Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/_QXVVWyYsF-WDkK_d6_9JxqOhwY.roa
File: _QXVVWyYsF-WDkK_d6_9JxqOhwY.roa (raw, json)
Hash identifier: urhbn7BDEENZTfOdpKlqecYjtLLlzATsCOZav2ir/iY=
Subject key identifier: FD:05:D5:55:6C:98:B0:5F:96:0E:42:BF:77:AF:FD:27:1A:8E:87:06
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0197C9C6DD710B419FF738CE8987C239345D
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/_QXVVWyYsF-WDkK_d6_9JxqOhwY.roa
Signing time: Wed 02 Jul 2025 06:15:42 +0000
ROA not before: Wed 02 Jul 2025 06:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/19 maxlen: 19
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/19 maxlen: 19
171.25.218.0/23 maxlen: 23
176.103.176.0/22 maxlen: 22
176.103.184.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
176.106.100.0/23 maxlen: 23
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
185.220.196.0/22 maxlen: 22
185.220.196.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/19 maxlen: 22
213.110.64.0/22 maxlen: 22
213.110.76.0/22 maxlen: 22
213.110.80.0/20 maxlen: 20
2a01:8ca0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Jul 2025 07:24:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:c6:dd:71:0b:41:9f:f7:38:ce:89:87:c2:39:34:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jul 2 06:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd05d5556c98b05f960e42bf77affd271a8e8706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ce:e0:bb:f6:bb:d7:8b:06:d8:94:bb:49:75:
92:74:ad:10:d6:62:3b:a1:7c:c0:d8:36:f7:77:35:
3a:c7:c7:0f:8f:92:8a:9d:6c:ec:e3:a4:83:0b:4b:
ce:bc:3e:91:26:52:a6:3e:4d:f7:f1:21:61:49:49:
54:22:ec:4d:22:59:51:56:9f:47:16:c7:e4:09:ea:
45:7d:e4:78:60:3d:6f:a3:f1:0d:a2:c4:db:c1:84:
1b:4d:aa:ee:b2:39:e3:5c:0d:6e:15:a3:61:cd:66:
b5:1a:9d:99:c5:c6:fd:2e:26:5a:36:a3:75:ba:a7:
ee:ec:c0:ed:73:3c:1b:f8:35:14:c8:bd:df:d3:b5:
7e:7c:05:86:d6:44:ea:21:a1:8f:74:09:3d:6c:77:
e2:88:3f:1d:2d:38:cc:45:23:dd:68:b2:83:6b:51:
96:fd:2c:5a:79:fb:5b:ef:8a:64:7c:93:b2:37:b9:
1c:29:f5:8e:bb:76:34:3c:8f:1b:54:0e:05:62:19:
5e:1d:40:98:35:3e:2f:2c:e4:14:0e:5d:04:b5:19:
49:02:e3:04:3c:2b:3e:46:df:4e:c5:14:a2:5c:ce:
7f:74:ce:d0:1a:15:cb:7f:6b:f0:fa:93:29:b9:a9:
bc:e8:e5:b9:7e:7e:27:0d:f5:be:bf:5f:19:aa:e7:
02:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:05:D5:55:6C:98:B0:5F:96:0E:42:BF:77:AF:FD:27:1A:8E:87:06
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/_QXVVWyYsF-WDkK_d6_9JxqOhwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0/22
176.103.184.0/24
176.106.48.0/20
176.106.100.0/23
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
5c:c4:f2:48:a3:8a:3a:45:3d:ff:7a:38:16:b6:1e:58:d9:53:
28:f4:9d:41:bb:0a:9a:06:ad:c2:e8:aa:ba:55:80:f0:0d:98:
95:ce:d3:f9:41:4d:86:ca:72:20:c5:83:17:15:24:06:56:d0:
e6:35:37:57:95:87:94:03:5d:d8:38:2d:a7:68:ae:e7:0c:56:
51:5e:20:0a:29:7b:6b:c0:c2:ba:01:4f:b1:e3:04:d4:eb:47:
71:01:38:af:1c:01:73:b0:f9:8f:75:d1:85:c0:32:be:71:ac:
c9:33:fa:88:7c:cc:d4:c5:f0:00:ac:75:35:44:02:2e:93:11:
1f:78:0b:3e:d9:99:c4:77:be:84:89:6d:42:85:67:4f:77:38:
d7:50:75:0c:43:cf:91:e7:78:98:c5:89:f9:15:d1:cd:0b:32:
0e:94:3b:5d:01:5a:43:8c:16:83:72:a7:66:89:0f:3c:ca:1f:
e9:35:0d:a2:fb:f7:67:2a:33:07:fd:2a:e9:b9:ae:2b:86:2b:
79:b9:a5:3d:b8:d6:79:6c:be:a8:c4:f0:5b:42:12:71:83:3b:
c6:d9:2d:78:00:77:8d:80:3b:4a:a9:2c:cc:7e:99:6b:99:ce:
7a:26:5f:1e:77:86:cc:91:fe:83:24:3e:5c:4b:ef:65:74:55:
86:ac:ba:f0
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZfJxt1xC0Gf9zjOiYfCOTRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwNzAyMDYxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDA1ZDU1NTZjOThiMDVmOTYwZTQyYmY3N2FmZmQyNzFhOGU4NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1M7gu/a714sG2JS7SXWSdK0Q1mI7
oXzA2Db3dzU6x8cPj5KKnWzs46SDC0vOvD6RJlKmPk338SFhSUlUIuxNIllRVp9H
FsfkCepFfeR4YD1vo/ENosTbwYQbTarusjnjXA1uFaNhzWa1Gp2Zxcb9LiZaNqN1
uqfu7MDtczwb+DUUyL3f07V+fAWG1kTqIaGPdAk9bHfiiD8dLTjMRSPdaLKDa1GW
/Sxaeftb74pkfJOyN7kcKfWOu3Y0PI8bVA4FYhleHUCYNT4vLOQUDl0EtRlJAuME
PCs+Rt9OxRSiXM5/dM7QGhXLf2vw+pMpuam86OW5fn4nDfW+v18ZqucCEwIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFP0F1VVsmLBflg5Cv3ev/ScajocGMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvX1FYVlZXeVlzRi1XRGtLX2Q2XzlKeHFPaHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdoDBAKwZ7ADBACwZ7gDBASwajADBAGwamQwDAMEBbBqoAMEA7BqsAME
AbkvCgMEArncxAMEAsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQF1W5A
MA0EAgACMAcDBQAqAYygMA0GCSqGSIb3DQEBCwUAA4IBAQBcxPJIo4o6RT3/ejgW
th5Y2VMo9J1BuwqaBq3C6Kq6VYDwDZiVztP5QU2GynIgxYMXFSQGVtDmNTdXlYeU
A13YOC2naK7nDFZRXiAKKXtrwMK6AU+x4wTU60dxATivHAFzsPmPddGFwDK+cazJ
M/qIfMzUxfAArHU1RAIukxEfeAs+2ZnEd76EiW1ChWdPdzjXUHUMQ8+R53iYxYn5
FdHNCzIOlDtdAVpDjBaDcqdmiQ88yh/pNQ2i+/dnKjMH/Srpua4rhit5uaU9uNZ5
bL6oxPBbQhJxgzvG2S14AHeNgDtKqSzMfplrmc56Jl8ed4bMkf6DJD5cS+9ldFWG
rLrw
-----END CERTIFICATE-----
Generated at Sat Jul 26 16:28:26 2025 by rpki-client