Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/XqwM8NSbBEnXKWSMv0vWzj7ZAYA.roa
File: XqwM8NSbBEnXKWSMv0vWzj7ZAYA.roa (raw, json)
Hash identifier: 6I4puS6k+dogLxno5UAx25io/2bILOeVRm9k8H2ZhuI=
Subject key identifier: 5E:AC:0C:F0:D4:9B:04:49:D7:29:64:8C:BF:4B:D6:CE:3E:D9:01:80
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0196C8FA048702CC43D0F849A2306D553078
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/XqwM8NSbBEnXKWSMv0vWzj7ZAYA.roa
Signing time: Tue 13 May 2025 09:29:10 +0000
ROA not before: Tue 13 May 2025 09:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.187.33.0/24 maxlen: 24
37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:41::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 May 2025 07:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:fa:04:87:02:cc:43:d0:f8:49:a2:30:6d:55:30:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: May 13 09:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eac0cf0d49b0449d729648cbf4bd6ce3ed90180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4d:d1:b8:af:3c:6f:8b:fd:d4:9d:58:1c:3f:
52:8b:84:8f:eb:10:32:f1:78:53:df:52:38:7c:e5:
1d:46:2e:25:84:78:c9:59:85:66:ad:87:06:6c:c9:
a1:7d:c1:92:e1:be:e0:fb:f1:28:0e:6d:c4:c4:4c:
bb:73:81:68:8d:ff:64:30:01:1e:87:d9:5b:32:aa:
5a:5f:9b:ac:c2:72:a7:68:bc:be:15:1e:46:39:12:
7e:7a:b8:b8:70:94:af:79:e6:ae:c5:70:28:f0:93:
0c:6e:2a:a9:40:02:d8:f3:4c:aa:45:fd:fe:50:f5:
dd:c0:99:49:3d:af:0d:58:28:81:c4:ba:fb:1e:8e:
41:9c:13:12:22:ec:d7:10:11:6f:52:eb:95:64:b0:
8d:f3:30:86:a1:1d:06:10:a1:8b:f9:39:e8:2c:10:
f1:cb:7b:a7:25:1f:30:1b:12:ef:05:14:ae:ea:0f:
8b:1d:1c:a2:aa:ed:97:82:36:72:b0:8e:fd:5d:45:
f3:6f:ee:ab:64:bf:b7:42:a4:70:97:66:d9:40:94:
0e:ef:55:44:ad:3e:99:bd:b2:3c:55:d3:0d:93:f6:
f2:05:64:9b:48:be:8c:0c:19:10:ce:73:d2:a6:dd:
e5:e2:a2:24:29:e2:aa:ab:2c:f2:e4:2d:47:46:69:
2d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AC:0C:F0:D4:9B:04:49:D7:29:64:8C:BF:4B:D6:CE:3E:D9:01:80
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/XqwM8NSbBEnXKWSMv0vWzj7ZAYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.33.0/24
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.172.134.0/23
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.232.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.4.0/24
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.122.187.0/24
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/47
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:358::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
1d:94:9b:50:fb:a2:ef:cb:09:3c:34:09:d3:21:e7:58:f9:ea:
7a:5e:fa:68:1f:bf:72:3a:32:32:dc:78:3a:72:34:10:af:7f:
