Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/89alWhyb9tne4vfj4QVjHSWP3hk.roa
File: 89alWhyb9tne4vfj4QVjHSWP3hk.roa (raw, json)
Hash identifier: y0awdDihN+gRtgcwiBXp+dx9TkhvWJK5uQaPoQ2SsIs=
Subject key identifier: F3:D6:A5:5A:1C:9B:F6:D9:DE:E2:F7:E3:E1:05:63:1D:25:8F:DE:19
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0198334C290D3415AFAB563D4AB38AD44A19
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/89alWhyb9tne4vfj4QVjHSWP3hk.roa
Signing time: Tue 22 Jul 2025 18:01:25 +0000
ROA not before: Tue 22 Jul 2025 18:01:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.132.132.0/22 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
94.131.10.0/24 maxlen: 24
94.131.13.0/24 maxlen: 24
94.131.14.0/24 maxlen: 24
94.131.20.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
103.231.72.0/22 maxlen: 24
146.19.170.0/24 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.56.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.62.42.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/21 maxlen: 24
213.159.72.0/21 maxlen: 24
213.159.76.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a0b:cf43::/32 maxlen: 32
2a0b:cf45::/32 maxlen: 32
2a0b:cf46::/32 maxlen: 32
2a0b:cf47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c01::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a11:4c00::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:4c05::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a11:7e06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d85::/32 maxlen: 32
2a14:2d87::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3082::/32 maxlen: 32
2a14:3083::/32 maxlen: 32
2a14:3084::/32 maxlen: 32
2a14:3085::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
2a14:3087::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 22 Jul 2025 23:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:33:4c:29:0d:34:15:af:ab:56:3d:4a:b3:8a:d4:4a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jul 22 18:01:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3d6a55a1c9bf6d9dee2f7e3e105631d258fde19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:59:e5:f0:0d:33:d1:77:f7:0f:f8:20:56:26:
52:7e:9f:e5:47:c8:44:b7:f5:6e:e8:e4:db:fc:d8:
0e:ad:cc:92:b5:1e:3b:88:33:22:6b:37:0b:6e:8e:
10:b0:79:ec:37:7f:9e:0f:42:80:00:35:67:42:d0:
90:1c:5b:02:7c:e4:ba:cb:c3:96:c4:a4:9b:3f:62:
d1:4f:69:3e:3a:b8:a8:98:1a:14:a9:2c:d2:60:92:
21:b0:c7:58:fe:17:f4:fd:df:df:24:5a:7f:d4:77:
81:af:05:61:d8:9d:52:5f:12:ea:9c:fe:a3:85:38:
4c:c9:5f:21:2e:9c:f8:44:89:01:c2:c3:96:0f:5d:
bc:a7:b3:6e:93:b2:6e:98:08:f7:23:3d:1a:ca:4e:
84:c0:8a:85:c5:38:34:32:5f:88:d8:0e:3f:fb:13:
ba:07:66:56:68:08:bc:0c:74:12:95:60:36:96:15:
04:43:bc:5e:ba:ca:59:23:71:ac:ab:52:fa:04:28:
b2:33:5c:db:a7:6a:3d:49:48:3f:60:f1:53:42:dc:
5f:a4:14:24:ed:3b:53:a0:61:8b:07:ea:71:ad:c1:
68:68:2b:46:ea:6c:8c:5a:3b:8a:a8:64:f8:10:3a:
8e:4c:f5:e5:11:23:f9:98:c8:4d:7b:13:dd:1c:52:
c3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D6:A5:5A:1C:9B:F6:D9:DE:E2:F7:E3:E1:05:63:1D:25:8F:DE:19
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/89alWhyb9tne4vfj4QVjHSWP3hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/23
45.67.231.0/24
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.132.132.0/22
91.194.161.0/24
91.225.217.0-91.225.219.255
94.131.8.0/24
94.131.10.0/24
94.131.13.0-94.131.14.255
94.131.20.0/24
94.131.104.0/24
