Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/dL1ARD6sosGAXL3WoK_IVvt0xz0.roa
File: dL1ARD6sosGAXL3WoK_IVvt0xz0.roa (raw, json)
Hash identifier: YWDP3+Z2xf6XhU9FocHUgq6P1xuTvUifNuxYrQFqsC4=
Subject key identifier: 74:BD:40:44:3E:AC:A2:C1:80:5C:BD:D6:A0:AF:C8:56:FB:74:C7:3D
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01965D8CBAA1108D19E98A73FA8EB614AD38
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/dL1ARD6sosGAXL3WoK_IVvt0xz0.roa
Signing time: Tue 22 Apr 2025 12:50:25 +0000
ROA not before: Tue 22 Apr 2025 12:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49685
IP address blocks: 31.3.8.0/21 maxlen: 24
31.3.96.0/21 maxlen: 24
31.223.160.0/20 maxlen: 24
37.17.208.0/20 maxlen: 24
37.34.48.0/21 maxlen: 24
37.230.96.0/21 maxlen: 24
46.226.56.0/21 maxlen: 24
78.108.128.0/20 maxlen: 24
79.170.88.0/21 maxlen: 24
80.84.224.0/19 maxlen: 24
80.246.192.0/20 maxlen: 24
80.246.207.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
81.4.64.0/19 maxlen: 24
81.4.84.0/22 maxlen: 24
81.4.96.0/22 maxlen: 24
81.4.112.0/21 maxlen: 24
81.21.136.0/21 maxlen: 24
81.30.32.0/20 maxlen: 24
83.96.128.0/17 maxlen: 24
83.96.200.0/22 maxlen: 24
83.96.204.0/22 maxlen: 24
83.96.212.0/22 maxlen: 24
83.96.216.0/22 maxlen: 24
83.96.236.0/22 maxlen: 24
83.96.240.0/22 maxlen: 24
83.96.244.0/22 maxlen: 24
83.96.252.0/22 maxlen: 24
85.10.160.0/19 maxlen: 24
85.10.172.0/22 maxlen: 24
85.10.176.0/22 maxlen: 24
85.158.248.0/22 maxlen: 24
85.158.252.0/23 maxlen: 24
85.222.224.0/21 maxlen: 24
89.31.96.0/21 maxlen: 24
91.142.240.0/20 maxlen: 24
91.189.208.0/22 maxlen: 24
91.205.32.0/22 maxlen: 24
91.216.162.0/24 maxlen: 24
93.191.128.0/21 maxlen: 24
94.142.208.0/21 maxlen: 24
141.138.192.0/20 maxlen: 24
141.255.176.0/22 maxlen: 24
141.255.180.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
171.33.128.0/24 maxlen: 24
176.74.224.0/19 maxlen: 24
178.18.80.0/20 maxlen: 24
185.3.208.0/22 maxlen: 24
185.15.248.0/22 maxlen: 24
185.21.188.0/22 maxlen: 24
185.65.52.0/22 maxlen: 24
185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
185.89.152.0/22 maxlen: 24
185.95.68.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
185.110.172.0/22 maxlen: 24
185.110.173.0/24 maxlen: 24
185.110.200.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
193.138.204.0/22 maxlen: 24
193.242.119.0/24 maxlen: 24
194.60.207.0/24 maxlen: 24
213.187.240.0/21 maxlen: 24
217.21.240.0/20 maxlen: 24
217.149.128.0/20 maxlen: 24
2001:828::/32 maxlen: 48
2001:4cb8::/29 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2a00:c080::/32 maxlen: 48
