Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/9v_umU4sQN_KT1zToYrLtGl1Yf8.roa
File: 9v_umU4sQN_KT1zToYrLtGl1Yf8.roa (raw, json)
Hash identifier: MtPZiybGpwSr5ptjk6jr+HUV4wxarYC+fjDXdvT79ZQ=
Subject key identifier: F6:FF:EE:99:4E:2C:40:DF:CA:4F:5C:D3:A1:8A:CB:B4:69:75:61:FF
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 0197F33DE3398827303BA4038300BBC08C3F
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/9v_umU4sQN_KT1zToYrLtGl1Yf8.roa
Signing time: Thu 10 Jul 2025 07:30:08 +0000
ROA not before: Thu 10 Jul 2025 07:30:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.148.132.0/22 maxlen: 24
95.155.128.0/24 maxlen: 24
95.155.129.0/24 maxlen: 24
95.155.130.0/24 maxlen: 24
95.155.131.0/24 maxlen: 24
95.155.132.0/24 maxlen: 24
95.155.144.0/24 maxlen: 24
95.155.145.0/24 maxlen: 24
95.155.146.0/24 maxlen: 24
95.155.147.0/24 maxlen: 24
95.155.148.0/24 maxlen: 24
95.155.149.0/24 maxlen: 24
95.155.150.0/24 maxlen: 24
95.155.151.0/24 maxlen: 24
95.155.156.0/24 maxlen: 24
95.155.157.0/24 maxlen: 24
95.155.158.0/24 maxlen: 24
95.155.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Jul 2025 08:38:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:3d:e3:39:88:27:30:3b:a4:03:83:00:bb:c0:8c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Jul 10 07:30:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6ffee994e2c40dfca4f5cd3a18acbb4697561ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:62:0d:c2:3e:45:bd:ab:ca:3d:fb:d1:dd:21:
91:b1:47:d6:08:f2:9e:f2:35:0b:a1:94:cb:cc:7d:
74:a8:3a:d8:24:af:85:b0:ea:c9:a3:9f:5f:87:2a:
9b:75:d9:3f:5e:4a:6b:db:61:c5:6c:aa:5b:01:26:
32:d7:8e:37:fa:3f:94:c6:75:80:64:17:d4:c0:ef:
2a:80:d6:b6:4f:67:7e:98:b4:0f:aa:c5:97:94:0e:
05:70:67:38:43:59:b5:5c:df:d4:1c:fd:c7:38:2a:
a0:2e:95:ab:3b:17:d6:fb:87:9f:ca:58:3b:35:93:
d9:eb:0d:ab:de:69:af:2b:0d:61:6d:4f:53:69:e6:
c4:cd:45:8d:ab:b3:c3:1d:99:2c:2d:9e:66:25:84:
07:2f:f2:68:70:bb:9d:95:83:cd:ab:aa:ca:88:1f:
82:51:91:30:2b:1d:f3:80:f0:4b:99:82:6d:da:8b:
77:fd:01:86:e6:37:ed:ee:95:ac:f0:15:f0:30:68:
d2:b2:c3:c2:87:8b:6e:a6:36:1e:a6:9a:86:8f:92:
fe:17:98:c4:98:bb:96:6b:c0:51:dd:ee:bc:75:24:
95:50:42:f2:16:02:df:57:65:1f:6a:06:a1:dc:7a:
68:83:0e:d5:1b:03:d0:f9:01:d7:60:47:b2:0b:86:
6a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:FF:EE:99:4E:2C:40:DF:CA:4F:5C:D3:A1:8A:CB:B4:69:75:61:FF
