Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mPJ_b2zTIAChxx5Gx4RL0U1vERI.roa
File: mPJ_b2zTIAChxx5Gx4RL0U1vERI.roa (raw, json)
Hash identifier: Y1C62Mh8d2KzZLP9+oAunV4Gy01dHTRu4ZsZ7j3dhvc=
Subject key identifier: 98:F2:7F:6F:6C:D3:20:00:A1:C7:1E:46:C7:84:4B:D1:4D:6F:11:12
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0197F1523F2D64DC8059F2697AEFBA4C8845
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mPJ_b2zTIAChxx5Gx4RL0U1vERI.roa
Signing time: Wed 09 Jul 2025 22:33:08 +0000
ROA not before: Wed 09 Jul 2025 22:33:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 5.182.192.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
94.154.182.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
162.218.90.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Jul 2025 05:25:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f1:52:3f:2d:64:dc:80:59:f2:69:7a:ef:ba:4c:88:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 9 22:33:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98f27f6f6cd32000a1c71e46c7844bd14d6f1112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:07:e2:0b:d3:df:74:ef:07:88:df:e0:d8:cb:
c8:c6:e6:ca:38:e9:31:25:9f:0a:53:54:30:8f:2b:
5e:f6:50:5f:6a:eb:f4:b5:91:0c:50:46:8f:5b:cc:
c4:76:19:5d:d6:f8:96:24:ff:da:45:ca:9e:66:9a:
c8:1a:12:3d:92:fb:cb:20:4e:49:95:26:b6:25:bf:
6b:e8:02:b8:c1:54:49:79:df:ed:2b:ac:e4:2b:cd:
e9:41:4e:00:78:ce:79:06:da:88:1d:ba:d0:35:5c:
d1:02:46:2c:4b:dd:27:bf:26:48:90:5a:96:a7:ba:
03:a1:65:bb:9f:a7:4e:32:c3:d2:73:4c:20:d4:c7:
72:d3:24:83:14:fe:73:d1:c3:9f:9b:fe:ca:7f:e4:
b1:40:7f:c7:51:94:dd:04:ed:ae:ef:16:fb:be:27:
48:23:13:34:32:80:70:f9:17:6a:c9:00:f5:d0:82:
f0:ba:e1:da:6b:4f:8d:e5:f9:bb:b7:a1:e7:92:65:
ce:1c:40:9a:a8:fe:ef:ee:1e:21:0e:f9:80:03:51:
af:0d:5f:76:68:10:aa:59:7d:cf:d8:82:40:99:c9:
b1:49:0e:6b:fa:d6:bc:09:77:dd:e9:f8:15:8c:d2:
91:86:5c:03:0d:30:8f:87:5d:d8:92:24:ad:bb:6b:
09:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F2:7F:6F:6C:D3:20:00:A1:C7:1E:46:C7:84:4B:D1:4D:6F:11:12
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mPJ_b2zTIAChxx5Gx4RL0U1vERI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.192.0/24
92.249.31.0/24
94.154.182.0/24
147.78.205.0-147.78.206.255
162.218.90.0/24
185.187.212.0/24
185.205.205.0/24
Signature Algorithm: sha256WithRSAEncryption
97:0b:0e:14:45:50:20:6f:2c:bc:92:e5:6f:ae:93:33:62:9e:
f9:d1:bc:56:0b:d8:d8:bd:bb:cb:78:90:20:a3:2b:c1:d7:08:
6b:24:0a:b7:30:01:46:22:67:f1:6b:2a:67:e8:ea:49:89:68:
50:a3:a8:65:00:33:f3:21:05:9a:86:20:0a:0d:50:a1:f8:1f:
f5:12:3b:fd:6a:bb:9d:03:22:87:ef:99:29:6a:6a:3f:9f:91:
12:2f:e2:ce:3f:50:22:74:58:75:3e:7e:f2:11:d6:80:d7:5d:
49:aa:12:9b:18:76:8b:3c:dc:f1:6e:18:0c:fb:a4:4a:e7:69:
9e:08:10:30:46:25:63:93:50:8f:99:d4:c0:17:38:a9:66:26:
52:7d:66:ef:d5:58:44:40:e3:74:65:aa:8d:29:70:a8:33:94:
d8:93:15:b2:70:c2:68:f2:57:36:41:73:42:8c:f9:6f:64:b9:
8e:d4:3b:19:84:2e:07:d4:68:77:cb:97:f4:a5:04:83:86:7a:
2c:40:b9:1a:c6:d9:73:13:a7:d0:df:f0:27:dc:35:e1:d9:25:
13:5a:cc:a4:33:19:0d:40:ae:c6:7a:39:74:b1:08:6b:de:49:
6a:2f:02:3c:b2:81:61:1e:6e:b3:af:3b:86:73:20:e9:d3:63:
22:5d:dc:19
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZfxUj8tZNyAWfJpeu+6TIhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNzA5MjIzMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGYyN2Y2ZjZjZDMyMDAwYTFjNzFlNDZjNzg0NGJkMTRkNmYxMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AfiC9PfdO8HiN/g2MvIxubKOOkx
JZ8KU1Qwjyte9lBfauv0tZEMUEaPW8zEdhld1viWJP/aRcqeZprIGhI9kvvLIE5J
lSa2Jb9r6AK4wVRJed/tK6zkK83pQU4AeM55BtqIHbrQNVzRAkYsS90nvyZIkFqW
p7oDoWW7n6dOMsPSc0wg1Mdy0ySDFP5z0cOfm/7Kf+SxQH/HUZTdBO2u7xb7vidI
IxM0MoBw+RdqyQD10ILwuuHaa0+N5fm7t6HnkmXOHECaqP7v7h4hDvmAA1GvDV92
aBCqWX3P2IJAmcmxSQ5r+ta8CXfd6fgVjNKRhlwDDTCPh13YkiStu2sJcwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJjyf29s0yAAocceRseES9FNbxESMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvbVBKX2IyelRJQUNoeHg1R3g0UkwwVTF2RVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABbbAAwQA
XPkfAwQAXpq2MAwDBACTTs0DBACTTs4DBACi2loDBAC5u9QDBAC5zc0wDQYJKoZI
hvcNAQELBQADggEBAJcLDhRFUCBvLLyS5W+ukzNinvnRvFYL2Ni9u8t4kCCjK8HX
CGskCrcwAUYiZ/FrKmfo6kmJaFCjqGUAM/MhBZqGIAoNUKH4H/USO/1qu50DIofv
mSlqaj+fkRIv4s4/UCJ0WHU+fvIR1oDXXUmqEpsYdos83PFuGAz7pErnaZ4IEDBG
JWOTUI+Z1MAXOKlmJlJ9Zu/VWERA43Rlqo0pcKgzlNiTFbJwwmjyVzZBc0KM+W9k
uY7UOxmELgfUaHfLl/SlBIOGeixAuRrG2XMTp9Df8CfcNeHZJRNazKQzGQ1ArsZ6
OXSxCGveSWovAjyygWEebrOvO4ZzIOnTYyJd3Bk=
-----END CERTIFICATE-----
Generated at Sun Jul 27 14:28:55 2025 by rpki-client