Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/2cv-qLNq-dEBS-J4pxRy-Om1jFw.roa
File: 2cv-qLNq-dEBS-J4pxRy-Om1jFw.roa (raw, json)
Hash identifier: mcLW5exC3bFVkMDIWvv3CX8v4w2qX7s8J7yi5kCCmNg=
Subject key identifier: D9:CB:FE:A8:B3:6A:F9:D1:01:4B:E2:78:A7:14:72:F8:E9:B5:8C:5C
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 0193F4BECBCF398E4174FA32ED19CFA2956F
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/2cv-qLNq-dEBS-J4pxRy-Om1jFw.roa
Signing time: Mon 23 Dec 2024 18:19:24 +0000
ROA not before: Mon 23 Dec 2024 18:19:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210079
IP address blocks: 5.35.100.0/24 maxlen: 24
5.35.101.0/24 maxlen: 24
5.35.102.0/24 maxlen: 24
37.143.8.0/23 maxlen: 23
37.143.10.0/23 maxlen: 23
37.143.12.0/23 maxlen: 23
37.143.14.0/23 maxlen: 23
46.254.16.0/23 maxlen: 23
46.254.18.0/23 maxlen: 23
46.254.20.0/23 maxlen: 23
46.254.22.0/24 maxlen: 24
46.254.23.0/24 maxlen: 24
91.201.40.0/22 maxlen: 22
91.218.228.0/23 maxlen: 23
91.218.230.0/23 maxlen: 23
95.181.224.0/24 maxlen: 24
95.181.225.0/24 maxlen: 24
95.181.226.0/24 maxlen: 24
95.181.227.0/24 maxlen: 24
95.181.228.0/24 maxlen: 24
95.181.229.0/24 maxlen: 24
95.181.230.0/24 maxlen: 24
95.181.231.0/24 maxlen: 24
95.183.8.0/23 maxlen: 23
95.183.10.0/24 maxlen: 24
95.183.11.0/24 maxlen: 24
95.183.12.0/24 maxlen: 24
95.183.13.0/24 maxlen: 24
95.183.14.0/24 maxlen: 24
95.183.15.0/24 maxlen: 24
178.57.216.0/23 maxlen: 23
178.57.218.0/23 maxlen: 23
178.57.220.0/23 maxlen: 23
178.57.220.0/24 maxlen: 24
178.57.221.0/24 maxlen: 24
178.57.222.0/23 maxlen: 23
178.217.100.0/24 maxlen: 24
178.217.101.0/24 maxlen: 24
185.11.246.0/23 maxlen: 23
185.12.92.0/22 maxlen: 22
185.12.92.0/24 maxlen: 24
185.12.93.0/24 maxlen: 24
185.12.94.0/24 maxlen: 24
185.12.95.0/24 maxlen: 24
185.22.232.0/23 maxlen: 23
185.22.234.0/23 maxlen: 23
185.87.192.0/24 maxlen: 24
185.87.193.0/24 maxlen: 24
185.87.194.0/24 maxlen: 24
185.87.195.0/24 maxlen: 24
185.87.196.0/24 maxlen: 24
185.87.197.0/24 maxlen: 24
185.87.198.0/24 maxlen: 24
185.87.199.0/24 maxlen: 24
185.221.152.0/22 maxlen: 24
185.221.154.0/24 maxlen: 24
185.221.155.0/24 maxlen: 24
212.8.247.0/24 maxlen: 24
217.144.96.0/24 maxlen: 24
217.144.97.0/24 maxlen: 24
217.144.98.0/24 maxlen: 24
217.144.99.0/24 maxlen: 24
217.144.100.0/24 maxlen: 24
217.144.101.0/24 maxlen: 24
