Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/MNOTkNIun7XatYpLjSqnXyIRspc.roa
File: MNOTkNIun7XatYpLjSqnXyIRspc.roa (raw, json)
Hash identifier: ISmcthP6icZlwW98GlbqoqiUdgFZdDy5PiQWFxxDxGE=
Subject key identifier: 30:D3:93:90:D2:2E:9F:B5:DA:B5:8A:4B:8D:2A:A7:5F:22:11:B2:97
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0198368718ACDF680EF6B56D67DCEB537220
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/MNOTkNIun7XatYpLjSqnXyIRspc.roa
Signing time: Wed 23 Jul 2025 09:04:40 +0000
ROA not before: Wed 23 Jul 2025 09:04:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 94.131.8.0/24 maxlen: 24
94.131.10.0/24 maxlen: 24
94.131.13.0/24 maxlen: 24
94.131.14.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
103.113.69.0/24 maxlen: 24
103.231.72.0/24 maxlen: 24
103.231.73.0/24 maxlen: 24
146.19.170.0/24 maxlen: 24
176.120.67.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
213.159.69.0/24 maxlen: 24
2a09:7c43::/32 maxlen: 32
2a0b:cf43::/32 maxlen: 32
2a11:3803::/32 maxlen: 32
2a11:3c01::/32 maxlen: 32
2a11:4c00::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:7e06::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Jul 2025 11:43:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:36:87:18:ac:df:68:0e:f6:b5:6d:67:dc:eb:53:72:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jul 23 09:04:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30d39390d22e9fb5dab58a4b8d2aa75f2211b297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2a:c1:86:21:01:ac:d5:1b:68:7d:2e:70:ce:
87:10:7e:41:51:12:86:0d:be:81:6d:fa:f5:d7:08:
cc:6a:a8:60:47:9a:a8:0e:60:d8:dd:b0:17:83:1d:
5f:0c:46:95:26:20:f1:76:43:e0:78:95:fe:1f:f6:
29:87:0b:98:fd:ea:d8:7d:91:b8:0d:f3:b3:86:fb:
21:de:74:5e:42:22:85:74:4f:75:dc:28:c7:60:f9:
8c:c3:60:94:83:80:d0:88:18:46:8e:a0:10:4b:ea:
c5:8b:ff:d8:85:24:84:3c:74:95:d4:8a:46:20:9e:
84:5e:18:56:6b:7f:07:21:08:93:26:90:24:14:0b:
c0:36:42:89:38:45:62:19:40:c5:9e:6e:09:a1:6a:
97:1a:c5:2c:75:9d:00:1c:03:81:fb:43:37:94:5a:
ef:6a:dc:bd:15:55:97:81:17:04:09:aa:3b:2c:05:
5a:00:66:34:52:7e:f8:48:fd:59:75:4e:ed:ca:94:
c8:33:89:39:35:cc:93:8f:64:a0:b3:47:fb:16:8b:
8e:fa:30:d5:2a:3a:0c:3e:1c:14:00:cd:44:83:c7:
3d:ad:79:8b:48:82:ae:22:9b:71:8e:a1:17:d0:9e:
fc:eb:fd:66:9f:8d:dc:90:5d:0b:c9:47:0c:1a:44:
00:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D3:93:90:D2:2E:9F:B5:DA:B5:8A:4B:8D:2A:A7:5F:22:11:B2:97
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/MNOTkNIun7XatYpLjSqnXyIRspc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.8.0/24
94.131.10.0/24
94.131.13.0-94.131.14.255
94.131.104.0/24
