJMYWc1SWxZd1J4WlBKd1NZSE1OQnNocFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBkQQCAAEwgYoDBAIF
tNgDBAUFyAADBAUfzIADBANZaKgDBAFbw+oDBABbxpgDBABb2M8DBAJomVQDBAVt
yMADBAOKgIgDBAKS90wDBAKi9DQDBAKi9cwDBAK5KYwDBAK5MmgDBAK5NAwDBAK5
s8gDBAK5xRgDBAW8ekADBAHBK9oDBALUE+ADBAXVo0ADBAXVs8AwIgQCAAIwHAMF
AyoAFjADBQMqAB0gAwUAKgGVgAMFAyoExgAwDQYJKoZIhvcNAQELBQADggEBABKQ
9WDV9gNDFiqhhVIRsaVGZmc8hyVDDQ1S4w4pltfBdLRTyv7kYQWlqUVBXULMfPlH
UwupyefgSzwiLlcoG/zVIDloNpJ8lzIuo5zAAgs2UFYd0dJo5tI+YHKVLCq1PUQv
6sVYAZQMtzlAo+EFFMwJgcZ3QZWa4YC2ayBZ+Kwt33cZIn4w377+9O3MXQc5yJJP
ShTKzKjCqsfeKX4CTXMpcWFZ7S1/vPkFzBBw+5GBip7jjUXkrNAeicqNikC1waPZ
pSUQSSa2h6GBKTQIHa0b/MYEAc1Pg62l/YDgR+GoEa3LImETFii08HPj5NLfxOhR
lp91P5IrGUyS/LCRouY=
-----END CERTIFICATE-----
Generated at Mon May 12 12:30:30 2025 by rpki-client