Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/kdLF4nrfTGdCLe5l0Vq60jREaF8.roa
File: kdLF4nrfTGdCLe5l0Vq60jREaF8.roa (raw, json)
Hash identifier: smnjqnr3K1TTb9vfFBNsAx0LAwUSVbrbi+G/IvO10Ks=
Subject key identifier: 91:D2:C5:E2:7A:DF:4C:67:42:2D:EE:65:D1:5A:BA:D2:34:44:68:5F
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01970CADA09E292DD4397AF9308D1F4D8DD5
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/kdLF4nrfTGdCLe5l0Vq60jREaF8.roa
Signing time: Mon 26 May 2025 12:59:54 +0000
ROA not before: Mon 26 May 2025 12:59:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.187.33.0/24 maxlen: 24
37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.136.0/24 maxlen: 24
83.172.138.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.172.159.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:41::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 30 May 2025 08:10:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:ad:a0:9e:29:2d:d4:39:7a:f9:30:8d:1f:4d:8d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: May 26 12:59:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91d2c5e27adf4c67422dee65d15abad23444685f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:73:b1:a8:cc:36:75:4c:91:e2:69:4d:74:76:
68:50:3f:a8:5c:9b:09:5d:57:32:d4:54:76:f3:54:
63:60:94:3f:e5:58:c0:65:ee:02:ee:12:e7:84:bd:
13:69:0d:92:ef:08:07:70:95:a4:c8:10:3d:38:cf:
c9:a1:94:cc:17:97:ba:81:e0:0b:a0:b7:ed:c2:e4:
43:f1:86:9e:78:03:33:4f:fb:3f:d3:76:82:27:48:
ca:c9:51:d4:82:61:9c:5d:95:68:87:5a:47:44:be:
e3:f5:9d:26:86:55:f9:c7:1f:6c:a1:ab:6f:bb:13:
61:00:ef:44:1c:1c:cf:ca:98:5c:f2:be:c0:6e:8b:
c3:3b:a4:e2:2a:d3:8d:8c:bb:13:fd:ba:6d:24:8c:
cb:db:ad:2e:d2:a7:01:bf:23:dc:cf:cd:51:6d:38:
0f:cf:71:50:d0:59:69:4e:6c:b3:e7:18:61:f4:7c:
3c:a6:8d:2a:7d:d5:d2:ae:26:93:ef:98:fe:f7:33:
14:5c:2f:a6:df:f4:92:eb:54:91:af:12:e3:92:16:
ba:f7:33:32:9a:57:87:45:34:20:07:96:15:f5:14:
a4:24:d8:53:3e:ce:64:ab:75:5e:c5:8e:92:a9:77:
c5:54:d8:27:1e:99:13:0b:20:aa:48:6f:f7:5d:60:
13:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D2:C5:E2:7A:DF:4C:67:42:2D:EE:65:D1:5A:BA:D2:34:44:68:5F
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/kdLF4nrfTGdCLe5l0Vq60jREaF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.33.0/24
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.172.134.0-83.172.136.255
83.172.138.0/24
83.172.150.0/24
83.172.159.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.232.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.4.0/24
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.122.187.0/24
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/47
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:358::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
