Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vdmM265bAU3h_Xfmt2Ptq0IgxJk.roa
File: vdmM265bAU3h_Xfmt2Ptq0IgxJk.roa (raw, json)
Hash identifier: 6J241Ju5a7qUt4RlBZ3LWKp5g1T4Yk9aBBNezPd5n0Y=
Subject key identifier: BD:D9:8C:DB:AE:5B:01:4D:E1:FD:77:E6:B7:63:ED:AB:42:20:C4:99
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01942747294F209402D54B8E7ECDD71ED4D8
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vdmM265bAU3h_Xfmt2Ptq0IgxJk.roa
Signing time: Thu 02 Jan 2025 13:49:22 +0000
ROA not before: Thu 02 Jan 2025 13:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.53.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 05 Jan 2025 15:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:29:4f:20:94:02:d5:4b:8e:7e:cd:d7:1e:d4:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd98cdbae5b014de1fd77e6b763edab4220c499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b0:0c:e9:b3:ba:94:6c:f6:21:a3:2b:31:dd:
58:9f:15:68:3c:60:96:f4:35:c9:1d:2e:62:0b:b9:
fa:15:be:d2:c1:9a:32:b1:8f:25:cc:9a:9f:d5:75:
b7:a6:ee:81:62:08:68:d7:df:c2:8b:a5:f7:79:87:
97:90:d7:41:7e:93:99:07:3c:50:57:97:d4:61:0c:
67:24:30:78:d9:45:89:05:5f:f9:4e:a6:7c:9e:99:
71:a7:62:db:be:b1:c5:d4:78:cf:4e:cc:fa:d3:4c:
8c:3c:8a:6d:55:a2:92:ae:f6:26:19:58:af:52:d7:
96:ac:ef:0a:59:c2:ae:83:25:a4:e8:88:fc:db:c7:
9b:7b:da:a2:9e:b6:d5:15:0f:39:6e:5d:bb:39:d3:
02:fb:04:a1:90:06:a5:03:49:63:a6:c2:4a:d8:f5:
43:f4:5c:7c:de:c1:24:0c:85:21:81:f7:58:47:6e:
5a:85:77:21:74:bf:fe:32:50:be:ef:34:8a:70:97:
4f:fe:cd:72:8b:12:96:12:bd:fc:ca:e7:34:14:b0:
11:04:c2:8f:e2:94:af:71:80:6f:8a:fe:ed:7e:ed:
f4:d6:22:ba:94:f2:33:3a:85:60:32:b4:24:da:8f:
7f:8f:ba:73:50:38:17:6a:86:6f:3d:7e:2c:2c:22:
10:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D9:8C:DB:AE:5B:01:4D:E1:FD:77:E6:B7:63:ED:AB:42:20:C4:99
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vdmM265bAU3h_Xfmt2Ptq0IgxJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.48.0/22
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/23
185.254.236.0/22
193.35.152.0/24
193.35.155.0/24
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:e3:6c:c7:ae:cf:7b:c8:a5:6e:04:6d:a0:71:6f:ab:d7:45:
71:d2:64:95:08:d0:fe:6c:e1:40:51:03:25:d3:2a:4d:ec:7b:
e4:a4:33:61:60:65:cd:3d:7b:6b:93:87:c7:a8:a3:d1:e3:62:
ff:1c:50:cd:50:79:b6:a8:24:b7:7a:4a:e6:dc:c5:05:28:8e:
4f:db:14:94:2f:d9:6f:30:f8:ff:39:d8:dc:6c:ba:57:0c:fe:
1e:ee:1c:a0:61:ee:50:6f:55:b3:f0:d1:3d:d8:86:58:59:7f:
45:2c:cc:8f:e2:3f:23:68:3e:c1:93:d0:03:d5:2c:9d:5c:a9:
10:8a:30:75:8e:70:74:5b:36:a6:a0:4d:96:ae:cb:49:8f:11:
68:d0:61:de:0c:b0:c9:6e:1d:51:8e:ef:f8:32:a1:e9:7c:59:
02:fd:b1:74:5b:5f:e6:6b:d1:af:c9:e6:c2:80:c8:ac:db:3e:
d5:e9:e9:1a:dd:60:b4:53:2b:a7:b1:28:96:ee:0c:bb:19:2e:
e7:e0:78:81:b4:8e:f9:77:1b:86:2d:06:a5:4f:ae:19:32:3d:
f2:ff:b3:20:c1:70:4c:ce:08:2a:4e:6d:cd:62:33:d7:dd:02:
74:c2:63:2d:f9:28:31:96:68:96:14:1f:c9:f8:d0:f6:e7:8e:
f2:6c:d8:0f
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZQnRylPIJQC1UuOfs3XHtTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ5OGNkYmFlNWIwMTRkZTFmZDc3ZTZiNzYzZWRhYjQyMjBjNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rAM6bO6lGz2IaMrMd1YnxVoPGCW
9DXJHS5iC7n6Fb7SwZoysY8lzJqf1XW3pu6BYgho19/Ci6X3eYeXkNdBfpOZBzxQ
V5fUYQxnJDB42UWJBV/5TqZ8nplxp2LbvrHF1HjPTsz600yMPIptVaKSrvYmGViv
UteWrO8KWcKugyWk6Ij828ebe9qinrbVFQ85bl27OdMC+wShkAalA0ljpsJK2PVD
9Fx83sEkDIUhgfdYR25ahXchdL/+MlC+7zSKcJdP/s1yixKWEr38yuc0FLARBMKP
4pSvcYBviv7tfu301iK6lPIzOoVgMrQk2o9/j7pzUDgXaoZvPX4sLCIQGwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFL3ZjNuuWwFN4f135rdj7atCIMSZMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvdmRtTTI2NWJBVTNoX1hmbXQyUHRxMElneEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCBwQQCAAEwgboDBABb
wjcDBAFdvgwDBAJt7DADBAGgFGwDBAC5VbwDBAC5VgQDBAG5VgYDBAC5VgwDBAG5
Vg4DBAC5VpgDBAC5VpsDBAC5V3gDBAK5WKwwDAMEALliPQMEBrliADAMAwQAuY0h
AwQCuY0gAwQCubgYMAwDBAO5uegDBAC5ueoDBAK587QDBAK5+cgDBAC5+tIDBAG5
/hwDBAK5/uwDBADBI5gDBADBI5sDBALBoIwDBALB32gDBALCPjQwIgQCAAIwHAMF
AyoFvwADBQMqB+cAAwUDKgsngAMFAyoNScAwDQYJKoZIhvcNAQELBQADggEBAArj
bMeuz3vIpW4EbaBxb6vXRXHSZJUI0P5s4UBRAyXTKk3se+SkM2FgZc09e2uTh8eo
o9HjYv8cUM1QebaoJLd6SubcxQUojk/bFJQv2W8w+P852NxsulcM/h7uHKBh7lBv
VbPw0T3YhlhZf0UszI/iPyNoPsGT0APVLJ1cqRCKMHWOcHRbNqagTZauy0mPEWjQ
Yd4MsMluHVGO7/gyoel8WQL9sXRbX+Zr0a/J5sKAyKzbPtXp6RrdYLRTK6exKJbu
DLsZLufgeIG0jvl3G4YtBqVPrhkyPfL/syDBcEzOCCpObc1iM9fdAnTCYy35KDGW
aJYUH8n40PbnjvJs2A8=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:47:56 2025 by rpki-client