Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/i0NdnXTzyIe39U_B6rPtNdVvf9I.roa
File: i0NdnXTzyIe39U_B6rPtNdVvf9I.roa (raw, json)
Hash identifier: Urc8imbwmrmV2RPNLILnJEgD+9lfc82oghngY744TTM=
Subject key identifier: 8B:43:5D:9D:74:F3:C8:87:B7:F5:4F:C1:EA:B3:ED:35:D5:6F:7F:D2
Certificate issuer: /CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Certificate serial: 0194F970BCEC19F337103EB50579A8EB50B7
Authority key identifier: 94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/i0NdnXTzyIe39U_B6rPtNdVvf9I.roa
Signing time: Wed 12 Feb 2025 09:15:02 +0000
ROA not before: Wed 12 Feb 2025 09:15:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61098
IP address blocks: 85.217.160.0/22 maxlen: 24
85.217.172.0/23 maxlen: 24
85.217.174.0/23 maxlen: 24
85.217.184.0/23 maxlen: 24
85.217.186.0/23 maxlen: 24
89.145.160.0/22 maxlen: 24
89.145.164.0/23 maxlen: 24
89.145.166.0/23 maxlen: 24
91.92.116.0/23 maxlen: 24
91.92.118.0/23 maxlen: 24
91.92.140.0/23 maxlen: 24
91.92.142.0/23 maxlen: 24
91.92.152.0/23 maxlen: 24
91.92.154.0/23 maxlen: 24
91.92.200.0/23 maxlen: 24
91.92.202.0/23 maxlen: 24
91.92.224.0/23 maxlen: 24
91.92.227.0/24 maxlen: 24
92.39.56.0/22 maxlen: 24
92.39.60.0/22 maxlen: 24
138.124.208.0/22 maxlen: 24
138.124.212.0/22 maxlen: 24
138.124.216.0/23 maxlen: 24
151.145.192.0/22 maxlen: 24
159.100.240.0/22 maxlen: 24
159.100.244.0/24 maxlen: 24
159.100.245.0/24 maxlen: 24
159.100.246.0/23 maxlen: 24
159.100.248.0/21 maxlen: 24
185.19.28.0/22 maxlen: 24
185.150.8.0/22 maxlen: 24
194.182.160.0/22 maxlen: 24
194.182.164.0/22 maxlen: 24
194.182.168.0/22 maxlen: 24
194.182.172.0/22 maxlen: 24
194.182.176.0/22 maxlen: 24
194.182.180.0/22 maxlen: 24
194.182.184.0/22 maxlen: 24
194.182.188.0/22 maxlen: 24
2a04:c41::/32 maxlen: 48
2a04:c42::/32 maxlen: 48
2a04:c42:f11::/48 maxlen: 48
2a04:c42:f12::/48 maxlen: 48
2a04:c43::/32 maxlen: 48
2a04:c44::/32 maxlen: 48
2a04:c45::/32 maxlen: 48
2a04:c46::/32 maxlen: 48
2a04:c47::/32 maxlen: 48
2a04:c47:f11::/48 maxlen: 48
2a04:c47:f12::/48 maxlen: 48
2a07:6cc0:10::/48 maxlen: 48
2a07:6cc0:11::/48 maxlen: 48
2a07:6cc0:12::/48 maxlen: 48
2a07:6cc0:20::/48 maxlen: 48
2a07:6cc0:21::/48 maxlen: 48
2a07:6cc0:30::/48 maxlen: 48
2a07:6cc0:31::/48 maxlen: 48
2a07:6cc0:40::/48 maxlen: 48
2a07:6cc0:41::/48 maxlen: 48
2a07:6cc0:50::/48 maxlen: 48
2a07:6cc0:60::/48 maxlen: 48
2a07:6cc0:70::/48 maxlen: 48
2a07:6cc0:71::/48 maxlen: 48
