Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/n5BuPzCJ8BhkRyuBTstwnr5eVI8.roa
File: n5BuPzCJ8BhkRyuBTstwnr5eVI8.roa (raw, json)
Hash identifier: EG4ZdpMwHkoohBD+KfaTjeRI7qDZmSLSRRf0KpFWMGk=
Subject key identifier: 9F:90:6E:3F:30:89:F0:18:64:47:2B:81:4E:CB:70:9E:BE:5E:54:8F
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01979C2F1FE31C097A193E7D8882F11C6A3A
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/n5BuPzCJ8BhkRyuBTstwnr5eVI8.roa
Signing time: Mon 23 Jun 2025 09:47:03 +0000
ROA not before: Mon 23 Jun 2025 09:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20857
IP address blocks: 5.61.248.0/21 maxlen: 24
31.3.96.0/22 maxlen: 24
31.3.101.0/24 maxlen: 24
31.3.102.0/23 maxlen: 24
31.14.96.0/22 maxlen: 24
37.34.48.0/21 maxlen: 24
37.34.56.0/21 maxlen: 24
37.97.128.0/17 maxlen: 24
37.230.96.0/21 maxlen: 24
77.72.144.0/21 maxlen: 24
79.170.88.0/24 maxlen: 24
79.170.90.0/23 maxlen: 24
79.170.93.0/24 maxlen: 24
79.170.94.0/23 maxlen: 24
80.69.64.0/19 maxlen: 24
84.247.8.0/21 maxlen: 24
85.10.128.0/19 maxlen: 24
85.222.228.0/22 maxlen: 24
86.105.244.0/22 maxlen: 24
87.253.128.0/19 maxlen: 24
89.31.96.0/23 maxlen: 24
89.31.100.0/24 maxlen: 24
89.31.102.0/23 maxlen: 24
89.41.168.0/22 maxlen: 24
91.142.254.0/23 maxlen: 23
93.119.0.0/20 maxlen: 24
93.191.128.0/22 maxlen: 24
93.191.132.0/23 maxlen: 24
95.170.64.0/19 maxlen: 24
141.138.136.0/21 maxlen: 24
141.138.192.0/21 maxlen: 24
141.138.200.0/22 maxlen: 24
141.138.204.0/23 maxlen: 24
141.138.206.0/24 maxlen: 24
149.210.128.0/17 maxlen: 24
178.18.80.0/20 maxlen: 24
185.10.48.0/22 maxlen: 24
185.21.188.0/22 maxlen: 24
185.96.4.0/22 maxlen: 24
185.108.112.0/22 maxlen: 24
188.240.52.0/22 maxlen: 22
188.241.148.0/22 maxlen: 22
193.138.204.0/24 maxlen: 24
195.8.195.0/24 maxlen: 24
195.135.195.0/24 maxlen: 24
2a01:7c8::/32 maxlen: 32
2a01:7c8:7000::/36 maxlen: 36
2a01:7c8:d000::/36 maxlen: 36
2a01:7c8:e000::/36 maxlen: 36
2a01:7860::/32 maxlen: 32
2a02:348:53::/48 maxlen: 48
2a02:348:54::/48 maxlen: 48
2a02:348:55::/48 maxlen: 48
2a02:348:56::/48 maxlen: 48
2a02:348:57::/48 maxlen: 48
2a02:348:58::/48 maxlen: 48
2a02:348:59::/48 maxlen: 48
2a02:348:5a::/48 maxlen: 48
2a02:348:5b::/48 maxlen: 48
2a02:348:5d::/48 maxlen: 48
2a02:348:5e::/48 maxlen: 48
2a02:348:5f::/48 maxlen: 48
2a02:348:60::/48 maxlen: 48
2a02:348:61::/48 maxlen: 48
2a02:348:62::/48 maxlen: 48
2a02:348:63::/48 maxlen: 48
