Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lGj3JvcFRfYusyg2gN3PxVglGRg.roa
File: lGj3JvcFRfYusyg2gN3PxVglGRg.roa (raw, json)
Hash identifier: kcPbAOD4yfOjmcGky4/fgVwTs/R24tYwWur+JviSQiA=
Subject key identifier: 94:68:F7:26:F7:05:45:F6:2E:B3:28:36:80:DD:CF:C5:58:25:19:18
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019EE41F2DA1E0DBA897D2D18FD1B94D51ED
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lGj3JvcFRfYusyg2gN3PxVglGRg.roa
Signing time: Sat 20 Jun 2026 08:21:49 +0000
ROA not before: Sat 20 Jun 2026 08:21:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 5.253.57.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.91.194.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.100.0/23 maxlen: 24
93.123.109.0/24 maxlen: 24
94.156.188.0/24 maxlen: 32
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jun 2026 09:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e4:1f:2d:a1:e0:db:a8:97:d2:d1:8f:d1:b9:4d:51:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 20 08:21:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9468f726f70545f62eb3283680ddcfc558251918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ce:51:6c:dd:b0:54:5f:5e:9d:91:19:69:13:
67:80:9d:fb:84:05:0d:6f:af:6b:be:03:17:35:96:
dd:65:fd:c6:d7:2a:21:8b:47:a7:ae:2d:48:19:7a:
65:9b:b4:a0:cb:74:85:54:cd:02:32:3e:37:38:ee:
c0:3f:f0:d7:b8:95:1e:db:bc:27:34:bd:00:22:1d:
01:a1:8c:bd:1b:78:08:19:12:71:3d:a3:2a:c0:0f:
1f:d0:f5:f6:3f:92:9f:51:93:e8:73:ae:cc:d8:b3:
33:69:11:e3:f0:43:92:46:cd:8d:31:f8:dc:dc:72:
ee:de:87:d0:63:60:f8:1a:ca:e1:cb:3d:de:4d:09:
6c:06:af:57:50:84:8e:ac:71:58:f7:50:d8:a2:87:
c2:63:f4:db:a1:8c:0d:a4:02:73:61:05:30:54:57:
4a:13:19:ec:25:cb:61:b0:7d:2f:6c:8a:52:68:21:
4c:c9:68:5f:62:1c:c3:7e:b4:27:56:7a:48:e0:32:
20:10:67:98:c0:3e:2c:41:bb:bb:39:a4:87:a9:b4:
4f:75:8a:1e:4f:e5:cb:b5:55:f8:b2:ac:e7:12:d7:
af:f7:57:8b:00:8b:9f:38:86:d8:ca:f1:18:dc:df:
08:0f:7e:55:be:5b:20:4f:a1:79:2a:7b:b8:b8:6f:
33:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:68:F7:26:F7:05:45:F6:2E:B3:28:36:80:DD:CF:C5:58:25:19:18
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lGj3JvcFRfYusyg2gN3PxVglGRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.57.0/24
37.139.128.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.91.194.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.192.0/23
87.121.62.0/23
87.121.114.0/23
87.121.221.0/24
92.249.50.0/24
93.123.100.0/23
93.123.109.0/24
94.156.188.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
185.246.221.0/24
185.252.177.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
66:81:4c:5b:9d:b0:ad:26:b8:dc:fb:07:a3:02:40:e0:28:60:
ff:d8:69:f8:ea:63:19:0f:e0:d2:4e:8c:c4:96:71:fa:89:b4:
59:fc:fb:94:17:21:47:18:d9:92:6d:4b:11:31:34:a2:e4:6a:
65:36:7c:1d:1e:21:d2:44:a3:88:6f:83:5d:1e:0f:a0:5f:5b:
b1:d1:ab:88:c2:d1:e9:cf:4d:ed:57:3b:5b:50:18:f2:4c:81:
f7:3b:ac:09:84:e2:5f:fb:1e:82:58:7a:2d:99:b7:d6:5c:19:
c3:07:5a:c5:4c:b0:0a:ea:a5:65:91:8d:42:1c:11:cb:54:3a:
40:41:15:5b:4f:54:04:d3:14:37:e2:7a:5b:9e:57:d0:48:44:
f2:ef:a6:01:77:72:36:ea:5f:ec:34:2a:86:e2:71:88:b0:91:
94:3e:0d:cb:b3:4a:8a:35:d9:4e:b3:68:15:5b:9c:e9:f3:fc:
69:86:70:1a:ea:e9:88:e6:b9:88:50:b2:09:05:6b:7e:49:61:
43:73:6c:33:76:17:89:30:71:95:ea:28:2c:65:1a:71:30:ac:
57:90:95:05:9a:99:91:23:42:4f:c8:0b:d8:2d:09:2d:09:7d:
14:c1:79:af:26:dc:50:90:35:4f:01:43:20:a9:c0:7f:da:46:
06:e6:25:11
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZ7kHy2h4Nuol9LRj9G5TVHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjIwMDgyMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY4ZjcyNmY3MDU0NWY2MmViMzI4MzY4MGRkY2ZjNTU4MjUxOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy85RbN2wVF9enZEZaRNngJ37hAUN
b69rvgMXNZbdZf3G1yohi0enri1IGXplm7Sgy3SFVM0CMj43OO7AP/DXuJUe27wn
NL0AIh0BoYy9G3gIGRJxPaMqwA8f0PX2P5KfUZPoc67M2LMzaRHj8EOSRs2NMfjc
3HLu3ofQY2D4Gsrhyz3eTQlsBq9XUISOrHFY91DYoofCY/TboYwNpAJzYQUwVFdK
ExnsJcthsH0vbIpSaCFMyWhfYhzDfrQnVnpI4DIgEGeYwD4sQbu7OaSHqbRPdYoe
T+XLtVX4sqznEtev91eLAIufOIbYyvEY3N8ID35VvlsgT6F5Knu4uG8zPwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFJRo9yb3BUX2LrMoNoDdz8VYJRkYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbEdqM0p2Y0ZSZll1c3lnMmdOM1B4VmdsR1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAAF
/TkDBAAli4ADBAAtQuQDBAAtQucDBAAtWfcDBAAtW8IDBAAtjZ4DBABRoe4DBABT
j3EDBAFV2YIDBABXeFcDBABXeH4DBABXeKYDBAFXeMADBAFXeT4DBAFXeXIDBABX
ed0DBABc+TIDBAFde2QDBABde20DBABenLwDBACTTmUDBAK52lQDBAC53qADBAC5
9t0DBAC5/LEDBADCN7oDBADCqa8wDQYJKoZIhvcNAQELBQADggEBAGaBTFudsK0m
uNz7B6MCQOAoYP/YafjqYxkP4NJOjMSWcfqJtFn8+5QXIUcY2ZJtSxExNKLkamU2
fB0eIdJEo4hvg10eD6BfW7HRq4jC0enPTe1XO1tQGPJMgfc7rAmE4l/7HoJYei2Z
t9ZcGcMHWsVMsArqpWWRjUIcEctUOkBBFVtPVATTFDfielueV9BIRPLvpgF3cjbq
X+w0KobicYiwkZQ+DcuzSoo12U6zaBVbnOnz/GmGcBrq6YjmuYhQsgkFa35JYUNz
bDN2F4kwcZXqKCxlGnEwrFeQlQWamZEjQk/IC9gtCS0JfRTBea8m3FCQNU8BQyCp
wH/aRgbmJRE=
-----END CERTIFICATE-----
Generated at Sat Jun 20 13:33:04 2026 by rpki-client