Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/UwfwsdSFe5hD6wtTLSG2GpjqZR4.roa
File: UwfwsdSFe5hD6wtTLSG2GpjqZR4.roa (raw, json)
Hash identifier: ezcfaNLznJGhILeb0OQ7/UEcVfiZsNA5h4J42z9ug34=
Subject key identifier: 53:07:F0:B1:D4:85:7B:98:43:EB:0B:53:2D:21:B6:1A:98:EA:65:1E
Certificate issuer: /CN=b914166b685ac015b94126cdb8b18c83a12ed862
Certificate serial: 019782046DD78E28F9EF92F5F721B68D0DE8
Authority key identifier: B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/UwfwsdSFe5hD6wtTLSG2GpjqZR4.roa
Signing time: Wed 18 Jun 2025 07:50:17 +0000
ROA not before: Wed 18 Jun 2025 07:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 31.97.0.0/23 maxlen: 24
31.97.3.0/24 maxlen: 24
31.97.8.0/21 maxlen: 24
31.97.16.0/20 maxlen: 24
31.97.32.0/21 maxlen: 24
31.97.40.0/22 maxlen: 24
31.97.44.0/22 maxlen: 24
31.97.48.0/22 maxlen: 24
31.97.52.0/22 maxlen: 24
31.97.56.0/22 maxlen: 24
31.97.60.0/22 maxlen: 24
31.97.64.0/24 maxlen: 24
31.97.65.0/24 maxlen: 24
31.97.66.0/23 maxlen: 24
31.97.68.0/23 maxlen: 24
31.97.70.0/23 maxlen: 24
31.97.72.0/22 maxlen: 24
31.97.80.0/20 maxlen: 24
31.97.96.0/21 maxlen: 24
31.97.104.0/21 maxlen: 24
31.97.112.0/21 maxlen: 24
31.97.120.0/21 maxlen: 24
31.97.128.0/20 maxlen: 24
31.97.144.0/22 maxlen: 24
31.97.148.0/23 maxlen: 24
31.97.150.0/24 maxlen: 24
31.97.151.0/24 maxlen: 24
31.97.152.0/21 maxlen: 24
31.97.160.0/20 maxlen: 24
31.97.176.0/23 maxlen: 24
31.97.178.0/24 maxlen: 24
31.97.179.0/24 maxlen: 24
31.97.180.0/22 maxlen: 24
31.97.184.0/23 maxlen: 24
31.97.186.0/24 maxlen: 24
31.97.187.0/24 maxlen: 24
31.97.188.0/22 maxlen: 24
31.97.192.0/21 maxlen: 24
31.97.200.0/21 maxlen: 24
31.97.208.0/21 maxlen: 24
31.97.224.0/20 maxlen: 24
69.62.64.0/23 maxlen: 24
69.62.66.0/23 maxlen: 24
69.62.68.0/22 maxlen: 24
69.62.72.0/21 maxlen: 24
69.62.80.0/22 maxlen: 24
69.62.84.0/23 maxlen: 24
69.62.86.0/23 maxlen: 24
69.62.88.0/21 maxlen: 24
69.62.96.0/21 maxlen: 24
69.62.104.0/24 maxlen: 24
69.62.105.0/24 maxlen: 24
69.62.106.0/23 maxlen: 24
69.62.108.0/22 maxlen: 24
69.62.112.0/22 maxlen: 24
69.62.116.0/22 maxlen: 24
69.62.120.0/23 maxlen: 24
69.62.122.0/24 maxlen: 24
69.62.123.0/24 maxlen: 24
69.62.124.0/24 maxlen: 24
69.62.125.0/24 maxlen: 24
69.62.126.0/23 maxlen: 24
103.199.184.0/22 maxlen: 24
148.222.52.0/24 maxlen: 24
148.222.53.0/24 maxlen: 24
