Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/UnSbqwufMTzD7AwUDqhQM8YMO2A.roa
File: UnSbqwufMTzD7AwUDqhQM8YMO2A.roa (raw, json)
Hash identifier: lJ3neuOS047vnobN3WAmfsOFVLWzn+hYMA2GEYpONF8=
Subject key identifier: 52:74:9B:AB:0B:9F:31:3C:C3:EC:0C:14:0E:A8:50:33:C6:0C:3B:60
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019422201354069CD6D4557A1015A3A25BDB
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/UnSbqwufMTzD7AwUDqhQM8YMO2A.roa
Signing time: Wed 01 Jan 2025 13:48:34 +0000
ROA not before: Wed 01 Jan 2025 13:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 Jan 2025 06:36:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:13:54:06:9c:d6:d4:55:7a:10:15:a3:a2:5b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 13:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52749bab0b9f313cc3ec0c140ea85033c60c3b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:5f:48:0a:83:4b:62:c0:6e:77:10:ae:38:
90:a7:b5:2a:ec:22:2d:d2:75:93:0c:1c:a5:8f:2b:
f3:83:7d:1c:d1:aa:44:d2:1a:f0:be:13:15:9c:3a:
f5:90:46:4e:5f:80:5a:ab:ac:61:b8:10:39:20:6f:
7c:c9:0a:47:53:f3:83:ac:33:5c:28:ab:23:34:3f:
b1:7c:09:a2:2e:c9:95:c8:93:7b:51:f2:ea:09:3a:
8b:b5:36:92:07:43:7d:d0:7e:f4:4b:41:93:ce:2a:
87:f1:f4:c0:56:f1:2a:29:dd:77:8a:22:a8:1f:f9:
27:b8:b3:0a:f3:c9:c9:6a:94:3a:52:d3:68:51:9f:
c2:6d:b0:6b:a3:15:00:8f:8c:08:4f:b9:3b:5c:aa:
be:03:8c:4d:37:7b:7a:24:b7:f1:6f:37:68:c6:59:
fb:fc:2a:1f:19:c8:f2:23:14:07:15:e3:ee:da:79:
b2:6f:4c:7e:7e:db:1d:2a:fc:8e:a2:05:3a:79:d3:
6e:30:55:a2:37:56:1f:82:86:d3:17:0d:20:3b:3b:
b0:1d:ea:87:0a:7b:cd:a1:95:bf:df:1f:e3:bb:f3:
b0:b2:64:3b:dc:b9:47:d6:b6:c3:9b:ad:3f:75:75:
b7:85:9b:e0:21:ba:98:ab:24:17:89:7d:03:6d:30:
d9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:74:9B:AB:0B:9F:31:3C:C3:EC:0C:14:0E:A8:50:33:C6:0C:3B:60
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/UnSbqwufMTzD7AwUDqhQM8YMO2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.119.0/24
163.171.126.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.230.0/23
163.171.234.0/24
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
cf:d4:b2:59:10:d7:5f:4b:fe:c4:32:ab:21:c8:31:32:4a:9b:
54:3b:ed:26:c9:85:4c:fd:fb:09:2f:3b:35:cb:b2:cd:d4:2f:
96:24:4c:e6:9a:3b:95:4a:1e:0a:2a:99:e1:8e:a8:9c:db:0c:
d9:7b:17:4e:63:aa:d7:26:3f:48:5e:db:35:fe:83:c5:19:11:
33:59:b4:e9:b7:c8:f1:f9:6f:71:84:75:4d:de:8d:42:2e:a5:
47:5d:db:f2:8e:d4:01:5e:67:9a:c8:ba:b6:1f:83:dd:11:0b:
38:03:30:26:32:e7:78:15:69:f9:ac:d0:ce:eb:fa:8b:e0:84:
69:a9:05:64:e0:58:02:3b:ce:ea:db:3a:16:2a:de:47:3d:64:
b9:ce:5c:53:6c:5a:65:10:62:1b:af:e3:58:fa:6f:81:68:4d:
72:09:f9:e5:4a:09:70:84:b2:4d:75:7e:dd:af:4b:84:54:d9:
02:af:46:90:b5:63:ed:18:8d:a0:8d:28:92:be:97:83:c3:6c:
2e:ca:e6:38:a2:47:e5:44:a9:5b:eb:14:22:26:55:4c:06:ca:
8e:95:81:9f:6f:ad:7e:e8:f1:2d:4b:ec:bf:c7:5c:34:6d:de:
ab:fd:dc:cb:12:07:77:e8:c1:8c:b9:64:da:3b:75:e6:15:8a:
42:a4:b9:28
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgISAZQiIBNUBpzW1FV6EBWjolvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwMTAxMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjc0OWJhYjBiOWYzMTNjYzNlYzBjMTQwZWE4NTAzM2M2MGMzYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjZfSAqDS2LAbncQrjiQp7Uq7CIt
0nWTDByljyvzg30c0apE0hrwvhMVnDr1kEZOX4Baq6xhuBA5IG98yQpHU/ODrDNc
KKsjND+xfAmiLsmVyJN7UfLqCTqLtTaSB0N90H70S0GTziqH8fTAVvEqKd13iiKo
H/knuLMK88nJapQ6UtNoUZ/CbbBroxUAj4wIT7k7XKq+A4xNN3t6JLfxbzdoxln7
/CofGcjyIxQHFePu2nmyb0x+ftsdKvyOogU6edNuMFWiN1YfgobTFw0gOzuwHeqH
CnvNoZW/3x/ju/OwsmQ73LlH1rbDm60/dXW3hZvgIbqYqyQXiX0DbTDZNwIDAQAB
o4IDODCCAzQwHQYDVR0OBBYEFFJ0m6sLnzE8w+wMFA6oUDPGDDtgMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvVW5TYnF3dWZNVHpEN0F3VURxaFFNOFlNTzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTAYIKwYBBQUHAQcBAf8EggE7MIIBNzCCASIEAgABMIIB
GgMEAFvCzQMEAFvKyAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQAlP0qAwQA
lP0sAwQAlP0vAwQBlP3kMAwDBACU/ecDBAKU/egDBACU/e0DBACU/e8DBACU/fYD
BACU/fgwDAMEApf5XAMEAJf5XgMEAKOrQAMEAKOrQwMEAaOrRgMEAaOrVAMEAKOr
VzAMAwQAo6tdAwQAo6teMAwDBAWjq2ADBACjq2IwDAMEAKOrZQMEAKOraAMEAKOr
dwMEAKOrfgMEAKOrpgMEAaOrsAMEAKOrtgMEAKOrvAMEAKOrxgMEAKOrzwMEAKOr
3gMEAaOr4AMEAaOr5gMEAKOr6gMEAKOr+QMEAKOr/AMEALkb5gMEAMJrEzAPBAIA
AjAJAwcAKgFTwP/GMA0GCSqGSIb3DQEBCwUAA4IBAQDP1LJZENdfS/7EMqshyDEy
SptUO+0myYVM/fsJLzs1y7LN1C+WJEzmmjuVSh4KKpnhjqic2wzZexdOY6rXJj9I
Xts1/oPFGREzWbTpt8jx+W9xhHVN3o1CLqVHXdvyjtQBXmeayLq2H4PdEQs4AzAm
Mud4FWn5rNDO6/qL4IRpqQVk4FgCO87q2zoWKt5HPWS5zlxTbFplEGIbr+NY+m+B
aE1yCfnlSglwhLJNdX7dr0uEVNkCr0aQtWPtGI2gjSiSvpeDw2wuyuY4okflRKlb
6xQiJlVMBsqOlYGfb61+6PEtS+y/x1w0bd6r/dzLEgd36MGMuWTaO3XmFYpCpLko
-----END CERTIFICATE-----
Generated at Fri May 2 01:32:43 2025 by rpki-client