Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/EU9ZsDwPIxaLHVL5y2fLULjn-0c.roa
File: EU9ZsDwPIxaLHVL5y2fLULjn-0c.roa (raw, json)
Hash identifier: U0UqvcxKAYHJN3ArRtrSrckUKlQG/i+qbQaYrsDFCYE=
Subject key identifier: 11:4F:59:B0:3C:0F:23:16:8B:1D:52:F9:CB:67:CB:50:B8:E7:FB:47
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01956A3CBB10F0B674BE0ECA51BC4A2E6218
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/EU9ZsDwPIxaLHVL5y2fLULjn-0c.roa
Signing time: Thu 06 Mar 2025 06:55:19 +0000
ROA not before: Thu 06 Mar 2025 06:55:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
2.59.111.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
45.92.132.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
89.40.84.0/22 maxlen: 24
89.44.36.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.83.132.0/22 maxlen: 24
185.85.255.0/24 maxlen: 24
185.102.204.0/22 maxlen: 24
185.103.148.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.223.216.0/22 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
185.243.136.0/22 maxlen: 24
193.108.206.0/23 maxlen: 24
193.108.230.0/23 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 26 Mar 2025 15:19:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:3c:bb:10:f0:b6:74:be:0e:ca:51:bc:4a:2e:62:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Mar 6 06:55:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=114f59b03c0f23168b1d52f9cb67cb50b8e7fb47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ab:bb:92:48:bc:a0:e2:c1:2e:5d:30:79:61:
d6:ec:65:87:64:a7:78:5a:a4:a9:50:1b:a0:df:2d:
27:23:ab:fb:38:18:dc:f8:d7:4b:8e:57:ec:69:45:
18:e9:e0:e1:d5:5d:1a:d2:e1:6d:7e:2c:43:43:0b:
89:a5:95:a2:0c:eb:6d:94:54:ce:8b:42:ef:03:23:
f3:96:ea:a7:0f:e8:9e:ee:da:ea:74:22:59:33:63:
07:e9:38:7c:fc:91:b3:bf:e3:e2:4b:ca:f6:d0:0b:
65:be:ad:ee:72:cf:bb:38:b6:35:c1:6d:72:2b:37:
8f:b1:d1:a1:c8:36:87:70:96:f7:96:4b:dd:3e:03:
f8:fb:0e:26:95:35:7c:1e:d7:20:58:4d:a9:c2:e6:
1b:c9:f9:a5:15:eb:79:80:2b:bd:05:da:86:fd:a4:
16:01:14:cf:f6:f0:01:14:e4:36:af:f8:3c:58:3c:
d6:6a:55:0c:d7:ec:97:11:06:2a:c1:d0:53:76:e5:
8a:8b:b4:6f:d0:82:17:37:b3:59:e6:30:bf:14:c2:
46:69:cd:2e:53:61:e3:14:34:23:c4:62:eb:38:d4:
ca:1c:99:57:f5:e6:6b:f2:a8:43:63:71:71:dc:83:
50:03:77:8b:1b:c1:f6:e2:7d:a6:ca:3b:51:21:47:
65:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:4F:59:B0:3C:0F:23:16:8B:1D:52:F9:CB:67:CB:50:B8:E7:FB:47
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/EU9ZsDwPIxaLHVL5y2fLULjn-0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
45.92.132.0/22
46.28.160.0/21
89.40.84.0/22
89.44.36.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.85.255.0/24
185.102.204.0/22
