Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/gFERoqpBZVAVKt7Qqs1zEKBXiMU.roa
File: gFERoqpBZVAVKt7Qqs1zEKBXiMU.roa (raw, json)
Hash identifier: /xdfAf3DhCM3/uFfcft3coSi7ky+m4umQwYp+sLsG0Y=
Subject key identifier: 80:51:11:A2:AA:41:65:50:15:2A:DE:D0:AA:CD:73:10:A0:57:88:C5
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 019492E23981DB7C87A260CE7E68F48AEF07
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/gFERoqpBZVAVKt7Qqs1zEKBXiMU.roa
Signing time: Thu 23 Jan 2025 11:18:06 +0000
ROA not before: Thu 23 Jan 2025 11:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
2.59.111.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
45.92.132.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
89.40.84.0/22 maxlen: 24
89.44.36.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.83.132.0/22 maxlen: 24
185.103.148.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.223.216.0/22 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
193.108.230.0/23 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 23 Jan 2025 16:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:e2:39:81:db:7c:87:a2:60:ce:7e:68:f4:8a:ef:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 23 11:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=805111a2aa416550152aded0aacd7310a05788c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:be:fc:8f:ab:4f:10:92:e6:5f:65:6e:e2:1e:
79:8d:3d:09:f5:86:20:52:55:3f:92:73:f6:5c:99:
13:6d:f3:67:ce:bf:54:d3:89:e9:3e:44:49:f9:0f:
d9:a3:88:20:2b:d7:ed:d4:39:ac:e0:e0:d2:4e:a0:
d9:d3:dc:d9:a5:27:80:8f:45:27:b9:f0:1e:c6:1b:
60:da:e6:59:c6:5f:f2:d9:44:a7:df:17:41:7d:7a:
05:72:3b:75:dc:f6:32:96:44:fb:d7:41:9e:d1:d1:
e3:6f:3d:2d:91:20:1e:e6:01:fb:42:14:23:4e:bb:
a2:a7:f3:bf:57:c6:fa:86:a5:58:cd:61:89:75:0e:
93:ef:8e:38:c7:ff:ad:73:dd:92:57:4a:3d:46:1d:
b9:f0:ea:24:7b:fd:ea:d8:f1:8b:a2:f9:dd:5f:11:
28:ce:0a:77:b3:fe:b1:97:c0:9a:8a:dd:d4:6c:b2:
4a:67:b3:1d:e8:29:fb:7d:0c:84:95:c4:c0:87:77:
8e:8e:78:a2:05:ee:b9:73:9b:1b:2a:72:f4:39:86:
7a:04:78:77:93:50:9b:25:56:08:29:c5:f3:50:8d:
fe:5e:95:bc:dc:f4:31:44:ea:1f:74:7f:b4:d8:db:
69:d7:81:6a:85:b8:81:a5:00:40:e4:7b:a5:b5:1e:
b1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:51:11:A2:AA:41:65:50:15:2A:DE:D0:AA:CD:73:10:A0:57:88:C5
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/gFERoqpBZVAVKt7Qqs1zEKBXiMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
45.92.132.0/22
46.28.160.0/21
89.40.84.0/22
89.44.36.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.103.148.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.223.216.0/22
