Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3J7WT4uW7AnaDhBe7gJh4VklkVU.roa
File: 3J7WT4uW7AnaDhBe7gJh4VklkVU.roa (raw, json)
Hash identifier: tgcS5nXVBpbzlkwGMrGgJzbq7l3sf7soiLZz/n4qKYI=
Subject key identifier: DC:9E:D6:4F:8B:96:EC:09:DA:0E:10:5E:EE:02:61:E1:59:25:91:55
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019537D15EB4FFC85C0474788F0097555694
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3J7WT4uW7AnaDhBe7gJh4VklkVU.roa
Signing time: Mon 24 Feb 2025 11:57:02 +0000
ROA not before: Mon 24 Feb 2025 11:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 03 Mar 2025 15:38:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:d1:5e:b4:ff:c8:5c:04:74:78:8f:00:97:55:56:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Feb 24 11:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc9ed64f8b96ec09da0e105eee0261e159259155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7f:e2:bc:88:92:e8:4f:5f:54:31:bd:00:dc:
3b:5f:2c:5c:c2:96:17:88:4d:6c:7a:c3:08:b0:a4:
9f:a3:fc:87:ed:8d:19:b6:29:f6:25:a4:69:29:c7:
fb:82:29:c9:b6:6c:4c:5e:5a:2a:28:49:5e:62:59:
de:40:20:d0:2a:40:ac:10:67:72:d0:6a:11:c3:fe:
61:89:6a:df:6f:cb:90:9a:c0:36:cc:eb:96:01:7c:
71:c5:d8:8e:4c:d7:21:56:ec:14:6a:5f:29:e9:89:
d2:0f:4f:df:5c:cb:04:35:93:3b:af:36:85:14:1b:
d9:c9:53:84:b6:30:82:49:d8:55:fb:99:10:60:fd:
1f:6f:fe:7a:0d:78:c8:d5:53:fc:18:fb:67:a9:99:
61:c2:73:56:44:94:ef:6c:6d:22:55:72:5a:e5:4a:
bc:bc:4b:f2:e4:19:ec:96:19:f5:64:2b:c3:f4:55:
b0:93:ff:98:51:f5:75:4c:7e:67:79:02:6e:07:58:
e8:f6:39:55:3d:38:c4:07:3c:49:18:85:72:0f:56:
3e:34:0f:92:a3:7f:75:58:8b:d2:07:1a:17:f8:7d:
66:26:c0:8b:e2:e4:71:77:b2:f1:d2:3e:61:96:d0:
5f:04:f7:66:37:8f:1e:90:ee:62:8f:e7:37:91:bf:
f9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9E:D6:4F:8B:96:EC:09:DA:0E:10:5E:EE:02:61:E1:59:25:91:55
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3J7WT4uW7AnaDhBe7gJh4VklkVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.49.0-109.236.51.255
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/23
185.254.236.0/22
193.35.152.0/24
193.160.140.0/22
193.223.104.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:fa:d3:22:95:12:71:a8:c4:b0:8e:55:f8:95:b7:55:da:bb:
91:54:88:4d:2a:32:83:7b:61:0d:20:e6:bf:a2:cf:19:f3:69:
f5:eb:02:ed:65:c6:a8:1e:c2:09:95:20:77:00:ce:fa:8a:fd:
32:69:2c:e8:11:b7:7f:25:7e:f5:37:7a:59:31:b0:7a:9b:ea:
ee:ea:dd:96:25:f0:e4:29:16:15:74:cb:78:77:86:0f:cf:6f:
57:af:a2:79:e4:81:d2:f7:68:71:bc:73:1f:8b:71:44:e2:6c:
30:26:0c:6a:00:c1:3c:b3:9b:3b:00:f3:84:30:df:1b:10:3b:
02:05:e1:a2:17:c4:8b:50:8f:b3:c5:e2:1a:82:82:18:57:4f:
9c:93:f4:d1:7c:77:f1:5b:41:29:da:8f:fb:5e:64:07:75:1f:
aa:82:5b:ec:3d:c2:c1:ae:9d:9e:51:46:a7:98:b2:92:04:60:
1d:b5:e8:5b:63:7d:4c:64:34:4d:a7:9d:14:4e:9e:77:3e:c8:
21:cd:85:9c:27:de:21:3a:05:ed:4a:94:72:93:a2:8e:a3:e4:
cd:2a:cc:3c:4a:d7:8c:0d:1d:5c:73:3b:83:96:69:29:40:bc:
70:6d:da:5b:b7:1a:8e:0a:21:67:a1:4b:14:a4:8f:f0:3b:48:
5b:bd:55:3d
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZU30V60/8hcBHR4jwCXVVaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMjI0MTE1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzllZDY0ZjhiOTZlYzA5ZGEwZTEwNWVlZTAyNjFlMTU5MjU5MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyX/ivIiS6E9fVDG9ANw7XyxcwpYX
iE1sesMIsKSfo/yH7Y0Ztin2JaRpKcf7ginJtmxMXloqKEleYlneQCDQKkCsEGdy
0GoRw/5hiWrfb8uQmsA2zOuWAXxxxdiOTNchVuwUal8p6YnSD0/fXMsENZM7rzaF
FBvZyVOEtjCCSdhV+5kQYP0fb/56DXjI1VP8GPtnqZlhwnNWRJTvbG0iVXJa5Uq8
vEvy5Bnslhn1ZCvD9FWwk/+YUfV1TH5neQJuB1jo9jlVPTjEBzxJGIVyD1Y+NA+S
o391WIvSBxoX+H1mJsCL4uRxd7Lx0j5hltBfBPdmN48ekO5ij+c3kb/5JwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFNye1k+LluwJ2g4QXu4CYeFZJZFVMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvM0o3V1Q0dVc3QW5hRGhCZTdnSmg0Vmtsa1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBvQQCAAEwgbYDBABb
wjcDBAFdvgwwDAMEAG3sMQMEAm3sMAMEAaAUbAMEALlVvAMEALlWBAMEAblWBgME
ALlWDAMEAblWDgMEALlWmAMEALlWmwMEALlXeAMEArlYrDAMAwQAuWI9AwQGuWIA
MAwDBAC5jSEDBAK5jSADBAK5uBgwDAMEA7m56AMEALm56gMEArnztAMEArn5yAME
ALn60gMEAbn+HAMEArn+7AMEAMEjmAMEAsGgjAMEAsHfaDAiBAIAAjAcAwUDKgW/
AAMFAyoH5wADBQMqCyeAAwUDKg1JwDANBgkqhkiG9w0BAQsFAAOCAQEADfrTIpUS
cajEsI5V+JW3Vdq7kVSITSoyg3thDSDmv6LPGfNp9esC7WXGqB7CCZUgdwDO+or9
Mmks6BG3fyV+9Td6WTGwepvq7urdliXw5CkWFXTLeHeGD89vV6+ieeSB0vdocbxz
H4txROJsMCYMagDBPLObOwDzhDDfGxA7AgXhohfEi1CPs8XiGoKCGFdPnJP00Xx3
8VtBKdqP+15kB3UfqoJb7D3Cwa6dnlFGp5iykgRgHbXoW2N9TGQ0TaedFE6edz7I
Ic2FnCfeIToF7UqUcpOijqPkzSrMPErXjA0dXHM7g5ZpKUC8cG3aW7cajgohZ6FL
FKSP8DtIW71VPQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:20:13 2025 by rpki-client