Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/4gQhf3XrRZo55hOZfgi3M4g2gOs.roa
File: 4gQhf3XrRZo55hOZfgi3M4g2gOs.roa (raw, json)
Hash identifier: r2G3hULhI9YqEX3UQdNbNDRIYRsSts8tghLpedQkZkY=
Subject key identifier: E2:04:21:7F:75:EB:45:9A:39:E6:13:99:7E:08:B7:33:88:36:80:EB
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0196ECE67DB896CC9DFF7015E33A8B9B4225
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/4gQhf3XrRZo55hOZfgi3M4g2gOs.roa
Signing time: Tue 20 May 2025 08:54:10 +0000
ROA not before: Tue 20 May 2025 08:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.132.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.244.0/24 maxlen: 24
148.253.245.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.143.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
2a01:53c0:ffe7::/48 maxlen: 48
2a01:53c0:fff2::/48 maxlen: 48
2a01:53c0:fff4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Jun 2025 01:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:e6:7d:b8:96:cc:9d:ff:70:15:e3:3a:8b:9b:42:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: May 20 08:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e204217f75eb459a39e613997e08b733883680eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:94:62:26:2c:e1:69:41:3c:e3:0e:fe:e4:64:
7a:7f:eb:4b:0f:c9:77:7a:94:9b:a9:ba:96:9b:85:
cc:a9:7d:cb:83:9e:38:b4:21:4f:2d:fc:e3:69:57:
bd:28:01:3b:7d:bb:1a:c3:b5:b4:56:5a:76:22:a8:
32:ec:aa:16:f3:8d:c2:9a:8d:5d:ea:9d:1a:12:7b:
6c:9a:82:b1:19:b6:15:b7:e2:d5:94:20:c0:25:cd:
f9:b7:fa:44:e4:16:5a:79:c7:59:01:b0:86:d4:43:
5b:c2:37:f1:7f:6d:ff:f2:85:03:5f:80:a8:48:c9:
f7:f5:ec:8f:1f:7d:27:8f:3b:c9:1d:25:3b:a1:e9:
ae:eb:21:4e:7c:c0:2c:b4:76:b3:23:1e:e0:ba:13:
0e:19:89:19:33:55:ff:d5:5f:09:b1:c2:41:00:e3:
02:b3:25:c8:e0:66:d4:6a:10:32:51:7d:52:2b:02:
b3:d3:d1:af:0f:79:dc:21:c1:54:f1:74:4c:b1:91:
d8:99:b9:30:eb:a5:1b:88:9b:15:6a:87:39:91:6c:
cf:28:7a:0c:bd:fb:07:89:89:99:67:84:04:56:af:
07:4a:6d:53:17:fe:39:68:6b:75:68:f7:81:3d:91:
c1:d8:e6:fb:85:85:d0:51:11:c2:0e:cf:c8:74:07:
18:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:04:21:7F:75:EB:45:9A:39:E6:13:99:7E:08:B7:33:88:36:80:EB
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/4gQhf3XrRZo55hOZfgi3M4g2gOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.132.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.244.0-148.253.246.255
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.77.0/24
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.119.0/24
163.171.126.0/24
163.171.143.0/24
163.171.153.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.230.0/23
163.171.234.0/24
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
2a01:53c0:ffe7::/48
2a01:53c0:fff2::/48
