Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1ivGp7ZTe_WJHvpJWRSBYZJtPTU.roa
File: 1ivGp7ZTe_WJHvpJWRSBYZJtPTU.roa (raw, json)
Hash identifier: 8hUwx2J2aTyoVrBsBJYruI95DDhQTOqqh8I6oZ2c7RU=
Subject key identifier: D6:2B:C6:A7:B6:53:7B:F5:89:1E:FA:49:59:14:81:61:92:6D:3D:35
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01944EF5CCBD9C71241EDBD4C87EF9A17E73
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1ivGp7ZTe_WJHvpJWRSBYZJtPTU.roa
Signing time: Fri 10 Jan 2025 06:45:19 +0000
ROA not before: Fri 10 Jan 2025 06:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Mar 2025 02:54:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4e:f5:cc:bd:9c:71:24:1e:db:d4:c8:7e:f9:a1:7e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 10 06:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d62bc6a7b6537bf5891efa4959148161926d3d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7a:52:3b:7b:ed:c2:de:ce:d1:b4:3a:9c:30:
a4:79:97:bd:b0:a6:3e:a7:f2:94:44:ec:12:e6:1b:
e5:22:d7:40:f7:05:c5:aa:7f:29:16:a8:2c:dc:ab:
9a:1b:0d:11:b9:8b:b8:3c:56:36:9c:06:51:93:44:
12:da:13:fe:dc:88:31:8f:35:fa:31:06:89:d4:64:
84:c4:83:8d:1c:6c:d9:e9:15:6f:4c:75:45:57:2f:
a6:2e:5a:d2:08:20:7a:89:02:51:01:e6:d8:7f:99:
d4:af:47:2c:83:31:bb:c4:7c:5b:8e:76:fa:07:18:
eb:1e:4c:54:f8:ad:8d:2d:fc:ba:9c:67:f0:06:5b:
04:34:45:f5:93:c5:9b:2d:aa:e0:24:67:30:4d:9b:
af:6b:d6:2a:41:59:f7:49:78:d9:dc:1a:29:51:20:
22:1d:07:76:56:81:6f:99:10:ee:9a:d0:bc:5a:43:
9f:c7:cc:06:83:5e:10:65:f3:bd:bc:45:1d:1b:f2:
63:26:d6:d1:6f:d4:22:63:88:e0:8a:59:67:93:0c:
29:a9:1b:ba:86:df:6c:f0:28:65:44:5c:27:52:12:
0a:70:35:97:53:4a:c0:26:d1:42:fb:72:a9:04:24:
f9:0f:49:36:86:df:7b:c0:a5:f5:d2:ad:fb:a7:66:
2f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:2B:C6:A7:B6:53:7B:F5:89:1E:FA:49:59:14:81:61:92:6D:3D:35
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1ivGp7ZTe_WJHvpJWRSBYZJtPTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.119.0/24
163.171.126.0/24
163.171.153.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.230.0/23
163.171.234.0/24
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
72:53:57:d2:4a:a4:58:61:c8:71:d1:f2:ab:db:a7:b6:cd:15:
a5:30:ac:c7:7d:01:ae:84:d3:33:39:27:49:ec:e3:8e:8a:0c:
4f:90:9c:e9:54:0b:6e:6c:a1:9a:36:91:3c:46:3d:46:fa:96:
c5:a7:16:5a:87:8f:5e:56:23:b7:27:ef:ad:f9:ec:79:52:b3:
0b:d5:51:f1:96:3c:70:b7:e9:84:a6:81:f5:ac:6e:dd:83:1b:
f6:2f:8d:30:ad:83:f0:20:4c:82:fd:2c:51:2a:42:ea:4d:7a:
af:7a:17:f3:c8:96:e5:f8:d6:21:41:11:12:7a:8b:a3:fd:c9:
03:6d:7f:50:9a:a5:11:5c:2f:a6:bb:fa:a6:76:a9:7c:ef:a4:
44:e3:5b:63:31:e1:c0:e5:64:9a:0d:85:3a:66:dc:05:dc:33:
eb:26:e3:c5:2c:87:90:44:a6:1f:e7:9c:7c:92:86:a3:02:db:
0e:76:8b:1b:94:c6:ab:2a:61:00:03:1e:94:5b:33:f6:97:78:
65:25:f2:a7:fa:88:a7:f8:e3:73:3d:70:0c:27:03:eb:ec:37:
aa:d4:46:8b:e2:08:7c:99:89:64:42:fb:44:39:19:3c:c8:c9:
be:9c:8b:d1:2d:b5:d6:ad:aa:6c:44:f7:b6:8c:25:92:45:87:
91:7e:58:36
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgISAZRO9cy9nHEkHtvUyH75oX5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwMTEwMDY0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjJiYzZhN2I2NTM3YmY1ODkxZWZhNDk1OTE0ODE2MTkyNmQzZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXpSO3vtwt7O0bQ6nDCkeZe9sKY+
p/KUROwS5hvlItdA9wXFqn8pFqgs3KuaGw0RuYu4PFY2nAZRk0QS2hP+3IgxjzX6
MQaJ1GSExIONHGzZ6RVvTHVFVy+mLlrSCCB6iQJRAebYf5nUr0csgzG7xHxbjnb6
BxjrHkxU+K2NLfy6nGfwBlsENEX1k8WbLargJGcwTZuva9YqQVn3SXjZ3BopUSAi
HQd2VoFvmRDumtC8WkOfx8wGg14QZfO9vEUdG/JjJtbRb9QiY4jgillnkwwpqRu6
ht9s8ChlRFwnUhIKcDWXU0rAJtFC+3KpBCT5D0k2ht97wKX10q37p2YvdQIDAQAB
o4IDRDCCA0AwHQYDVR0OBBYEFNYrxqe2U3v1iR76SVkUgWGSbT01MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvMWl2R3A3WlRlX1dKSHZwSldSU0JZWkp0UFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWAYIKwYBBQUHAQcBAf8EggFHMIIBQzCCAS4EAgABMIIB
JgMEAFvCzQMEAFvKyAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQAlP0qAwQA
lP0sAwQAlP0vAwQClP08AwQBlP3kMAwDBACU/ecDBAKU/egDBACU/e0DBACU/e8D
BACU/fYDBACU/fgwDAMEApf5XAMEAJf5XgMEAKOrQAMEAKOrQwMEAaOrRgMEAaOr
VAMEAKOrVzAMAwQAo6tdAwQAo6teMAwDBAWjq2ADBACjq2IwDAMEAKOrZQMEAKOr
aAMEAKOrdwMEAKOrfgMEAKOrmQMEAKOrpgMEAaOrsAMEAKOrtgMEAKOrvAMEAKOr
xgMEAKOrzwMEAKOr3gMEAaOr4AMEAaOr5gMEAKOr6gMEAKOr+QMEAKOr/AMEALkb
5gMEAMJrEzAPBAIAAjAJAwcAKgFTwP/GMA0GCSqGSIb3DQEBCwUAA4IBAQByU1fS
SqRYYchx0fKr26e2zRWlMKzHfQGuhNMzOSdJ7OOOigxPkJzpVAtubKGaNpE8Rj1G
+pbFpxZah49eViO3J++t+ex5UrML1VHxljxwt+mEpoH1rG7dgxv2L40wrYPwIEyC
/SxRKkLqTXqvehfzyJbl+NYhQRESeouj/ckDbX9QmqURXC+mu/qmdql876RE41tj
MeHA5WSaDYU6ZtwF3DPrJuPFLIeQRKYf55x8koajAtsOdosblMarKmEAAx6UWzP2
l3hlJfKn+oin+ONzPXAMJwPr7Deq1EaL4gh8mYlkQvtEORk8yMm+nIvRLbXWraps
RPe2jCWSRYeRflg2
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:56:09 2025 by rpki-client