Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/dRcwrdP1odRhChfd3RYiV8lNIJc.roa
File: dRcwrdP1odRhChfd3RYiV8lNIJc.roa (raw, json)
Hash identifier: 19V85zLcj1XOZcD9sv1oc154SUJtNTQOy2XtTtS/oUo=
Subject key identifier: 75:17:30:AD:D3:F5:A1:D4:61:0A:17:DD:DD:16:22:57:C9:4D:20:97
Certificate issuer: /CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Certificate serial: 0195130790117B9F413492D95DDFA75C3A81
Authority key identifier: 97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/dRcwrdP1odRhChfd3RYiV8lNIJc.roa
Signing time: Mon 17 Feb 2025 08:30:17 +0000
ROA not before: Mon 17 Feb 2025 08:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41833
IP address blocks: 46.227.248.0/21 maxlen: 21
46.227.248.0/24 maxlen: 24
46.227.249.0/24 maxlen: 24
46.227.251.0/24 maxlen: 24
46.227.252.0/24 maxlen: 24
46.227.253.0/24 maxlen: 24
46.227.254.0/24 maxlen: 24
46.227.255.0/24 maxlen: 24
89.249.208.0/20 maxlen: 20
89.249.208.0/24 maxlen: 24
89.249.209.0/24 maxlen: 24
89.249.210.0/24 maxlen: 24
89.249.211.0/24 maxlen: 24
89.249.212.0/24 maxlen: 24
89.249.212.0/28 maxlen: 28
89.249.213.0/24 maxlen: 24
89.249.214.0/24 maxlen: 24
89.249.215.0/24 maxlen: 24
89.249.216.0/24 maxlen: 24
89.249.217.0/24 maxlen: 24
89.249.218.0/24 maxlen: 24
89.249.219.0/24 maxlen: 24
89.249.220.0/24 maxlen: 24
89.249.221.0/24 maxlen: 24
89.249.221.80/29 maxlen: 29
89.249.222.0/24 maxlen: 24
89.249.223.0/24 maxlen: 24
93.185.224.0/20 maxlen: 20
93.185.224.0/24 maxlen: 24
93.185.225.0/24 maxlen: 24
93.185.226.0/24 maxlen: 24
93.185.227.0/24 maxlen: 24
93.185.228.0/24 maxlen: 24
93.185.229.0/24 maxlen: 24
93.185.229.0/30 maxlen: 30
93.185.230.0/24 maxlen: 24
93.185.231.0/24 maxlen: 24
93.185.231.0/29 maxlen: 29
93.185.232.0/24 maxlen: 24
93.185.233.0/24 maxlen: 24
93.185.234.0/24 maxlen: 24
93.185.235.0/24 maxlen: 24
93.185.236.0/24 maxlen: 24
93.185.236.136/29 maxlen: 29
93.185.237.0/24 maxlen: 24
93.185.238.0/24 maxlen: 24
93.185.239.0/24 maxlen: 24
95.141.48.0/20 maxlen: 20
95.141.48.0/24 maxlen: 24
95.141.49.0/24 maxlen: 24
95.141.55.0/24 maxlen: 24
95.141.56.0/24 maxlen: 24
95.141.57.0/24 maxlen: 24
95.141.58.0/24 maxlen: 24
95.141.59.0/24 maxlen: 24
95.141.60.0/24 maxlen: 24
95.141.61.0/24 maxlen: 24
95.141.62.0/24 maxlen: 24
95.141.63.0/24 maxlen: 24
141.138.176.0/20 maxlen: 20
141.138.176.0/24 maxlen: 24
141.138.177.0/24 maxlen: 24
141.138.178.0/24 maxlen: 24
141.138.179.0/24 maxlen: 24
141.138.180.0/24 maxlen: 24
141.138.181.0/24 maxlen: 24
141.138.182.0/24 maxlen: 24
141.138.183.0/24 maxlen: 24
141.138.184.0/24 maxlen: 24
141.138.185.0/24 maxlen: 24
141.138.186.0/24 maxlen: 24
141.138.186.96/29 maxlen: 29
141.138.186.144/29 maxlen: 29
141.138.187.0/24 maxlen: 24
141.138.188.0/24 maxlen: 24
141.138.189.0/24 maxlen: 24
141.138.190.0/24 maxlen: 24
141.138.191.0/24 maxlen: 24
185.58.200.0/22 maxlen: 22
185.58.200.0/24 maxlen: 24
185.58.201.0/24 maxlen: 24
185.58.202.0/24 maxlen: 24
2a02:f50::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Feb 2025 08:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:07:90:11:7b:9f:41:34:92:d9:5d:df:a7:5c:3a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Validity
Not Before: Feb 17 08:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=751730add3f5a1d4610a17dddd162257c94d2097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:18:1e:e0:40:a7:39:9c:ae:c8:89:7c:0d:4c:
6c:dd:ab:3f:0e:8d:29:85:3a:e3:69:de:0e:c4:6d:
e5:f3:c2:61:f2:6d:61:d1:1b:99:2a:2a:2a:51:b7:
