Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2icIiOLQ_KHbfVAz2uSZlxmZBvI.roa
File: 2icIiOLQ_KHbfVAz2uSZlxmZBvI.roa (raw, json)
Hash identifier: gLkwYVOF7ktlXeTo7SWUiqtsc5OkQGrR2fBd2xZQMOI=
Subject key identifier: DA:27:08:88:E2:D0:FC:A1:DB:7D:50:33:DA:E4:99:97:19:99:06:F2
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0196F1A824679CEA37C0FB94620CC6D7C815
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2icIiOLQ_KHbfVAz2uSZlxmZBvI.roa
Signing time: Wed 21 May 2025 07:04:10 +0000
ROA not before: Wed 21 May 2025 07:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.187.33.0/24 maxlen: 24
37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.136.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:41::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 May 2025 10:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:a8:24:67:9c:ea:37:c0:fb:94:62:0c:c6:d7:c8:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: May 21 07:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da270888e2d0fca1db7d5033dae49997199906f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:69:c7:e7:64:16:92:45:bf:fc:d7:c7:41:
f1:0a:ec:c8:47:fc:d0:46:08:02:25:16:68:8e:08:
32:43:10:3e:03:05:fb:07:e2:fd:84:06:10:11:43:
3a:2c:ac:ff:ec:88:e2:8f:78:0d:14:0a:be:ff:69:
93:5f:d3:4c:93:3b:33:ae:c6:8b:f7:25:28:58:9c:
3e:a2:0b:d7:2e:04:e2:78:1c:1d:1f:6e:ef:f6:8c:
81:e2:f7:c7:67:4c:36:fc:7c:ee:7c:8b:d2:85:77:
a9:d9:f3:d5:05:e2:20:56:f3:25:50:fd:d9:bc:bd:
a3:cd:65:f8:4d:24:56:50:a5:c2:fe:bd:85:33:4a:
0c:87:5f:97:2e:37:ff:30:73:34:88:ba:c4:cf:d7:
13:87:85:16:30:01:70:40:26:1a:16:63:74:5a:9c:
6f:a6:fb:a9:c3:58:1c:9e:51:0c:16:3e:9c:92:bd:
1b:a5:da:a3:a8:0b:7f:05:0c:e8:b8:11:ad:49:8a:
e6:c3:6d:96:a3:2e:d6:41:94:96:1c:40:58:c2:4d:
0e:78:3d:e2:7c:84:9c:71:07:c7:32:ff:89:9a:f0:
3d:4b:79:ef:e7:2b:1d:bc:4d:38:73:16:87:59:ce:
33:90:82:b0:7a:26:4e:cc:83:c5:54:a1:1a:64:ef:
aa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:27:08:88:E2:D0:FC:A1:DB:7D:50:33:DA:E4:99:97:19:99:06:F2
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2icIiOLQ_KHbfVAz2uSZlxmZBvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.33.0/24
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.172.134.0-83.172.136.255
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.232.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.4.0/24
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.122.187.0/24
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/47
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:358::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
11:e8:82:d8:91:65:50:1c:d2:9a:a7:8b:08:26:4f:7d:ba:92:
