Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/gbgdzgrQWXTqVUMlW2gPDF-ahQM.roa
File: gbgdzgrQWXTqVUMlW2gPDF-ahQM.roa (raw, json)
Hash identifier: uhAjSPITFb9Lnh9ZlRT2O1m8kty2PbE8kZB5j0VmocY=
Subject key identifier: 81:B8:1D:CE:0A:D0:59:74:EA:55:43:25:5B:68:0F:0C:5F:9A:85:03
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01979BE3239AEB68E2638BEB02E933DEDD35
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/gbgdzgrQWXTqVUMlW2gPDF-ahQM.roa
Signing time: Mon 23 Jun 2025 08:24:03 +0000
ROA not before: Mon 23 Jun 2025 08:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20857
IP address blocks: 5.61.248.0/21 maxlen: 24
31.14.96.0/22 maxlen: 24
37.34.48.0/21 maxlen: 24
37.34.56.0/21 maxlen: 24
37.97.128.0/17 maxlen: 24
37.230.96.0/21 maxlen: 24
77.72.144.0/21 maxlen: 24
80.69.64.0/19 maxlen: 24
84.247.8.0/21 maxlen: 24
85.10.128.0/19 maxlen: 24
86.105.244.0/22 maxlen: 24
87.253.128.0/19 maxlen: 24
89.41.168.0/22 maxlen: 24
91.142.254.0/23 maxlen: 23
93.119.0.0/20 maxlen: 24
95.170.64.0/19 maxlen: 24
141.138.136.0/21 maxlen: 24
149.210.128.0/17 maxlen: 24
178.18.80.0/20 maxlen: 24
185.10.48.0/22 maxlen: 24
185.21.188.0/22 maxlen: 24
185.96.4.0/22 maxlen: 24
185.108.112.0/22 maxlen: 24
188.240.52.0/22 maxlen: 22
188.241.148.0/22 maxlen: 22
193.138.204.0/24 maxlen: 24
195.8.195.0/24 maxlen: 24
195.135.195.0/24 maxlen: 24
2a01:7c8::/32 maxlen: 32
2a01:7c8:7000::/36 maxlen: 36
2a01:7c8:d000::/36 maxlen: 36
2a01:7c8:e000::/36 maxlen: 36
2a01:7860::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 23 Jun 2025 08:28:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9b:e3:23:9a:eb:68:e2:63:8b:eb:02:e9:33:de:dd:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jun 23 08:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81b81dce0ad05974ea5543255b680f0c5f9a8503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:22:89:3a:88:c7:fb:cb:82:2d:a2:9e:bd:8e:
bc:f8:04:c9:90:fa:40:76:01:c2:99:a0:5a:c9:a4:
d9:ea:16:72:88:bb:72:32:cf:00:69:96:ce:b0:04:
f4:34:08:b1:3a:3d:9d:50:60:35:96:d9:98:ff:7c:
1f:81:3d:e5:60:2a:6f:32:5c:44:e9:54:2d:f6:8e:
b6:8c:56:d2:b9:79:fa:c6:f5:47:86:24:40:63:ee:
0b:3c:7d:4e:d4:9c:9c:36:45:b8:46:fd:6d:1f:fb:
91:8a:e2:c3:1f:ec:fc:f3:a2:74:00:1d:eb:c7:84:
0b:8d:09:af:05:ca:33:a4:58:d6:87:e6:7f:c4:cf:
28:5c:8e:58:f7:9c:75:44:62:ca:6c:8e:1c:93:3b:
ed:df:38:fa:68:9e:17:ec:53:dc:b4:7e:6b:fd:41:
13:11:d2:f1:51:99:f6:4f:55:5e:4a:15:30:16:0d:
83:99:27:ba:30:e5:15:b8:31:14:a4:93:f3:7d:d6:
e2:7c:45:9c:9d:73:8f:f5:75:23:d4:4f:68:a3:1b:
f1:17:18:44:b4:dc:61:dc:6b:a5:24:af:52:79:30:
97:08:57:ec:d4:aa:5e:f6:3a:af:9d:95:3f:db:51:
85:0f:7f:89:78:09:75:77:cd:6c:3d:59:f8:9d:08:
90:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B8:1D:CE:0A:D0:59:74:EA:55:43:25:5B:68:0F:0C:5F:9A:85:03
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/gbgdzgrQWXTqVUMlW2gPDF-ahQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.248.0/21