2a01:53c0:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
09:19:f2:91:23:c1:23:71:7b:aa:7b:55:e4:e8:a9:bb:1a:cd:
57:1f:16:fa:cb:ec:cd:c1:9e:ab:dc:0a:47:72:e2:8a:d1:6b:
38:79:9e:3d:0c:de:03:95:24:3e:9f:d2:b1:ba:be:51:6b:00:
6e:e9:90:61:e9:90:a2:f2:56:17:2a:82:fc:6c:e1:91:99:d3:
a0:80:80:c1:06:f9:06:b7:fe:56:c2:f1:48:d6:86:f4:93:a1:
2d:85:b8:a6:55:99:f9:a3:f2:d4:97:03:30:3e:a2:6d:6a:2d:
f5:a4:2e:6d:dc:12:79:13:a8:66:ee:19:a7:8f:b6:e9:78:d7:
1c:71:df:d1:fd:3b:f7:d8:b7:fd:f6:f7:41:4a:4e:60:90:56:
fb:ef:70:95:21:ed:52:3c:c9:85:01:7f:bf:84:a0:19:a6:44:
11:c1:fe:e3:52:3d:55:f3:7c:84:d6:5b:ff:77:4d:e3:25:db:
97:d2:f0:cc:af:6f:69:1d:b1:7a:6c:bb:a8:92:27:0a:04:08:
31:3c:ec:a1:18:8b:85:62:20:8a:0d:bb:8e:86:e1:69:3b:b5:
b7:a6:69:0b:8c:0f:8c:04:dc:45:3e:45:d1:f9:99:ec:4a:6e:
a6:41:72:b5:66:31:40:9f:f2:9b:a0:63:19:f6:c4:3d:ed:b0:
7b:3c:c0:c5
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAZbs5n24lsyd/3AV4zqLm0IlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwNTIwMDg1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjA0MjE3Zjc1ZWI0NTlhMzllNjEzOTk3ZTA4YjczMzg4MzY4MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZRiJizhaUE84w7+5GR6f+tLD8l3
epSbqbqWm4XMqX3Lg544tCFPLfzjaVe9KAE7fbsaw7W0Vlp2Iqgy7KoW843Cmo1d
6p0aEntsmoKxGbYVt+LVlCDAJc35t/pE5BZaecdZAbCG1ENbwjfxf23/8oUDX4Co
SMn39eyPH30njzvJHSU7oemu6yFOfMAstHazIx7guhMOGYkZM1X/1V8JscJBAOMC
syXI4GbUahAyUX1SKwKz09GvD3ncIcFU8XRMsZHYmbkw66UbiJsVaoc5kWzPKHoM
vfsHiYmZZ4QEVq8HSm1TF/45aGt1aPeBPZHB2Ob7hYXQURHCDs/IdAcYBwIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFOIEIX9160WaOeYTmX4ItzOINoDrMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvNGdRaGYzWHJSWm81NWhPWmZnaTNNNGcyZ09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAUgEAgABMIIB
QAMEAFvCzQMEAFvKyAMEAF28hAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQA
lP0qAwQAlP0sAwQAlP0vAwQClP08AwQBlP3kMAwDBACU/ecDBAKU/egDBACU/e0D
BACU/e8wDAMEApT99AMEAJT99gMEAJT9+DAMAwQCl/lcAwQAl/leAwQAo6tAAwQA
o6tDAwQBo6tGAwQAo6tNAwQBo6tUAwQAo6tXMAwDBACjq10DBACjq14wDAMEBaOr
YAMEAKOrYjAMAwQAo6tlAwQAo6toAwQAo6t3AwQAo6t+AwQAo6uPAwQAo6uZAwQA
o6umAwQBo6uwAwQAo6u2AwQAo6u8AwQAo6vGAwQAo6vPAwQAo6veAwQBo6vgAwQB
o6vmAwQAo6vqAwQAo6v5AwQAo6v8AwQAuRvmAwQAwmsTMCoEAgACMCQDBwAqAVPA
/8YDBwAqAVPA/+cDBwAqAVPA//IDBwAqAVPA//QwDQYJKoZIhvcNAQELBQADggEB
AAkZ8pEjwSNxe6p7VeToqbsazVcfFvrL7M3BnqvcCkdy4orRazh5nj0M3gOVJD6f
0rG6vlFrAG7pkGHpkKLyVhcqgvxs4ZGZ06CAgMEG+Qa3/lbC8UjWhvSToS2FuKZV
mfmj8tSXAzA+om1qLfWkLm3cEnkTqGbuGaePtul41xxx39H9O/fYt/3290FKTmCQ
VvvvcJUh7VI8yYUBf7+EoBmmRBHB/uNSPVXzfITWW/93TeMl25fS8Myvb2kdsXps
u6iSJwoECDE87KEYi4ViIIoNu46G4Wk7tbemaQuMD4wE3EU+RdH5mexKbqZBcrVm
MUCf8pugYxn2xD3tsHs8wMU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:06:48 2025 by rpki-client