Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/dIKG1rHENvBTifr6TVdZqke5pro.roa
File: dIKG1rHENvBTifr6TVdZqke5pro.roa (raw, json)
Hash identifier: pDa2+9WatplAPZ70q+ffg8EObKVgvbbxSnQDC1Fq2gw=
Subject key identifier: 74:82:86:D6:B1:C4:36:F0:53:89:FA:FA:4D:57:59:AA:47:B9:A6:BA
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 0197E5750B74F27DD6C338FD6A716D60390C
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/dIKG1rHENvBTifr6TVdZqke5pro.roa
Signing time: Mon 07 Jul 2025 15:15:42 +0000
ROA not before: Mon 07 Jul 2025 15:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9002
IP address blocks: 31.128.32.0/22 maxlen: 24
37.233.82.0/23 maxlen: 24
37.233.84.0/23 maxlen: 24
37.233.86.0/24 maxlen: 24
45.130.212.0/22 maxlen: 24
45.137.188.0/24 maxlen: 24
45.145.163.0/24 maxlen: 24
45.156.20.0/24 maxlen: 24
46.173.20.0/24 maxlen: 24
77.73.233.0/24 maxlen: 24
77.73.235.0/24 maxlen: 24
77.73.238.0/24 maxlen: 24
83.222.20.0/23 maxlen: 24
90.156.254.0/23 maxlen: 24
91.218.142.0/23 maxlen: 24
185.77.231.0/24 maxlen: 24
194.36.208.0/24 maxlen: 24
212.74.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Jul 2025 17:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:75:0b:74:f2:7d:d6:c3:38:fd:6a:71:6d:60:39:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Jul 7 15:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=748286d6b1c436f05389fafa4d5759aa47b9a6ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2e:2e:6b:77:f1:84:e6:ac:90:28:a4:4f:aa:
fe:25:ac:6f:ea:ee:b5:7e:71:97:ac:24:70:dc:b8:
1e:8e:c2:24:3b:fd:8b:b9:5b:ae:a8:17:35:65:3d:
9c:55:13:1f:88:c8:be:ef:8c:74:81:d8:eb:54:34:
6c:3b:9e:15:de:a2:e9:e0:8a:0d:21:76:9e:7b:1b:
2b:9b:c6:45:68:f4:bd:fd:0e:4e:f2:93:8b:ba:16:
9d:19:ab:a0:3d:76:55:54:35:fd:0b:fe:b6:04:ff:
ee:6f:80:72:d5:de:3b:b5:6f:fd:a3:6d:77:68:c3:
dc:27:52:1a:f9:d6:f5:69:4d:25:93:76:23:c2:c0:
3f:81:c4:27:f7:90:08:86:07:bf:05:cb:04:f3:22:
48:b8:d7:14:56:c6:b3:2e:a1:4d:95:a3:b9:f5:27:
26:36:da:05:94:1c:de:4b:98:4c:f4:e9:e7:27:da:
a3:c8:f2:37:c6:1d:f6:b2:1f:9e:e6:04:de:ee:76:
ad:5a:6d:88:81:9a:f1:ad:b6:38:b9:05:07:e5:a3:
53:10:38:5f:4c:e0:f7:8e:2e:44:57:a4:de:39:c0:
0d:83:05:b6:6b:c9:d3:3a:fb:99:bc:5d:96:6a:8c:
94:64:1e:68:cc:9a:5c:50:44:b3:1c:d8:87:d8:94:
3a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:82:86:D6:B1:C4:36:F0:53:89:FA:FA:4D:57:59:AA:47:B9:A6:BA
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/dIKG1rHENvBTifr6TVdZqke5pro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.32.0/22
37.233.82.0-37.233.86.255
