Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/F_I3p6_6BEWNRo-_IgDn-HVfiII.roa
File: F_I3p6_6BEWNRo-_IgDn-HVfiII.roa (raw, json)
Hash identifier: MDhMRYRNhsb/0A0OQEabjWA5OCZD+PuZw1MrrjjUVu8=
Subject key identifier: 17:F2:37:A7:AF:FA:04:45:8D:46:8F:BF:22:00:E7:F8:75:5F:88:82
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019519D0173D5C15BE7B90252428F7F7B8A9
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/F_I3p6_6BEWNRo-_IgDn-HVfiII.roa
Signing time: Tue 18 Feb 2025 16:07:02 +0000
ROA not before: Tue 18 Feb 2025 16:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 21 Feb 2025 16:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:d0:17:3d:5c:15:be:7b:90:25:24:28:f7:f7:b8:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Feb 18 16:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17f237a7affa04458d468fbf2200e7f8755f8882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b1:cc:f0:2b:97:cd:6d:fd:28:ca:d0:ec:66:
5f:86:7c:3d:9f:8c:56:41:79:d5:64:eb:cc:a1:60:
ea:59:f6:cf:ef:e1:2d:0f:e0:8a:a7:d1:6e:c4:e8:
1a:66:97:c0:49:8a:c8:f2:ce:d6:04:e3:c5:51:ce:
49:c1:a8:ba:44:1a:c3:3a:93:84:b5:8c:14:0f:1f:
75:c7:e5:ed:00:a6:d4:49:4d:06:93:23:56:90:b9:
29:37:73:17:a9:31:c1:0a:3e:7e:83:c2:96:07:02:
be:f4:c9:02:51:1f:8e:74:37:d1:df:80:a6:1b:50:
21:3c:96:d4:bc:4f:40:98:91:75:dc:82:ab:46:57:
a3:d1:54:44:39:54:ae:4c:9c:cb:47:62:41:06:a0:
22:19:5d:eb:45:d2:28:0e:17:85:92:38:01:04:f4:
65:14:b5:e0:3a:78:34:0e:92:75:fe:4e:4a:8a:f3:
79:08:f4:a3:ce:d7:53:60:99:ed:da:74:a2:9d:b2:
67:36:06:f0:6e:65:ef:87:6b:d5:af:ba:d8:b4:74:
b0:64:46:18:24:63:58:e8:57:b6:10:ff:35:34:12:
48:ac:0c:77:f5:66:4e:30:4b:f7:9d:4e:7a:dd:0d:
bb:b9:ab:a6:59:59:ad:7c:a1:6c:66:d1:2d:98:67:
81:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F2:37:A7:AF:FA:04:45:8D:46:8F:BF:22:00:E7:F8:75:5F:88:82
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/F_I3p6_6BEWNRo-_IgDn-HVfiII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.49.0-109.236.51.255
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/23
185.254.236.0/22
193.35.152.0/24
193.160.140.0/22
193.223.104.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:b1:02:67:79:e1:40:eb:17:82:e6:5e:37:3a:27:30:17:2c:
64:97:00:f8:f2:53:5d:2e:c4:a2:2a:a3:11:7c:29:a4:b8:01:
86:ad:1f:d7:0a:de:b5:f4:94:3e:ec:bc:ec:0e:94:5f:f8:2b:
35:78:f3:e8:26:e5:a3:19:cb:60:f0:01:69:c6:e9:15:84:2c:
f4:b8:8f:88:c6:9b:e7:c8:5b:98:d1:04:2f:56:74:61:9f:db:
d8:f0:24:bb:fd:41:58:6e:52:77:cf:69:6a:75:78:b6:dc:ca:
41:c4:12:70:f9:e5:9a:c8:b0:6c:b3:c6:8c:7a:4e:72:d2:9b:
d3:17:fe:56:04:0f:99:a9:30:ef:5a:ee:4a:44:34:ed:a8:fb:
c7:72:8d:3a:1a:f7:43:b7:f0:44:92:46:cf:4b:e1:32:b3:9d:
29:a5:be:6d:f6:3b:8f:2a:7b:39:1e:7d:6a:ac:ac:9a:64:e8:
87:ec:17:d6:22:68:eb:50:59:d0:2b:f7:bb:2e:b2:2b:a7:a2:
f3:04:24:4e:c5:b8:6e:df:f8:f4:81:f2:7e:f8:d0:d2:bd:d2:
4e:4f:14:a7:fe:38:35:a3:ec:cf:c7:9b:fc:2f:9d:d2:1b:48:
de:ad:a5:cc:19:81:c9:b2:76:48:a1:b8:18:a3:be:b3:5b:89:
13:56:c5:15
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZUZ0Bc9XBW+e5AlJCj397ipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMjE4MTYwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2YyMzdhN2FmZmEwNDQ1OGQ0NjhmYmYyMjAwZTdmODc1NWY4ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrHM8CuXzW39KMrQ7GZfhnw9n4xW
QXnVZOvMoWDqWfbP7+EtD+CKp9FuxOgaZpfASYrI8s7WBOPFUc5Jwai6RBrDOpOE
tYwUDx91x+XtAKbUSU0GkyNWkLkpN3MXqTHBCj5+g8KWBwK+9MkCUR+OdDfR34Cm
G1AhPJbUvE9AmJF13IKrRlej0VREOVSuTJzLR2JBBqAiGV3rRdIoDheFkjgBBPRl
FLXgOng0DpJ1/k5KivN5CPSjztdTYJnt2nSinbJnNgbwbmXvh2vVr7rYtHSwZEYY
JGNY6Fe2EP81NBJIrAx39WZOMEv3nU563Q27uaumWVmtfKFsZtEtmGeBhQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFBfyN6ev+gRFjUaPvyIA5/h1X4iCMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvRl9JM3A2XzZCRVdOUm8tX0lnRG4tSFZmaUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBvQQCAAEwgbYDBABb
wjcDBAFdvgwwDAMEAG3sMQMEAm3sMAMEAaAUbAMEALlVvAMEALlWBAMEAblWBgME
ALlWDAMEAblWDgMEALlWmAMEALlWmwMEALlXeAMEArlYrDAMAwQAuWI9AwQGuWIA
MAwDBAC5jSEDBAK5jSADBAK5uBgwDAMEA7m56AMEALm56gMEArnztAMEArn5yAME
ALn60gMEAbn+HAMEArn+7AMEAMEjmAMEAsGgjAMEAsHfaDAiBAIAAjAcAwUDKgW/
AAMFAyoH5wADBQMqCyeAAwUDKg1JwDANBgkqhkiG9w0BAQsFAAOCAQEALLECZ3nh
QOsXguZeNzonMBcsZJcA+PJTXS7EoiqjEXwppLgBhq0f1wretfSUPuy87A6UX/gr
NXjz6CbloxnLYPABacbpFYQs9LiPiMab58hbmNEEL1Z0YZ/b2PAku/1BWG5Sd89p
anV4ttzKQcQScPnlmsiwbLPGjHpOctKb0xf+VgQPmakw71ruSkQ07aj7x3KNOhr3
Q7fwRJJGz0vhMrOdKaW+bfY7jyp7OR59aqysmmToh+wX1iJo61BZ0Cv3uy6yK6ei
8wQkTsW4bt/49IHyfvjQ0r3STk8Up/44NaPsz8eb/C+d0htI3q2lzBmBybJ2SKG4
GKO+s1uJE1bFFQ==
-----END CERTIFICATE-----
Generated at Sat May 10 17:05:23 2025 by rpki-client