Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/v-2J1QemutSsiZJt-pLmAB4gC6g.roa
File: v-2J1QemutSsiZJt-pLmAB4gC6g.roa (raw, json)
Hash identifier: JU9dwSOpZoTWdFPhDveUQGnlSSJzHxpUU7+o1o7f1xs=
Subject key identifier: BF:ED:89:D5:07:A6:BA:D4:AC:89:92:6D:FA:92:E6:00:1E:20:0B:A8
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 019630E6E33DE2308C1E2A1998F833D2A8F8
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/v-2J1QemutSsiZJt-pLmAB4gC6g.roa
Signing time: Sun 13 Apr 2025 20:45:59 +0000
ROA not before: Sun 13 Apr 2025 20:45:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.132.132.0/22 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
103.231.72.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.56.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.62.42.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/21 maxlen: 24
213.159.72.0/21 maxlen: 24
213.159.76.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a0b:cf45::/32 maxlen: 32
2a0b:cf46::/32 maxlen: 32
2a0b:cf47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:4c05::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d85::/32 maxlen: 32
2a14:2d87::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3082::/32 maxlen: 32
2a14:3083::/32 maxlen: 32
2a14:3084::/32 maxlen: 32
2a14:3085::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 24 Apr 2025 10:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:30:e6:e3:3d:e2:30:8c:1e:2a:19:98:f8:33:d2:a8:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Apr 13 20:45:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfed89d507a6bad4ac89926dfa92e6001e200ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f0:bc:b9:aa:b4:0a:e8:19:6b:9d:52:a0:93:
f0:c4:f7:57:d5:12:23:5d:51:f6:42:61:37:92:5c:
cf:05:fa:e6:f8:6d:c6:e1:3a:49:39:6b:81:93:a7:
a8:eb:d7:14:5c:37:ec:7b:00:16:c9:1b:70:36:9d:
86:7e:b9:d7:0a:f2:17:72:aa:7f:9b:6a:cf:1e:ce:
8d:53:62:b3:5b:cb:87:34:8e:39:99:ed:3e:f6:3d:
94:33:7f:56:af:bb:04:20:f5:5a:a0:1e:06:1f:99:
df:08:f1:0a:08:f2:8c:ec:15:a0:0e:2c:e3:17:e8:
8a:26:78:9a:ef:e9:bb:1f:e4:d4:ac:2d:5d:f4:a7:
f7:65:ab:fa:a7:d4:ff:1c:d4:f8:45:84:9d:35:e6:
99:42:54:02:e3:f2:3d:cb:14:0e:91:ee:5a:f8:77:
a9:92:34:99:3d:cd:fb:f7:e9:3e:36:56:42:41:cd:
46:38:35:d3:0a:ad:a5:c0:3d:79:a9:13:82:1b:60:
5e:79:2b:35:d1:f5:74:cd:fc:4c:3b:d0:91:e6:99:
ab:4f:e5:9c:90:a4:4f:da:24:b0:94:f9:82:6d:49:
93:84:b3:ee:76:37:c4:27:c3:9e:7b:ce:79:93:48:
53:a5:fd:f0:3f:42:88:36:c2:63:ce:7f:9c:fc:fb:
91:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:ED:89:D5:07:A6:BA:D4:AC:89:92:6D:FA:92:E6:00:1E:20:0B:A8
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/v-2J1QemutSsiZJt-pLmAB4gC6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/23
45.67.231.0/24
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.132.132.0/22
91.194.161.0/24
91.225.217.0-91.225.219.255
94.131.8.0/24
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
103.231.72.0/22
176.120.64.0/22
176.120.72.0/22
185.234.56.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/24
185.250.150.0/23
193.203.202.0/24
194.54.156.0/22
194.62.42.0/24
