Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QggQ5kCE7h2hCLDctfRlwZXemzE.roa
File: QggQ5kCE7h2hCLDctfRlwZXemzE.roa (raw, json)
Hash identifier: FVum34L9WZYQ9UjxqchcUARB+PV4M5GoA80BLmHXKSs=
Subject key identifier: 42:08:10:E6:40:84:EE:1D:A1:08:B0:DC:B5:F4:65:C1:95:DE:9B:31
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0193B1F0B518C3A5BDDD37DEEED8F07F8514
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QggQ5kCE7h2hCLDctfRlwZXemzE.roa
Signing time: Tue 10 Dec 2024 18:59:22 +0000
ROA not before: Tue 10 Dec 2024 18:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b1:f0:b5:18:c3:a5:bd:dd:37:de:ee:d8:f0:7f:85:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Dec 10 18:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=420810e64084ee1da108b0dcb5f465c195de9b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3e:ac:f4:8e:f0:76:ae:81:ee:6f:af:93:f9:
17:57:cb:62:f1:15:81:25:e8:15:3d:77:d8:5f:57:
59:7b:7f:ff:44:a7:25:bf:ce:4a:3f:eb:48:20:75:
5d:73:c2:5b:64:04:87:dc:2d:34:2c:4c:21:c1:f2:
1c:de:94:f1:44:79:93:88:b7:07:08:49:42:8e:de:
0b:1c:5a:12:67:2b:ed:ca:bd:c8:5a:2b:ce:1d:99:
35:13:9a:f1:ba:72:a5:1d:31:42:15:57:0c:a9:43:
bc:1a:b7:a6:70:be:9e:b8:bf:f6:06:40:02:27:e3:
bf:d7:65:16:41:90:01:61:b7:28:2a:80:18:0a:86:
d7:e8:7c:bc:dc:ae:16:05:bf:25:ed:9c:3b:3e:78:
fa:dd:c0:24:a6:08:ef:b5:d4:98:b8:f2:d6:9c:af:
f2:cf:24:ec:04:0a:90:c6:4d:e4:a8:f5:43:91:cf:
b3:32:09:85:95:ef:8b:35:fb:ea:44:ea:1f:b2:a2:
c1:1f:1d:2e:30:ec:fb:a1:32:3f:b5:fe:41:ef:ae:
ed:a1:b8:1f:67:6d:76:ca:37:7c:f2:8e:a1:a7:55:
91:46:1f:61:83:32:16:60:e5:fc:88:e4:d3:c6:a5:
75:00:a8:7e:98:d9:8d:c1:5d:83:34:76:01:1f:a2:
05:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:08:10:E6:40:84:EE:1D:A1:08:B0:DC:B5:F4:65:C1:95:DE:9B:31
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/QggQ5kCE7h2hCLDctfRlwZXemzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.119.0/24
163.171.126.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.230.0/23
163.171.234.0/24
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
9c:82:39:50:c3:ee:91:53:a1:f2:17:cb:d3:94:60:6e:78:84:
2d:5b:23:b0:90:10:45:4e:11:9b:eb:6d:25:6f:21:2d:cd:ce:
0f:f7:21:8b:cf:52:19:b8:a7:19:8c:5c:43:22:31:b0:dc:b8:
5f:b6:7d:9f:a7:1d:38:19:35:14:7c:12:14:e8:f4:54:98:57:
26:b1:90:5e:b8:8e:59:26:a0:73:07:b2:7b:29:01:96:85:02:
dd:58:9b:da:b3:52:7b:02:16:76:6c:ab:39:7f:63:b8:be:12:
0a:7e:23:55:55:a8:7a:b7:68:94:13:ba:33:81:58:cb:5b:1e:
30:54:58:dc:70:d8:a8:95:00:e3:05:12:52:36:7a:8a:39:53:
29:d5:5b:55:e2:70:5e:9d:c6:25:26:ab:8a:00:4a:1b:f4:b5:
30:d2:de:66:3e:63:c9:5b:05:60:1e:13:ff:30:ef:7f:1c:19:
a2:5e:61:b1:49:85:9f:99:af:d0:82:2a:41:02:43:53:f2:6e:
91:67:eb:55:ee:aa:d0:54:23:a2:11:e8:4f:91:0e:9d:52:14:
ed:7e:1f:36:99:0d:a4:be:2d:97:b5:91:08:70:60:69:d4:15:
3a:2e:2b:cc:43:e5:92:4b:39:e9:a9:c3:85:b5:39:10:99:6b:
78:e0:4c:9d
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgISAZOx8LUYw6W93Tfe7tjwf4UUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQxMjEwMTg1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA4MTBlNjQwODRlZTFkYTEwOGIwZGNiNWY0NjVjMTk1ZGU5YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsz6s9I7wdq6B7m+vk/kXV8ti8RWB
JegVPXfYX1dZe3//RKclv85KP+tIIHVdc8JbZASH3C00LEwhwfIc3pTxRHmTiLcH
CElCjt4LHFoSZyvtyr3IWivOHZk1E5rxunKlHTFCFVcMqUO8GremcL6euL/2BkAC
J+O/12UWQZABYbcoKoAYCobX6Hy83K4WBb8l7Zw7Pnj63cAkpgjvtdSYuPLWnK/y
zyTsBAqQxk3kqPVDkc+zMgmFle+LNfvqROofsqLBHx0uMOz7oTI/tf5B767tobgf
Z212yjd88o6hp1WRRh9hgzIWYOX8iOTTxqV1AKh+mNmNwV2DNHYBH6IFVwIDAQAB
o4IDODCCAzQwHQYDVR0OBBYEFEIIEOZAhO4doQiw3LX0ZcGV3psxMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvUWdnUTVrQ0U3aDJoQ0xEY3RmUmx3WlhlbXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTAYIKwYBBQUHAQcBAf8EggE7MIIBNzCCASIEAgABMIIB
GgMEAFvCzQMEAFvKyAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQAlP0qAwQA
lP0sAwQAlP0vAwQBlP3kMAwDBACU/ecDBAKU/egDBACU/e0DBACU/e8DBACU/fYD
BACU/fgwDAMEApf5XAMEAJf5XgMEAKOrQAMEAKOrQwMEAaOrRgMEAaOrVAMEAKOr
VzAMAwQAo6tdAwQAo6teMAwDBAWjq2ADBACjq2IwDAMEAKOrZQMEAKOraAMEAKOr
dwMEAKOrfgMEAKOrpgMEAaOrsAMEAKOrtgMEAKOrvAMEAKOrxgMEAKOrzwMEAKOr
3gMEAaOr4AMEAaOr5gMEAKOr6gMEAKOr+QMEAKOr/AMEALkb5gMEAMJrEzAPBAIA
AjAJAwcAKgFTwP/GMA0GCSqGSIb3DQEBCwUAA4IBAQCcgjlQw+6RU6HyF8vTlGBu
eIQtWyOwkBBFThGb620lbyEtzc4P9yGLz1IZuKcZjFxDIjGw3Lhftn2fpx04GTUU
fBIU6PRUmFcmsZBeuI5ZJqBzB7J7KQGWhQLdWJvas1J7AhZ2bKs5f2O4vhIKfiNV
Vah6t2iUE7ozgVjLWx4wVFjccNiolQDjBRJSNnqKOVMp1VtV4nBencYlJquKAEob
9LUw0t5mPmPJWwVgHhP/MO9/HBmiXmGxSYWfma/QgipBAkNT8m6RZ+tV7qrQVCOi
EehPkQ6dUhTtfh82mQ2kvi2XtZEIcGBp1BU6LivMQ+WSSznpqcOFtTkQmWt44Eyd
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:38 2025 by rpki-client