c6:86:12:ce:8c:4b:13:ae:76:d2:51:eb:61:c9:d0:97:ce:a3:
52:e3:11:87:b3:1b:a2:24:3d:6e:19:4a:8a:f4:b2:08:16:71:
ea:55:dd:66:bc:6b:e5:bf:ca:e8:d2:0e:e5:9b:d3:4e:bf:75:
b1:7d:ae:ce:d8:31:ec:31:42:19:62:4e:71:6b:ef:b3:65:f7:
9e:55:23:c2:3f:ed:04:85:61:e2:a7:13:d0:b5:e4:ba:9c:d7:
fe:55:c9:32:66:46:55:0b:96:2a:65:06:94:6e:51:be:6c:54:
60:9c:34:f0:79:b1:47:d2:0c:66:a2:27:c3:2d:3e:bc:ec:f7:
f3:86:de:63:13:a0:4f:50:bc:26:62:70:e7:bf:17:0a:3b:4f:
cc:6c:93:cd:78:95:db:03:a1:03:8f:0f:54:ae:f3:ec:95:dc:
4a:93:9c:e0:51:47:01:4b:31:b8:9f:f2:3a:ee:b9:71:60:52:
02:41:26:4b:6f:6b:7a:37:ee:f2:77:9d:cf:f1:fb:81:85:aa:
47:38:38:5e:6a:b2:25:6f:a9:7e:cc:40:71:62:46:f1:b7:d0:
d2:db:af:9d
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgISAZbI+gSHAsxD0PhJojBtVTB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNTEzMDkyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWFjMGNmMGQ0OWIwNDQ5ZDcyOTY0OGNiZjRiZDZjZTNlZDkwMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE3RuK88b4v91J1YHD9Si4SP6xAy
8XhT31I4fOUdRi4lhHjJWYVmrYcGbMmhfcGS4b7g+/EoDm3ExEy7c4Fojf9kMAEe
h9lbMqpaX5uswnKnaLy+FR5GORJ+eri4cJSveeauxXAo8JMMbiqpQALY80yqRf3+
UPXdwJlJPa8NWCiBxLr7Ho5BnBMSIuzXEBFvUuuVZLCN8zCGoR0GEKGL+TnoLBDx
y3unJR8wGxLvBRSu6g+LHRyiqu2XgjZysI79XUXzb+6rZL+3QqRwl2bZQJQO71VE
rT6ZvbI8VdMNk/byBWSbSL6MDBkQznPSpt3l4qIkKeKqqyzy5C1HRmkt2QIDAQAB
o4IDmTCCA5UwHQYDVR0OBBYEFF6sDPDUmwRJ1ylkjL9L1s4+2QGAMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvWHF3TThOU2JCRW5YS1dTTXYwdld6ajdaQVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrQYIKwYBBQUHAQcBAf8EggGcMIIBmDCCAQEEAgABMIH6
AwQABbshAwQAJeswAwQAJeszAwQALZl/AwQALre7AwQBU6yGAwQBU/N4AwQBWR94
AwQAWR97MAwDBANZLugDBABZLuwDBAFbhFwDBABbhF8DBABc80ADBABfnMwDBABf
nM8DBAFnOfgDBABnOfsDBACG/9MwDAMEAJWanQMEBZWagAMEAJfsBDAMAwQAl+wP
AwQAl+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9AwDAMEAJ7/1QMEA57/0AME
ALB+YwMEALka7AMEAbka7gMEAblMTgMEALl6uwMEALnBMAMEALnDQAMEALnDQgME
ALzWIAMEANW3NzCBkAQCAAIwgYkDBwEqAw+AADIDBwAqAw+AADkDBwEqAw+AAEAD
BwEqAw+AAEQwEgMHACoDD4AARwMHASoDD4AASAMHACoDD4AAYQMHACoDD4AAZQMH
ACoDD4AAgQMHACoDD4ADWAMHACoDD4ADgQMHACoDD4AIUgMHACoDD4AJcQMHACoD
D4BEFgMHACoDD4DtUTANBgkqhkiG9w0BAQsFAAOCAQEAHZSbUPui78sJPDQJ0yHn
WPnqel76aB+/cjoyMtx4OnI0EK9/xoYSzoxLE6520lHrYcnQl86jUuMRh7MboiQ9
bhlKivSyCBZx6lXdZrxr5b/K6NIO5ZvTTr91sX2uztgx7DFCGWJOcWvvs2X3nlUj
wj/tBIVh4qcT0LXkupzX/lXJMmZGVQuWKmUGlG5RvmxUYJw08HmxR9IMZqInwy0+
vOz384beYxOgT1C8JmJw578XCjtPzGyTzXiV2wOhA48PVK7z7JXcSpOc4FFHAUsx
uJ/yOu65cWBSAkEmS29rejfu8nedz/H7gYWqRzg4XmqyJW+pfsxAcWJG8bfQ0tuv
nQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:35:24 2025 by rpki-client