31.14.96.0/22
37.34.48.0/20
37.97.128.0/17
37.230.96.0/21
77.72.144.0/21
80.69.64.0/19
84.247.8.0/21
85.10.128.0/19
86.105.244.0/22
87.253.128.0/19
89.41.168.0/22
91.142.254.0/23
93.119.0.0/20
95.170.64.0/19
141.138.136.0/21
149.210.128.0/17
178.18.80.0/20
185.10.48.0/22
185.21.188.0/22
185.96.4.0/22
185.108.112.0/22
188.240.52.0/22
188.241.148.0/22
193.138.204.0/24
195.8.195.0/24
195.135.195.0/24
IPv6:
2a01:7c8::/32
2a01:7860::/32
Signature Algorithm: sha256WithRSAEncryption
c4:37:74:24:b0:4b:4a:e8:30:13:f5:aa:66:a5:be:68:4a:ed:
0b:cc:b5:2f:da:ed:53:28:7c:ee:5f:e9:71:2a:fb:66:2f:f8:
19:dc:11:66:72:40:20:5f:36:91:2a:e9:e3:ae:53:1b:8b:2c:
27:25:95:8f:d4:a6:a9:17:e4:91:f6:55:e2:b6:96:e2:8b:d1:
d9:d5:f9:c8:10:df:3e:b6:f5:cf:b0:19:70:36:5c:50:b3:0b:
07:49:5a:51:7c:ce:b4:f4:c9:98:db:e2:ec:31:34:6b:0a:d7:
85:72:ed:25:66:cd:d4:3c:ba:1f:61:16:2d:0b:2b:dc:eb:b7:
df:e9:b9:87:02:cf:53:a9:2b:29:12:35:fb:ac:d0:27:0e:fc:
96:8e:1e:a7:db:24:5c:81:de:67:5e:ea:dc:8a:27:0e:e3:60:
7b:7f:24:12:11:2f:bf:ee:38:73:cc:08:3f:5e:67:e0:51:ce:
8a:2e:ef:f0:f6:12:00:3f:e9:36:42:49:49:68:7b:2b:e1:df:
b3:17:b7:c2:71:7a:a7:a5:23:71:63:de:b8:f8:35:92:7b:88:
e8:9b:8f:fc:fe:f5:7c:8f:27:51:7d:cc:05:e6:70:f7:68:70:
96:f6:f1:21:ac:54:09:97:91:16:db:f7:ea:c8:c3:68:26:6c:
dd:23:59:ff
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZeb4yOa62jiY4vrAukz3t01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwNjIzMDgyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI4MWRjZTBhZDA1OTc0ZWE1NTQzMjU1YjY4MGYwYzVmOWE4NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSKJOojH+8uCLaKevY68+ATJkPpA
dgHCmaBayaTZ6hZyiLtyMs8AaZbOsAT0NAixOj2dUGA1ltmY/3wfgT3lYCpvMlxE
6VQt9o62jFbSuXn6xvVHhiRAY+4LPH1O1JycNkW4Rv1tH/uRiuLDH+z886J0AB3r
x4QLjQmvBcozpFjWh+Z/xM8oXI5Y95x1RGLKbI4ckzvt3zj6aJ4X7FPctH5r/UET
EdLxUZn2T1VeShUwFg2DmSe6MOUVuDEUpJPzfdbifEWcnXOP9XUj1E9ooxvxFxhE
tNxh3GulJK9SeTCXCFfs1Kpe9jqvnZU/21GFD3+JeAl1d81sPVn4nQiQIQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFIG4Hc4K0Fl06lVDJVtoDwxfmoUDMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvZ2JnZHpnclFXWFRxVlVNbFcyZ1BERi1haFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBqQQCAAEwgaIDBAMF
PfgDBAIfDmADBAQlIjADBAclYYADBAMl5mADBANNSJADBAVQRUADBANU9wgDBAVV
CoADBAJWafQDBAVX/YADBAJZKagDBAFbjv4DBARddwADBAVfqkADBAONiogDBAeV
0oADBASyElADBAK5CjADBAK5FbwDBAK5YAQDBAK5bHADBAK88DQDBAK88ZQDBADB
iswDBADDCMMDBADDh8MwFAQCAAIwDgMFACoBB8gDBQAqAXhgMA0GCSqGSIb3DQEB
CwUAA4IBAQDEN3QksEtK6DAT9apmpb5oSu0LzLUv2u1TKHzuX+lxKvtmL/gZ3BFm
ckAgXzaRKunjrlMbiywnJZWP1KapF+SR9lXitpbii9HZ1fnIEN8+tvXPsBlwNlxQ
swsHSVpRfM609MmY2+LsMTRrCteFcu0lZs3UPLofYRYtCyvc67ff6bmHAs9TqSsp
EjX7rNAnDvyWjh6n2yRcgd5nXurciicO42B7fyQSES+/7jhzzAg/XmfgUc6KLu/w
9hIAP+k2QklJaHsr4d+zF7fCcXqnpSNxY964+DWSe4jom4/8/vV8jydRfcwF5nD3
aHCW9vEhrFQJl5EW2/fqyMNoJmzdI1n/
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:11:30 2025 by rpki-client