2a02:348::/32 maxlen: 48
2a02:348:28::/48 maxlen: 48
2a02:348:29::/48 maxlen: 48
2a02:348:7d::/48 maxlen: 48
2a03:4f00::/32 maxlen: 48
2a03:5700::/32 maxlen: 48
2a05:2500::/32 maxlen: 48
2a05:a282::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Apr 2025 06:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:8c:ba:a1:10:8d:19:e9:8a:73:fa:8e:b6:14:ad:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Apr 22 12:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74bd40443eaca2c1805cbdd6a0afc856fb74c73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a6:33:98:37:52:42:a9:69:12:0d:03:31:40:
13:86:66:88:f3:be:e0:17:a7:c1:8a:68:e7:9c:87:
2a:a5:b0:0f:45:da:e1:b6:3d:1a:de:e0:6e:29:bc:
fd:73:f7:3f:f4:6e:db:6b:f5:b6:8f:2b:77:c0:a3:
8e:58:69:0c:be:49:b9:d7:92:70:8a:15:0c:e7:2f:
34:01:e8:19:e9:a5:2c:7c:53:b4:fb:4b:89:d0:81:
10:6f:53:fe:d9:67:f0:6d:0c:75:f3:cc:4f:a3:a9:
37:f1:70:14:69:1b:31:e0:bb:a8:6e:6d:3a:9e:a3:
44:ed:db:74:76:86:29:1e:f0:2a:e1:0f:ea:73:ef:
ba:e0:36:fd:ba:3c:51:33:ba:2b:a8:4e:8a:f8:5b:
6d:2d:9d:54:56:9f:de:40:41:bf:35:a0:6e:dc:02:
3a:7c:43:76:5f:c7:da:38:9a:61:28:24:bf:ca:cf:
15:a3:9a:8c:bd:5b:af:ef:e6:d9:d0:0c:5c:d6:3f:
aa:5d:5d:e4:2b:1e:e0:7e:76:48:da:c4:cc:85:0c:
c1:6a:64:09:31:8b:d0:d0:07:4f:f5:e4:b0:53:a3:
98:a1:d4:d0:8e:2b:2c:d2:3f:22:70:d3:ec:fc:33:
ba:89:fe:5b:ea:bb:63:36:77:f6:8b:92:04:57:ee:
f6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BD:40:44:3E:AC:A2:C1:80:5C:BD:D6:A0:AF:C8:56:FB:74:C7:3D
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/dL1ARD6sosGAXL3WoK_IVvt0xz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.8.0/21
31.3.96.0/21
31.223.160.0/20
37.17.208.0/20
37.34.48.0/21
37.230.96.0/21
46.226.56.0/21
78.108.128.0/20
79.170.88.0/21
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0/17
85.10.160.0/19
85.158.248.0-85.158.253.255
85.222.224.0/21
89.31.96.0/21
91.142.240.0/20
91.189.208.0/22
91.205.32.0/22
91.216.162.0/24
93.191.128.0/21
94.142.208.0/21
141.138.192.0/20
141.255.176.0/21
171.33.128.0/21
176.74.224.0/19
178.18.80.0/20
185.3.208.0/22
185.15.248.0/22
185.21.188.0/22
185.65.52.0/22
185.69.232.0/22
185.84.72.0/22
185.89.152.0/22
185.95.68.0/22
185.105.204.0/22
185.105.216.0/22
185.110.172.0/22
185.110.200.0/22
193.93.172.0/22
193.138.204.0/22
193.242.119.0/24
194.60.207.0/24
213.187.240.0/21
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a00:c080::/32
2a02:348::/32
2a03:4f00::/32
2a03:5700::/32
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
08:cc:e4:4c:4e:7d:67:cf:b0:6f:4e:b9:50:96:5d:7f:53:07:
71:2e:d8:79:12:c2:24:2e:04:b1:7a:32:a2:4b:17:7f:0a:37:
c9:f5:82:60:99:80:05:92:78:68:68:67:6c:90:7f:8c:c3:ef:
e2:b2:62:07:89:d0:86:4f:86:84:0d:cf:3d:36:5b:83:c9:68:
17:e5:85:38:f3:7d:76:ed:cb:43:34:df:24:2f:09:1e:31:12:
01:7f:d8:70:0c:35:1d:d4:0a:6c:a2:b1:51:55:e2:f1:fe:46:
98:d8:0a:86:54:19:9e:8f:ee:0c:ed:75:ee:5b:39:3f:5b:8e:
88:f9:03:68:44:12:54:a4:5e:9e:b7:c5:28:da:76:72:d6:b7:
b1:9e:14:30:c8:e5:3b:3f:2c:cd:24:2c:76:9e:60:ee:fd:d5:
ed:3a:77:c4:a0:4f:7e:54:21:21:19:98:e1:b0:a3:b0:a1:1c:
c2:7d:04:d9:44:6a:af:6c:7e:57:21:54:ba:fe:71:bc:81:77:
90:af:8b:ae:8e:61:16:2a:33:dd:e7:9c:ea:47:b7:ca:90:99:
15:7d:25:5e:5c:bf:da:42:e9:66:25:79:54:3a:eb:9a:36:17:
65:8f:ee:6b:57:bf:0a:4c:71:53:02:78:61:68:0a:c0:f9:c3:
46:1c:88:82
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgISAZZdjLqhEI0Z6Ypz+o62FK04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwNDIyMTI1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGJkNDA0NDNlYWNhMmMxODA1Y2JkZDZhMGFmYzg1NmZiNzRjNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqYzmDdSQqlpEg0DMUAThmaI877g
F6fBimjnnIcqpbAPRdrhtj0a3uBuKbz9c/c/9G7ba/W2jyt3wKOOWGkMvkm515Jw
ihUM5y80AegZ6aUsfFO0+0uJ0IEQb1P+2WfwbQx188xPo6k38XAUaRsx4Luobm06
nqNE7dt0doYpHvAq4Q/qc++64Db9ujxRM7orqE6K+FttLZ1UVp/eQEG/NaBu3AI6
fEN2X8faOJphKCS/ys8Vo5qMvVuv7+bZ0Axc1j+qXV3kKx7gfnZI2sTMhQzBamQJ
MYvQ0AdP9eSwU6OYodTQjiss0j8icNPs/DO6if5b6rtjNnf2i5IEV+72ZwIDAQAB
o4IDjzCCA4swHQYDVR0OBBYEFHS9QEQ+rKLBgFy91qCvyFb7dMc9MB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvZEwxQVJENnNvc0dBWEwzV29LX0lWdnQweHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBowYIKwYBBQUHAQcBAf8EggGSMIIBjjCCAUoEAgABMIIB
QgMEAx8DCAMEAx8DYAMEBB/foAMEBCUR0AMEAyUiMAMEAyXmYAMEAy7iOAMEBE5s
gAMEA0+qWAMEBVBU4AMEBFD2wAMEBFD/8DAMAwQGUQRAAwQCUQRgAwQDUQRwAwQD
URWIAwQEUR4gAwQHU2CAAwQFVQqgMAwDBANVnvgDBAFVnvwDBANV3uADBANZH2AD
BARbjvADBAJbvdADBAJbzSADBABb2KIDBANdv4ADBANejtADBASNisADBAON/7AD
BAOrIYADBAWwSuADBASyElADBAK5A9ADBAK5D/gDBAK5FbwDBAK5QTQDBAK5RegD
BAK5VEgDBAK5WZgDBAK5X0QDBAK5acwDBAK5adgDBAK5bqwDBAK5bsgDBALBXawD
BALBiswDBADB8ncDBADCPM8DBAPVu/ADBATZFfADBATZlYAwPgQCAAIwOAMFACAB
CCgDBQMgAUy4AwUAKgDAgAMFACoCA0gDBQAqA08AAwUAKgNXAAMFACoFJQADBQAq
BaKCMA0GCSqGSIb3DQEBCwUAA4IBAQAIzORMTn1nz7BvTrlQll1/UwdxLth5EsIk
LgSxejKiSxd/CjfJ9YJgmYAFknhoaGdskH+Mw+/ismIHidCGT4aEDc89NluDyWgX
5YU483127ctDNN8kLwkeMRIBf9hwDDUd1ApsorFRVeLx/kaY2AqGVBmej+4M7XXu
Wzk/W46I+QNoRBJUpF6et8Uo2nZy1rexnhQwyOU7PyzNJCx2nmDu/dXtOnfEoE9+
VCEhGZjhsKOwoRzCfQTZRGqvbH5XIVS6/nG8gXeQr4uujmEWKjPd55zqR7fKkJkV
fSVeXL/aQulmJXlUOuuaNhdlj+5rV78KTHFTAnhhaArA+cNGHIiC
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:50:07 2025 by rpki-client