Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/E2nQgext6_TWq1NSqs-Gq3Jqtsg.roa
File: E2nQgext6_TWq1NSqs-Gq3Jqtsg.roa (raw, json)
Hash identifier: BKFAVNcG01JwPd2a1kM5B0BhSXEwBSuWwiSdmH6+yvM=
Subject key identifier: 13:69:D0:81:EC:6D:EB:F4:D6:AB:53:52:AA:CF:86:AB:72:6A:B6:C8
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01978DBE3AB4EB5B805CB752B3E0D5DAEAEE
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/E2nQgext6_TWq1NSqs-Gq3Jqtsg.roa
Signing time: Fri 20 Jun 2025 14:29:03 +0000
ROA not before: Fri 20 Jun 2025 14:29:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20857
IP address blocks: 5.61.248.0/21 maxlen: 24
31.14.96.0/22 maxlen: 24
37.34.56.0/21 maxlen: 24
37.97.128.0/17 maxlen: 24
77.72.144.0/21 maxlen: 24
80.69.64.0/19 maxlen: 24
84.247.8.0/21 maxlen: 24
85.10.128.0/19 maxlen: 24
86.105.244.0/22 maxlen: 24
87.253.128.0/19 maxlen: 24
89.41.168.0/22 maxlen: 24
91.142.254.0/23 maxlen: 23
93.119.0.0/20 maxlen: 24
95.170.64.0/19 maxlen: 24
141.138.136.0/21 maxlen: 24
149.210.128.0/17 maxlen: 24
185.10.48.0/22 maxlen: 24
185.108.112.0/22 maxlen: 24
188.240.52.0/22 maxlen: 22
188.241.148.0/22 maxlen: 22
193.138.204.0/24 maxlen: 24
195.8.195.0/24 maxlen: 24
195.135.195.0/24 maxlen: 24
2a01:7c8::/32 maxlen: 32
2a01:7c8:7000::/36 maxlen: 36
2a01:7c8:d000::/36 maxlen: 36
2a01:7c8:e000::/36 maxlen: 36
2a01:7860::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 23 Jun 2025 08:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:be:3a:b4:eb:5b:80:5c:b7:52:b3:e0:d5:da:ea:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jun 20 14:29:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1369d081ec6debf4d6ab5352aacf86ab726ab6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5b:84:f5:92:58:8c:4d:13:32:b0:16:e4:d9:
49:43:c5:d9:d1:75:d3:a8:8b:b9:8a:d3:fa:cf:1a:
b7:38:40:0f:62:f4:dd:1e:dc:f2:b3:58:97:26:fc:
ca:59:f5:cf:8c:e2:a1:42:32:3d:30:14:0a:ef:96:
4a:aa:3a:14:55:d8:dd:1f:38:94:1e:14:29:24:47:
0f:03:df:c4:19:5b:fa:20:b5:b5:7d:c4:1a:dd:d1:
3a:5d:00:17:49:dc:f8:48:a8:2b:a9:1e:73:e8:ea:
38:0f:e3:5a:1d:95:9b:50:1b:a2:2d:5b:6c:78:60:
d0:bb:10:88:70:6d:4f:3c:bf:48:bc:b6:06:db:4b:
34:4c:7b:85:e8:ac:a5:2a:b0:e0:06:23:4e:f9:75:
5d:48:70:c2:4e:44:bf:9b:0d:54:d1:f4:4c:03:7e:
01:df:b3:3f:97:1b:f5:a5:61:f9:dd:5a:04:1b:38:
ce:80:88:06:c2:5e:91:ce:39:56:1a:63:5e:3a:90:
60:1c:dc:f2:fb:26:73:a9:a5:57:22:46:45:bd:8d:
50:f0:16:83:94:92:17:28:e9:99:9c:3f:34:aa:f4:
27:9a:cf:12:a6:1d:3e:2c:ac:da:3c:b0:57:e3:a0:
fc:84:cd:e0:d2:ce:77:56:28:61:b8:fe:78:c0:da:
38:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:69:D0:81:EC:6D:EB:F4:D6:AB:53:52:AA:CF:86:AB:72:6A:B6:C8
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/E2nQgext6_TWq1NSqs-Gq3Jqtsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.248.0/21
