Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/5SL6ps7reohZxOZaOr95AyhKXk0.roa
File: 5SL6ps7reohZxOZaOr95AyhKXk0.roa (raw, json)
Hash identifier: ntabVWGb8ZvZ10oMayxItM/se8lZacSeVMlLpcUBxc8=
Subject key identifier: E5:22:FA:A6:CE:EB:7A:88:59:C4:E6:5A:3A:BF:79:03:28:4A:5E:4D
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0197835BC0E43583E7E7BF3E6A049A38EEA8
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/5SL6ps7reohZxOZaOr95AyhKXk0.roa
Signing time: Wed 18 Jun 2025 14:05:17 +0000
ROA not before: Wed 18 Jun 2025 14:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
37.123.112.0/24 maxlen: 24
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/21 maxlen: 21
77.92.72.0/22 maxlen: 22
77.92.76.0/23 maxlen: 23
77.92.78.0/23 maxlen: 23
77.92.80.0/20 maxlen: 20
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/23 maxlen: 23
88.202.177.0/24 maxlen: 24
88.202.178.0/24 maxlen: 24
88.202.179.0/24 maxlen: 24
88.202.180.0/22 maxlen: 22
88.202.184.0/24 maxlen: 24
88.202.185.0/24 maxlen: 24
88.202.186.0/23 maxlen: 23
88.202.188.0/22 maxlen: 22
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/47 maxlen: 47
2a02:2498:4::/48 maxlen: 48
2a02:2498:5::/48 maxlen: 48
2a02:2498:16::/48 maxlen: 48
2a02:2498:1000::/36 maxlen: 36
2a02:2498:257b::/48 maxlen: 48
2a02:2498:53aa::/48 maxlen: 48
2a02:2498:6d7b::/48 maxlen: 48
2a02:2498:9000::/36 maxlen: 36
2a02:2498:9001::/48 maxlen: 48
2a02:2498:a000::/36 maxlen: 36
2a02:2498:b000::/36 maxlen: 36
2a02:2498:e000::/36 maxlen: 36
2a02:2498:e004::/48 maxlen: 48
2a02:2498:f000::/48 maxlen: 48
2a02:2498:f001::/48 maxlen: 48
2a02:2498:f002::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 26 Jun 2025 07:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:5b:c0:e4:35:83:e7:e7:bf:3e:6a:04:9a:38:ee:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Jun 18 14:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e522faa6ceeb7a8859c4e65a3abf7903284a5e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6a:eb:3a:3a:6c:40:3f:a5:9b:85:0c:29:17:
04:b3:be:5a:1c:61:fb:89:79:82:43:fc:be:97:b1:
46:06:da:9b:a9:58:ac:9e:dd:e1:d2:56:9d:b8:78:
14:95:59:27:a0:d4:84:a1:ba:e1:7c:12:9e:87:d9:
03:fb:8c:b9:a9:09:10:29:2d:1d:01:3e:fb:9b:7c:
06:11:7a:6e:bf:2b:5e:cf:96:69:d7:1f:fe:cb:dc:
72:36:97:20:a6:25:cb:76:1c:ae:53:ea:10:1b:79:
85:36:1d:22:96:32:79:7d:5a:ae:e1:44:0f:b6:4b:
15:62:6c:96:ef:e7:9e:21:bd:fe:bc:14:45:45:82:
88:1d:53:29:a6:ad:bb:fa:e8:58:7c:cf:3f:89:12:
63:6a:57:ad:66:ef:93:12:93:50:25:b0:6e:46:6a:
fe:62:4c:10:a0:cb:de:d4:0c:f1:09:60:9b:2d:dd:
c7:33:a8:7d:c4:26:72:0d:76:63:96:a6:01:48:32:
35:7f:29:2c:04:eb:43:37:1b:ab:a3:f9:92:2e:c9:
d9:68:63:40:04:61:c2:ff:67:bb:29:c3:36:b9:e8:
7b:27:0d:50:54:39:6b:62:39:18:e1:28:03:84:3d:
9f:b7:3f:92:38:6a:46:04:ce:b8:1d:20:09:e2:69:
8d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:22:FA:A6:CE:EB:7A:88:59:C4:E6:5A:3A:BF:79:03:28:4A:5E:4D
