Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Y-F6u-k8akeafXTej0v23uk35iY.roa
File: Y-F6u-k8akeafXTej0v23uk35iY.roa (raw, json)
Hash identifier: s6hsmDvXBSTEjnlTaHXb/krInWSrRkIfoqEnJJS+axQ=
Subject key identifier: 63:E1:7A:BB:E9:3C:6A:47:9A:7D:74:DE:8F:4B:F6:DE:E9:37:E6:26
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019791B2CD958A3FFA48F3C020400186085D
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Y-F6u-k8akeafXTej0v23uk35iY.roa
Signing time: Sat 21 Jun 2025 08:55:03 +0000
ROA not before: Sat 21 Jun 2025 08:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 45.93.213.0/24 maxlen: 24
45.93.214.0/24 maxlen: 24
45.151.234.0/24 maxlen: 24
45.151.235.0/24 maxlen: 24
77.83.246.0/24 maxlen: 24
160.20.156.0/24 maxlen: 24
160.20.157.0/24 maxlen: 24
185.68.186.0/24 maxlen: 24
185.68.187.0/24 maxlen: 24
185.71.214.0/24 maxlen: 24
185.71.215.0/24 maxlen: 24
185.73.180.0/24 maxlen: 24
185.73.181.0/24 maxlen: 24
185.75.132.0/24 maxlen: 24
185.75.135.0/24 maxlen: 24
185.76.243.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
185.79.132.0/24 maxlen: 24
185.79.133.0/24 maxlen: 24
185.88.98.0/24 maxlen: 24
185.88.99.0/24 maxlen: 24
185.95.228.0/24 maxlen: 24
185.100.156.0/24 maxlen: 24
185.100.159.0/24 maxlen: 24
185.102.114.0/24 maxlen: 24
185.111.24.0/24 maxlen: 24
185.168.208.0/24 maxlen: 24
185.177.238.0/24 maxlen: 24
185.182.130.0/24 maxlen: 24
185.182.131.0/24 maxlen: 24
193.38.228.0/24 maxlen: 24
193.38.229.0/24 maxlen: 24
193.38.230.0/24 maxlen: 24
193.38.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Jun 2025 09:41:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:91:b2:cd:95:8a:3f:fa:48:f3:c0:20:40:01:86:08:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jun 21 08:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63e17abbe93c6a479a7d74de8f4bf6dee937e626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e7:8f:3e:e0:37:cf:46:fd:fc:37:be:78:bd:
ec:aa:f4:b2:e4:67:22:68:47:be:76:7d:42:b7:b9:
cf:a1:e0:3e:6b:17:20:88:6c:4e:6b:ee:0b:73:53:
c6:43:50:16:70:00:b7:3e:6c:63:ed:e4:d4:d4:9e:
2e:f3:fc:65:65:41:9e:4a:93:1f:a6:c7:32:fb:0b:
d3:87:3d:00:d0:f0:c4:03:f0:1a:60:5b:15:08:b5:
21:87:22:0e:6f:63:4e:05:dd:d9:ca:45:16:93:b2:
ae:18:3b:66:3b:e4:b7:e8:12:7c:06:c4:1e:59:fa:
85:eb:8a:3b:b9:ed:ac:14:80:fd:1c:9d:d2:b7:c5:
63:23:82:d6:f4:3c:94:b5:59:2f:d3:1b:bf:da:ce:
67:a0:d7:1b:0d:0d:5c:8e:d3:e9:15:de:90:a9:6c:
ab:98:cd:2c:ef:56:ad:7b:f4:90:39:93:1d:66:43:
80:c9:e3:d0:c3:4b:84:6d:f0:12:9b:62:3a:d6:2c:
33:c1:ef:fb:d4:b7:6e:88:8e:0d:0e:93:74:a0:9d:
a7:74:34:5b:6d:0f:12:15:1c:50:98:9a:b2:43:4b:
5c:6b:a1:b4:e4:ad:d3:11:d4:a1:c6:82:d4:ca:7a:
39:21:bc:64:87:0b:83:aa:37:1d:f4:cf:60:98:08:
5f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E1:7A:BB:E9:3C:6A:47:9A:7D:74:DE:8F:4B:F6:DE:E9:37:E6:26
