Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/D1bjIod1NpdVHjnei6p1AnQ9fS0.roa
File: D1bjIod1NpdVHjnei6p1AnQ9fS0.roa (raw, json)
Hash identifier: SUYQifufSoj4x+SkP1jepX6mBGzZscZy9NUW8mYmSKg=
Subject key identifier: 0F:56:E3:22:87:75:36:97:55:1E:39:DE:8B:AA:75:02:74:3D:7D:2D
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0196CF906AFD4BAC3BDC0B3C3E508753DCF2
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/D1bjIod1NpdVHjnei6p1AnQ9fS0.roa
Signing time: Wed 14 May 2025 16:11:10 +0000
ROA not before: Wed 14 May 2025 16:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.244.0/24 maxlen: 24
148.253.245.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.143.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
2a01:53c0:ffe7::/48 maxlen: 48
2a01:53c0:fff2::/48 maxlen: 48
2a01:53c0:fff4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 May 2025 08:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:90:6a:fd:4b:ac:3b:dc:0b:3c:3e:50:87:53:dc:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: May 14 16:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f56e32287753697551e39de8baa7502743d7d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6c:0d:91:82:a5:50:9e:ec:1d:f1:2c:fd:0f:
5f:0d:be:fc:bb:4b:ef:b1:9c:69:93:35:96:cd:80:
c8:32:7f:16:87:bb:15:c9:80:8c:6f:76:86:ce:95:
ae:35:05:3d:2c:7d:88:0b:d6:47:03:ae:fb:d7:48:
2d:76:e8:44:e6:11:4f:45:5d:bd:29:4a:c9:ad:28:
46:dc:cf:ba:e9:5f:c8:45:b9:e0:f8:f3:1a:df:5b:
92:0c:5d:4e:21:68:00:6c:8b:40:0c:21:df:0f:03:
cf:87:d8:fa:a5:97:9a:be:61:6e:13:5c:4a:8b:b4:
db:9d:28:a1:d1:24:db:af:71:27:dc:be:30:1e:05:
d9:b5:49:2c:77:e5:4e:5d:6b:6b:b0:6c:68:47:ac:
26:9b:30:ad:66:6f:e4:46:95:fb:68:40:54:31:16:
94:02:9a:3a:78:66:69:e2:9f:cc:bb:29:fa:d1:d8:
c0:be:5f:f1:fc:b8:40:05:a1:08:43:65:26:f4:8a:
dd:9b:e2:3a:4d:33:46:9f:a0:4d:79:4a:bf:9b:fb:
1c:4c:b4:ad:33:03:51:59:ab:6a:ee:ba:01:ea:a5:
a6:f4:7e:70:86:75:b1:55:9c:67:c4:c1:d9:63:0d:
af:c8:cf:6e:5b:3b:95:d5:27:fb:43:f6:3e:59:e0:
a6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:56:E3:22:87:75:36:97:55:1E:39:DE:8B:AA:75:02:74:3D:7D:2D
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/D1bjIod1NpdVHjnei6p1AnQ9fS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.244.0-148.253.246.255
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.77.0/24
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.119.0/24
163.171.126.0/24
163.171.143.0/24
163.171.153.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.230.0/23
163.171.234.0/24
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
2a01:53c0:ffe7::/48
2a01:53c0:fff2::/48
2a01:53c0:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
