Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/2dCqBWf970m5yryXYWpA15mgEPI.roa
File: 2dCqBWf970m5yryXYWpA15mgEPI.roa (raw, json)
Hash identifier: jXVYTLFzIYSFxIHm8abz8xwxqoBzWRGu5gcqpiPf2kA=
Subject key identifier: D9:D0:AA:05:67:FD:EF:49:B9:CA:BC:97:61:6A:40:D7:99:A0:10:F2
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 0197CA40A0D931FE1178C0803DC1C1EA41A8
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/2dCqBWf970m5yryXYWpA15mgEPI.roa
Signing time: Wed 02 Jul 2025 08:28:42 +0000
ROA not before: Wed 02 Jul 2025 08:28:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35470
IP address blocks: 31.3.96.0/21 maxlen: 24
37.34.48.0/21 maxlen: 24
37.230.96.0/21 maxlen: 24
79.170.88.0/21 maxlen: 24
81.4.84.0/22 maxlen: 24
83.96.200.0/22 maxlen: 24
83.96.204.0/22 maxlen: 24
83.96.212.0/22 maxlen: 24
83.96.216.0/22 maxlen: 24
83.96.220.0/22 maxlen: 24
83.96.236.0/22 maxlen: 24
83.96.240.0/22 maxlen: 24
83.96.244.0/22 maxlen: 24
83.96.252.0/22 maxlen: 24
85.10.176.0/22 maxlen: 24
85.10.184.0/22 maxlen: 22
85.10.184.0/24 maxlen: 24
85.10.185.0/24 maxlen: 24
85.10.186.0/24 maxlen: 24
85.10.187.0/24 maxlen: 24
85.10.188.0/22 maxlen: 22
85.222.224.0/21 maxlen: 24
85.222.224.0/22 maxlen: 24
89.31.96.0/21 maxlen: 24
89.31.98.0/23 maxlen: 24
93.191.128.0/21 maxlen: 24
93.191.134.0/24 maxlen: 24
141.138.192.0/20 maxlen: 24
141.138.207.0/24 maxlen: 24
178.18.80.0/20 maxlen: 24
185.3.208.0/22 maxlen: 24
185.96.4.0/22 maxlen: 24
185.110.172.0/22 maxlen: 24
185.110.200.0/22 maxlen: 24
193.138.205.0/24 maxlen: 24
193.138.206.0/23 maxlen: 23
194.60.207.0/24 maxlen: 24
213.187.240.0/21 maxlen: 24
2a02:348::/32 maxlen: 48
2a02:348:14::/48 maxlen: 48
2a02:348:15::/48 maxlen: 48
2a02:348:1e::/48 maxlen: 48
2a02:348:28::/48 maxlen: 48
2a02:348:29::/48 maxlen: 48
2a02:348:32::/48 maxlen: 48
2a02:348:33::/48 maxlen: 48
2a02:348:35::/48 maxlen: 48
2a02:348:36::/48 maxlen: 48
2a02:348:37::/48 maxlen: 48
2a02:348:38::/48 maxlen: 48
2a02:348:39::/48 maxlen: 48
2a02:348:3a::/48 maxlen: 48
2a02:348:3b::/48 maxlen: 48
2a02:348:3c::/48 maxlen: 48
2a02:348:46::/48 maxlen: 48
2a02:348:47::/48 maxlen: 48
2a02:348:4b::/48 maxlen: 48
2a02:348:4c::/48 maxlen: 48
2a02:348:4f::/48 maxlen: 48
2a02:348:50::/48 maxlen: 48
2a02:348:53::/48 maxlen: 48
2a02:348:54::/48 maxlen: 48
2a02:348:55::/48 maxlen: 48
2a02:348:56::/48 maxlen: 48
2a02:348:57::/48 maxlen: 48
2a02:348:58::/48 maxlen: 48
2a02:348:59::/48 maxlen: 48
2a02:348:5a::/48 maxlen: 48
2a02:348:5b::/48 maxlen: 48
2a02:348:5d::/48 maxlen: 48
2a02:348:5e::/48 maxlen: 48
2a02:348:5f::/48 maxlen: 48
2a02:348:60::/48 maxlen: 48
2a02:348:61::/48 maxlen: 48
2a02:348:62::/48 maxlen: 48
2a02:348:63::/48 maxlen: 48
2a02:348:6e::/48 maxlen: 48
2a02:348:6f::/48 maxlen: 48
2a02:348:70::/48 maxlen: 48
2a02:348:71::/48 maxlen: 48