217.144.103.0/24 maxlen: 24
2a03:80c0::/48 maxlen: 48
2a03:80c0:1::/48 maxlen: 48
2a03:c980:db::/48 maxlen: 48
2a03:c980:e5::/48 maxlen: 48
2a03:c980:5fb5::/48 maxlen: 48
2a03:c980:5fb7::/48 maxlen: 48
2a03:c980:b239::/48 maxlen: 48
2a03:c980:b916::/48 maxlen: 48
2a03:c980:b957::/48 maxlen: 48
2a03:c980:beef::/48 maxlen: 48
2a03:c980:d990::/48 maxlen: 48
2a03:c980:dead::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f4:be:cb:cf:39:8e:41:74:fa:32:ed:19:cf:a2:95:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Dec 23 18:19:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9cbfea8b36af9d1014be278a71472f8e9b58c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:94:2d:fe:d1:d5:4a:2b:63:ee:e9:6b:12:e5:
64:ed:d9:95:58:48:24:49:88:21:c9:a2:c2:4c:86:
f2:db:d3:ae:7d:b5:eb:6e:45:ee:d5:93:ec:4b:ca:
78:02:d7:4b:9b:ca:79:7d:a1:9d:af:e7:0a:96:e3:
9c:a5:41:76:06:2e:e9:ce:28:5f:c2:6f:db:1a:ad:
1a:ca:bd:42:10:52:31:e8:6a:be:5b:98:54:2f:f6:
ce:9e:dd:bd:0c:b3:ae:0c:84:e6:d0:8f:2b:0d:45:
25:83:05:86:f0:13:05:62:8f:fa:6b:0c:a6:2e:86:
b5:76:cf:30:f9:c7:36:45:ed:d9:52:37:30:f4:6c:
34:91:60:12:02:54:c1:37:36:a5:93:e9:56:70:e0:
38:1f:57:27:ed:ef:fc:18:a0:97:f9:a3:73:14:a9:
bc:13:0b:57:70:0b:31:a5:ee:38:ae:4f:37:c4:5b:
c2:d2:91:d0:0b:bc:14:5f:63:b2:e0:0a:d9:17:75:
b5:05:81:3e:0d:d7:50:2a:87:da:96:24:ef:b8:7e:
c8:6a:10:3d:d9:51:46:be:47:4a:e3:e0:c1:d5:50:
e8:44:35:14:96:a5:ba:19:05:cf:de:78:f6:32:40:
a8:01:f2:46:9b:2f:2f:6e:40:ae:c2:6a:4d:7e:c3:
4a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CB:FE:A8:B3:6A:F9:D1:01:4B:E2:78:A7:14:72:F8:E9:B5:8C:5C
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/2cv-qLNq-dEBS-J4pxRy-Om1jFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.100.0-5.35.102.255
37.143.8.0/21
46.254.16.0/21
91.201.40.0/22
91.218.228.0/22
95.181.224.0/21
95.183.8.0/21
178.57.216.0/21
178.217.100.0/23
185.11.246.0/23
185.12.92.0/22
185.22.232.0/22
185.87.192.0/21
185.221.152.0/22
212.8.247.0/24
217.144.96.0-217.144.101.255
217.144.103.0/24
IPv6:
2a03:80c0::/47
2a03:c980:db::/48
2a03:c980:e5::/48
2a03:c980:5fb5::/48
2a03:c980:5fb7::/48
2a03:c980:b239::/48
2a03:c980:b916::/48
2a03:c980:b957::/48
2a03:c980:beef::/48
2a03:c980:d990::/48
2a03:c980:dead::/48
Signature Algorithm: sha256WithRSAEncryption
4a:5f:6c:db:3c:bb:25:ec:18:c8:cb:cf:92:ea:72:08:3a:22:
c8:c8:b0:9b:da:45:c8:67:c6:64:52:6e:e4:83:4c:ca:ae:9e:
71:1d:50:36:0b:c5:ff:d7:55:a8:ca:8f:dd:fb:2e:5c:f1:08:
bc:b7:36:e2:62:8e:4b:f8:51:d9:3e:fa:f7:e3:3f:70:7c:48:
ab:bf:8c:79:7c:1b:93:ad:bc:fe:ce:76:25:3f:b1:f2:9d:13:
cb:e6:ec:b0:58:bf:1a:b6:d4:de:9b:3e:9c:70:17:49:03:dd:
e6:59:ca:61:f5:36:63:fb:ae:e3:7d:ac:f5:44:c8:79:97:20:
c7:92:6e:6e:51:53:b5:14:c7:39:4d:f9:32:c1:bc:f9:b6:53:
ff:e8:40:90:fd:03:7d:3a:8d:36:7b:96:8f:09:0f:40:5f:60:
dd:77:5c:06:32:6e:6c:75:d0:9a:10:34:d1:14:87:87:84:15:
31:25:2b:0a:53:95:09:15:11:b0:25:49:fa:7e:e1:af:00:b1:
2d:2a:f9:a9:cf:56:17:ce:4a:e1:b6:58:d6:a8:f3:8b:fa:a8:
8d:94:50:de:df:7a:c7:c9:ad:b5:bb:a5:59:fe:0d:fa:b9:42:
49:73:a7:5e:e1:09:43:53:1f:e6:3c:fc:f3:6b:d8:0c:c7:91:
d5:7a:75:fb
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZP0vsvPOY5BdPoy7RnPopVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjQxMjIzMTgxOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWNiZmVhOGIzNmFmOWQxMDE0YmUyNzhhNzE0NzJmOGU5YjU4YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5Qt/tHVSitj7ulrEuVk7dmVWEgk
SYghyaLCTIby29OufbXrbkXu1ZPsS8p4AtdLm8p5faGdr+cKluOcpUF2Bi7pzihf
wm/bGq0ayr1CEFIx6Gq+W5hUL/bOnt29DLOuDITm0I8rDUUlgwWG8BMFYo/6awym
Loa1ds8w+cc2Re3ZUjcw9Gw0kWASAlTBNzalk+lWcOA4H1cn7e/8GKCX+aNzFKm8
EwtXcAsxpe44rk83xFvC0pHQC7wUX2Oy4ArZF3W1BYE+DddQKofaliTvuH7IahA9
2VFGvkdK4+DB1VDoRDUUlqW6GQXP3nj2MkCoAfJGmy8vbkCuwmpNfsNKaQIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFNnL/qizavnRAUvieKcUcvjptYxcMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvMmN2LXFMTnEtZEVCUy1KNHB4UnktT20xakZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TB8BAIAATB2MAwDBAIF
I2QDBAAFI2YDBAMljwgDBAMu/hADBAJbySgDBAJb2uQDBANfteADBANftwgDBAOy
OdgDBAGy2WQDBAG5C/YDBAK5DFwDBAK5FugDBAO5V8ADBAK53ZgDBADUCPcwDAME
BdmQYAMEAdmQZAMEANmQZzBpBAIAAjBjAwcBKgOAwAAAAwcAKgPJgADbAwcAKgPJ
gADlAwcAKgPJgF+1AwcAKgPJgF+3AwcAKgPJgLI5AwcAKgPJgLkWAwcAKgPJgLlX
AwcAKgPJgL7vAwcAKgPJgNmQAwcAKgPJgN6tMA0GCSqGSIb3DQEBCwUAA4IBAQBK
X2zbPLsl7BjIy8+S6nIIOiLIyLCb2kXIZ8ZkUm7kg0zKrp5xHVA2C8X/11Woyo/d
+y5c8Qi8tzbiYo5L+FHZPvr34z9wfEirv4x5fBuTrbz+znYlP7HynRPL5uywWL8a
ttTemz6ccBdJA93mWcph9TZj+67jfaz1RMh5lyDHkm5uUVO1FMc5Tfkywbz5tlP/
6ECQ/QN9Oo02e5aPCQ9AX2Ddd1wGMm5sddCaEDTRFIeHhBUxJSsKU5UJFRGwJUn6
fuGvALEtKvmpz1YXzkrhtljWqPOL+qiNlFDe33rHya21u6VZ/g36uUJJc6de4QlD
Ux/mPPzza9gMx5HVenX7
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:41 2025 by rpki-client