5b:40:75:cb:6b:57:d9:f1:6d:02:be:62:b3:ec:b8:05:7c:06:
f4:6b:cc:90:3d:f7:b8:fc:52:e6:6f:14:88:52:7d:6a:b5:60:
65:ed:65:65:9c:aa:6c:36:f2:c8:1f:ee:cd:39:46:e3:2e:5a:
f2:43:a9:2f:6c:6a:40:fd:28:9c:45:14:be:5d:42:76:92:e5:
2c:1e:3b:9e:aa:fb:2a:2b:61:99:1b:25:53:fb:3f:40:b7:29:
01:d0:2c:4b:41:74:70:c3:81:0d:25:bd:10:5e:05:2c:5b:07:
0f:ba:dd:47:1a:ae:fa:1a:aa:9d:e6:b0:ce:57:ef:af:9f:a7:
1d:b8:ab:cc:32:46:f5:68:9d:aa:d6:35:76:95:d9:88:13:e4:
e1:66:00:53:2c:04:39:c5:ff:e8:a2:05:8f:df:c0:7e:fd:4e:
74:85:9c:12:fb:bf:0a:ba:95:59:56:6a:fb:59:98:fa:5b:c4:
11:ef:53:06:9b:b7:0d:ad:63:13:98:36:75:47:31:77:bf:9b:
58:0c:ce:33:8b:cc:7e:d0:87:a1:59:ba:ec:78:8f:d7:85:1a:
67:9a:2a:b7:55:60:11:fa:f3:6e:d6:99:81:7c:a7:e8:39:b1:
bb:be:03:66:9c:eb:be:c5:ae:9f:54:22:7d:ee:32:89:1e:37:
77:34:0f:b6
-----BEGIN CERTIFICATE-----
MIIGqDCCBZCgAwIBAgISAZcMraCeKS3UOXr5MI0fTY3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNTI2MTI1OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQyYzVlMjdhZGY0YzY3NDIyZGVlNjVkMTVhYmFkMjM0NDQ2ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHOxqMw2dUyR4mlNdHZoUD+oXJsJ
XVcy1FR281RjYJQ/5VjAZe4C7hLnhL0TaQ2S7wgHcJWkyBA9OM/JoZTMF5e6geAL
oLftwuRD8YaeeAMzT/s/03aCJ0jKyVHUgmGcXZVoh1pHRL7j9Z0mhlX5xx9soatv
uxNhAO9EHBzPyphc8r7AbovDO6TiKtONjLsT/bptJIzL260u0qcBvyPcz81RbTgP
z3FQ0FlpTmyz5xhh9Hw8po0qfdXSriaT75j+9zMUXC+m3/SS61SRrxLjkha69zMy
mleHRTQgB5YV9RSkJNhTPs5kq3VexY6SqXfFVNgnHpkTCyCqSG/3XWATTwIDAQAB
o4IDtDCCA7AwHQYDVR0OBBYEFJHSxeJ630xnQi3uZdFautI0RGhfMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEva2RMRjRucmZUR2RDTGU1bDBWcTYwalJFYUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIByAYIKwYBBQUHAQcBAf8EggG3MIIBszCCARwEAgABMIIB
FAMEAAW7IQMEACXrMAMEACXrMwMEAC2ZfwMEAC63uzAMAwQBU6yGAwQAU6yIAwQA
U6yKAwQAU6yWAwQAU6yfAwQBU/N4AwQBWR94AwQAWR97MAwDBANZLugDBABZLuwD
BAFbhFwDBABbhF8DBABc80ADBABfnMwDBABfnM8DBAFnOfgDBABnOfsDBACG/9Mw
DAMEAJWanQMEBZWagAMEAJfsBDAMAwQAl+wPAwQAl+wSMAwDBAKX7BQDBACX7BYD
BACX7BkDBACe/9AwDAMEAJ7/1QMEA57/0AMEALB+YwMEALka7AMEAbka7gMEAblM
TgMEALl6uwMEALnBMAMEALnDQAMEALnDQgMEALzWIAMEANW3NzCBkAQCAAIwgYkD
BwEqAw+AADIDBwAqAw+AADkDBwEqAw+AAEADBwEqAw+AAEQwEgMHACoDD4AARwMH
ASoDD4AASAMHACoDD4AAYQMHACoDD4AAZQMHACoDD4AAgQMHACoDD4ADWAMHACoD
D4ADgQMHACoDD4AIUgMHACoDD4AJcQMHACoDD4BEFgMHACoDD4DtUTANBgkqhkiG
9w0BAQsFAAOCAQEAW0B1y2tX2fFtAr5is+y4BXwG9GvMkD33uPxS5m8UiFJ9arVg
Ze1lZZyqbDbyyB/uzTlG4y5a8kOpL2xqQP0onEUUvl1CdpLlLB47nqr7KithmRsl
U/s/QLcpAdAsS0F0cMOBDSW9EF4FLFsHD7rdRxqu+hqqneawzlfvr5+nHbirzDJG
9WidqtY1dpXZiBPk4WYAUywEOcX/6KIFj9/Afv1OdIWcEvu/CrqVWVZq+1mY+lvE
Ee9TBpu3Da1jE5g2dUcxd7+bWAzOM4vMftCHoVm67HiP14UaZ5oqt1VgEfrzbtaZ
gXyn6Dmxu74DZpzrvsWun1Qife4yiR43dzQPtg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:36:15 2025 by rpki-client