8b:01:a8:10:53:52:64:22:9d:7f:b3:81:4d:b8:40:1a:58:ce:
d6:2b:63:53:82:f6:80:eb:1b:7c:ce:c1:57:5d:48:a1:ef:61:
92:ff:fa:70:85:cb:46:67:c9:5c:39:6f:1d:ab:44:c7:f8:03:
91:02:8a:33:65:a9:1b:ca:b4:62:1d:71:61:b5:74:4a:58:c1:
f0:ba:1b:73:90:63:0f:87:6b:99:d7:f6:35:7a:df:b3:41:a1:
e1:d8:e9:d0:c0:e3:9f:ba:a4:0c:13:ea:4d:66:b8:ec:c2:bc:
f1:88:6a:54:e7:c1:ae:ab:3e:eb:82:00:8f:26:59:d3:dd:e1:
fa:b0:f5:c4:14:c7:84:fe:85:7c:eb:3a:36:76:4e:b1:06:6e:
d7:9e:80:a8:58:ed:77:25:77:30:5a:9d:ff:ac:dc:06:59:49:
c5:69:c1:00:fc:c3:cd:62:87:1f:82:17:de:d2:6c:98:69:27:
ba:44:22:87:62:5f:f0:d4:26:e8:82:0a:2e:ac:73:07:c9:ca:
79:1a:6e:ea:79:df:15:ec:f7:dd:93:58:ce:5a:29:d9:bc:3c:
b4:19:47:aa:b7:b0:a7:02:17:19:13:c2:83:10:1f:4f:b7:38:
82:6d:74:d4
-----BEGIN CERTIFICATE-----
MIIGljCCBX6gAwIBAgISAZbxqCRnnOo3wPuUYgzG18gVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNTIxMDcwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTI3MDg4OGUyZDBmY2ExZGI3ZDUwMzNkYWU0OTk5NzE5OTkwNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL5px+dkFpJFv/zXx0HxCuzIR/zQ
RggCJRZojggyQxA+AwX7B+L9hAYQEUM6LKz/7Ijij3gNFAq+/2mTX9NMkzszrsaL
9yUoWJw+ogvXLgTieBwdH27v9oyB4vfHZ0w2/HzufIvShXep2fPVBeIgVvMlUP3Z
vL2jzWX4TSRWUKXC/r2FM0oMh1+XLjf/MHM0iLrEz9cTh4UWMAFwQCYaFmN0Wpxv
pvupw1gcnlEMFj6ckr0bpdqjqAt/BQzouBGtSYrmw22Woy7WQZSWHEBYwk0OeD3i
fISccQfHMv+JmvA9S3nv5ysdvE04cxaHWc4zkIKweiZOzIPFVKEaZO+qsQIDAQAB
o4IDojCCA54wHQYDVR0OBBYEFNonCIji0Pyh231QM9rkmZcZmQbyMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvMmljSWlPTFFfS0hiZlZBejJ1U1pseG1aQnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtgYIKwYBBQUHAQcBAf8EggGlMIIBoTCCAQoEAgABMIIB
AgMEAAW7IQMEACXrMAMEACXrMwMEAC2ZfwMEAC63uzAMAwQBU6yGAwQAU6yIAwQB
U/N4AwQBWR94AwQAWR97MAwDBANZLugDBABZLuwDBAFbhFwDBABbhF8DBABc80AD
BABfnMwDBABfnM8DBAFnOfgDBABnOfsDBACG/9MwDAMEAJWanQMEBZWagAMEAJfs
BDAMAwQAl+wPAwQAl+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9AwDAMEAJ7/
1QMEA57/0AMEALB+YwMEALka7AMEAbka7gMEAblMTgMEALl6uwMEALnBMAMEALnD
QAMEALnDQgMEALzWIAMEANW3NzCBkAQCAAIwgYkDBwEqAw+AADIDBwAqAw+AADkD
BwEqAw+AAEADBwEqAw+AAEQwEgMHACoDD4AARwMHASoDD4AASAMHACoDD4AAYQMH
ACoDD4AAZQMHACoDD4AAgQMHACoDD4ADWAMHACoDD4ADgQMHACoDD4AIUgMHACoD
D4AJcQMHACoDD4BEFgMHACoDD4DtUTANBgkqhkiG9w0BAQsFAAOCAQEAEeiC2JFl
UBzSmqeLCCZPfbqSiwGoEFNSZCKdf7OBTbhAGljO1itjU4L2gOsbfM7BV11Ioe9h
kv/6cIXLRmfJXDlvHatEx/gDkQKKM2WpG8q0Yh1xYbV0SljB8Lobc5BjD4drmdf2
NXrfs0Gh4djp0MDjn7qkDBPqTWa47MK88YhqVOfBrqs+64IAjyZZ093h+rD1xBTH
hP6FfOs6NnZOsQZu156AqFjtdyV3MFqd/6zcBllJxWnBAPzDzWKHH4IX3tJsmGkn
ukQih2Jf8NQm6IIKLqxzB8nKeRpu6nnfFez33ZNYzlop2bw8tBlHqrewpwIXGRPC
gxAfT7c4gm101A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:59:15 2025 by rpki-client