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/9v_umU4sQN_KT1zToYrLtGl1Yf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.132.0/22
95.155.128.0-95.155.132.255
95.155.144.0/21
95.155.156.0/22
Signature Algorithm: sha256WithRSAEncryption
33:a0:77:d7:64:6c:fd:1d:ed:f1:57:9e:e7:4b:26:15:05:77:
f7:5b:c1:bb:ad:25:4e:4a:5b:64:6b:9f:26:4a:3c:43:e3:a0:
00:2c:47:6a:4a:11:5c:98:da:34:39:90:d4:25:55:ec:99:c0:
17:e4:55:aa:1f:99:40:4a:fc:c0:ea:b8:7d:58:fb:64:eb:d2:
18:cf:56:8f:21:3d:8b:40:51:fd:de:a1:4d:3e:5e:6d:56:47:
98:d1:5d:09:8e:40:ab:4a:9d:b1:d3:3c:5c:95:bf:8d:95:ef:
ff:ae:25:57:c2:07:89:40:58:5c:6b:66:9e:9e:f6:e8:1f:86:
97:c5:53:ac:5e:07:5a:ac:7a:a4:05:cb:18:4f:48:f1:00:14:
dd:12:02:6b:14:22:57:a7:0a:03:d2:c7:67:2c:d4:6b:e1:c5:
c2:6a:3a:e1:31:4a:30:94:6e:dd:fa:ec:2a:10:f5:d9:f6:0e:
2d:0b:09:03:62:7e:11:77:45:d6:b5:11:22:35:c4:d2:1e:4b:
cf:da:b4:9c:3b:0d:a4:e7:29:cd:36:00:31:c1:11:75:ab:9f:
58:06:e4:fd:aa:46:08:2f:4c:43:f8:01:0a:5d:d8:d0:5a:dd:
24:15:3c:ad:e8:f7:a8:e8:f0:10:1e:05:d1:21:5e:d2:92:d6:
28:09:08:8f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfzPeM5iCcwO6QDgwC7wIw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwNzEwMDczMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmZmZWU5OTRlMmM0MGRmY2E0ZjVjZDNhMThhY2JiNDY5NzU2MWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mINwj5FvavKPfvR3SGRsUfWCPKe
8jULoZTLzH10qDrYJK+FsOrJo59fhyqbddk/Xkpr22HFbKpbASYy1443+j+UxnWA
ZBfUwO8qgNa2T2d+mLQPqsWXlA4FcGc4Q1m1XN/UHP3HOCqgLpWrOxfW+4efylg7
NZPZ6w2r3mmvKw1hbU9TaebEzUWNq7PDHZksLZ5mJYQHL/JocLudlYPNq6rKiB+C
UZEwKx3zgPBLmYJt2ot3/QGG5jft7pWs8BXwMGjSssPCh4tupjYeppqGj5L+F5jE
mLuWa8BR3e68dSSVUELyFgLfV2Ufagah3Hpogw7VGwPQ+QHXYEeyC4ZqxQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPb/7plOLEDfyk9c06GKy7RpdWH/MB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvOXZfdW1VNHNRTl9LVDF6VG9Zckx0R2wxWWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJZSEMAwD
BAdfm4ADBABfm4QDBANfm5ADBAJfm5wwDQYJKoZIhvcNAQELBQADggEBADOgd9dk
bP0d7fFXnudLJhUFd/dbwbutJU5KW2RrnyZKPEPjoAAsR2pKEVyY2jQ5kNQlVeyZ
wBfkVaofmUBK/MDquH1Y+2Tr0hjPVo8hPYtAUf3eoU0+Xm1WR5jRXQmOQKtKnbHT
PFyVv42V7/+uJVfCB4lAWFxrZp6e9ugfhpfFU6xeB1qseqQFyxhPSPEAFN0SAmsU
IlenCgPSx2cs1GvhxcJqOuExSjCUbt367CoQ9dn2Di0LCQNifhF3Rda1ESI1xNIe
S8/atJw7DaTnKc02ADHBEXWrn1gG5P2qRggvTEP4AQpd2NBa3SQVPK3o96jo8BAe
BdEhXtKS1igJCI8=
-----END CERTIFICATE-----
Generated at Sat Jul 26 06:57:57 2025 by rpki-client