2a02:348:73::/48 maxlen: 48
2a02:348:74::/48 maxlen: 48
2a02:348:75::/48 maxlen: 48
2a02:348:76::/48 maxlen: 48
2a02:348:77::/48 maxlen: 48
2a02:348:78::/48 maxlen: 48
2a02:348:79::/48 maxlen: 48
2a02:348:7b::/48 maxlen: 48
2a02:348:7c::/48 maxlen: 48
2a02:348:7d::/48 maxlen: 48
2a02:348:7e::/48 maxlen: 48
2a02:348:7f::/48 maxlen: 48
2a02:348:80::/48 maxlen: 48
2a02:348:81::/48 maxlen: 48
2a02:348:82::/48 maxlen: 48
2a02:348:83::/48 maxlen: 48
2a02:348:84::/48 maxlen: 48
2a02:348:85::/48 maxlen: 48
2a02:348:86::/48 maxlen: 48
2a02:348:87::/48 maxlen: 48
2a02:348:88::/48 maxlen: 48
2a02:348:89::/48 maxlen: 48
2a02:348:8a::/48 maxlen: 48
2a02:348:8b::/48 maxlen: 48
2a02:348:8c::/48 maxlen: 48
2a02:348:8d::/48 maxlen: 48
2a02:348:8e::/48 maxlen: 48
2a02:348:8f::/48 maxlen: 48
2a02:348:90::/48 maxlen: 48
2a02:348:91::/48 maxlen: 48
2a02:348:92::/48 maxlen: 48
2a02:348:94::/48 maxlen: 48
2a02:348:95::/48 maxlen: 48
2a02:348:96::/48 maxlen: 48
2a02:348:97::/48 maxlen: 48
2a02:348:98::/48 maxlen: 48
2a02:348:99::/48 maxlen: 48
2a02:348:9a::/48 maxlen: 48
2a02:348:9b::/48 maxlen: 48
2a02:348:9c::/48 maxlen: 48
2a02:348:ac::/48 maxlen: 48
2a02:348:b1::/48 maxlen: 48
2a02:348:b2::/48 maxlen: 48
2a02:348:b3::/48 maxlen: 48
2a02:348:b4::/48 maxlen: 48
2a02:348:b9::/48 maxlen: 48
2a02:348:ba::/48 maxlen: 48
2a02:348:bb::/48 maxlen: 48
2a02:348:bc::/48 maxlen: 48
2a02:348:c8::/48 maxlen: 48
2a02:348:5e6::/48 maxlen: 48
2a02:348:1001::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Jul 2025 08:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:40:a0:d9:31:fe:11:78:c0:80:3d:c1:c1:ea:41:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jul 2 08:28:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9d0aa0567fdef49b9cabc97616a40d799a010f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b2:6f:c7:32:94:8b:f0:c6:dd:ca:d0:0b:fa:
79:9b:06:f7:25:94:b9:a2:9f:bb:30:56:e7:f4:12:
c4:81:30:1a:81:a2:b1:29:d5:96:ee:b8:99:5d:f9:
61:9b:de:a1:6c:61:21:a1:89:a4:e5:73:32:13:1c:
18:cd:f0:08:05:f9:8a:9e:eb:91:bb:e8:ce:99:b6:
ec:8c:6a:c0:eb:da:ae:e6:30:35:67:0e:41:16:3a:
e8:a1:9a:23:c8:3e:30:6b:94:9a:65:93:e1:db:c6:
73:82:d7:60:c5:1d:91:b2:10:b0:77:3f:09:d3:ba:
25:85:93:d4:25:33:c7:80:3f:08:23:c8:08:54:a1:
a8:13:a0:e9:5a:76:c0:2f:de:2d:88:5f:62:2e:20:
1c:f6:a7:ad:ca:25:99:b7:8b:de:aa:56:7f:84:02:
86:64:c4:cf:12:0d:c1:f0:42:ae:98:27:c9:01:0f:
22:be:47:c3:c5:55:55:71:fa:39:da:ae:d4:de:16:
8f:27:82:e6:db:8c:e9:8a:f6:dc:91:61:1d:85:61:
1b:fa:60:07:76:6c:95:80:05:42:a2:f3:27:59:75:
67:b7:2c:f5:c1:40:6f:0b:37:80:c7:9c:76:ad:60:
b2:d9:f3:b2:2d:15:52:6f:54:ef:a1:20:88:79:da:
26:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D0:AA:05:67:FD:EF:49:B9:CA:BC:97:61:6A:40:D7:99:A0:10:F2
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/2dCqBWf970m5yryXYWpA15mgEPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.96.0/21