2a02:348:a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jun 2025 09:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:2f:1f:e3:1c:09:7a:19:3e:7d:88:82:f1:1c:6a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jun 23 09:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f906e3f3089f01864472b814ecb709ebe5e548f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:b3:7c:70:f6:a1:2d:3f:b8:9d:17:42:d9:
61:7f:c2:4d:54:e2:ba:74:c8:2d:61:3d:85:d9:bf:
5c:7e:5a:62:d6:69:e2:aa:95:17:6e:bd:9c:53:5c:
13:67:e2:03:3c:9c:e8:7a:6f:f6:7c:08:d5:ce:4b:
1e:0f:66:9a:31:37:fe:49:58:74:f0:30:21:3d:2e:
1c:cd:ac:2d:ea:5e:af:56:68:c0:64:df:1b:89:e9:
f5:f7:ed:50:08:a1:27:b7:25:8e:45:91:3f:fb:8f:
da:e0:c5:8c:c5:d0:83:e6:e3:23:c6:3a:01:96:e7:
04:67:3d:21:ad:2a:56:fb:3b:f2:56:d0:c2:40:3e:
2c:96:db:77:ac:d6:b0:6d:5b:ad:f5:29:c2:10:06:
82:fa:ed:5a:7a:dd:2c:fe:be:ab:cb:7a:e6:17:8d:
fc:09:57:1e:7c:c4:a2:30:6c:3a:01:e3:0f:68:b4:
97:9c:df:fd:b2:a7:a9:11:d1:6f:7d:73:af:73:75:
4c:a2:0c:4c:1f:70:ea:3a:02:dd:7b:d3:66:48:f7:
2f:d0:de:e4:e1:43:2a:66:5b:dc:a6:e0:07:42:55:
a9:f5:14:4d:e3:e0:7a:cb:ef:5d:5b:78:6c:3e:f3:
d4:dd:83:44:2a:ce:d9:b8:a8:d5:ca:df:5d:3c:de:
c8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:90:6E:3F:30:89:F0:18:64:47:2B:81:4E:CB:70:9E:BE:5E:54:8F
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/n5BuPzCJ8BhkRyuBTstwnr5eVI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.248.0/21
31.3.96.0/22
31.3.101.0-31.3.103.255
31.14.96.0/22
37.34.48.0/20
37.97.128.0/17
37.230.96.0/21
77.72.144.0/21
79.170.88.0/24
79.170.90.0/23
79.170.93.0-79.170.95.255
80.69.64.0/19
84.247.8.0/21
85.10.128.0/19
85.222.228.0/22
86.105.244.0/22
87.253.128.0/19
89.31.96.0/23
89.31.100.0/24
89.31.102.0/23
89.41.168.0/22
91.142.254.0/23
93.119.0.0/20
93.191.128.0-93.191.133.255
95.170.64.0/19
141.138.136.0/21
141.138.192.0-141.138.206.255
149.210.128.0/17
178.18.80.0/20
185.10.48.0/22
185.21.188.0/22
185.96.4.0/22
185.108.112.0/22
188.240.52.0/22
188.241.148.0/22
193.138.204.0/24
195.8.195.0/24
195.135.195.0/24
IPv6:
2a01:7c8::/32
2a01:7860::/32
2a02:348:53::-2a02:348:5b:ffff:ffff:ffff:ffff:ffff
2a02:348:5d::-2a02:348:63:ffff:ffff:ffff:ffff:ffff
2a02:348:a0::/48
Signature Algorithm: sha256WithRSAEncryption
9e:52:cf:69:d8:fb:dc:6a:92:48:63:67:4f:ca:ed:90:78:c3:
45:05:af:6f:2d:a0:12:b7:ac:52:21:90:f7:a3:96:7c:05:16:
b2:a7:d3:e5:f1:b3:32:03:06:41:86:69:c6:d1:ac:bf:46:bc:
