Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/23MWQak9OmSCvJue5wUd5pXIblc.roa
File: 23MWQak9OmSCvJue5wUd5pXIblc.roa (raw, json)
Hash identifier: KCU1Oyzvj6VipOIhzBY0uJn1oHrPMU4vpZUA2XwhL7I=
Subject key identifier: DB:73:16:41:A9:3D:3A:64:82:BC:9B:9E:E7:05:1D:E6:95:C8:6E:57
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0197203F64FDCA8F85ED453A76D02AEAC767
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/23MWQak9OmSCvJue5wUd5pXIblc.roa
Signing time: Fri 30 May 2025 08:11:54 +0000
ROA not before: Fri 30 May 2025 08:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.187.33.0/24 maxlen: 24
37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.151.73.0/24 maxlen: 24
45.151.74.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.136.0/24 maxlen: 24
83.172.138.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.172.159.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:41::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 31 May 2025 22:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:3f:64:fd:ca:8f:85:ed:45:3a:76:d0:2a:ea:c7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: May 30 08:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db731641a93d3a6482bc9b9ee7051de695c86e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9b:69:69:41:67:37:61:dc:60:e3:ec:75:f3:
72:25:57:7b:de:c2:bf:89:fa:95:d4:63:f5:7e:f6:
db:a4:8a:ea:6b:f3:d9:b5:f8:8d:0e:ec:43:7f:50:
34:5e:ca:40:ba:06:82:d0:de:0b:ce:fb:c9:bf:ee:
1a:4b:5d:09:c9:91:57:15:3d:d1:ec:9a:8f:f3:56:
04:1d:f6:77:58:95:c9:4c:79:b2:e9:62:ae:51:7b:
92:9e:7e:12:44:13:3c:75:94:3d:c5:6f:66:21:5b:
8a:ce:d9:f1:d9:bd:10:c8:3b:c0:a9:8a:36:15:e2:
eb:df:85:13:cd:0c:43:39:3b:eb:e2:c2:97:ee:6c:
67:d3:6c:07:ac:64:f2:e4:65:74:f0:d0:4b:36:b1:
3e:c9:17:16:10:02:61:4a:07:57:dc:2b:21:78:26:
41:2b:3d:7f:15:79:7b:33:1e:a1:3e:de:f7:61:fe:
2d:ca:d6:75:55:ba:2e:d7:bd:c8:ef:54:c2:8d:a2:
87:90:ec:75:12:71:05:8e:46:2b:0e:e8:93:77:bf:
a7:ff:4e:fd:e6:b9:76:97:dd:0c:7c:e0:97:68:6b:
c2:ef:30:69:24:89:e7:40:36:18:5f:e5:97:65:7b:
79:43:6d:26:88:73:10:ac:ce:64:70:15:dd:7f:3d:
c3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:73:16:41:A9:3D:3A:64:82:BC:9B:9E:E7:05:1D:E6:95:C8:6E:57
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/23MWQak9OmSCvJue5wUd5pXIblc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.33.0/24
37.235.48.0/24
37.235.51.0/24
45.151.73.0-45.151.74.255
45.153.127.0/24
46.183.187.0/24
83.172.134.0-83.172.136.255
83.172.138.0/24
83.172.150.0/24
83.172.159.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.232.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.4.0/24
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.122.187.0/24
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/47