2a07:6cc1::/32 maxlen: 48
2a07:6cc2::/32 maxlen: 48
2a07:6cc2:f11::/48 maxlen: 48
2a07:6cc2:f12::/48 maxlen: 48
2a07:6cc3::/32 maxlen: 48
2a07:6cc3:f11::/48 maxlen: 48
2a07:6cc3:f12::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 10 Apr 2025 08:51:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:70:bc:ec:19:f3:37:10:3e:b5:05:79:a8:eb:50:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Validity
Not Before: Feb 12 09:15:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b435d9d74f3c887b7f54fc1eab3ed35d56f7fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a2:4d:08:61:94:f6:87:cb:5e:86:c7:96:3a:
6c:07:d4:2b:32:cb:fd:51:07:f1:31:b6:a6:ad:c4:
5c:8d:78:ac:48:cb:ac:d6:f7:b1:ff:83:93:bb:d0:
86:45:c2:ad:6c:0d:d9:74:30:de:31:5e:f9:36:74:
e5:13:22:50:a8:c1:ab:50:f5:b7:c8:30:50:0b:12:
0b:c5:49:ca:b0:83:88:2b:d5:86:89:64:7d:50:f1:
8d:ac:63:9e:f4:e1:73:08:bc:9e:8e:f3:52:4c:19:
1d:a5:14:35:85:68:7a:cd:4a:69:6a:fd:be:54:82:
9d:03:a5:d6:5f:7a:00:aa:92:03:ee:31:b9:d9:86:
6e:3b:f9:08:47:39:c1:64:5f:1a:96:de:be:c2:1c:
ad:04:0e:b3:82:6a:a5:31:4c:c6:14:90:93:e6:28:
e6:fb:1f:96:a3:47:f6:b2:52:d7:8d:9b:b9:0d:d0:
53:d5:a6:bf:1d:8f:02:34:d1:f6:b5:2f:de:47:6f:
01:24:a8:9e:97:6f:2e:b2:8f:30:4d:cb:ae:15:84:
bb:3e:38:7c:31:c9:d2:35:fb:a5:94:c4:bf:95:a4:
ca:7c:e1:62:cb:0c:fc:6e:e6:93:72:18:e2:b1:81:
16:3c:44:6a:2d:2c:88:94:82:2b:b2:d6:f1:5e:99:
34:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:43:5D:9D:74:F3:C8:87:B7:F5:4F:C1:EA:B3:ED:35:D5:6F:7F:D2
X509v3 Authority Key Identifier:
keyid:94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/i0NdnXTzyIe39U_B6rPtNdVvf9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.160.0/22
85.217.172.0/22
85.217.184.0/22
89.145.160.0/21
91.92.116.0/22
91.92.140.0/22
91.92.152.0/22
91.92.200.0/22
91.92.224.0/23
91.92.227.0/24
92.39.56.0/21
138.124.208.0-138.124.217.255
151.145.192.0/22
159.100.240.0/20
185.19.28.0/22
185.150.8.0/22
194.182.160.0/19
IPv6:
2a04:c41::-2a04:c47:ffff:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:10::-2a07:6cc0:12:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:20::/47
2a07:6cc0:30::/47
2a07:6cc0:40::/47
2a07:6cc0:50::/48
2a07:6cc0:60::/48
2a07:6cc0:70::/47
2a07:6cc1::-2a07:6cc3:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6c:05:1f:c3:63:e3:d9:e3:37:a5:ae:ed:f7:5a:25:ee:73:31:
95:c6:e0:79:d0:1f:7c:b0:fe:89:72:e9:af:40:3d:79:2a:bf:
bd:63:00:25:78:b3:50:94:be:50:51:a0:8e:76:fa:53:bd:61:
14:d0:18:21:1b:7b:5d:4a:d4:27:44:63:dd:c0:ef:e1:8d:89:
89:08:4b:ee:dc:a8:af:cd:f1:90:91:28:1c:d7:e0:4a:23:43:
60:05:43:16:f5:99:83:da:c1:97:e6:ad:44:85:64:28:a4:ab:
e7:ab:94:c8:37:4c:b1:c5:5e:e1:cb:28:0d:f7:11:16:32:d4:
35:d3:2f:6c:fb:4b:e5:7c:6e:76:f8:24:14:31:63:1a:f3:8d:
55:55:7d:75:32:32:a3:b2:cb:b4:01:37:bb:1f:53:9f:a7:c0:
10:2a:5d:64:28:e6:1c:62:19:83:9d:b9:d6:48:89:1e:7f:74:
27:3c:ed:60:5c:8b:f3:6e:2e:5c:7b:38:a1:21:63:42:c3:69:
d3:5d:45:fa:05:7c:03:cc:7a:7b:f6:28:fc:88:05:e1:ea:0d:
64:7f:81:99:22:62:46:3e:57:18:62:2d:c5:9b:93:93:5c:86:
20:e2:43:90:fe:71:a6:57:9b:36:03:17:1b:dc:65:5b:f3:85:
ea:ce:bb:61
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZT5cLzsGfM3ED61BXmo61C3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NWI3M2RmN2U2ZmUxMTAwZjFkMTNhMDdjMThkNTlhZjIy
ODQyOGMwHhcNMjUwMjEyMDkxNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQzNWQ5ZDc0ZjNjODg3YjdmNTRmYzFlYWIzZWQzNWQ1NmY3ZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6JNCGGU9ofLXobHljpsB9QrMsv9
UQfxMbamrcRcjXisSMus1vex/4OTu9CGRcKtbA3ZdDDeMV75NnTlEyJQqMGrUPW3
yDBQCxILxUnKsIOIK9WGiWR9UPGNrGOe9OFzCLyejvNSTBkdpRQ1hWh6zUppav2+
VIKdA6XWX3oAqpID7jG52YZuO/kIRznBZF8alt6+whytBA6zgmqlMUzGFJCT5ijm
+x+Wo0f2slLXjZu5DdBT1aa/HY8CNNH2tS/eR28BJKiel28uso8wTcuuFYS7Pjh8
McnSNfullMS/laTKfOFiywz8buaTchjisYEWPERqLSyIlIIrstbxXpk0WQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFItDXZ1088iHt/VPweqz7TXVb3/SMB8GA1UdIwQY
MBaAFJRbc99+b+EQDx0ToHwY1ZryKEKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQt
NmU0NTI0MjVhMTkzLzEvaTBOZG5YVHp5SWUzOVVfQjZyUHROZFZ2ZjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQtNmU0NTI0MjVhMTkz
LzEvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DB0BAIAATBuAwQCVdmg
AwQCVdmsAwQCVdm4AwQDWZGgAwQCW1x0AwQCW1yMAwQCW1yYAwQCW1zIAwQBW1zg
AwQAW1zjAwQDXCc4MAwDBASKfNADBAGKfNgDBAKXkcADBASfZPADBAK5ExwDBAK5
lggDBAXCtqAwcAQCAAIwajAOAwUAKgQMQQMFAyoEDEAwEgMHBCoHbMAAEAMHACoH
bMAAEgMHASoHbMAAIAMHASoHbMAAMAMHASoHbMAAQAMHACoHbMAAUAMHACoHbMAA
YAMHASoHbMAAcDAOAwUAKgdswQMFAioHbMAwDQYJKoZIhvcNAQELBQADggEBAGwF
H8Nj49njN6Wu7fdaJe5zMZXG4HnQH3yw/oly6a9APXkqv71jACV4s1CUvlBRoI52
+lO9YRTQGCEbe11K1CdEY93A7+GNiYkIS+7cqK/N8ZCRKBzX4EojQ2AFQxb1mYPa
wZfmrUSFZCikq+erlMg3TLHFXuHLKA33ERYy1DXTL2z7S+V8bnb4JBQxYxrzjVVV
fXUyMqOyy7QBN7sfU5+nwBAqXWQo5hxiGYOdudZIiR5/dCc87WBci/NuLlx7OKEh
Y0LDadNdRfoFfAPMenv2KPyIBeHqDWR/gZkiYkY+VxhiLcWbk5NchiDiQ5D+caZX
mzYDFxvcZVvzherOu2E=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:42:55 2025 by rpki-client