Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/On1LAVoRGWNNh_xWQVYGjoE54dY.roa
File: On1LAVoRGWNNh_xWQVYGjoE54dY.roa (raw, json)
Hash identifier: 9qYKMnWmJwQB8qfuzLP9srmHRO820kxqALGeztq+I1o=
Subject key identifier: 3A:7D:4B:01:5A:11:19:63:4D:87:FC:56:41:56:06:8E:81:39:E1:D6
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 01967BDB95A30360065841A14837D4AF4570
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/On1LAVoRGWNNh_xWQVYGjoE54dY.roa
Signing time: Mon 28 Apr 2025 10:05:10 +0000
ROA not before: Mon 28 Apr 2025 10:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
216.252.180.0/24 maxlen: 24
216.252.182.0/24 maxlen: 24
216.252.183.0/24 maxlen: 24
216.252.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 12:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:db:95:a3:03:60:06:58:41:a1:48:37:d4:af:45:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Apr 28 10:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a7d4b015a1119634d87fc564156068e8139e1d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cd:20:f2:4c:10:35:c6:14:9c:7c:9b:e5:c8:
37:e6:87:22:e6:38:2a:73:e9:b8:25:91:65:f2:17:
67:ad:90:4d:d1:e8:2a:4a:ed:e1:28:a4:b2:7b:66:
cb:a1:53:03:31:cf:bd:cf:46:eb:a6:17:70:7a:ab:
42:53:dd:52:1c:26:64:fc:7e:e8:df:b3:d0:8a:2c:
29:42:84:0e:3e:cd:2a:03:4e:17:99:46:f8:21:89:
6f:b2:e4:b3:b6:3b:d5:9a:cd:05:27:ba:63:4b:3e:
b8:2b:7c:7c:37:79:72:05:39:c2:41:36:4a:4e:6f:
b0:8e:71:95:2e:86:eb:6f:48:88:28:df:72:df:ee:
1e:01:c4:b4:0c:01:98:06:b7:0c:1b:db:ba:a1:1c:
62:a3:54:ee:31:e6:03:f5:f0:e0:6f:89:00:ed:bc:
db:87:a9:f0:d9:35:13:49:93:b2:14:3b:36:45:3f:
26:75:50:1f:66:1f:96:56:ee:b9:3b:4a:4a:dc:9c:
10:46:cf:7f:b7:10:4c:0b:25:ec:3c:d9:3b:02:fa:
4c:1c:ff:a5:40:9c:c7:91:32:04:18:d1:f9:2b:62:
40:15:d8:d5:fe:19:61:63:21:47:b2:97:6c:d4:dc:
35:29:6d:52:2d:9c:01:cb:38:22:a1:a6:0a:cd:d1:
57:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7D:4B:01:5A:11:19:63:4D:87:FC:56:41:56:06:8E:81:39:E1:D6
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/On1LAVoRGWNNh_xWQVYGjoE54dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.21.255
85.255.23.0-85.255.31.255
185.114.120.0/22
209.206.0.0/19
216.252.177.0-216.252.180.255
216.252.182.0/23
216.252.185.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:5d:09:cb:b0:4d:02:b9:c1:aa:d7:7c:aa:76:46:c9:60:cb:
fa:cf:59:85:64:1e:cb:68:06:9b:1f:ed:24:e1:7b:fd:97:28:
e4:f9:a0:36:57:e0:b1:6c:48:e6:31:45:ef:de:c6:4f:55:25:
7c:55:09:bb:3f:f3:f4:3c:bd:a3:1d:c1:88:07:8b:f2:a4:f3:
53:fb:37:05:85:14:62:17:56:e7:b9:e2:cf:98:10:5f:12:e3:
7b:61:5d:1f:12:e7:bc:97:60:76:45:36:44:56:bc:e6:dc:04:
01:54:25:5a:b8:61:65:f8:25:26:9b:3b:c4:62:a3:23:ea:3f:
f8:05:41:e7:b8:1c:c2:7f:fa:ea:15:eb:49:e7:c0:76:6f:4d:
0d:50:c8:df:f9:da:6d:ec:e1:f1:a3:54:fa:fb:0e:e5:17:19:
49:06:80:75:6d:ef:1d:87:b7:bb:85:aa:7a:db:73:dd:65:28:
d9:6d:c9:e8:73:32:82:1d:4c:fd:6c:80:ef:84:c0:5a:5d:bd:
4e:35:88:2c:82:18:5f:1f:ff:8d:ba:e7:b5:01:7e:8b:4b:71:
a2:df:91:f3:e8:d3:4e:7e:82:f0:8a:e3:ed:5f:67:ea:53:24:
a5:32:4a:56:c8:77:89:1c:55:20:b7:3f:7e:f3:77:dc:c9:fe:
bc:84:f4:8f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZZ725WjA2AGWEGhSDfUr0VwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjUwNDI4MTAwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdkNGIwMTVhMTExOTYzNGQ4N2ZjNTY0MTU2MDY4ZTgxMzllMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM0g8kwQNcYUnHyb5cg35oci5jgq
c+m4JZFl8hdnrZBN0egqSu3hKKSye2bLoVMDMc+9z0brphdweqtCU91SHCZk/H7o
37PQiiwpQoQOPs0qA04XmUb4IYlvsuSztjvVms0FJ7pjSz64K3x8N3lyBTnCQTZK
Tm+wjnGVLobrb0iIKN9y3+4eAcS0DAGYBrcMG9u6oRxio1TuMeYD9fDgb4kA7bzb
h6nw2TUTSZOyFDs2RT8mdVAfZh+WVu65O0pK3JwQRs9/txBMCyXsPNk7AvpMHP+l
QJzHkTIEGNH5K2JAFdjV/hlhYyFHspds1Nw1KW1SLZwByzgioaYKzdFX3wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDp9SwFaERljTYf8VkFWBo6BOeHWMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvT24xTEFWb1JHV05OaF94V1FWWUdqb0U1NGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBVf8QMAwD
BABV/xMDBAFV/xQwDAMEAFX/FwMEBVX/AAMEArlyeAMEBdHOADAMAwQA2PyxAwQA
2Py0AwQB2Py2AwQA2Py5MA0GCSqGSIb3DQEBCwUAA4IBAQCoXQnLsE0CucGq13yq
dkbJYMv6z1mFZB7LaAabH+0k4Xv9lyjk+aA2V+CxbEjmMUXv3sZPVSV8VQm7P/P0
PL2jHcGIB4vypPNT+zcFhRRiF1bnueLPmBBfEuN7YV0fEue8l2B2RTZEVrzm3AQB
VCVauGFl+CUmmzvEYqMj6j/4BUHnuBzCf/rqFetJ58B2b00NUMjf+dpt7OHxo1T6
+w7lFxlJBoB1be8dh7e7hap623PdZSjZbcnoczKCHUz9bIDvhMBaXb1ONYgsghhf
H/+Nuue1AX6LS3Gi35Hz6NNOfoLwiuPtX2fqUySlMkpWyHeJHFUgtz9+83fcyf68
hPSP
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:40 2025 by rpki-client