37.34.48.0/21
37.230.96.0/21
79.170.88.0/21
81.4.84.0/22
83.96.200.0/21
83.96.212.0-83.96.223.255
83.96.236.0-83.96.247.255
83.96.252.0/22
85.10.176.0/22
85.10.184.0/21
85.222.224.0/21
89.31.96.0/21
93.191.128.0/21
141.138.192.0/20
178.18.80.0/20
185.3.208.0/22
185.96.4.0/22
185.110.172.0/22
185.110.200.0/22
193.138.205.0-193.138.207.255
194.60.207.0/24
213.187.240.0/21
IPv6:
2a02:348::/32
Signature Algorithm: sha256WithRSAEncryption
c6:e9:d5:10:16:b1:ce:6a:6f:d3:39:e5:b7:a4:07:eb:89:3b:
4a:ee:c8:f8:51:79:f3:6a:95:9b:1d:5f:81:21:02:26:e8:58:
51:1b:71:e7:c8:fe:9d:35:7c:09:b6:54:c5:8c:8c:60:23:21:
dd:dd:d4:64:ff:d9:40:c5:33:2c:59:e4:55:29:85:60:6c:80:
c0:be:d4:0e:6a:8f:d2:b6:66:33:83:d8:ef:47:1e:0f:81:d6:
50:cc:7a:97:07:ac:6d:06:9a:01:40:79:5f:f1:fc:58:18:41:
1b:9e:c6:8a:57:3c:5c:16:65:7b:30:df:3c:87:6f:d0:bd:45:
68:fe:f8:52:8c:80:43:4e:89:d0:41:68:20:cd:41:60:8c:5b:
4e:14:1e:b4:25:fb:d4:c3:82:99:1a:a7:22:ad:3e:45:61:21:
3c:21:1b:30:06:c6:2b:db:26:fc:b7:b8:c9:4e:c7:b3:2c:b5:
1c:69:63:c6:80:e1:e1:8e:24:f7:8c:33:cf:a2:e5:3e:d2:5f:
b6:23:f7:68:f4:b9:a9:6a:36:e6:61:94:16:89:2a:77:78:2e:
0f:66:51:b3:68:93:96:05:bf:34:7c:1d:03:ba:8d:04:3b:10:
a4:2e:0c:68:31:b1:b9:97:be:44:99:a1:7e:16:49:8d:be:b2:
ea:75:cd:9d
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZfKQKDZMf4ReMCAPcHB6kGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwNzAyMDgyODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQwYWEwNTY3ZmRlZjQ5YjljYWJjOTc2MTZhNDBkNzk5YTAxMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubJvxzKUi/DG3crQC/p5mwb3JZS5
op+7MFbn9BLEgTAagaKxKdWW7riZXflhm96hbGEhoYmk5XMyExwYzfAIBfmKnuuR
u+jOmbbsjGrA69qu5jA1Zw5BFjrooZojyD4wa5SaZZPh28ZzgtdgxR2RshCwdz8J
07olhZPUJTPHgD8II8gIVKGoE6DpWnbAL94tiF9iLiAc9qetyiWZt4veqlZ/hAKG
ZMTPEg3B8EKumCfJAQ8ivkfDxVVVcfo52q7U3haPJ4Lm24zpivbckWEdhWEb+mAH
dmyVgAVCovMnWXVntyz1wUBvCzeAx5x2rWCy2fOyLRVSb1TvoSCIedomDwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFNnQqgVn/e9Jucq8l2FqQNeZoBDyMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvMmRDcUJXZjk3MG01eXJ5WFlXcEExNW1nRVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAMf
A2ADBAMlIjADBAMl5mADBANPqlgDBAJRBFQDBANTYMgwDAMEAlNg1AMEBVNgwDAM
AwQCU2DsAwQDU2DwAwQCU2D8AwQCVQqwAwQDVQq4AwQDVd7gAwQDWR9gAwQDXb+A
AwQEjYrAAwQEshJQAwQCuQPQAwQCuWAEAwQCuW6sAwQCuW7IMAwDBADBis0DBATB
isADBADCPM8DBAPVu/AwDQQCAAIwBwMFACoCA0gwDQYJKoZIhvcNAQELBQADggEB
AMbp1RAWsc5qb9M55bekB+uJO0ruyPhRefNqlZsdX4EhAiboWFEbcefI/p01fAm2
VMWMjGAjId3d1GT/2UDFMyxZ5FUphWBsgMC+1A5qj9K2ZjOD2O9HHg+B1lDMepcH
rG0GmgFAeV/x/FgYQRuexopXPFwWZXsw3zyHb9C9RWj++FKMgENOidBBaCDNQWCM
W04UHrQl+9TDgpkapyKtPkVhITwhGzAGxivbJvy3uMlOx7MstRxpY8aA4eGOJPeM
M8+i5T7SX7Yj92j0ualqNuZhlBaJKnd4Lg9mUbNok5YFvzR8HQO6jQQ7EKQuDGgx
sbmXvkSZoX4WSY2+sup1zZ0=
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:01:51 2025 by rpki-client