194.246.114.0/23
195.42.232.0/22
195.149.87.0/24
213.159.64.0/20
IPv6:
2a09:7c40::/29
2a0b:cf45::-2a0b:cf47:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3805::/32
2a11:3c02::/31
2a11:4c04::-2a11:4c06:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2d80::/30
2a14:2d85::/32
2a14:2d87::/32
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::-2a14:3085:ffff:ffff:ffff:ffff:ffff:ffff
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
0f:a6:1e:8f:3a:d7:4b:1f:99:cc:d5:93:62:04:53:f6:fd:6d:
54:f5:0c:81:a6:b5:cf:11:82:01:bf:7a:90:9b:65:bf:20:69:
3a:33:fd:44:6d:07:b5:f8:25:c8:66:b8:c8:b8:7c:9f:ba:56:
93:58:7f:b3:61:cf:81:04:67:b2:6b:d9:48:10:ed:19:df:40:
1f:56:34:c8:87:2b:36:8f:ef:1f:32:7c:60:67:b6:99:6e:c9:
82:f7:fb:9c:b8:4e:12:88:74:e9:7b:9c:99:c9:31:00:6d:01:
92:d4:77:4d:45:0d:24:ab:ef:9b:3e:23:a6:66:6d:c1:73:88:
83:7d:f9:41:f6:6c:dd:16:58:c0:e7:c7:e6:e9:ff:81:d2:77:
1e:06:4a:a2:60:96:78:49:97:b4:90:8c:0b:48:4d:06:4a:39:
3a:65:09:38:f5:39:fd:03:53:fb:b8:6c:04:c5:69:e3:03:cd:
6f:be:18:db:4e:2c:6e:20:a0:d1:92:a7:50:87:77:3a:e3:67:
2d:bd:41:6c:d2:22:7d:cc:87:c2:9d:f3:d4:90:9c:64:d6:d4:
2c:63:03:fe:a1:4f:5a:58:bc:0d:20:83:90:dc:bd:3b:63:b9:
30:2f:13:84:54:21:b8:ff:b5:13:cf:a4:8b:9b:a1:4a:46:e4:
57:f1:c7:25
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAZYw5uM94jCMHioZmPgz0qj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNDEzMjA0NTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmVkODlkNTA3YTZiYWQ0YWM4OTkyNmRmYTkyZTYwMDFlMjAwYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfC8uaq0CugZa51SoJPwxPdX1RIj
XVH2QmE3klzPBfrm+G3G4TpJOWuBk6eo69cUXDfsewAWyRtwNp2GfrnXCvIXcqp/
m2rPHs6NU2KzW8uHNI45me0+9j2UM39Wr7sEIPVaoB4GH5nfCPEKCPKM7BWgDizj
F+iKJnia7+m7H+TUrC1d9Kf3Zav6p9T/HNT4RYSdNeaZQlQC4/I9yxQOke5a+Hep
kjSZPc379+k+NlZCQc1GODXTCq2lwD15qROCG2BeeSs10fV0zfxMO9CR5pmrT+Wc
kKRP2iSwlPmCbUmThLPudjfEJ8Oee855k0hTpf3wP0KINsJjzn+c/PuRIwIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFL/tidUHprrUrImSbfqS5gAeIAuoMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvdi0ySjFRZW11dFNzaVpKdC1wTG1BQjRnQzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbAYIKwYBBQUHAQcBAf8EggFbMIIBVzCB3QQCAAEwgdYD
BAIl3XwDBAEtQ+QDBAAtQ+cDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBc
zgMEAlZoSAMEAVnd4AMEAluEhAMEAFvCoTAMAwQAW+HZAwQCW+HYAwQAXoMIAwQC
ZyO8AwQCZ2oAAwQCZ3FEAwQCZ+dIAwQCsHhAAwQCsHhIAwQCueo4AwQCuepAAwQC
uevwAwQCuezoAwQCufJUAwQAufqUAwQBufqWAwQAwcvKAwQCwjacAwQAwj4qAwQB
wvZyAwQCwyroAwQAw5VXAwQE1Z9AMHUEAgACMG8DBQMqCXxAMA4DBQAqC89FAwUD
KgvPQAMFACoROAUDBQEqETwCMA4DBQIqEUwEAwUAKhFMBgMFAioULYADBQAqFC2F
AwUAKhQthwMFACoULoADBQAqFC+AMA4DBQcqFDCAAwUBKhQwhAMFACoUOIAwDQYJ
KoZIhvcNAQELBQADggEBAA+mHo8610sfmczVk2IEU/b9bVT1DIGmtc8RggG/epCb
Zb8gaToz/URtB7X4JchmuMi4fJ+6VpNYf7Nhz4EEZ7Jr2UgQ7RnfQB9WNMiHKzaP
7x8yfGBntpluyYL3+5y4ThKIdOl7nJnJMQBtAZLUd01FDSSr75s+I6ZmbcFziIN9
+UH2bN0WWMDnx+bp/4HSdx4GSqJglnhJl7SQjAtITQZKOTplCTj1Of0DU/u4bATF
aeMDzW++GNtOLG4goNGSp1CHdzrjZy29QWzSIn3Mh8Kd89SQnGTW1CxjA/6hT1pY
vA0gg5DcvTtjuTAvE4RUIbj/tRPPpIuboUpG5FfxxyU=
-----END CERTIFICATE-----
Generated at Mon May 12 15:45:39 2025 by rpki-client