103.113.69.0/24
103.231.72.0/23
146.19.170.0/24
176.120.67.0/24
185.242.84.0/24
213.159.69.0/24
IPv6:
2a09:7c43::/32
2a0b:cf43::/32
2a11:3803::/32
2a11:3c01::/32
2a11:4c00::/32
2a11:4c04::/32
2a11:7e06::/32
2a14:3081::/32
2a14:3086::/32
Signature Algorithm: sha256WithRSAEncryption
18:92:66:8b:36:40:3c:8a:43:bc:2e:62:8f:d8:4d:44:a8:7c:
7c:8b:98:1f:1f:a0:e4:29:70:74:2c:5e:9a:3b:55:5d:4d:c4:
0e:eb:8c:d2:34:dd:96:19:91:6f:7e:71:fe:dd:43:67:43:70:
fb:65:c7:ce:2e:d5:05:b8:49:bb:de:be:18:73:d0:c2:b1:0f:
6b:b1:9f:80:8d:39:74:61:02:9f:3e:5c:2c:65:e8:1a:2d:09:
b6:67:37:c2:53:e2:34:4f:f1:75:4a:2b:36:c6:6d:63:ef:40:
6b:fc:21:20:2d:1a:3c:5e:c6:51:e2:02:91:52:45:fc:65:c0:
d4:cb:be:f7:c7:69:58:06:7a:c1:cb:6f:83:9c:77:52:17:c0:
b1:a9:c7:71:39:5f:f4:13:af:1b:7f:8c:e3:1a:cb:8d:44:ab:
09:75:8d:98:a3:ec:0d:38:d9:dc:95:e6:95:38:ce:ec:46:63:
52:a5:b3:1e:a9:c4:cb:db:04:5a:c9:3c:1e:ce:69:8d:f0:1c:
12:73:54:40:d4:0c:5d:50:d5:6f:33:b6:0b:ff:47:7e:ab:31:
07:17:94:40:e0:4d:c9:d3:7b:57:e8:4a:b2:1e:ea:39:fc:6e:
29:b1:83:a4:54:b2:06:00:1f:9d:69:f3:b7:85:d4:34:c8:09:
58:87:8f:30
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZg2hxis32gO9rVtZ9zrU3IgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNzIzMDkwNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQzOTM5MGQyMmU5ZmI1ZGFiNThhNGI4ZDJhYTc1ZjIyMTFiMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyrBhiEBrNUbaH0ucM6HEH5BURKG
Db6Bbfr11wjMaqhgR5qoDmDY3bAXgx1fDEaVJiDxdkPgeJX+H/YphwuY/erYfZG4
DfOzhvsh3nReQiKFdE913CjHYPmMw2CUg4DQiBhGjqAQS+rFi//YhSSEPHSV1IpG
IJ6EXhhWa38HIQiTJpAkFAvANkKJOEViGUDFnm4JoWqXGsUsdZ0AHAOB+0M3lFrv
aty9FVWXgRcECao7LAVaAGY0Un74SP1ZdU7typTIM4k5NcyTj2Sgs0f7FouO+jDV
KjoMPhwUAM1Eg8c9rXmLSIKuIptxjqEX0J786/1mn43ckF0LyUcMGkQAiQIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFDDTk5DSLp+12rWKS40qp18iEbKXMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvTU5PVGtOSXVuN1hhdFlwTGpTcW5YeUlSc3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzBKBAIAATBEAwQAXoMI
AwQAXoMKMAwDBABegw0DBABegw4DBABeg2gDBABncUUDBAFn50gDBACSE6oDBACw
eEMDBAC58lQDBADVn0UwRQQCAAIwPwMFACoJfEMDBQAqC89DAwUAKhE4AwMFACoR
PAEDBQAqEUwAAwUAKhFMBAMFACoRfgYDBQAqFDCBAwUAKhQwhjANBgkqhkiG9w0B
AQsFAAOCAQEAGJJmizZAPIpDvC5ij9hNRKh8fIuYHx+g5ClwdCxemjtVXU3EDuuM
0jTdlhmRb35x/t1DZ0Nw+2XHzi7VBbhJu96+GHPQwrEPa7GfgI05dGECnz5cLGXo
Gi0Jtmc3wlPiNE/xdUorNsZtY+9Aa/whIC0aPF7GUeICkVJF/GXA1Mu+98dpWAZ6
wctvg5x3UhfAsanHcTlf9BOvG3+M4xrLjUSrCXWNmKPsDTjZ3JXmlTjO7EZjUqWz
HqnEy9sEWsk8Hs5pjfAcEnNUQNQMXVDVbzO2C/9HfqsxBxeUQOBNydN7V+hKsh7q
OfxuKbGDpFSyBgAfnWnzt4XUNMgJWIePMA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 22:44:23 2025 by rpki-client