78:a1:37:3a:97:64:50:25:f6:1c:9c:5d:eb:d6:02:75:bb:34:
d9:11:7b:35:66:43:12:bf:48:6f:3c:c8:bf:87:79:3e:93:f9:
dc:bf:d6:ed:7d:db:9c:ba:b7:fb:b4:b3:ee:98:68:ca:75:06:
93:09:ba:ef:4f:cb:6d:09:30:97:59:0d:d6:e1:d0:01:dc:a8:
f6:81:fe:8a:ad:10:89:45:5a:6a:5b:23:3c:17:56:b5:1b:3b:
83:bb:c7:de:3b:28:d8:97:2d:42:e4:c2:3a:5b:b2:f2:b3:66:
ed:68:b8:9b:e0:3d:8c:d9:8b:d3:86:e4:08:30:fa:6c:29:9a:
c5:67:0d:65:db:36:71:ee:eb:69:e4:0e:64:85:0b:6c:9d:15:
36:f8:3f:1b:ed:40:cb:7b:42:4f:d7:de:d4:b9:ad:0a:82:90:
6d:b2:94:5e:1d:24:7c:a3:20:78:1a:c4:92:c7:6e:f8:4b:f4:
72:76:3b:67:0a:f4:82:1c:6a:cf:15:34:12:01:1d:a2:ad:bb:
41:09:2b:70
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAZecLx/jHAl6GT59iILxHGo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwNjIzMDk0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjkwNmUzZjMwODlmMDE4NjQ0NzJiODE0ZWNiNzA5ZWJlNWU1NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnqzfHD2oS0/uJ0XQtlhf8JNVOK6
dMgtYT2F2b9cflpi1mniqpUXbr2cU1wTZ+IDPJzoem/2fAjVzkseD2aaMTf+SVh0
8DAhPS4czawt6l6vVmjAZN8bien19+1QCKEntyWORZE/+4/a4MWMxdCD5uMjxjoB
lucEZz0hrSpW+zvyVtDCQD4sltt3rNawbVut9SnCEAaC+u1aet0s/r6ry3rmF438
CVcefMSiMGw6AeMPaLSXnN/9sqepEdFvfXOvc3VMogxMH3DqOgLde9NmSPcv0N7k
4UMqZlvcpuAHQlWp9RRN4+B6y+9dW3hsPvPU3YNEKs7ZuKjVyt9dPN7IpwIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFJ+Qbj8wifAYZEcrgU7LcJ6+XlSPMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvbjVCdVB6Q0o4QmhrUnl1QlRzdHducjVlVkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbAYIKwYBBQUHAQcBAf8EggFbMIIBVzCCAQwEAgABMIIB
BAMEAwU9+AMEAh8DYDAMAwQAHwNlAwQDHwNgAwQCHw5gAwQEJSIwAwQHJWGAAwQD
JeZgAwQDTUiQAwQAT6pYAwQBT6paMAwDBABPql0DBAVPqkADBAVQRUADBANU9wgD
BAVVCoADBAJV3uQDBAJWafQDBAVX/YADBAFZH2ADBABZH2QDBAFZH2YDBAJZKagD
BAFbjv4DBARddwAwDAMEB12/gAMEAV2/hAMEBV+qQAMEA42KiDAMAwQGjYrAAwQA
jYrOAwQHldKAAwQEshJQAwQCuQowAwQCuRW8AwQCuWAEAwQCuWxwAwQCvPA0AwQC
vPGUAwQAwYrMAwQAwwjDAwQAw4fDMEUEAgACMD8DBQAqAQfIAwUAKgF4YDASAwcA
KgIDSABTAwcCKgIDSABYMBIDBwAqAgNIAF0DBwIqAgNIAGADBwAqAgNIAKAwDQYJ
KoZIhvcNAQELBQADggEBAJ5Sz2nY+9xqkkhjZ0/K7ZB4w0UFr28toBK3rFIhkPej
lnwFFrKn0+XxszIDBkGGacbRrL9GvHihNzqXZFAl9hycXevWAnW7NNkRezVmQxK/
SG88yL+HeT6T+dy/1u1925y6t/u0s+6YaMp1BpMJuu9Py20JMJdZDdbh0AHcqPaB
/oqtEIlFWmpbIzwXVrUbO4O7x947KNiXLULkwjpbsvKzZu1ouJvgPYzZi9OG5Agw
+mwpmsVnDWXbNnHu62nkDmSFC2ydFTb4PxvtQMt7Qk/X3tS5rQqCkG2ylF4dJHyj
IHgaxJLHbvhL9HJ2O2cK9IIcas8VNBIBHaKtu0EJK3A=
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:18:02 2025 by rpki-client