93:f7:06:30:37:3b:f2:91:4b:54:ab:73:aa:14:63:
44:cf:ab:34:55:48:11:35:a2:30:af:f7:18:94:d9:
49:e1:c6:5f:a0:15:ae:8d:f2:03:64:5e:4d:f6:39:
38:22:7e:18:ef:dd:43:38:c9:9d:d2:0a:0e:aa:98:
ed:e6:39:73:ac:53:c0:52:6e:0d:c3:b2:11:33:54:
0e:bf:d9:c2:a5:a2:77:46:fc:84:0b:65:fb:4a:1e:
66:1b:b4:d0:eb:f2:af:87:0d:8c:ee:58:b6:4a:cc:
ee:0a:b2:73:b1:21:70:d9:1c:ff:d1:8a:a3:4e:b3:
a6:07:e7:2d:62:d8:53:8e:2a:58:9f:40:70:82:f0:
36:e3:9f:d6:88:01:b4:9a:3a:33:ae:6f:71:58:4c:
59:7c:21:b2:0d:90:cb:a0:21:db:40:e6:f5:14:60:
a8:a0:58:f8:d1:41:c2:55:44:a5:b3:0d:18:42:a8:
a8:fd:7c:d6:c6:25:72:13:bd:3b:a9:a3:fe:63:f8:
02:36:70:48:d8:6a:b1:2a:91:39:a2:6d:2b:57:c2:
86:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:17:30:AD:D3:F5:A1:D4:61:0A:17:DD:DD:16:22:57:C9:4D:20:97
X509v3 Authority Key Identifier:
keyid:97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/dRcwrdP1odRhChfd3RYiV8lNIJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.248.0/21
89.249.208.0/20
93.185.224.0/20
95.141.48.0/20
141.138.176.0/20
185.58.200.0/22
IPv6:
2a02:f50::/32
Signature Algorithm: sha256WithRSAEncryption
8b:73:be:f4:ae:a3:78:eb:00:5f:80:9e:52:ff:52:81:0c:3d:
b7:37:43:52:a6:1e:a0:8c:cd:26:af:9e:54:2b:b2:9c:f9:f7:
eb:01:08:e3:30:65:01:d7:c5:5d:db:14:22:b9:13:a8:54:2a:
98:18:8c:95:a9:49:6b:54:5d:5e:0a:0d:7f:34:56:b7:0e:75:
9e:d9:98:2f:41:0c:a1:5b:aa:7a:66:e5:17:2d:7b:4b:f7:04:
d0:06:69:de:aa:dc:99:57:be:91:ff:ca:e3:50:95:b7:f4:ac:
68:87:35:38:d0:3e:ae:99:ac:fa:ee:4f:09:15:0a:6e:31:0d:
55:3d:bf:dd:ad:ae:1f:2b:54:8e:2d:ad:0c:6b:c6:24:8e:f6:
f1:bc:99:db:99:ca:11:c2:f8:2a:a4:b1:49:27:c8:af:b5:c2:
42:83:ef:75:c7:e6:ee:03:12:08:f2:9e:35:ea:cd:c9:1e:b4:
9c:14:8b:c9:54:3e:16:d9:4a:2e:f4:74:9d:a6:f4:aa:c5:a4:
e4:04:53:d5:b4:08:a9:d3:08:99:df:0f:ea:c4:cd:ea:ca:8c:
92:82:92:95:5c:e5:e3:02:1c:f5:f7:72:6d:40:f0:db:7e:3b:
cb:0b:70:74:69:f3:80:c7:24:be:9d:ce:8d:84:b5:cf:c7:0b:
65:3e:e6:6b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZUTB5ARe59BNJLZXd+nXDqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDI5ZGU4YmNjM2JlNDc0YWJiZGEyYmUyYTg5ZDBmMzIw
OGMzODUwHhcNMjUwMjE3MDgzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE3MzBhZGQzZjVhMWQ0NjEwYTE3ZGRkZDE2MjI1N2M5NGQyMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhge4ECnOZyuyIl8DUxs3as/Do0p
hTrjad4OxG3l88Jh8m1h0RuZKioqUbeT9wYwNzvykUtUq3OqFGNEz6s0VUgRNaIw
r/cYlNlJ4cZfoBWujfIDZF5N9jk4In4Y791DOMmd0goOqpjt5jlzrFPAUm4Nw7IR
M1QOv9nCpaJ3RvyEC2X7Sh5mG7TQ6/Kvhw2M7li2SszuCrJzsSFw2Rz/0YqjTrOm
B+ctYthTjipYn0BwgvA245/WiAG0mjozrm9xWExZfCGyDZDLoCHbQOb1FGCooFj4
0UHCVUSlsw0YQqio/XzWxiVyE707qaP+Y/gCNnBI2GqxKpE5om0rV8KGJQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHUXMK3T9aHUYQoX3d0WIlfJTSCXMB8GA1UdIwQY
MBaAFJdCnei8w75HSrvaK+KonQ8yCMOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMt
MDQ5YmRjNmI4ZWYzLzEvZFJjd3JkUDFvZFJoQ2hmZDNSWWlWOGxOSUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMtMDQ5YmRjNmI4ZWYz
LzEvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuP4AwQE
WfnQAwQEXbngAwQEX40wAwQEjYqwAwQCuTrIMA0EAgACMAcDBQAqAg9QMA0GCSqG
SIb3DQEBCwUAA4IBAQCLc770rqN46wBfgJ5S/1KBDD23N0NSph6gjM0mr55UK7Kc
+ffrAQjjMGUB18Vd2xQiuROoVCqYGIyVqUlrVF1eCg1/NFa3DnWe2ZgvQQyhW6p6
ZuUXLXtL9wTQBmneqtyZV76R/8rjUJW39KxohzU40D6umaz67k8JFQpuMQ1VPb/d
ra4fK1SOLa0Ma8YkjvbxvJnbmcoRwvgqpLFJJ8ivtcJCg+91x+buAxII8p416s3J
HrScFIvJVD4W2Uou9HSdpvSqxaTkBFPVtAip0wiZ3w/qxM3qyoySgpKVXOXjAhz1
93JtQPDbfjvLC3B0afOAxyS+nc6NhLXPxwtlPuZr
-----END CERTIFICATE-----
Generated at Mon May 12 10:51:04 2025 by rpki-client