Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/R0ZOWimr5RfQ-SvBP4wg81TdsWo.roa
File: R0ZOWimr5RfQ-SvBP4wg81TdsWo.roa (raw, json)
Hash identifier: CapjIrZ4eqFQAKNhYrC3HDZC3+yskyfoh6IhiFmM95U=
Subject key identifier: 47:46:4E:5A:29:AB:E5:17:D0:F9:2B:C1:3F:8C:20:F3:54:DD:B1:6A
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0194941400ED5E1881BA91081A616D2A89D0
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/R0ZOWimr5RfQ-SvBP4wg81TdsWo.roa
Signing time: Thu 23 Jan 2025 16:52:06 +0000
ROA not before: Thu 23 Jan 2025 16:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
2.59.111.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
45.92.132.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
89.40.84.0/22 maxlen: 24
89.44.36.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.83.132.0/22 maxlen: 24
185.103.148.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.223.216.0/22 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
185.243.136.0/22 maxlen: 24
193.108.230.0/23 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Jan 2025 22:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:94:14:00:ed:5e:18:81:ba:91:08:1a:61:6d:2a:89:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 23 16:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47464e5a29abe517d0f92bc13f8c20f354ddb16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:de:67:67:71:c3:53:bc:b9:d9:65:8a:1a:b0:
c5:48:5f:24:5c:05:5e:62:fc:0b:48:93:f4:c8:d4:
4a:d4:73:12:19:27:cf:6b:75:a8:e0:7a:24:93:95:
fb:7f:05:3d:6e:01:36:b1:72:52:82:d2:43:6e:39:
cc:ff:ca:07:67:71:3e:a1:43:7d:3f:3b:03:b1:84:
b1:84:5a:ae:09:58:3c:4b:3d:af:e9:10:7a:36:89:
87:2e:fa:fa:1f:f0:5b:da:2f:bb:5a:1e:e7:cb:2a:
04:2a:2b:a3:73:e0:0d:6f:d0:c8:60:68:b7:54:e5:
b0:82:b0:bc:b8:52:e4:1a:b7:5d:a6:42:70:76:75:
f9:b1:11:38:0e:b9:37:ae:37:4d:e3:27:8f:29:4b:
18:5d:ed:d1:8f:ae:f9:fa:4d:8d:b2:42:38:3a:e4:
a5:25:5a:2c:61:44:c5:0a:39:d4:22:c4:ad:16:88:
1d:bd:9a:44:ce:ce:f8:d2:33:b4:96:5c:b5:12:1e:
97:6e:b4:5d:75:e4:36:61:94:d1:2c:e3:7d:51:b9:
85:c7:fe:18:db:f4:d0:ea:46:6c:19:0d:e5:6f:10:
4a:55:da:3b:9a:89:bb:5f:8f:66:2f:a8:e5:53:7e:
eb:7d:08:6d:85:18:6e:a6:3c:3f:06:6f:ee:04:cf:
61:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:46:4E:5A:29:AB:E5:17:D0:F9:2B:C1:3F:8C:20:F3:54:DD:B1:6A
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/R0ZOWimr5RfQ-SvBP4wg81TdsWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
45.92.132.0/22
46.28.160.0/21
89.40.84.0/22
89.44.36.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.103.148.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.223.216.0/22