148.222.54.0/24 maxlen: 24
148.222.55.0/24 maxlen: 24
168.231.64.0/21 maxlen: 24
168.231.72.0/22 maxlen: 24
168.231.76.0/23 maxlen: 24
168.231.78.0/23 maxlen: 24
168.231.80.0/21 maxlen: 24
168.231.88.0/21 maxlen: 24
168.231.96.0/22 maxlen: 24
168.231.100.0/24 maxlen: 24
168.231.101.0/24 maxlen: 24
168.231.102.0/23 maxlen: 24
168.231.104.0/21 maxlen: 24
168.231.112.0/22 maxlen: 24
168.231.116.0/24 maxlen: 24
168.231.117.0/24 maxlen: 24
168.231.118.0/23 maxlen: 24
168.231.120.0/22 maxlen: 24
168.231.124.0/22 maxlen: 24
194.164.148.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jun 2025 08:23:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:04:6d:d7:8e:28:f9:ef:92:f5:f7:21:b6:8d:0d:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914166b685ac015b94126cdb8b18c83a12ed862
Validity
Not Before: Jun 18 07:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5307f0b1d4857b9843eb0b532d21b61a98ea651e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ab:32:79:e8:95:22:ef:81:18:90:13:76:87:
08:a6:3e:d2:7f:ce:c3:34:cc:ce:28:ee:a3:81:90:
f5:e4:30:a4:3f:6b:07:8b:ff:04:8c:85:fc:ee:33:
47:91:bf:5b:07:64:8e:a3:7e:e4:31:21:82:9d:8d:
9e:2d:1b:46:2e:9b:16:f5:f4:0f:0a:c4:c6:c6:6f:
07:d2:fe:9d:47:9d:1e:13:9c:dc:1c:1b:c1:95:b8:
35:8d:09:0f:43:1a:a3:d7:88:50:2e:d3:44:68:7b:
44:4f:0c:d8:ad:d1:fe:58:5a:42:a2:cb:81:f3:0c:
7f:d5:95:5b:62:ce:f6:2d:c7:5d:37:f3:c4:78:aa:
d2:1e:d4:4a:e4:e7:0e:38:bd:3e:10:23:fb:ce:97:
0e:5a:57:ea:fa:1a:18:8f:33:9b:7d:12:77:2f:ed:
00:bb:44:50:a5:fe:f1:6a:9e:d5:bd:bf:92:c3:47:
45:6e:c5:7b:dd:e4:c7:8d:02:2e:91:0b:c1:b3:46:
5a:78:a7:18:e4:0a:52:20:52:30:6f:f3:d8:e8:a2:
c0:e9:3e:fb:7d:cb:42:44:4e:6b:d9:8b:05:45:fc:
87:ed:7c:68:e6:fa:f4:6c:2d:35:75:24:19:a0:c4:
94:5c:8e:b8:18:43:ea:42:5f:9b:d5:38:9b:82:ee:
0e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:07:F0:B1:D4:85:7B:98:43:EB:0B:53:2D:21:B6:1A:98:EA:65:1E
X509v3 Authority Key Identifier:
keyid:B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/UwfwsdSFe5hD6wtTLSG2GpjqZR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.97.0.0/23
31.97.3.0/24
31.97.8.0-31.97.75.255
31.97.80.0-31.97.215.255
31.97.224.0/20
69.62.64.0/18
103.199.184.0/22
148.222.52.0/22
168.231.64.0/18
194.164.148.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:51:fc:1b:34:e4:d2:1a:48:af:53:51:1b:c9:de:12:d6:a2:
35:0d:5f:0a:b7:c1:b0:86:11:e7:a3:64:45:11:30:c4:07:4b:
c6:2b:60:e9:41:19:0c:2f:42:87:34:e5:d2:0f:8e:a3:e9:56:
de:d9:fc:da:ef:89:b9:4d:87:d8:9c:51:f8:0c:b3:ab:0a:90:
38:d1:1a:79:4e:39:37:57:3f:23:e5:c4:72:76:64:a9:36:0a:
4c:33:b4:6c:c5:07:4f:3c:0c:71:fe:85:1f:92:02:ac:39:a1:
10:ec:91:e6:61:44:83:09:d4:a9:fb:dd:90:f0:85:f2:8d:dc:
ac:55:c7:03:ff:65:8a:28:59:11:90:fc:9d:96:a6:fd:97:67:
4e:d7:98:52:d2:90:e6:ba:12:8b:a8:77:21:7a:aa:af:5a:e0:
f8:c0:4f:41:21:85:a6:21:56:79:d6:82:9f:fe:eb:48:c2:c9:
4a:db:12:ca:71:d0:6e:33:45:8f:2f:e3:da:d1:a0:df:bd:3f:
a7:bd:87:09:e8:7b:22:ef:b1:5f:b1:0b:49:7b:80:f9:ff:60:
18:98:97:16:39:d9:ed:77:2a:0f:87:c0:1d:18:e6:13:c4:3b:
53:89:e1:b2:29:74:31:cc:08:2a:9a:5d:90:59:67:0c:96:43:
d4:a9:d3:21
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZeCBG3Xjij575L19yG2jQ3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQxNjZiNjg1YWMwMTViOTQxMjZjZGI4YjE4YzgzYTEy
ZWQ4NjIwHhcNMjUwNjE4MDc1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzA3ZjBiMWQ0ODU3Yjk4NDNlYjBiNTMyZDIxYjYxYTk4ZWE2NTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhasyeeiVIu+BGJATdocIpj7Sf87D
NMzOKO6jgZD15DCkP2sHi/8EjIX87jNHkb9bB2SOo37kMSGCnY2eLRtGLpsW9fQP
CsTGxm8H0v6dR50eE5zcHBvBlbg1jQkPQxqj14hQLtNEaHtETwzYrdH+WFpCosuB
8wx/1ZVbYs72LcddN/PEeKrSHtRK5OcOOL0+ECP7zpcOWlfq+hoYjzObfRJ3L+0A
u0RQpf7xap7Vvb+Sw0dFbsV73eTHjQIukQvBs0ZaeKcY5ApSIFIwb/PY6KLA6T77
fctCRE5r2YsFRfyH7Xxo5vr0bC01dSQZoMSUXI64GEPqQl+b1Tibgu4OBwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFMH8LHUhXuYQ+sLUy0hthqY6mUeMB8GA1UdIwQY
MBaAFLkUFmtoWsAVuUEmzbixjIOhLthiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYt
ZWE2N2E5ODYyNWZlLzEvVXdmd3NkU0ZlNWhENnd0VExTRzJHcGpxWlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYtZWE2N2E5ODYyNWZl
LzEvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBH2EAAwQA
H2EDMAwDBAMfYQgDBAIfYUgwDAMEBB9hUAMEAx9h0AMEBB9h4AMEBkU+QAMEAmfH
uAMEApTeNAMEBqjnQAMEAsKklDANBgkqhkiG9w0BAQsFAAOCAQEAL1H8GzTk0hpI
r1NRG8neEtaiNQ1fCrfBsIYR56NkRREwxAdLxitg6UEZDC9ChzTl0g+Oo+lW3tn8
2u+JuU2H2JxR+AyzqwqQONEaeU45N1c/I+XEcnZkqTYKTDO0bMUHTzwMcf6FH5IC
rDmhEOyR5mFEgwnUqfvdkPCF8o3crFXHA/9liihZEZD8nZam/ZdnTteYUtKQ5roS
i6h3IXqqr1rg+MBPQSGFpiFWedaCn/7rSMLJStsSynHQbjNFjy/j2tGg370/p72H
Ceh7Iu+xX7ELSXuA+f9gGJiXFjnZ7XcqD4fAHRjmE8Q7U4nhsil0McwIKppdkFln
DJZD1KnTIQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:57:05 2025 by rpki-client