Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mBrlQljYtYwdV5vKFknMjsUbOXc.roa
File: mBrlQljYtYwdV5vKFknMjsUbOXc.roa (raw, json)
Hash identifier: VWJlMTeMj6sEAhvcU4fP0cku+4Z1PSV4GPsHY6vPwrQ=
Subject key identifier: 98:1A:E5:42:58:D8:B5:8C:1D:57:9B:CA:16:49:CC:8E:C5:1B:39:77
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019E54C06C04110747F2FDA247FCD88EEE52
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mBrlQljYtYwdV5vKFknMjsUbOXc.roa
Signing time: Sat 23 May 2026 12:12:37 +0000
ROA not before: Sat 23 May 2026 12:12:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.56.0/24 maxlen: 24
195.133.60.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
212.192.251.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jun 2026 06:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:54:c0:6c:04:11:07:47:f2:fd:a2:47:fc:d8:8e:ee:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 23 12:12:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=981ae54258d8b58c1d579bca1649cc8ec51b3977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0f:63:67:d7:e3:43:f2:f5:a4:8d:a9:5c:0d:
bd:c5:0c:74:33:5c:87:b4:4f:c1:ed:ba:a3:d8:57:
54:24:39:1d:2f:69:50:68:c2:97:ab:bf:94:e1:58:
8f:05:6f:d9:a3:ed:98:fb:20:dd:b8:45:a2:e0:a8:
6c:d2:6c:65:d5:6d:66:d1:74:57:1c:53:90:e2:cb:
eb:49:9b:52:f1:67:4d:90:1c:22:60:c1:67:58:73:
ea:7f:bb:93:1e:62:ff:c3:0c:b4:12:10:c5:5b:f8:
16:44:05:98:db:ed:eb:6e:c4:43:3c:89:ab:be:0d:
70:a8:a6:96:b1:63:f5:a1:1d:be:54:a5:0f:02:9d:
3f:a3:59:b8:92:cc:fe:44:77:05:03:1a:98:c7:64:
42:fd:d1:bc:46:5e:46:4a:5b:b6:3b:9c:6b:c3:3b:
53:08:29:a6:20:83:21:b6:4c:6f:01:2f:78:c0:c4:
fc:3b:ed:1c:08:2f:4e:d2:27:96:cd:1a:aa:f8:4c:
ab:1c:8d:7c:a9:03:a3:e4:4f:10:18:0d:b0:a6:86:
a8:cc:c9:40:71:1a:43:88:d4:ac:88:17:01:32:06:
04:a7:2a:93:0e:96:d0:58:46:73:ad:bc:66:e5:d9:
07:f0:5f:77:c1:7b:d3:31:08:a9:d6:6e:46:f2:e7:
e4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1A:E5:42:58:D8:B5:8C:1D:57:9B:CA:16:49:CC:8E:C5:1B:39:77
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mBrlQljYtYwdV5vKFknMjsUbOXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
62.76.235.0/24
192.124.183.0/24
192.124.188.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.91.0/24
193.124.94.0/24
194.58.43.0/24
194.58.60.0/24
194.58.67.0/24
194.87.3.0/24
194.87.6.0/23
194.87.16.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/24
194.87.63.0/24
194.87.116.0/23
194.87.120.0/23
194.87.160.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.176.0/23
194.87.180.0-194.87.182.255
194.135.23.0/24
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.12.0/24
195.133.56.0/24
