Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/um6avFhMmkql_BxS4_6ZxxXZFrs.roa
File: um6avFhMmkql_BxS4_6ZxxXZFrs.roa (raw, json)
Hash identifier: pBmvgm6hNELDRpSlJO96D96d2FGpDJT9o6rnC9XNTVg=
Subject key identifier: BA:6E:9A:BC:58:4C:9A:4A:A5:FC:1C:52:E3:FE:99:C7:15:D9:16:BB
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 01979C8C81C5E1E36218FAFE793115BD387D
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/um6avFhMmkql_BxS4_6ZxxXZFrs.roa
Signing time: Mon 23 Jun 2025 11:29:03 +0000
ROA not before: Mon 23 Jun 2025 11:29:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44901
IP address blocks: 46.253.4.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
91.132.61.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
91.132.63.0/24 maxlen: 24
93.94.140.0/24 maxlen: 24
93.94.142.0/24 maxlen: 24
95.169.196.0/24 maxlen: 24
95.169.202.0/24 maxlen: 24
185.1.156.0/24 maxlen: 24
185.7.219.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Jul 2025 12:55:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:8c:81:c5:e1:e3:62:18:fa:fe:79:31:15:bd:38:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Jun 23 11:29:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba6e9abc584c9a4aa5fc1c52e3fe99c715d916bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:85:e2:68:7c:01:5c:72:7e:82:95:ee:2a:92:
64:16:f1:e2:ab:7f:53:cf:52:5e:44:44:6a:19:92:
11:97:44:3a:05:ac:51:24:f9:39:e3:65:ff:f8:e2:
96:40:ea:47:ad:e8:39:97:60:98:58:73:54:de:fd:
f8:96:fe:0e:38:0d:d9:e0:b7:9b:9d:71:30:89:e5:
2e:6b:2c:91:5a:3f:ec:a7:ec:ec:f3:f4:4a:d9:e1:
a9:1e:93:e2:db:b8:b9:01:0f:45:99:af:00:00:6a:
a4:a7:2e:d7:f7:9c:6e:c7:0a:d6:97:ff:77:14:36:
ed:d9:34:04:fd:78:c2:13:ae:8c:1e:96:3c:11:90:
18:62:43:67:71:a6:f2:58:53:44:c4:73:1a:45:8a:
0b:61:84:6a:65:f2:5e:1d:ad:d5:4b:ab:38:f4:ce:
0d:bd:29:77:9b:fe:79:09:a6:d3:d6:d8:0a:fb:dd:
51:5b:b5:2e:cd:6a:55:e8:26:39:2f:8e:3a:ce:61:
f2:cb:66:f5:20:6a:13:dd:0a:83:bf:62:74:ab:16:
10:75:33:10:54:bd:af:a7:92:af:d3:79:f0:dc:c0:
be:64:10:40:50:97:0c:23:7a:b4:f4:0d:c0:c6:35:
f2:d2:d4:e1:b1:0c:7c:89:4d:f4:a9:2c:92:cf:64:
e0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6E:9A:BC:58:4C:9A:4A:A5:FC:1C:52:E3:FE:99:C7:15:D9:16:BB
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/um6avFhMmkql_BxS4_6ZxxXZFrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.4.0/24
91.132.60.0/22
93.94.140.0/24
93.94.142.0/24
95.169.196.0/24
95.169.202.0/24
185.1.156.0/24
185.7.219.0/24
185.243.213.0/24
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
27:8f:bb:6e:50:d7:76:a4:5b:02:86:47:cd:39:5d:cf:d9:f4:
91:2e:c8:7d:02:f2:a1:e6:cf:74:a2:ae:d6:2d:9c:92:60:cf:
53:e2:af:09:2e:b9:55:04:56:41:b4:2b:71:75:bd:8a:77:fe:
4b:66:6c:ff:85:76:5e:2b:b7:0c:6b:4c:ef:36:eb:c9:78:8e:
bb:92:66:56:47:c3:f8:43:69:b7:a4:79:10:1d:1c:c7:e3:c0:
57:18:6a:44:55:e5:d6:ff:f1:65:c4:81:b4:45:cb:ef:e0:72:
d1:fc:96:0f:7a:bf:f7:ce:08:5d:50:2e:db:f4:23:43:bc:56:
72:fa:a5:2a:23:33:99:2a:60:0a:a9:70:f6:bc:de:f0:15:c9:
b4:e0:3f:cc:6f:25:6f:a6:2f:f7:82:bc:6d:ba:05:72:c1:d3:
9c:87:08:1c:f3:ec:06:ac:ba:84:13:c1:ae:4f:03:4c:8c:80:
12:c3:d6:7a:6f:30:a1:70:94:cd:57:44:0e:91:c1:c3:ba:c7:
a3:e3:91:e5:e6:9e:f6:89:99:77:73:bd:a5:59:34:ae:3c:c6:
49:8a:8a:2c:41:77:6b:9b:6e:88:3e:b3:12:83:c4:5d:7b:00:
de:8f:4b:a8:90:07:9f:0e:0f:81:19:6f:05:df:7d:c6:19:f0:
b3:c2:3b:a5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZecjIHF4eNiGPr+eTEVvTh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjUwNjIzMTEyOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZlOWFiYzU4NGM5YTRhYTVmYzFjNTJlM2ZlOTljNzE1ZDkxNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4XiaHwBXHJ+gpXuKpJkFvHiq39T
z1JeRERqGZIRl0Q6BaxRJPk542X/+OKWQOpHreg5l2CYWHNU3v34lv4OOA3Z4Leb
nXEwieUuayyRWj/sp+zs8/RK2eGpHpPi27i5AQ9Fma8AAGqkpy7X95xuxwrWl/93
FDbt2TQE/XjCE66MHpY8EZAYYkNncabyWFNExHMaRYoLYYRqZfJeHa3VS6s49M4N
vSl3m/55CabT1tgK+91RW7UuzWpV6CY5L446zmHyy2b1IGoT3QqDv2J0qxYQdTMQ
VL2vp5Kv03nw3MC+ZBBAUJcMI3q09A3AxjXy0tThsQx8iU30qSySz2TgpwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLpumrxYTJpKpfwcUuP+mccV2Ra7MB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvdW02YXZGaE1ta3FsX0J4UzRfNlp4eFhaRnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQALv0EAwQC
W4Q8AwQAXV6MAwQAXV6OAwQAX6nEAwQAX6nKAwQAuQGcAwQAuQfbAwQAufPVMA0E
AgACMAcDBQAqCb6AMA0GCSqGSIb3DQEBCwUAA4IBAQAnj7tuUNd2pFsChkfNOV3P
2fSRLsh9AvKh5s90oq7WLZySYM9T4q8JLrlVBFZBtCtxdb2Kd/5LZmz/hXZeK7cM
a0zvNuvJeI67kmZWR8P4Q2m3pHkQHRzH48BXGGpEVeXW//FlxIG0Rcvv4HLR/JYP
er/3zghdUC7b9CNDvFZy+qUqIzOZKmAKqXD2vN7wFcm04D/MbyVvpi/3grxtugVy
wdOchwgc8+wGrLqEE8GuTwNMjIASw9Z6bzChcJTNV0QOkcHDusej45Hl5p72iZl3
c72lWTSuPMZJioosQXdrm26IPrMSg8RdewDej0uokAefDg+BGW8F333GGfCzwjul
-----END CERTIFICATE-----
Generated at Fri Jul 25 13:09:56 2025 by rpki-client