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/5SL6ps7reohZxOZaOr95AyhKXk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/47
2a02:2498:4::/47
2a02:2498:16::/48
2a02:2498:1000::/36
2a02:2498:257b::/48
2a02:2498:53aa::/48
2a02:2498:6d7b::/48
2a02:2498:9000::-2a02:2498:bfff:ffff:ffff:ffff:ffff:ffff
2a02:2498:e000::-2a02:2498:f002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
34:e2:69:f6:6e:a1:18:ba:5e:80:d5:eb:fb:19:8a:be:a5:e6:
7a:95:69:3d:21:37:3f:39:02:a8:a7:33:b5:d8:d6:17:d6:22:
53:ca:b9:40:a0:3b:62:a7:c3:05:f6:69:fd:db:36:d8:c1:41:
ec:71:ea:f6:64:74:5e:8d:be:08:03:75:4c:5e:86:1c:86:4b:
79:ed:79:5b:5e:fd:f7:ab:66:5c:e7:a7:a5:7d:32:f7:b8:64:
8c:53:81:13:f7:82:fc:29:bb:29:3e:8c:42:89:f7:0a:0d:42:
d2:29:17:97:27:f5:48:f0:79:b2:44:f4:99:dc:8b:20:ae:79:
8a:8e:31:21:84:af:c5:c0:8d:e9:77:81:f2:50:3a:1d:4b:2e:
6c:13:ea:67:a2:24:28:1e:1d:4d:49:c5:80:08:cf:58:9d:26:
af:45:a1:16:19:96:01:41:91:93:b1:58:4b:75:db:91:40:d0:
f8:8f:d6:e1:b5:72:9d:12:1b:4a:65:9d:b5:dd:e5:cc:5b:2a:
0b:2f:42:f3:11:d6:e0:7a:65:10:2c:4e:4a:84:ed:dd:b3:19:
e2:30:98:27:e7:30:2a:9c:3f:45:e4:6f:de:0d:52:a5:37:38:
95:28:ee:2c:87:02:8d:59:91:cd:d3:94:6a:63:a4:03:06:71:
b4:a3:c6:6b
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAZeDW8DkNYPn578+agSaOO6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwNjE4MTQwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTIyZmFhNmNlZWI3YTg4NTljNGU2NWEzYWJmNzkwMzI4NGE1ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GrrOjpsQD+lm4UMKRcEs75aHGH7
iXmCQ/y+l7FGBtqbqVisnt3h0laduHgUlVknoNSEobrhfBKeh9kD+4y5qQkQKS0d
AT77m3wGEXpuvytez5Zp1x/+y9xyNpcgpiXLdhyuU+oQG3mFNh0iljJ5fVqu4UQP
tksVYmyW7+eeIb3+vBRFRYKIHVMppq27+uhYfM8/iRJjaletZu+TEpNQJbBuRmr+
YkwQoMve1AzxCWCbLd3HM6h9xCZyDXZjlqYBSDI1fyksBOtDNxuro/mSLsnZaGNA
BGHC/2e7KcM2ueh7Jw1QVDlrYjkY4SgDhD2ftz+SOGpGBM64HSAJ4mmNeQIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFOUi+qbO63qIWcTmWjq/eQMoSl5NMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvNVNMNnBzN3Jlb2haeE9aYU9yOTVBeWhLWGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzBiBAIAATBcAwQDHxjg
AwQDJXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23w
AwQGbXtAAwQDsEOgAwQAsEOpMAwDBACwQ6sDBASwQ6ADBAK5B+AwaQQCAAIwYwMH
ASoCJJgAAAMHASoCJJgABAMHACoCJJgAFgMGBCoCJJgQAwcAKgIkmCV7AwcAKgIk
mFOqAwcAKgIkmG17MBADBgQqAiSYkAMGBioCJJiAMBEDBgUqAiSY4AMHACoCJJjw
AjANBgkqhkiG9w0BAQsFAAOCAQEANOJp9m6hGLpegNXr+xmKvqXmepVpPSE3PzkC
qKcztdjWF9YiU8q5QKA7YqfDBfZp/ds22MFB7HHq9mR0Xo2+CAN1TF6GHIZLee15
W17996tmXOenpX0y97hkjFOBE/eC/Cm7KT6MQon3Cg1C0ikXlyf1SPB5skT0mdyL
IK55io4xIYSvxcCN6XeB8lA6HUsubBPqZ6IkKB4dTUnFgAjPWJ0mr0WhFhmWAUGR
k7FYS3XbkUDQ+I/W4bVynRIbSmWdtd3lzFsqCy9C8xHW4HplECxOSoTt3bMZ4jCY
J+cwKpw/ReRv3g1SpTc4lSjuLIcCjVmRzdOUamOkAwZxtKPGaw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:01:33 2025 by rpki-client