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Y-F6u-k8akeafXTej0v23uk35iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.213.0-45.93.214.255
45.151.234.0/23
77.83.246.0/24
160.20.156.0/23
185.68.186.0/23
185.71.214.0/23
185.73.180.0/23
185.75.132.0/24
185.75.135.0/24
185.76.243.0/24
185.77.138.0/23
185.79.132.0/23
185.88.98.0/23
185.95.228.0/24
185.100.156.0/24
185.100.159.0/24
185.102.114.0/24
185.111.24.0/24
185.168.208.0/24
185.177.238.0/24
185.182.130.0/23
193.38.228.0/22
Signature Algorithm: sha256WithRSAEncryption
45:a7:b5:b3:9d:05:00:b4:16:c8:64:3d:d5:72:23:4a:18:ae:
bf:a2:b2:11:21:d4:4b:d8:46:fc:82:6a:3a:0f:70:c8:9c:0c:
79:9b:19:ab:1b:29:7f:0b:bf:e1:39:8d:d3:e2:06:46:da:b4:
41:c9:b0:3a:13:40:ba:f0:75:0b:90:a6:c5:59:17:9b:44:06:
ca:4e:33:70:69:e0:b1:76:1f:55:ef:60:18:8e:3b:2f:8b:51:
dd:93:f9:00:ca:06:0b:8d:f8:67:18:4a:ff:56:2e:c3:48:a2:
60:6b:94:e8:17:7e:3e:47:79:48:48:bb:d6:0a:e7:bb:81:ff:
95:dd:e2:f7:d4:b0:2c:f2:4f:21:27:fa:7e:6e:0e:5e:c2:c4:
74:37:4d:e8:78:37:3b:40:01:fb:39:4b:5a:3f:dc:df:7b:f7:
be:2b:f2:33:38:5b:17:02:ed:f1:0e:ac:46:67:bb:11:33:ec:
6c:63:ad:97:62:88:8b:e5:e9:1b:91:e4:9a:19:d9:9e:d4:f3:
3b:13:41:c7:da:c3:3b:49:b8:12:7d:88:10:68:f9:13:83:74:
fb:b2:a2:db:6e:2b:f3:79:4f:82:26:4f:75:6c:65:b6:94:62:
09:d4:e1:c0:85:54:06:84:06:b0:bd:f2:be:dd:f8:6f:14:02:
44:d9:f9:53
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZeRss2Vij/6SPPAIEABhghdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNjIxMDg1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2UxN2FiYmU5M2M2YTQ3OWE3ZDc0ZGU4ZjRiZjZkZWU5MzdlNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+ePPuA3z0b9/De+eL3sqvSy5Gci
aEe+dn1Ct7nPoeA+axcgiGxOa+4Lc1PGQ1AWcAC3Pmxj7eTU1J4u8/xlZUGeSpMf
pscy+wvThz0A0PDEA/AaYFsVCLUhhyIOb2NOBd3ZykUWk7KuGDtmO+S36BJ8BsQe
WfqF64o7ue2sFID9HJ3St8VjI4LW9DyUtVkv0xu/2s5noNcbDQ1cjtPpFd6QqWyr
mM0s71ate/SQOZMdZkOAyePQw0uEbfASm2I61iwzwe/71LduiI4NDpN0oJ2ndDRb
bQ8SFRxQmJqyQ0tca6G05K3TEdShxoLUyno5IbxkhwuDqjcd9M9gmAhffwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFGPhervpPGpHmn103o9L9t7pN+YmMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvWS1GNnUtazhha2VhZlhUZWowdjIzdWszNWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AC1d1QMEAC1d1gMEAS2X6gMEAE1T9gMEAaAUnAMEAblEugMEAblH1gMEAblJtAME
ALlLhAMEALlLhwMEALlM8wMEAblNigMEAblPhAMEAblYYgMEALlf5AMEALlknAME
ALlknwMEALlmcgMEALlvGAMEALmo0AMEALmx7gMEAbm2ggMEAsEm5DANBgkqhkiG
9w0BAQsFAAOCAQEARae1s50FALQWyGQ91XIjShiuv6KyESHUS9hG/IJqOg9wyJwM
eZsZqxspfwu/4TmN0+IGRtq0QcmwOhNAuvB1C5CmxVkXm0QGyk4zcGngsXYfVe9g
GI47L4tR3ZP5AMoGC434ZxhK/1Yuw0iiYGuU6Bd+Pkd5SEi71grnu4H/ld3i99Sw
LPJPISf6fm4OXsLEdDdN6Hg3O0AB+zlLWj/c33v3vivyMzhbFwLt8Q6sRme7ETPs
bGOtl2KIi+XpG5HkmhnZntTzOxNBx9rDO0m4En2IEGj5E4N0+7Ki224r83lPgiZP
dWxltpRiCdThwIVUBoQGsL3yvt34bxQCRNn5Uw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:06:54 2025 by rpki-client