185.103.148.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.223.216.0/22
185.228.124.0/22
185.239.160.0/22
185.243.136.0/22
193.108.206.0/23
193.108.230.0/23
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
b8:5d:4f:ce:3c:68:be:dd:b9:23:24:c6:2e:1b:6f:17:db:ac:
db:95:d1:69:3c:54:de:7d:7e:e8:bd:ae:f3:10:21:28:bd:17:
01:d3:ce:ee:f3:3b:85:99:8e:dc:f9:6c:88:29:d7:ce:d2:e7:
16:e2:fd:22:af:d7:2b:a8:5c:8c:f5:64:2e:50:54:34:00:bb:
4b:a3:86:6e:28:75:04:45:df:83:73:c2:48:b2:96:99:95:5e:
dc:b1:af:23:58:42:f2:89:16:0a:81:84:fd:f4:d6:b7:43:aa:
05:8c:c2:a3:49:ff:0c:da:45:f0:74:52:51:f6:ca:35:2d:ae:
d1:0d:98:77:98:2d:50:00:1b:2f:81:d8:d1:49:90:53:a5:04:
e6:6a:4e:6d:18:fc:a3:d4:d4:08:eb:ec:04:a2:09:95:2b:aa:
60:1d:05:0a:c3:50:46:e8:ff:ec:f9:45:51:77:ef:8e:d3:a7:
d4:7d:0e:5f:3e:6d:6f:09:0d:92:47:49:12:45:7d:0b:ac:f6:
92:7d:bb:ad:9d:6f:95:b1:a6:03:7b:9d:8c:54:6e:57:8d:6b:
01:f7:dd:3d:1e:0a:35:31:8b:7e:a3:04:f1:f2:31:53:0d:28:
45:68:7a:e2:d8:f5:a2:e8:3f:3a:9c:59:1e:88:2a:8d:38:d6:
6f:cf:47:bf
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAZVqPLsQ8LZ0vg7KUbxKLmIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMzA2MDY1NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTRmNTliMDNjMGYyMzE2OGIxZDUyZjljYjY3Y2I1MGI4ZTdmYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqu7kki8oOLBLl0weWHW7GWHZKd4
WqSpUBug3y0nI6v7OBjc+NdLjlfsaUUY6eDh1V0a0uFtfixDQwuJpZWiDOttlFTO
i0LvAyPzluqnD+ie7trqdCJZM2MH6Th8/JGzv+PiS8r20Atlvq3ucs+7OLY1wW1y
KzePsdGhyDaHcJb3lkvdPgP4+w4mlTV8HtcgWE2pwuYbyfmlFet5gCu9BdqG/aQW
ARTP9vABFOQ2r/g8WDzWalUM1+yXEQYqwdBTduWKi7Rv0IIXN7NZ5jC/FMJGac0u
U2HjFDQjxGLrONTKHJlX9eZr8qhDY3Fx3INQA3eLG8H24n2myjtRIUdl3wIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFBFPWbA8DyMWix1S+ctny1C45/tHMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvRVU5WnNEd1BJeGFMSFZMNXkyZkxVTGpuLTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCBxQQCAAEwgb4D
BAICO2wDBAMfGbADBAAletsDBAItXIQDBAMuHKADBAJZKFQDBAJZLCQDBAJb8pQD
BANt6xADBAWwOEADBAK5BCADBAK5BVQDBAK5CvgDBAK5RpgDBAK5U4QDBAC5Vf8D
BAK5ZswDBAK5Z5QDBAK5mRADBAK5sGgwDAMEALnN/QMEALnN/gMEArnf2AMEArnk
fAMEArnvoAMEArnziAMEAcFszgMEAcFs5jAMAwQBwfaaAwQBwfacAwQCwpxIMEUE
AgACMD8DBQAqAl3AAwUAKgJfwAMFACoDBEADBQMqBZsAAwUDKgWoAAMFAyoGPAAD
BQMqCerAAwUDKgoSgAMFAyoLDEAwDQYJKoZIhvcNAQELBQADggEBALhdT848aL7d
uSMkxi4bbxfbrNuV0Wk8VN59fui9rvMQISi9FwHTzu7zO4WZjtz5bIgp187S5xbi
/SKv1yuoXIz1ZC5QVDQAu0ujhm4odQRF34NzwkiylpmVXtyxryNYQvKJFgqBhP30
1rdDqgWMwqNJ/wzaRfB0UlH2yjUtrtENmHeYLVAAGy+B2NFJkFOlBOZqTm0Y/KPU
1Ajr7ASiCZUrqmAdBQrDUEbo/+z5RVF3747Tp9R9Dl8+bW8JDZJHSRJFfQus9pJ9
u62db5WxpgN7nYxUbleNawH33T0eCjUxi36jBPHyMVMNKEVoeuLY9aLoPzqcWR6I
Ko041m/PR78=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:28:33 2025 by rpki-client