Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/z6okcQLqWpa0H9e2fsr0hdRg984.roa
File: z6okcQLqWpa0H9e2fsr0hdRg984.roa (raw, json)
Hash identifier: 2XNfwDgPvme4CSwXnV/x4dVeZx9IFOLRYcpQDralhg0=
Subject key identifier: CF:AA:24:71:02:EA:5A:96:B4:1F:D7:B6:7E:CA:F4:85:D4:60:F7:CE
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019875F86228C7DA689701ED0CCE530CE3CB
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/z6okcQLqWpa0H9e2fsr0hdRg984.roa
Signing time: Mon 04 Aug 2025 16:44:29 +0000
ROA not before: Mon 04 Aug 2025 16:44:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.233.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Aug 2025 05:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:f8:62:28:c7:da:68:97:01:ed:0c:ce:53:0c:e3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 4 16:44:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfaa247102ea5a96b41fd7b67ecaf485d460f7ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:36:13:f6:4a:29:19:7b:f1:f4:1f:e9:64:6e:
17:93:96:28:0c:44:90:98:8a:f5:bd:bd:94:6e:ae:
de:5d:28:c8:7e:08:29:a7:86:3c:ba:fa:85:32:2c:
5f:8f:61:b7:cc:53:21:29:83:21:99:13:0a:3a:9d:
c3:32:c6:df:bd:a5:64:46:89:27:72:5c:2a:3d:d1:
ec:f0:8d:8a:6c:33:f6:90:60:b0:f4:89:78:bf:ea:
73:f4:37:5d:a1:5e:94:6a:45:72:16:e8:61:13:69:
04:67:a0:a6:11:13:66:b8:54:fa:47:3e:cf:6c:f1:
48:95:93:08:9c:1e:f4:5c:2e:d0:b9:ec:8c:04:02:
b3:e7:39:1f:47:d6:e6:b1:38:24:f5:52:35:7d:a4:
63:b4:60:be:38:6c:f8:d6:36:89:9e:6a:8a:e1:21:
59:81:a1:95:83:46:14:20:07:0c:36:06:93:4b:a5:
44:c9:b0:05:0b:8e:5f:12:8d:e1:8a:3c:76:74:9d:
77:40:e5:47:54:54:09:96:a0:db:0f:e1:84:89:9b:
d3:e4:94:20:14:be:a2:68:a1:cc:e1:81:a9:40:45:
dd:77:8b:c4:0a:f5:b4:d1:c8:af:e8:d3:ee:f8:78:
d3:f0:09:cc:cd:56:47:85:45:cf:bc:d9:41:75:d1:
1a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AA:24:71:02:EA:5A:96:B4:1F:D7:B6:7E:CA:F4:85:D4:60:F7:CE
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/z6okcQLqWpa0H9e2fsr0hdRg984.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.234.0/23
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.159.255
91.92.33.0/24
91.92.35.0/24
91.92.40.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.206.0/23
93.152.209.0-93.152.211.255
93.152.213.0-93.152.216.255
93.152.218.0-93.152.227.255
93.152.233.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
27:30:7f:d2:ad:31:2c:bc:74:8d:8e:18:39:02:56:2c:79:35:
05:1d:53:dd:a2:26:d5:86:87:ac:98:8f:88:72:a9:43:32:84:
6d:9a:cb:88:ec:4a:e8:1a:85:36:19:c2:12:a5:70:47:a5:e1:
a3:26:ff:81:be:96:c9:ee:7b:80:86:43:b0:53:b2:df:87:2f:
7f:eb:b4:14:a0:79:c5:a4:22:20:33:75:35:93:ff:89:df:72:
8f:19:67:ca:a4:fa:dd:c4:6e:86:da:0c:95:17:43:a2:a4:6a:
ce:34:1a:a0:1a:70:5d:59:de:f2:ad:c2:aa:fc:6e:4e:06:57:
fa:d7:1b:8c:ca:a3:13:c9:e9:ee:a4:4d:b5:32:98:7a:47:88:
d2:68:1c:a0:d1:7f:ff:12:7f:9a:bd:69:ab:05:f5:bf:31:4e:
36:30:7e:d7:a4:57:08:5d:b9:a0:26:0b:49:8f:3f:f2:fa:74:
46:0e:d9:cd:82:ed:5f:e8:b7:30:12:34:3f:8f:47:37:55:e2:
b3:0a:fe:bf:3a:b1:ba:29:9e:a2:45:4f:68:63:61:8e:42:b2:
95:e5:50:2b:ba:a9:a1:e5:d7:e4:a8:75:43:5e:0e:1d:4e:da:
2c:7d:74:3f:48:12:82:1e:ab:aa:fb:cc:dd:43:a8:d3:92:67:
c6:be:36:6b
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZh1+GIox9polwHtDM5TDOPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwODA0MTY0NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmFhMjQ3MTAyZWE1YTk2YjQxZmQ3YjY3ZWNhZjQ4NWQ0NjBmN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljYT9kopGXvx9B/pZG4Xk5YoDESQ
mIr1vb2Ubq7eXSjIfggpp4Y8uvqFMixfj2G3zFMhKYMhmRMKOp3DMsbfvaVkRokn
clwqPdHs8I2KbDP2kGCw9Il4v+pz9DddoV6UakVyFuhhE2kEZ6CmERNmuFT6Rz7P
bPFIlZMInB70XC7QueyMBAKz5zkfR9bmsTgk9VI1faRjtGC+OGz41jaJnmqK4SFZ
gaGVg0YUIAcMNgaTS6VEybAFC45fEo3hijx2dJ13QOVHVFQJlqDbD+GEiZvT5JQg
FL6iaKHM4YGpQEXdd4vECvW00civ6NPu+HjT8AnMzVZHhUXPvNlBddEa1QIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFM+qJHEC6lqWtB/Xtn7K9IXUYPfOMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvejZva2NRTHFXcGEwSDllMmZzcjBoZFJnOTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAAt
jegDBAEtjeoDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEAk6fmDAM
AwQATp+dAwQFTp+AAwQAW1whAwQAW1wjMAwDBANbXCgDBABbXC4wDAMEAFtcMQME
AVtcNAMEAV2YzjAMAwQAXZjRAwQCXZjQMAwDBABdmNUDBABdmNgwDAMEAV2Y2gME
Al2Y4AMEAF2Y6QMEAV4aHAMEAl4aTDAMAwQAXhpZAwQAXhpaAwQAXr7DAwQBuWD8
AwQAuWD/AwQA1GZpAwQA1GZrMA0GCSqGSIb3DQEBCwUAA4IBAQAnMH/SrTEsvHSN
jhg5AlYseTUFHVPdoibVhoesmI+IcqlDMoRtmsuI7EroGoU2GcISpXBHpeGjJv+B
vpbJ7nuAhkOwU7Lfhy9/67QUoHnFpCIgM3U1k/+J33KPGWfKpPrdxG6G2gyVF0Oi
pGrONBqgGnBdWd7yrcKq/G5OBlf61xuMyqMTyenupE21Mph6R4jSaByg0X//En+a
vWmrBfW/MU42MH7XpFcIXbmgJgtJjz/y+nRGDtnNgu1f6LcwEjQ/j0c3VeKzCv6/
OrG6KZ6iRU9oY2GOQrKV5VAruqmh5dfkqHVDXg4dTtosfXQ/SBKCHquq+8zdQ6jT
kmfGvjZr
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:19:26 2025 by rpki-client