67:35:bc:9a:a6:fe:63:2d:9f:3d:74:d6:f7:72:05:7f:a7:e9:
02:83:24:4b:64:d6:8a:e7:32:12:89:64:2a:9e:43:99:cf:42:
6e:f2:16:b3:c2:4c:b8:76:2b:ed:03:49:fd:92:2e:ee:3a:49:
88:3b:75:d7:2d:27:bd:ca:45:5b:8d:3d:5f:db:cb:69:7c:a9:
fc:4c:79:04:d8:5e:13:cd:f5:46:47:c6:e8:43:a4:48:99:5b:
8b:68:e2:b2:32:84:13:a7:3c:04:ef:a5:fd:94:b4:c8:4b:a2:
16:2e:d8:4a:0d:13:16:a1:91:14:1e:3e:6e:00:56:02:cf:c4:
d0:af:59:41:63:d1:48:b9:2b:58:4c:8f:48:42:c4:d7:4c:f9:
1c:99:99:92:ab:fa:5a:95:be:29:ee:28:2c:99:84:d8:17:e7:
16:7b:b7:5b:86:c5:28:3d:bd:9e:0c:58:84:e3:00:ab:74:e0:
9c:60:a9:c3:f4:f2:74:f3:d2:8b:11:c5:d6:51:f9:be:c5:f8:
22:e2:b6:ba:28:fd:47:ce:ed:74:86:34:7c:41:44:c1:06:88:
41:cc:4f:15:11:51:02:62:98:73:7b:93:ae:f4:5e:28:f8:f8:
3a:9f:bb:d8:66:ca:a4:76:76:70:84:61:19:1f:76:8d:14:1f:
28:b6:65:00
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAZbPkGr9S6w73As8PlCHU9zyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwNTE0MTYxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU2ZTMyMjg3NzUzNjk3NTUxZTM5ZGU4YmFhNzUwMjc0M2Q3ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32wNkYKlUJ7sHfEs/Q9fDb78u0vv
sZxpkzWWzYDIMn8Wh7sVyYCMb3aGzpWuNQU9LH2IC9ZHA67710gtduhE5hFPRV29
KUrJrShG3M+66V/IRbng+PMa31uSDF1OIWgAbItADCHfDwPPh9j6pZeavmFuE1xK
i7TbnSih0STbr3En3L4wHgXZtUksd+VOXWtrsGxoR6wmmzCtZm/kRpX7aEBUMRaU
Apo6eGZp4p/Muyn60djAvl/x/LhABaEIQ2Um9Irdm+I6TTNGn6BNeUq/m/scTLSt
MwNRWatq7roB6qWm9H5whnWxVZxnxMHZYw2vyM9uWzuV1Sf7Q/Y+WeCmnQIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFA9W4yKHdTaXVR453ouqdQJ0PX0tMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvRDFiaklvZDFOcGRWSGpuZWk2cDFBblE5ZlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCCAUIEAgABMIIB
OgMEAFvCzQMEAFvKyAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQAlP0qAwQA
lP0sAwQAlP0vAwQClP08AwQBlP3kMAwDBACU/ecDBAKU/egDBACU/e0DBACU/e8w
DAMEApT99AMEAJT99gMEAJT9+DAMAwQCl/lcAwQAl/leAwQAo6tAAwQAo6tDAwQB
o6tGAwQAo6tNAwQBo6tUAwQAo6tXMAwDBACjq10DBACjq14wDAMEBaOrYAMEAKOr
YjAMAwQAo6tlAwQAo6toAwQAo6t3AwQAo6t+AwQAo6uPAwQAo6uZAwQAo6umAwQB
o6uwAwQAo6u2AwQAo6u8AwQAo6vGAwQAo6vPAwQAo6veAwQBo6vgAwQBo6vmAwQA
o6vqAwQAo6v5AwQAo6v8AwQAuRvmAwQAwmsTMCoEAgACMCQDBwAqAVPA/8YDBwAq
AVPA/+cDBwAqAVPA//IDBwAqAVPA//QwDQYJKoZIhvcNAQELBQADggEBAGc1vJqm
/mMtnz101vdyBX+n6QKDJEtk1ornMhKJZCqeQ5nPQm7yFrPCTLh2K+0DSf2SLu46
SYg7ddctJ73KRVuNPV/by2l8qfxMeQTYXhPN9UZHxuhDpEiZW4to4rIyhBOnPATv
pf2UtMhLohYu2EoNExahkRQePm4AVgLPxNCvWUFj0Ui5K1hMj0hCxNdM+RyZmZKr
+lqVvinuKCyZhNgX5xZ7t1uGxSg9vZ4MWITjAKt04JxgqcP08nTz0osRxdZR+b7F
+CLitroo/UfO7XSGNHxBRMEGiEHMTxURUQJimHN7k670Xij4+Dqfu9hmyqR2dnCE
YRkfdo0UHyi2ZQA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:27:00 2025 by rpki-client