Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QrVWNsaekbIwPEr--BIAhu8I-5Q.roa
File: QrVWNsaekbIwPEr--BIAhu8I-5Q.roa (raw, json)
Hash identifier: MFxlOf0d+lVkXsF5Vmc7Ud8CJBZ3PPe8LgrR7KKfMQQ=
Subject key identifier: 42:B5:56:36:C6:9E:91:B2:30:3C:4A:FE:F8:12:00:86:EF:08:FB:94
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0194F1AB450C3AE4079BF5131B8B44BF65DC
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QrVWNsaekbIwPEr--BIAhu8I-5Q.roa
Signing time: Mon 10 Feb 2025 21:02:00 +0000
ROA not before: Mon 10 Feb 2025 21:02:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.53.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 13 Feb 2025 09:33:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:ab:45:0c:3a:e4:07:9b:f5:13:1b:8b:44:bf:65:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Feb 10 21:02:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42b55636c69e91b2303c4afef8120086ef08fb94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:06:31:e9:27:d5:41:17:b4:1a:9f:c1:d1:d7:
65:56:54:f5:d4:c4:5b:49:00:e3:15:74:f7:62:d1:
5d:5e:76:51:43:a5:48:e9:01:75:71:dd:42:7f:f5:
39:98:93:5d:3c:65:fa:e5:af:14:92:ce:5c:96:03:
35:0e:97:b0:f6:7a:6d:d3:5b:50:8b:f0:27:bb:85:
9e:6b:e6:e0:4f:06:c9:9a:8b:3d:50:1c:7f:47:29:
33:63:45:33:a6:46:d0:66:11:60:86:7e:e3:4b:b3:
53:17:ce:c2:6e:5e:54:fe:77:44:d3:68:66:0d:2d:
13:20:92:cc:4f:10:2f:79:64:d7:63:d2:ad:38:50:
87:e6:c5:9b:f4:1f:07:b7:c0:ff:43:b0:a6:39:fd:
9e:f4:0c:59:8d:70:cd:ac:80:47:62:e8:e5:5a:d9:
43:42:09:24:e0:ca:1a:b2:ec:6e:b5:bf:25:80:d9:
15:28:30:d8:2a:e6:48:98:dd:50:af:20:fd:2b:2e:
bc:4e:7d:68:96:dc:04:e2:50:58:7e:5e:7a:4d:81:
b4:15:8e:0b:3a:e2:00:9a:e4:6e:cc:ee:21:66:8c:
2c:02:28:e4:36:f8:1e:c1:24:6e:7d:cc:26:7a:d9:
e8:b6:62:86:7f:a1:2a:9d:8e:50:de:e5:f9:ba:78:
7a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B5:56:36:C6:9E:91:B2:30:3C:4A:FE:F8:12:00:86:EF:08:FB:94
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QrVWNsaekbIwPEr--BIAhu8I-5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.48.0/22
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/23
185.254.236.0/22
193.35.152.0/24
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
73:56:5c:0c:87:e5:c0:4c:f5:c3:05:14:de:a6:28:55:4c:32:
67:8e:73:5b:f7:22:d0:4a:e8:fe:bd:dd:e1:6f:f2:b7:eb:db:
91:d3:8c:46:4f:be:d4:b9:20:21:25:f7:24:3c:15:40:3f:85:
d0:ed:5f:af:7e:7e:06:d2:c9:63:2b:3a:2a:9f:e5:b1:ca:57:
1b:21:5c:92:dd:4a:bc:8c:06:11:33:b7:5f:49:25:4e:0f:98:
8c:9e:c1:7a:3f:a7:ed:a9:04:34:67:02:74:a0:bf:9d:c5:f6:
04:ac:fa:53:fe:05:e7:e7:c6:ad:05:b8:a1:71:f5:47:90:07:
6a:95:b4:c4:06:19:0e:35:ae:17:70:b6:f0:ef:58:69:aa:88:
ad:d0:90:b5:86:74:c9:de:40:b2:7b:f0:19:06:4f:c1:7d:0e:
ef:7f:83:3e:e0:3b:7e:ed:3e:97:46:99:ae:19:60:1c:ee:28:
57:ef:ec:2f:dc:57:66:e0:02:48:fa:9e:e9:fb:d2:63:1a:a2:
e0:ec:1d:d2:1e:4b:10:cd:8a:3a:1c:70:1c:a4:77:ef:ad:92:
c3:4e:6c:31:d8:94:75:02:0a:45:a3:81:f1:d6:2e:03:e3:f1:
de:68:7c:a7:6a:e4:e9:49:fc:c5:a2:b0:4c:6f:74:01:c9:96:
c6:f9:56:40
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZTxq0UMOuQHm/UTG4tEv2XcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMjEwMjEwMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI1NTYzNmM2OWU5MWIyMzAzYzRhZmVmODEyMDA4NmVmMDhmYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgYx6SfVQRe0Gp/B0ddlVlT11MRb
SQDjFXT3YtFdXnZRQ6VI6QF1cd1Cf/U5mJNdPGX65a8Uks5clgM1Dpew9npt01tQ
i/Anu4Wea+bgTwbJmos9UBx/RykzY0UzpkbQZhFghn7jS7NTF87Cbl5U/ndE02hm
DS0TIJLMTxAveWTXY9KtOFCH5sWb9B8Ht8D/Q7CmOf2e9AxZjXDNrIBHYujlWtlD
Qgkk4Moasuxutb8lgNkVKDDYKuZImN1QryD9Ky68Tn1oltwE4lBYfl56TYG0FY4L
OuIAmuRuzO4hZowsAijkNvgewSRufcwmetnotmKGf6EqnY5Q3uX5unh6NQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFEK1VjbGnpGyMDxK/vgSAIbvCPuUMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvUXJWV05zYWVrYkl3UEVyLS1CSUFodThJLTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBuwQCAAEwgbQDBABb
wjcDBAFdvgwDBAJt7DADBAGgFGwDBAC5VbwDBAC5VgQDBAG5VgYDBAC5VgwDBAG5
Vg4DBAC5VpgDBAC5VpsDBAC5V3gDBAK5WKwwDAMEALliPQMEBrliADAMAwQAuY0h
AwQCuY0gAwQCubgYMAwDBAO5uegDBAC5ueoDBAK587QDBAK5+cgDBAC5+tIDBAG5
/hwDBAK5/uwDBADBI5gDBALBoIwDBALB32gDBALCPjQwIgQCAAIwHAMFAyoFvwAD
BQMqB+cAAwUDKgsngAMFAyoNScAwDQYJKoZIhvcNAQELBQADggEBAHNWXAyH5cBM
9cMFFN6mKFVMMmeOc1v3ItBK6P693eFv8rfr25HTjEZPvtS5ICEl9yQ8FUA/hdDt
X69+fgbSyWMrOiqf5bHKVxshXJLdSryMBhEzt19JJU4PmIyewXo/p+2pBDRnAnSg
v53F9gSs+lP+Befnxq0FuKFx9UeQB2qVtMQGGQ41rhdwtvDvWGmqiK3QkLWGdMne
QLJ78BkGT8F9Du9/gz7gO37tPpdGma4ZYBzuKFfv7C/cV2bgAkj6nun70mMaouDs
HdIeSxDNijoccBykd++tksNObDHYlHUCCkWjgfHWLgPj8d5ofKdq5OlJ/MWisExv
dAHJlsb5VkA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:07:41 2025 by rpki-client