45.130.212.0/22
45.137.188.0/24
45.145.163.0/24
45.156.20.0/24
46.173.20.0/24
77.73.233.0/24
77.73.235.0/24
77.73.238.0/24
83.222.20.0/23
90.156.254.0/23
91.218.142.0/23
185.77.231.0/24
194.36.208.0/24
212.74.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:66:9f:f3:4a:27:4c:1e:e1:45:46:11:ce:e6:26:de:e9:1d:
d3:d1:63:7c:da:64:d0:9a:cd:18:d9:8a:91:ff:ed:3e:52:ce:
c4:e3:11:3c:41:ec:e5:c7:c8:f3:12:bb:c3:f3:c6:8a:25:50:
49:5c:00:a0:43:a2:96:d1:b7:b7:07:7c:97:65:52:32:8e:eb:
fa:44:ab:24:5c:23:31:63:a6:c1:ad:cf:58:c0:34:97:99:d3:
80:9a:97:ac:eb:62:ef:64:03:b8:43:3d:0b:1c:43:c9:e3:85:
3a:ca:ae:93:c1:5a:a2:63:39:f6:65:7c:63:78:08:da:f7:93:
05:a3:16:a5:82:e6:93:4f:67:9b:0e:3a:7e:17:51:22:19:a0:
76:55:c3:b8:0c:53:95:b0:7b:63:55:34:99:26:9d:9b:8b:23:
99:00:2c:4f:28:ff:09:69:e9:cb:32:05:62:35:19:59:ef:71:
6c:aa:9b:1e:06:64:1c:5f:45:3b:5c:e4:cc:31:1d:38:d1:a7:
7e:26:e8:80:1a:8a:b2:16:6c:f9:58:a2:63:2a:1a:e9:e2:07:
ae:ef:3b:dc:4b:ba:45:b1:48:fd:96:24:f1:5a:da:ca:29:5b:
79:1b:79:f8:39:37:a5:f5:21:87:83:ec:5e:a1:5b:fb:6e:cc:
ec:25:f9:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZfldQt08n3Wwzj9anFtYDkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjUwNzA3MTUxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDgyODZkNmIxYzQzNmYwNTM4OWZhZmE0ZDU3NTlhYTQ3YjlhNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC4ua3fxhOaskCikT6r+Jaxv6u61
fnGXrCRw3LgejsIkO/2LuVuuqBc1ZT2cVRMfiMi+74x0gdjrVDRsO54V3qLp4IoN
IXaeexsrm8ZFaPS9/Q5O8pOLuhadGaugPXZVVDX9C/62BP/ub4By1d47tW/9o213
aMPcJ1Ia+db1aU0lk3YjwsA/gcQn95AIhge/BcsE8yJIuNcUVsazLqFNlaO59Scm
NtoFlBzeS5hM9OnnJ9qjyPI3xh32sh+e5gTe7natWm2IgZrxrbY4uQUH5aNTEDhf
TOD3ji5EV6TeOcANgwW2a8nTOvuZvF2WaoyUZB5ozJpcUESzHNiH2JQ6PwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFHSChtaxxDbwU4n6+k1XWapHuaa6MB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvZElLRzFySEVOdkJUaWZyNlRWZFpxa2U1cHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAh+AIDAM
AwQBJelSAwQAJelWAwQCLYLUAwQALYm8AwQALZGjAwQALZwUAwQALq0UAwQATUnp
AwQATUnrAwQATUnuAwQBU94UAwQBWpz+AwQBW9qOAwQAuU3nAwQAwiTQAwQA1Ern
MA0GCSqGSIb3DQEBCwUAA4IBAQCNZp/zSidMHuFFRhHO5ibe6R3T0WN82mTQms0Y
2YqR/+0+Us7E4xE8Qezlx8jzErvD88aKJVBJXACgQ6KW0be3B3yXZVIyjuv6RKsk
XCMxY6bBrc9YwDSXmdOAmpes62LvZAO4Qz0LHEPJ44U6yq6TwVqiYzn2ZXxjeAja
95MFoxalguaTT2ebDjp+F1EiGaB2VcO4DFOVsHtjVTSZJp2biyOZACxPKP8JaenL
MgViNRlZ73FsqpseBmQcX0U7XOTMMR040ad+JuiAGoqyFmz5WKJjKhrp4geu7zvc
S7pFsUj9liTxWtrKKVt5G3n4OTel9SGHg+xeoVv7bszsJflb
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:16:34 2025 by rpki-client