195.133.60.0/23
195.133.80.0/24
195.133.82.0/24
212.192.210.0/23
212.192.251.0/24
212.193.10.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
57:11:81:68:9a:d0:ce:92:d9:a4:49:17:86:89:d5:6c:cb:69:
09:7c:89:b7:93:a0:56:ce:2a:57:74:d5:bf:6a:92:fb:e3:df:
20:0a:22:a9:c1:f3:8b:49:3d:ce:1d:14:0c:b9:d8:fc:e5:d8:
08:43:cf:eb:dc:a3:fd:02:fc:b2:2f:7a:60:aa:84:5a:80:9b:
95:92:01:2c:d3:07:9d:b6:97:32:2b:e1:19:86:43:8c:bd:a8:
bc:20:c7:a7:39:b7:6c:7a:b4:8b:35:40:7c:28:bf:e9:b6:bd:
0f:65:cd:d0:b4:5c:ac:31:44:5c:26:fa:c5:d7:4d:20:1a:f3:
f9:79:41:b1:72:c5:ce:fe:d2:db:41:e2:8f:7f:ad:a8:e9:45:
6b:d7:c0:4f:e7:0e:a3:fd:36:28:76:0a:e3:52:a2:ac:6c:46:
20:49:5b:77:e7:ff:91:cc:15:9d:5a:4d:d7:49:0d:d1:d5:13:
53:2b:97:c8:86:0b:75:a7:2d:85:1b:3a:6f:35:4e:6a:ed:bb:
a8:89:f5:a2:cc:95:86:5a:bb:1b:28:86:f2:7d:e2:00:d6:fd:
13:56:69:ec:ef:c8:11:1c:dc:49:c7:a7:bc:a4:a8:d8:80:6e:
c4:e5:3a:52:70:40:07:8b:ba:67:34:02:2f:ae:28:21:a7:5a:
7e:bc:12:d4
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZ5UwGwEEQdH8v2iR/zYju5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNTIzMTIxMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODFhZTU0MjU4ZDhiNThjMWQ1NzliY2ExNjQ5Y2M4ZWM1MWIzOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg9jZ9fjQ/L1pI2pXA29xQx0M1yH
tE/B7bqj2FdUJDkdL2lQaMKXq7+U4ViPBW/Zo+2Y+yDduEWi4Khs0mxl1W1m0XRX
HFOQ4svrSZtS8WdNkBwiYMFnWHPqf7uTHmL/wwy0EhDFW/gWRAWY2+3rbsRDPImr
vg1wqKaWsWP1oR2+VKUPAp0/o1m4ksz+RHcFAxqYx2RC/dG8Rl5GSlu2O5xrwztT
CCmmIIMhtkxvAS94wMT8O+0cCC9O0ieWzRqq+EyrHI18qQOj5E8QGA2wpoaozMlA
cRpDiNSsiBcBMgYEpyqTDpbQWEZzrbxm5dkH8F93wXvTMQip1m5G8ufk2wIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFJga5UJY2LWMHVebyhZJzI7FGzl3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbUJybFFsall0WXdkVjV2S0Zrbk1qc1ViT1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAD5M5wMEAD5M6wMEAMB8twMEAMB8vAMEAMF8AwMEAMF8BgMEAMF8CAMEAMF8
WwMEAMF8XgMEAMI6KwMEAMI6PAMEAMI6QwMEAMJXAwMEAcJXBgMEAMJXEAMEAMJX
IgMEAMJXJAMEAMJXKgMEAMJXPwMEAcJXdAMEAcJXeAMEAMJXoAMEAMJXozAMAwQA
wlelAwQAwlemAwQBwlewMAwDBALCV7QDBADCV7YDBADChxcwDAMEAMM6NwMEAMM6
OAMEAMM6OwMEAMM6PgMEAMOFDAMEAMOFOAMEAcOFPAMEAMOFUAMEAMOFUgMEAdTA
0gMEANTA+wMEANTBCgMEANTBDzANBgkqhkiG9w0BAQsFAAOCAQEAVxGBaJrQzpLZ
pEkXhonVbMtpCXyJt5OgVs4qV3TVv2qS++PfIAoiqcHzi0k9zh0UDLnY/OXYCEPP
69yj/QL8si96YKqEWoCblZIBLNMHnbaXMivhGYZDjL2ovCDHpzm3bHq0izVAfCi/
6ba9D2XN0LRcrDFEXCb6xddNIBrz+XlBsXLFzv7S20Hij3+tqOlFa9fAT+cOo/02
KHYK41KirGxGIElbd+f/kcwVnVpN10kN0dUTUyuXyIYLdacthRs6bzVOau27qIn1
osyVhlq7GyiG8n3iANb9E1Zp7O/IERzcScenvKSo2IBuxOU6UnBAB4u6ZzQCL64o
IadafrwS1A==
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:20 2026 by rpki-client