Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ICfdREQArxoDji3PN0T8RtfUkOo.roa
File: ICfdREQArxoDji3PN0T8RtfUkOo.roa (raw, json)
Hash identifier: Ssg8WIaJkHQlNfCHifwj+c8QQL3/rRnClWgkk3zxEpg=
Subject key identifier: 20:27:DD:44:44:00:AF:1A:03:8E:2D:CF:37:44:FC:46:D7:D4:90:EA
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019436FD05A37E0BC1485BB4BE765372314A
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ICfdREQArxoDji3PN0T8RtfUkOo.roa
Signing time: Sun 05 Jan 2025 15:02:19 +0000
ROA not before: Sun 05 Jan 2025 15:02:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.53.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:25:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:36:fd:05:a3:7e:0b:c1:48:5b:b4:be:76:53:72:31:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 5 15:02:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2027dd444400af1a038e2dcf3744fc46d7d490ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:98:c2:5f:20:0b:b8:b3:fb:d3:dd:c2:32:
c1:a0:10:98:c4:48:fe:38:6a:cc:a9:c4:1c:f5:c8:
dc:d1:3f:b7:a0:c3:b1:2d:aa:e9:4f:94:04:86:20:
b6:97:c5:34:ea:a1:8c:69:12:38:9f:28:f8:19:4b:
f6:ac:87:31:13:93:9e:e0:1e:99:8d:f7:75:42:91:
83:59:67:c6:9d:a2:15:97:c6:78:5f:cf:fb:09:4c:
6b:a9:ce:14:a6:e1:9d:71:b9:4b:00:bb:25:7c:bd:
06:f4:c6:fc:78:47:a4:e9:30:77:c3:88:84:c3:40:
ee:fe:66:5d:0e:6b:e1:74:3e:ea:66:b1:24:d4:9c:
d9:c9:13:60:7d:e7:ea:fa:ac:0e:77:c6:8d:0a:3e:
60:18:89:5b:eb:28:28:30:15:4b:80:b7:1d:96:26:
5f:1a:20:1c:28:cb:f8:f5:47:09:70:e8:7d:31:2a:
6e:9f:72:cc:9f:43:4a:b0:1f:63:12:a9:c2:6c:3b:
d4:d2:4f:fa:9a:c3:7e:39:64:2d:0a:54:0d:bb:4e:
64:db:26:58:7d:9d:11:91:bc:27:ec:93:2b:a3:aa:
65:df:08:5e:8d:a9:95:9e:fc:b2:02:b1:a8:4b:15:
20:d9:3f:5d:92:de:77:5b:47:19:2a:d2:11:bb:63:
11:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:27:DD:44:44:00:AF:1A:03:8E:2D:CF:37:44:FC:46:D7:D4:90:EA
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ICfdREQArxoDji3PN0T8RtfUkOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.48.0/22
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/23
185.254.236.0/22
193.35.152.0/24
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
36:56:d4:9c:e7:79:2b:98:a4:4e:ad:6f:48:ec:4e:ee:87:b9:
f6:2a:71:97:6a:11:03:17:89:95:f9:af:71:92:56:8d:14:10:
f0:2c:6f:95:cb:b1:0f:a7:ef:3b:8c:11:6a:ff:44:78:ca:08:
ba:aa:b1:05:8a:82:65:3f:a9:21:bb:f8:d2:e0:c6:2b:d3:5a:
7a:2e:64:3a:a9:7b:35:71:b0:8e:c1:a3:75:5c:8a:87:7b:e4:
4c:9e:a9:b2:61:ec:d7:78:0c:e9:72:77:4f:c9:77:42:d6:b9:
57:3d:20:f6:56:02:9e:cc:f9:2f:94:65:b9:75:1c:4c:fd:5d:
f2:7e:1f:2f:66:38:93:40:41:30:e0:02:51:e1:4a:d9:02:f5:
4f:b3:12:a8:e7:ab:7c:8a:44:39:25:39:ff:c1:e6:d4:00:42:
6e:68:a3:d9:30:91:34:47:1a:6c:50:62:a2:f6:ac:ee:2b:0c:
43:c4:38:11:f0:03:51:a4:6d:4c:50:2d:1b:71:b0:7c:18:5d:
56:23:bb:9c:8d:70:0e:d0:71:d3:cc:d6:c0:3e:b4:39:a1:f3:
e5:19:5f:fd:ee:05:d9:34:cb:ff:87:cf:6e:7b:3f:d4:69:3b:
97:34:73:f1:a0:f4:54:09:15:0f:ee:6c:17:30:85:a0:15:f9:
c2:4f:20:10
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZQ2/QWjfgvBSFu0vnZTcjFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTA1MTUwMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDI3ZGQ0NDQ0MDBhZjFhMDM4ZTJkY2YzNzQ0ZmM0NmQ3ZDQ5MGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq86Ywl8gC7iz+9PdwjLBoBCYxEj+
OGrMqcQc9cjc0T+3oMOxLarpT5QEhiC2l8U06qGMaRI4nyj4GUv2rIcxE5Oe4B6Z
jfd1QpGDWWfGnaIVl8Z4X8/7CUxrqc4UpuGdcblLALslfL0G9Mb8eEek6TB3w4iE
w0Du/mZdDmvhdD7qZrEk1JzZyRNgfefq+qwOd8aNCj5gGIlb6ygoMBVLgLcdliZf
GiAcKMv49UcJcOh9MSpun3LMn0NKsB9jEqnCbDvU0k/6msN+OWQtClQNu05k2yZY
fZ0Rkbwn7JMro6pl3whejamVnvyyArGoSxUg2T9dkt53W0cZKtIRu2MRVQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFCAn3UREAK8aA44tzzdE/EbX1JDqMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvSUNmZFJFUUFyeG9EamkzUE4wVDhSdGZVa09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBuwQCAAEwgbQDBABb
wjcDBAFdvgwDBAJt7DADBAGgFGwDBAC5VbwDBAC5VgQDBAG5VgYDBAC5VgwDBAG5
Vg4DBAC5VpgDBAC5VpsDBAC5V3gDBAK5WKwwDAMEALliPQMEBrliADAMAwQAuY0h
AwQCuY0gAwQCubgYMAwDBAO5uegDBAC5ueoDBAK587QDBAK5+cgDBAC5+tIDBAG5
/hwDBAK5/uwDBADBI5gDBALBoIwDBALB32gDBALCPjQwIgQCAAIwHAMFAyoFvwAD
BQMqB+cAAwUDKgsngAMFAyoNScAwDQYJKoZIhvcNAQELBQADggEBADZW1JzneSuY
pE6tb0jsTu6HufYqcZdqEQMXiZX5r3GSVo0UEPAsb5XLsQ+n7zuMEWr/RHjKCLqq
sQWKgmU/qSG7+NLgxivTWnouZDqpezVxsI7Bo3Vciod75EyeqbJh7Nd4DOlyd0/J
d0LWuVc9IPZWAp7M+S+UZbl1HEz9XfJ+Hy9mOJNAQTDgAlHhStkC9U+zEqjnq3yK
RDklOf/B5tQAQm5oo9kwkTRHGmxQYqL2rO4rDEPEOBHwA1GkbUxQLRtxsHwYXVYj
u5yNcA7QcdPM1sA+tDmh8+UZX/3uBdk0y/+Hz257P9RpO5c0c/Gg9FQJFQ/ubBcw
haAV+cJPIBA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:16:40 2025 by rpki-client