31.14.96.0/22
37.34.56.0/21
37.97.128.0/17
77.72.144.0/21
80.69.64.0/19
84.247.8.0/21
85.10.128.0/19
86.105.244.0/22
87.253.128.0/19
89.41.168.0/22
91.142.254.0/23
93.119.0.0/20
95.170.64.0/19
141.138.136.0/21
149.210.128.0/17
185.10.48.0/22
185.108.112.0/22
188.240.52.0/22
188.241.148.0/22
193.138.204.0/24
195.8.195.0/24
195.135.195.0/24
IPv6:
2a01:7c8::/32
2a01:7860::/32
Signature Algorithm: sha256WithRSAEncryption
b4:cd:2d:77:5e:4c:4a:29:90:fa:6f:cd:7a:24:55:ec:6e:c0:
2f:ee:79:1c:94:04:b2:36:20:02:d8:1c:a4:ca:52:f6:d9:a5:
8c:59:c6:ae:09:a7:3b:bb:21:ec:c0:fe:4e:80:5d:52:ec:8d:
93:dc:b3:de:bb:37:4a:16:cc:c9:40:a0:5c:89:f6:a8:b5:9e:
9c:54:40:ad:49:b2:21:73:ef:eb:38:c2:54:88:83:17:10:09:
31:3c:f8:cf:96:1f:7a:12:15:8c:21:9c:dc:f8:8a:44:0b:22:
b7:f3:bf:96:56:c5:f2:e4:ea:e2:ee:f3:86:a8:cd:8c:f9:12:
f3:27:f0:46:80:ee:54:c4:b7:72:ea:82:b2:55:b6:88:e4:88:
2d:ff:e8:bf:0e:b9:df:18:a6:f3:ff:69:2c:8a:76:17:b7:49:
a1:f7:5d:37:08:44:d4:b1:58:6f:1b:35:8b:fe:0b:ec:dc:9a:
8a:52:e1:fa:e7:0a:18:1d:4b:df:68:a9:d8:24:cc:0f:df:f9:
98:29:8e:b5:ea:b0:ce:69:97:26:35:b4:f3:39:5c:bc:92:16:
8d:5b:5d:d4:b8:c4:0d:45:40:de:aa:a8:44:6f:54:81:2d:70:
05:b7:eb:68:ba:97:a9:18:94:6f:e5:d8:d1:cb:19:cd:df:dd:
d3:ee:f0:b3
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZeNvjq061uAXLdSs+DV2uruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwNjIwMTQyOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzY5ZDA4MWVjNmRlYmY0ZDZhYjUzNTJhYWNmODZhYjcyNmFiNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1uE9ZJYjE0TMrAW5NlJQ8XZ0XXT
qIu5itP6zxq3OEAPYvTdHtzys1iXJvzKWfXPjOKhQjI9MBQK75ZKqjoUVdjdHziU
HhQpJEcPA9/EGVv6ILW1fcQa3dE6XQAXSdz4SKgrqR5z6Oo4D+NaHZWbUBuiLVts
eGDQuxCIcG1PPL9IvLYG20s0THuF6KylKrDgBiNO+XVdSHDCTkS/mw1U0fRMA34B
37M/lxv1pWH53VoEGzjOgIgGwl6RzjlWGmNeOpBgHNzy+yZzqaVXIkZFvY1Q8BaD
lJIXKOmZnD80qvQnms8Sph0+LKzaPLBX46D8hM3g0s53VihhuP54wNo4bQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFBNp0IHsbev01qtTUqrPhqtyarbIMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvRTJuUWdleHQ2X1RXcTFOU3FzLUdxM0pxdHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBkQQCAAEwgYoDBAMF
PfgDBAIfDmADBAMlIjgDBAclYYADBANNSJADBAVQRUADBANU9wgDBAVVCoADBAJW
afQDBAVX/YADBAJZKagDBAFbjv4DBARddwADBAVfqkADBAONiogDBAeV0oADBAK5
CjADBAK5bHADBAK88DQDBAK88ZQDBADBiswDBADDCMMDBADDh8MwFAQCAAIwDgMF
ACoBB8gDBQAqAXhgMA0GCSqGSIb3DQEBCwUAA4IBAQC0zS13XkxKKZD6b816JFXs
bsAv7nkclASyNiAC2BykylL22aWMWcauCac7uyHswP5OgF1S7I2T3LPeuzdKFszJ
QKBcifaotZ6cVECtSbIhc+/rOMJUiIMXEAkxPPjPlh96EhWMIZzc+IpECyK387+W
VsXy5Ori7vOGqM2M+RLzJ/BGgO5UxLdy6oKyVbaI5Igt/+i/DrnfGKbz/2ksinYX
t0mh9103CETUsVhvGzWL/gvs3JqKUuH65woYHUvfaKnYJMwP3/mYKY616rDOaZcm
NbTzOVy8khaNW13UuMQNRUDeqqhEb1SBLXAFt+toupepGJRv5djRyxnN393T7vCz
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:13:19 2025 by rpki-client