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:358::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
a0:d3:b5:89:68:77:f4:3c:10:c9:33:a4:6c:7b:cb:d2:de:bf:
5b:f7:c2:0f:95:2b:e5:e7:16:1b:cb:d0:da:f9:f6:95:9c:62:
86:24:f0:b8:a8:80:52:e4:bc:e1:99:e6:8b:3c:05:a2:dd:2c:
d0:a2:4e:d5:9c:8d:cd:36:9d:6f:33:f9:24:51:9d:46:dd:9c:
e3:6d:eb:7d:ce:3f:5d:de:6d:c6:7e:61:52:fd:88:8c:42:ef:
b8:a0:63:8f:37:c5:4e:c3:08:65:8f:1b:da:8a:1d:45:b0:f4:
b3:f7:cc:4b:5b:f7:7f:ff:be:6a:d3:40:2b:f2:d9:71:b0:5f:
e0:94:ca:04:98:91:fc:9a:e5:d2:8c:e2:93:a7:c2:8c:91:bf:
ad:53:24:f1:2e:f7:77:67:12:82:b0:b8:49:fd:4e:f2:26:58:
76:05:70:ff:d4:48:86:d5:aa:df:66:19:5d:ba:5d:99:b8:56:
5c:d4:60:67:98:a1:49:ee:67:c6:28:a5:2e:94:db:09:9e:f8:
82:df:e2:72:8a:3e:90:cd:d7:f5:cd:9f:04:10:19:9b:cc:41:
8e:97:b9:20:d7:8c:bd:09:7d:03:74:fa:51:78:71:7c:d2:14:
fb:c8:4f:28:5e:ae:7f:5e:09:25:16:ac:77:44:d5:44:5a:a2:
7a:e9:b2:98
-----BEGIN CERTIFICATE-----
MIIGtjCCBZ6gAwIBAgISAZcgP2T9yo+F7UU6dtAq6sdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNTMwMDgxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjczMTY0MWE5M2QzYTY0ODJiYzliOWVlNzA1MWRlNjk1Yzg2ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZtpaUFnN2HcYOPsdfNyJVd73sK/
ifqV1GP1fvbbpIrqa/PZtfiNDuxDf1A0XspAugaC0N4LzvvJv+4aS10JyZFXFT3R
7JqP81YEHfZ3WJXJTHmy6WKuUXuSnn4SRBM8dZQ9xW9mIVuKztnx2b0QyDvAqYo2
FeLr34UTzQxDOTvr4sKX7mxn02wHrGTy5GV08NBLNrE+yRcWEAJhSgdX3CsheCZB
Kz1/FXl7Mx6hPt73Yf4tytZ1Vbou173I71TCjaKHkOx1EnEFjkYrDuiTd7+n/079
5rl2l90MfOCXaGvC7zBpJInnQDYYX+WXZXt5Q20miHMQrM5kcBXdfz3DGwIDAQAB
o4IDwjCCA74wHQYDVR0OBBYEFNtzFkGpPTpkgrybnucFHeaVyG5XMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvMjNNV1FhazlPbVNDdkp1ZTV3VWQ1cFhJYmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1gYIKwYBBQUHAQcBAf8EggHFMIIBwTCCASoEAgABMIIB
IgMEAAW7IQMEACXrMAMEACXrMzAMAwQALZdJAwQALZdKAwQALZl/AwQALre7MAwD
BAFTrIYDBABTrIgDBABTrIoDBABTrJYDBABTrJ8DBAFT83gDBAFZH3gDBABZH3sw
DAMEA1ku6AMEAFku7AMEAVuEXAMEAFuEXwMEAFzzQAMEAF+czAMEAF+czwMEAWc5
+AMEAGc5+wMEAIb/0zAMAwQAlZqdAwQFlZqAAwQAl+wEMAwDBACX7A8DBACX7BIw
DAMEApfsFAMEAJfsFgMEAJfsGQMEAJ7/0DAMAwQAnv/VAwQDnv/QAwQAsH5jAwQA
uRrsAwQBuRruAwQBuUxOAwQAuXq7AwQAucEwAwQAucNAAwQAucNCAwQAvNYgAwQA
1bc3MIGQBAIAAjCBiQMHASoDD4AAMgMHACoDD4AAOQMHASoDD4AAQAMHASoDD4AA
RDASAwcAKgMPgABHAwcBKgMPgABIAwcAKgMPgABhAwcAKgMPgABlAwcAKgMPgACB
AwcAKgMPgANYAwcAKgMPgAOBAwcAKgMPgAhSAwcAKgMPgAlxAwcAKgMPgEQWAwcA
KgMPgO1RMA0GCSqGSIb3DQEBCwUAA4IBAQCg07WJaHf0PBDJM6Rse8vS3r9b98IP
lSvl5xYby9Da+faVnGKGJPC4qIBS5LzhmeaLPAWi3SzQok7VnI3NNp1vM/kkUZ1G
3Zzjbet9zj9d3m3GfmFS/YiMQu+4oGOPN8VOwwhljxvaih1FsPSz98xLW/d//75q
00Ar8tlxsF/glMoEmJH8muXSjOKTp8KMkb+tUyTxLvd3ZxKCsLhJ/U7yJlh2BXD/
1EiG1arfZhldul2ZuFZc1GBnmKFJ7mfGKKUulNsJnviC3+Jyij6Qzdf1zZ8EEBmb
zEGOl7kg14y9CX0DdPpReHF80hT7yE8oXq5/XgklFqx3RNVEWqJ66bKY
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:45:07 2025 by rpki-client