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
103.231.72.0/22
146.19.170.0/24
176.120.64.0/22
176.120.72.0/22
185.234.56.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/24
185.250.150.0/23
193.203.202.0/24
194.54.156.0/22
194.62.42.0/24
194.246.114.0/23
195.42.232.0/22
195.149.87.0/24
213.159.64.0/20
IPv6:
2a09:7c40::/29
2a0b:cf43::/32
2a0b:cf45::-2a0b:cf47:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3805::/32
2a11:3c01::-2a11:3c03:ffff:ffff:ffff:ffff:ffff:ffff
2a11:4c00::/32
2a11:4c04::-2a11:4c06:ffff:ffff:ffff:ffff:ffff:ffff
2a11:7e06::/32
2a14:2d80::/30
2a14:2d85::/32
2a14:2d87::/32
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/29
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
44:a2:79:2d:51:4f:9a:06:d6:f8:ac:ab:f3:67:6f:6d:83:8f:
d6:7f:c8:c8:3d:94:6c:9b:e2:5e:db:7a:b1:30:39:8e:35:bc:
2b:b9:aa:1a:39:9c:48:8f:70:dd:a6:a5:41:cc:af:92:1d:48:
fc:bd:4c:88:fb:c2:34:af:bb:d7:01:a3:a4:58:ff:82:cd:94:
8d:d6:6b:2e:a1:51:ca:51:64:25:58:33:a6:e3:db:f3:67:17:
f0:82:19:17:00:53:b1:3d:65:dc:6e:e8:f7:43:31:d0:05:6c:
76:e8:67:92:34:f1:d7:d0:f9:3b:eb:93:49:00:f2:25:83:5a:
c4:56:17:80:18:1b:00:87:c1:37:bf:14:09:b4:c9:3a:a1:22:
96:c7:ba:d4:db:9a:20:d3:b1:33:64:ed:f2:7d:ee:82:60:3b:
4f:30:35:45:c7:60:8e:21:bf:e4:a8:4a:f6:8e:e1:68:81:87:
77:a3:1e:6b:0d:89:27:71:9b:83:c2:d7:da:20:b3:87:17:09:
f6:53:09:d4:65:f1:d1:56:86:48:39:38:af:32:31:6f:5a:df:
8d:08:93:4a:a1:ec:ee:40:95:72:7a:91:16:85:71:19:cf:ca:
7f:38:90:57:98:96:f2:a9:32:50:69:0d:fb:46:25:17:53:e5:
46:65:15:da
-----BEGIN CERTIFICATE-----
MIIGijCCBXKgAwIBAgISAZgzTCkNNBWvq1Y9SrOK1EoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNzIyMTgwMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2Q2YTU1YTFjOWJmNmQ5ZGVlMmY3ZTNlMTA1NjMxZDI1OGZkZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFnl8A0z0Xf3D/ggViZSfp/lR8hE
t/Vu6OTb/NgOrcyStR47iDMiazcLbo4QsHnsN3+eD0KAADVnQtCQHFsCfOS6y8OW
xKSbP2LRT2k+OriomBoUqSzSYJIhsMdY/hf0/d/fJFp/1HeBrwVh2J1SXxLqnP6j
hThMyV8hLpz4RIkBwsOWD128p7Nuk7JumAj3Iz0ayk6EwIqFxTg0Ml+I2A4/+xO6
B2ZWaAi8DHQSlWA2lhUEQ7xeuspZI3Gsq1L6BCiyM1zbp2o9SUg/YPFTQtxfpBQk
7TtToGGLB+pxrcFoaCtG6myMWjuKqGT4EDqOTPXlESP5mMhNexPdHFLDCwIDAQAB
o4IDljCCA5IwHQYDVR0OBBYEFPPWpVocm/bZ3uL34+EFYx0lj94ZMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvODlhbFdoeWI5dG5lNHZmajRRVmpIU1dQM2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqgYIKwYBBQUHAQcBAf8EggGZMIIBlTCCAQMEAgABMIH8
AwQCJd18AwQBLUPkAwQALUPnAwQCLXiwAwQAPgMMAwQCSnfAMAwDBAJQXMwDBABQ
XM4DBAJWaEgDBAFZ3eADBAJbhIQDBABbwqEwDAMEAFvh2QMEAlvh2AMEAF6DCAME
AF6DCjAMAwQAXoMNAwQAXoMOAwQAXoMUAwQAXoNoAwQCZyO8AwQCZ2oAAwQCZ3FE
AwQCZ+dIAwQAkhOqAwQCsHhAAwQCsHhIAwQCueo4AwQCuepAAwQCuevwAwQCuezo
AwQCufJUAwQAufqUAwQBufqWAwQAwcvKAwQCwjacAwQAwj4qAwQBwvZyAwQCwyro
AwQAw5VXAwQE1Z9AMIGLBAIAAjCBhAMFAyoJfEADBQAqC89DMA4DBQAqC89FAwUD
KgvPQAMFACoROAUwDgMFACoRPAEDBQIqETwAAwUAKhFMADAOAwUCKhFMBAMFACoR
TAYDBQAqEX4GAwUCKhQtgAMFACoULYUDBQAqFC2HAwUAKhQugAMFACoUL4ADBQMq
FDCAAwUAKhQ4gDANBgkqhkiG9w0BAQsFAAOCAQEARKJ5LVFPmgbW+Kyr82dvbYOP
1n/IyD2UbJviXtt6sTA5jjW8K7mqGjmcSI9w3aalQcyvkh1I/L1MiPvCNK+71wGj
pFj/gs2UjdZrLqFRylFkJVgzpuPb82cX8IIZFwBTsT1l3G7o90Mx0AVsduhnkjTx
19D5O+uTSQDyJYNaxFYXgBgbAIfBN78UCbTJOqEilse61NuaINOxM2Tt8n3ugmA7
TzA1RcdgjiG/5KhK9o7haIGHd6Meaw2JJ3Gbg8LX2iCzhxcJ9lMJ1GXx0VaGSDk4
rzIxb1rfjQiTSqHs7kCVcnqRFoVxGc/KfziQV5iW8qkyUGkN+0YlF1PlRmUV2g==
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:15:22 2025 by rpki-client