185.228.124.0/22
185.239.160.0/22
193.108.230.0/23
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
43:30:a5:0c:5a:fe:04:e7:32:27:11:1a:58:35:a7:c5:8f:7a:
2d:85:08:03:fe:ff:d0:eb:0c:39:21:19:ae:75:2c:d3:40:93:
f7:55:b8:96:5a:ad:1d:ea:78:16:9a:e3:ed:ea:f4:90:52:fe:
06:78:4a:f6:fa:cd:ed:5c:bd:93:a1:ea:0b:22:5f:97:63:1a:
c6:4a:59:80:1a:14:56:ea:f4:90:90:30:d9:29:c8:ab:70:de:
d0:df:81:28:04:d4:79:44:38:20:a1:0f:7b:ff:81:f0:8f:e9:
dd:eb:1a:d6:b9:1a:64:96:16:ed:ea:18:6e:b8:cf:60:d4:0c:
a8:cd:18:c0:bd:ca:9a:8e:cf:b5:a4:a9:c6:cb:97:11:a8:f2:
c4:6f:28:ff:e7:5a:22:97:21:27:9b:00:53:46:8c:bc:c8:0f:
66:ad:44:a0:ca:27:f3:db:79:a2:6f:02:5c:9f:24:b4:15:ac:
50:08:ef:e3:cb:05:17:2c:4e:58:ec:9a:dc:84:ba:00:bd:9b:
dc:20:89:5d:d8:e4:ea:be:4d:de:92:24:7d:b0:43:65:fb:06:
02:a4:38:7a:83:da:65:74:c0:c3:2c:be:f7:51:74:46:22:ab:
d0:0a:33:72:3c:67:55:e0:e9:93:f7:26:cc:ea:ac:21:b7:e7:
71:9e:19:e5
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZSS4jmB23yHomDOfmj0iu8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMTIzMTExODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDUxMTFhMmFhNDE2NTUwMTUyYWRlZDBhYWNkNzMxMGEwNTc4OGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5r78j6tPEJLmX2Vu4h55jT0J9YYg
UlU/knP2XJkTbfNnzr9U04npPkRJ+Q/Zo4ggK9ft1Dms4ODSTqDZ09zZpSeAj0Un
ufAexhtg2uZZxl/y2USn3xdBfXoFcjt13PYylkT710Ge0dHjbz0tkSAe5gH7QhQj
Truip/O/V8b6hqVYzWGJdQ6T7444x/+tc92SV0o9Rh258Ooke/3q2PGLovndXxEo
zgp3s/6xl8Cait3UbLJKZ7Md6Cn7fQyElcTAh3eOjniiBe65c5sbKnL0OYZ6BHh3
k1CbJVYIKcXzUI3+XpW83PQxROofdH+02Ntp14FqhbiBpQBA5HultR6xEQIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFIBREaKqQWVQFSre0KrNcxCgV4jFMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvZ0ZFUm9xcEJaVkFWS3Q3UXFzMXpFS0JYaU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8Egfowgfcwga0EAgABMIGmAwQC
AjtsAwQDHxmwAwQAJXrbAwQCLVyEAwQDLhygAwQCWShUAwQCWSwkAwQCW/KUAwQD
besQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4AwQCuUaYAwQCuVOEAwQCuWeUAwQC
uZkQAwQCubBoMAwDBAC5zf0DBAC5zf4DBAK539gDBAK55HwDBAK576ADBAHBbOYw
DAMEAcH2mgMEAcH2nAMEAsKcSDBFBAIAAjA/AwUAKgJdwAMFACoCX8ADBQAqAwRA
AwUDKgWbAAMFAyoFqAADBQMqBjwAAwUDKgnqwAMFAyoKEoADBQMqCwxAMA0GCSqG
SIb3DQEBCwUAA4IBAQBDMKUMWv4E5zInERpYNafFj3othQgD/v/Q6ww5IRmudSzT
QJP3VbiWWq0d6ngWmuPt6vSQUv4GeEr2+s3tXL2ToeoLIl+XYxrGSlmAGhRW6vSQ
kDDZKcircN7Q34EoBNR5RDggoQ97/4Hwj+nd6xrWuRpklhbt6hhuuM9g1AyozRjA
vcqajs+1pKnGy5cRqPLEbyj/51oilyEnmwBTRoy8yA9mrUSgyifz23mibwJcnyS0
FaxQCO/jywUXLE5Y7JrchLoAvZvcIIld2OTqvk3ekiR9sENl+wYCpDh6g9pldMDD
LL73UXRGIqvQCjNyPGdV4OmT9ybM6qwht+dxnhnl
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:25:59 2025 by rpki-client