185.228.124.0/22
185.239.160.0/22
185.243.136.0/22
193.108.230.0/23
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
2c:d4:b1:a4:b2:6d:e1:0e:6a:b9:5f:4e:51:58:84:b3:a3:23:
cf:f1:a7:10:9e:51:1d:62:43:81:ed:07:7c:03:29:db:0f:c1:
42:01:74:f8:3b:82:81:d1:f3:d2:5a:d1:43:d0:fd:d9:ee:15:
25:57:02:19:19:da:88:2a:96:7e:c8:e4:9d:43:68:db:1b:5e:
5f:4c:92:be:df:b1:d5:f1:84:ce:f3:ae:61:86:24:b2:2b:01:
b2:20:f7:1c:eb:23:0e:96:5c:e5:64:a6:c0:39:4d:4d:f4:ca:
e7:9d:0a:be:93:80:80:c4:22:46:9b:e3:02:dc:46:9f:5c:32:
d5:3e:fe:96:ec:5f:50:36:78:c3:7a:9c:1b:bd:a0:11:ea:ab:
73:b9:c0:b4:09:53:91:5b:25:7f:b1:d4:f2:ba:72:d0:62:8c:
d8:0c:44:3e:04:41:21:22:fd:bd:4f:25:86:fb:84:0e:75:4c:
23:ad:cb:e5:3a:5d:77:fa:29:4b:63:2d:6e:d2:f0:d3:e9:92:
01:af:de:fe:30:4a:60:f8:a2:51:49:48:91:d9:30:80:7d:76:
a1:34:1d:08:aa:54:66:bc:97:30:54:39:ab:d2:bd:c8:be:8c:
8d:a5:68:ac:c5:dc:a6:0b:84:d0:30:54:9f:ac:9f:47:35:72:
fd:63:05:2c
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgISAZSUFADtXhiBupEIGmFtKonQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMTIzMTY1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQ2NGU1YTI5YWJlNTE3ZDBmOTJiYzEzZjhjMjBmMzU0ZGRiMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx95nZ3HDU7y52WWKGrDFSF8kXAVe
YvwLSJP0yNRK1HMSGSfPa3Wo4Hokk5X7fwU9bgE2sXJSgtJDbjnM/8oHZ3E+oUN9
PzsDsYSxhFquCVg8Sz2v6RB6NomHLvr6H/Bb2i+7Wh7nyyoEKiujc+ANb9DIYGi3
VOWwgrC8uFLkGrddpkJwdnX5sRE4Drk3rjdN4yePKUsYXe3Rj675+k2NskI4OuSl
JVosYUTFCjnUIsStFogdvZpEzs740jO0lly1Eh6XbrRddeQ2YZTRLON9UbmFx/4Y
2/TQ6kZsGQ3lbxBKVdo7mom7X49mL6jlU37rfQhthRhupjw/Bm/uBM9hnQIDAQAB
o4IC/TCCAvkwHQYDVR0OBBYEFEdGTlopq+UX0PkrwT+MIPNU3bFqMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvUjBaT1dpbXI1UmZRLVN2QlA0d2c4MVRkc1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEQYIKwYBBQUHAQcBAf8EggEAMIH9MIGzBAIAATCBrAME
AgI7bAMEAx8ZsAMEACV62wMEAi1chAMEAy4coAMEAlkoVAMEAlksJAMEAlvylAME
A23rEAMEBbA4QAMEArkEIAMEArkFVAMEArkK+AMEArlGmAMEArlThAMEArlnlAME
ArmZEAMEArmwaDAMAwQAuc39AwQAuc3+AwQCud/YAwQCueR8AwQCue+gAwQCufOI
AwQBwWzmMAwDBAHB9poDBAHB9pwDBALCnEgwRQQCAAIwPwMFACoCXcADBQAqAl/A
AwUAKgMEQAMFAyoFmwADBQMqBagAAwUDKgY8AAMFAyoJ6sADBQMqChKAAwUDKgsM
QDANBgkqhkiG9w0BAQsFAAOCAQEALNSxpLJt4Q5quV9OUViEs6Mjz/GnEJ5RHWJD
ge0HfAMp2w/BQgF0+DuCgdHz0lrRQ9D92e4VJVcCGRnaiCqWfsjknUNo2xteX0yS
vt+x1fGEzvOuYYYksisBsiD3HOsjDpZc5WSmwDlNTfTK550KvpOAgMQiRpvjAtxG
n1wy1T7+luxfUDZ4w3qcG72gEeqrc7nAtAlTkVslf7HU8rpy0GKM2AxEPgRBISL9
vU8lhvuEDnVMI63L5Tpdd/opS2MtbtLw0+mSAa/e/jBKYPiiUUlIkdkwgH12oTQd
CKpUZryXMFQ5q9K9yL6MjaVorMXcpguE0DBUn6yfRzVy/WMFLA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:34:51 2025 by rpki-client