Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/FzJb1ZYm-SP4-pXgO5yGwEvPb-A.roa
File: FzJb1ZYm-SP4-pXgO5yGwEvPb-A.roa (raw, json)
Hash identifier: zW2713KarQoqh+Xn7faTuFOOnSdxHjci4mnyUlt0keA=
Subject key identifier: 17:32:5B:D5:96:26:F9:23:F8:FA:95:E0:3B:9C:86:C0:4B:CF:6F:E0
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0198177FC2BEF6760FA8ABD80100F4A19907
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/FzJb1ZYm-SP4-pXgO5yGwEvPb-A.roa
Signing time: Thu 17 Jul 2025 08:28:25 +0000
ROA not before: Thu 17 Jul 2025 08:28:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.233.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Jul 2025 07:42:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:17:7f:c2:be:f6:76:0f:a8:ab:d8:01:00:f4:a1:99:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 17 08:28:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17325bd59626f923f8fa95e03b9c86c04bcf6fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5a:7d:06:5b:c8:dd:78:fa:63:3a:3d:ba:f2:
fc:c9:7e:6c:5a:4b:49:3f:9b:d8:1d:99:b4:e5:97:
ea:2f:5c:5f:4d:67:62:5c:62:ec:c1:31:73:95:0a:
94:4d:6b:e5:6a:8e:04:c2:b2:e1:f1:ee:98:39:13:
dd:0a:e2:59:9c:57:fb:2a:83:25:d5:f3:4c:12:42:
f1:56:35:66:a5:21:4e:bc:d0:88:0a:b3:c4:6a:80:
02:9f:9a:23:88:44:74:47:0a:6e:32:60:b4:87:a7:
a3:6f:e4:9d:89:a1:96:f3:b3:eb:95:34:85:78:90:
fe:33:68:aa:3b:49:81:6a:d9:14:19:b7:13:2f:60:
e5:81:2a:5d:e5:90:df:87:dd:3a:e6:4e:f2:a5:f2:
7f:17:89:75:c9:1a:06:cb:3c:54:26:f3:82:f3:4c:
40:cd:9b:97:75:aa:40:0c:d6:4b:18:f9:62:d8:da:
0e:b7:86:04:db:5c:f3:d1:ac:1d:de:88:fd:61:55:
c5:c7:de:8d:12:2c:39:39:90:fa:ac:0d:e3:73:20:
d1:35:6b:cf:0c:55:bd:7e:80:77:25:9d:30:1e:05:
45:29:48:b3:9a:45:ec:b5:50:b5:60:c2:34:96:69:
8e:43:aa:ab:52:d6:99:31:2a:6f:ef:f2:1b:2d:38:
33:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:32:5B:D5:96:26:F9:23:F8:FA:95:E0:3B:9C:86:C0:4B:CF:6F:E0
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/FzJb1ZYm-SP4-pXgO5yGwEvPb-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.234.0/23
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.159.255
91.92.33.0-91.92.35.255
91.92.40.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.206.0/23
93.152.209.0-93.152.211.255
93.152.213.0-93.152.216.255
93.152.218.0-93.152.224.255
93.152.226.0/23
93.152.233.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
25:fe:8d:b3:0e:be:51:c4:7f:01:78:9a:b0:4b:b5:f1:7f:3e:
e5:94:00:fb:36:c0:65:4f:de:d5:68:ed:db:4c:f3:11:9f:4e:
b9:a5:48:d6:af:ee:55:bc:6d:81:d0:ae:ad:ce:6e:ae:bd:a8:
77:aa:97:e2:b9:1d:e0:15:72:f1:55:56:f5:f6:ab:4a:e7:8b:
62:09:84:9f:51:0d:a0:23:b1:ed:0d:a1:4a:6e:57:4e:b8:f2:
d9:4c:db:d2:80:a8:9d:dc:94:b0:a1:4c:9e:31:bc:08:fb:ef:
6e:fb:fe:ef:0b:77:7e:c4:5f:3f:5f:81:b3:8d:a6:c2:a0:e6:
a3:ad:5f:3f:81:ee:d0:e2:40:a6:b4:ba:55:58:b3:99:4c:42:
71:20:28:ea:f0:42:b7:d9:ce:c4:ff:10:0b:db:47:e3:92:ec:
10:07:59:6f:bd:95:00:a4:4b:da:f1:85:3b:7d:d9:10:df:d2:
94:7d:69:2d:f2:be:bd:12:04:48:da:b6:9c:ab:fd:8c:19:0a:
a6:39:0d:bf:ae:0c:ed:7b:4b:43:28:57:b6:86:4f:ec:b4:ad:
72:10:01:2f:c7:5c:1a:a8:9b:b4:c4:66:dc:07:b4:60:93:c1:
5c:37:aa:67:2c:00:c6:ba:d7:8c:d6:e0:95:e9:cf:50:3a:0d:
69:24:8c:09
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZgXf8K+9nYPqKvYAQD0oZkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwNzE3MDgyODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzMyNWJkNTk2MjZmOTIzZjhmYTk1ZTAzYjljODZjMDRiY2Y2ZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFp9BlvI3Xj6Yzo9uvL8yX5sWktJ
P5vYHZm05ZfqL1xfTWdiXGLswTFzlQqUTWvlao4EwrLh8e6YORPdCuJZnFf7KoMl
1fNMEkLxVjVmpSFOvNCICrPEaoACn5ojiER0RwpuMmC0h6ejb+SdiaGW87PrlTSF
eJD+M2iqO0mBatkUGbcTL2DlgSpd5ZDfh9065k7ypfJ/F4l1yRoGyzxUJvOC80xA
zZuXdapADNZLGPli2NoOt4YE21zz0awd3oj9YVXFx96NEiw5OZD6rA3jcyDRNWvP
DFW9foB3JZ0wHgVFKUizmkXstVC1YMI0lmmOQ6qrUtaZMSpv7/IbLTgzWQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFBcyW9WWJvkj+PqV4DuchsBLz2/gMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvRnpKYjFaWW0tU1A0LXBYZ081eUd3RXZQYi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAAt
jegDBAEtjeoDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEAk6fmDAM
AwQATp+dAwQFTp+AMAwDBABbXCEDBAJbXCAwDAMEA1tcKAMEAFtcLjAMAwQAW1wx
AwQBW1w0AwQBXZjOMAwDBABdmNEDBAJdmNAwDAMEAF2Y1QMEAF2Y2DAMAwQBXZja
AwQAXZjgAwQBXZjiAwQAXZjpAwQBXhocAwQCXhpMMAwDBABeGlkDBABeGloDBABe
vsMDBAG5YPwDBAC5YP8DBADUZmkDBADUZmswDQYJKoZIhvcNAQELBQADggEBACX+
jbMOvlHEfwF4mrBLtfF/PuWUAPs2wGVP3tVo7dtM8xGfTrmlSNav7lW8bYHQrq3O
bq69qHeql+K5HeAVcvFVVvX2q0rni2IJhJ9RDaAjse0NoUpuV0648tlM29KAqJ3c
lLChTJ4xvAj77277/u8Ld37EXz9fgbONpsKg5qOtXz+B7tDiQKa0ulVYs5lMQnEg
KOrwQrfZzsT/EAvbR+OS7BAHWW+9lQCkS9rxhTt92RDf0pR9aS3yvr0SBEjatpyr
/YwZCqY5Db+uDO17S0MoV7aGT+y0rXIQAS/HXBqom7TEZtwHtGCTwVw3qmcsAMa6
14zW4JXpz1A6DWkkjAk=
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:46:12 2025 by rpki-client