Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/cZDX18nEbziyYqJIs8LfW-VmsGo.roa
File: cZDX18nEbziyYqJIs8LfW-VmsGo.roa (raw, json)
Hash identifier: JqsfRdYvP1hxNhXpAGSbAg7xGpvi5bNlZxT6du/jlqc=
Subject key identifier: 71:90:D7:D7:C9:C4:6F:38:B2:62:A2:48:B3:C2:DF:5B:E5:66:B0:6A
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0195293D36AFBC867C7B89BD05151BA26CCC
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/cZDX18nEbziyYqJIs8LfW-VmsGo.roa
Signing time: Fri 21 Feb 2025 16:00:32 +0000
ROA not before: Fri 21 Feb 2025 16:00:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Feb 2025 11:57:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:29:3d:36:af:bc:86:7c:7b:89:bd:05:15:1b:a2:6c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Feb 21 16:00:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7190d7d7c9c46f38b262a248b3c2df5be566b06a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2d:82:b8:7e:5c:16:06:af:cd:85:84:32:42:
c2:50:f4:d3:eb:8f:90:8a:d4:33:44:54:54:70:9d:
3f:5e:8c:49:00:b5:98:34:b1:6e:f3:ae:2d:50:c3:
63:9c:2d:d2:71:c8:07:e7:37:99:55:17:6b:e9:78:
61:6d:0d:db:94:f0:21:66:ac:12:64:2c:12:3b:50:
d4:e0:db:73:7e:73:23:da:d4:e5:4f:d1:97:08:9f:
b5:23:d3:23:ad:ac:83:c2:d9:38:6b:79:3a:1a:fa:
04:ac:23:4b:ed:0c:d4:0a:c8:72:30:0d:d7:99:57:
a9:e1:99:5c:5d:72:7a:bf:ba:6b:c9:42:9d:77:23:
36:ff:a2:b7:0d:f7:eb:10:5c:6e:3f:5f:9f:4e:04:
dc:68:f4:e3:bb:8e:fe:27:a8:d8:8d:eb:4a:8a:f0:
dc:d3:ec:3c:dc:e8:f9:cb:bf:ec:8c:84:a9:1c:b7:
8d:ff:ef:ce:4d:2c:0d:0a:e5:bd:41:9f:d9:bd:8e:
96:1e:e5:bc:67:4a:3d:59:6e:ba:e3:a3:bd:29:6f:
7d:73:19:93:e0:07:ae:01:fc:9e:26:a0:d0:55:19:
89:b3:18:72:69:f4:67:f6:94:4f:41:e1:db:72:f4:
31:11:c6:d2:d6:40:98:37:79:f6:f9:0a:4a:51:bb:
3f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:90:D7:D7:C9:C4:6F:38:B2:62:A2:48:B3:C2:DF:5B:E5:66:B0:6A
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/cZDX18nEbziyYqJIs8LfW-VmsGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.49.0-109.236.51.255
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/23
185.254.236.0/22
193.35.152.0/24
193.35.155.0/24
193.160.140.0/22
193.223.104.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:9d:fc:08:cf:a5:dc:d5:20:aa:ba:d8:aa:0b:28:97:db:7d:
51:02:bf:84:c4:0f:9e:04:99:58:67:ee:e3:53:ca:b9:6f:3b:
57:3e:8f:f9:1b:f6:24:68:0d:4a:00:43:b9:2a:ac:bd:73:59:
65:9a:be:df:56:65:5d:27:93:e3:fd:b1:ca:75:18:b9:94:e8:
e6:d5:dd:b0:8c:61:34:fa:91:72:46:ef:b9:71:bc:4f:97:98:
12:d2:65:e2:cd:5a:27:6c:28:57:04:cf:83:ee:42:e4:b6:8c:
1e:b2:6d:5b:63:9b:d1:4e:f9:ba:c9:ea:11:ff:07:ac:7d:ab:
8b:0e:e1:bb:f6:33:1a:f6:16:ce:dd:29:69:b1:d6:5b:b5:de:
b2:b5:19:c4:a5:b9:19:b6:68:6d:83:91:b5:3c:09:8e:39:8c:
1d:1c:6a:f4:93:84:5c:1b:88:c6:e0:f2:0c:91:1a:52:7d:e0:
0c:3c:0b:66:1c:38:20:40:03:04:ad:ae:d6:64:21:9b:1a:b7:
bd:2e:4f:1d:f5:28:39:49:05:b1:7a:4e:ae:af:6d:66:4e:b5:
10:c0:92:dd:c8:24:8d:72:b6:86:a9:f6:f1:b9:7d:94:8b:df:
20:14:ad:63:30:22:78:1e:51:29:5b:6b:fb:55:2d:a9:47:6b:
db:57:2e:05
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZUpPTavvIZ8e4m9BRUbomzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMjIxMTYwMDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTkwZDdkN2M5YzQ2ZjM4YjI2MmEyNDhiM2MyZGY1YmU1NjZiMDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni2CuH5cFgavzYWEMkLCUPTT64+Q
itQzRFRUcJ0/XoxJALWYNLFu864tUMNjnC3SccgH5zeZVRdr6XhhbQ3blPAhZqwS
ZCwSO1DU4NtzfnMj2tTlT9GXCJ+1I9MjrayDwtk4a3k6GvoErCNL7QzUCshyMA3X
mVep4ZlcXXJ6v7pryUKddyM2/6K3DffrEFxuP1+fTgTcaPTju47+J6jYjetKivDc
0+w83Oj5y7/sjISpHLeN/+/OTSwNCuW9QZ/ZvY6WHuW8Z0o9WW6646O9KW99cxmT
4AeuAfyeJqDQVRmJsxhyafRn9pRPQeHbcvQxEcbS1kCYN3n2+QpKUbs/LwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFHGQ19fJxG84smKiSLPC31vlZrBqMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvY1pEWDE4bkVieml5WXFKSXM4TGZXLVZtc0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCBwwQCAAEwgbwDBABb
wjcDBAFdvgwwDAMEAG3sMQMEAm3sMAMEAaAUbAMEALlVvAMEALlWBAMEAblWBgME
ALlWDAMEAblWDgMEALlWmAMEALlWmwMEALlXeAMEArlYrDAMAwQAuWI9AwQGuWIA
MAwDBAC5jSEDBAK5jSADBAK5uBgwDAMEA7m56AMEALm56gMEArnztAMEArn5yAME
ALn60gMEAbn+HAMEArn+7AMEAMEjmAMEAMEjmwMEAsGgjAMEAsHfaDAiBAIAAjAc
AwUDKgW/AAMFAyoH5wADBQMqCyeAAwUDKg1JwDANBgkqhkiG9w0BAQsFAAOCAQEA
hJ38CM+l3NUgqrrYqgsol9t9UQK/hMQPngSZWGfu41PKuW87Vz6P+Rv2JGgNSgBD
uSqsvXNZZZq+31ZlXSeT4/2xynUYuZTo5tXdsIxhNPqRckbvuXG8T5eYEtJl4s1a
J2woVwTPg+5C5LaMHrJtW2Ob0U75usnqEf8HrH2riw7hu/YzGvYWzt0pabHWW7Xe
srUZxKW5GbZobYORtTwJjjmMHRxq9JOEXBuIxuDyDJEaUn3gDDwLZhw4IEADBK2u
1mQhmxq3vS5PHfUoOUkFsXpOrq9tZk61EMCS3cgkjXK2hqn28bl9lIvfIBStYzAi
eB5RKVtr+1UtqUdr21cuBQ==
-----END CERTIFICATE-----
Generated at Sat May 10 17:52:34 2025 by rpki-client