Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/aYIoAiFjoLA6JflNkcLGm5AqIfs.roa
File: aYIoAiFjoLA6JflNkcLGm5AqIfs.roa (raw, json)
Hash identifier: uoRmONKO4IaGLUaLILgmf8rawv7pqalHw/NKMD+lS14=
Subject key identifier: 69:82:28:02:21:63:A0:B0:3A:25:F9:4D:91:C2:C6:9B:90:2A:21:FB
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0196F34A491FCA7DC2E34A59FF0DB06ADC4D
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/aYIoAiFjoLA6JflNkcLGm5AqIfs.roa
Signing time: Wed 21 May 2025 14:40:53 +0000
ROA not before: Wed 21 May 2025 14:40:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.187.33.0/24 maxlen: 24
37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.136.0/24 maxlen: 24
83.172.138.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:41::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 May 2025 12:59:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:4a:49:1f:ca:7d:c2:e3:4a:59:ff:0d:b0:6a:dc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: May 21 14:40:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=698228022163a0b03a25f94d91c2c69b902a21fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e0:ef:0c:d9:c4:b2:65:f0:13:35:e2:6b:93:
05:db:38:18:1a:24:ba:f1:e2:95:f9:2c:85:5f:0d:
76:a7:08:be:44:f7:fb:56:87:7d:4b:ba:7a:20:a4:
5c:f7:db:27:1a:87:3b:35:37:86:42:8b:44:ae:d9:
e1:c1:5b:76:0b:0b:ee:3a:5d:f8:32:3c:8c:83:fd:
d6:f0:9c:72:03:42:7f:16:4d:c5:3b:aa:17:7c:c8:
5a:2c:a7:09:16:6c:60:3b:71:ca:b8:d8:fd:61:c0:
26:da:9b:81:69:e4:a2:a9:da:88:05:c2:d6:b5:96:
5e:bd:08:42:16:f1:aa:60:ff:88:93:42:6b:49:57:
23:d4:45:47:e0:9d:93:3d:0c:37:d9:01:17:41:e2:
f4:b3:4a:3c:11:0e:f1:c5:78:a7:61:9c:31:0f:0f:
a2:b0:e8:5b:04:40:85:7f:3f:1c:48:e9:aa:d1:ac:
ce:f0:f8:2e:0c:54:9e:62:8b:3e:2a:90:7e:85:e5:
39:68:2b:27:3b:35:8e:3c:86:c4:09:2c:c4:a3:f5:
a0:6e:19:98:8d:c1:77:ec:e3:eb:a8:3e:3b:4c:97:
8d:f7:37:85:6e:47:47:88:8c:af:dc:13:34:31:1f:
9a:1b:8b:89:ba:4a:81:d2:f6:a5:d5:79:cb:28:40:
5c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:82:28:02:21:63:A0:B0:3A:25:F9:4D:91:C2:C6:9B:90:2A:21:FB
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/aYIoAiFjoLA6JflNkcLGm5AqIfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.33.0/24
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.172.134.0-83.172.136.255
83.172.138.0/24
83.172.150.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.232.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.4.0/24
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.122.187.0/24
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/47
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:358::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
58:f0:b9:a4:46:98:c6:c1:f0:3a:b0:54:84:fe:cf:83:5c:8e:
d1:54:28:06:f8:32:50:cb:e7:34:61:50:99:2b:66:4f:58:d2:
3c:a8:60:fd:ec:4e:19:15:b4:36:cc:19:fa:0b:d3:ed:d1:f6:
59:5d:dc:30:01:9e:9a:88:a6:23:69:18:57:49:df:9b:ee:58:
1d:e0:5c:ba:27:86:98:e2:8c:8b:fa:44:e2:0d:11:ad:39:21:
cd:91:84:c2:26:fd:32:1e:9e:9b:99:cb:dc:9d:40:dd:a3:c1:
b1:19:08:f7:8f:a7:4b:8e:44:98:b4:f9:0e:7e:1f:d1:ad:88:
02:65:13:22:bf:45:81:d7:6e:46:28:02:1c:75:aa:71:05:c0:
5a:5d:5e:88:26:44:e6:13:0a:55:b5:a9:9e:e2:42:e7:18:c2:
aa:6c:c1:77:f0:31:d4:90:6b:0c:01:70:f4:7b:cd:30:2c:26:
5a:92:fe:bf:a7:7d:49:fd:93:74:e3:4c:c9:02:76:e0:33:15:
57:13:aa:14:2a:86:0a:a8:24:ee:8b:61:bd:74:6c:c3:bc:37:
2f:a0:6c:f5:9f:90:a6:4d:e7:e2:30:54:4f:4d:04:69:c9:50:
e1:3a:32:93:be:a7:32:42:99:cf:0a:7a:98:43:29:3d:dc:99:
a4:0f:44:ad
-----BEGIN CERTIFICATE-----
MIIGojCCBYqgAwIBAgISAZbzSkkfyn3C40pZ/w2watxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNTIxMTQ0MDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTgyMjgwMjIxNjNhMGIwM2EyNWY5NGQ5MWMyYzY5YjkwMmEyMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeDvDNnEsmXwEzXia5MF2zgYGiS6
8eKV+SyFXw12pwi+RPf7Vod9S7p6IKRc99snGoc7NTeGQotErtnhwVt2CwvuOl34
MjyMg/3W8JxyA0J/Fk3FO6oXfMhaLKcJFmxgO3HKuNj9YcAm2puBaeSiqdqIBcLW
tZZevQhCFvGqYP+Ik0JrSVcj1EVH4J2TPQw32QEXQeL0s0o8EQ7xxXinYZwxDw+i
sOhbBECFfz8cSOmq0azO8PguDFSeYos+KpB+heU5aCsnOzWOPIbECSzEo/WgbhmY
jcF37OPrqD47TJeN9zeFbkdHiIyv3BM0MR+aG4uJukqB0val1XnLKEBcyQIDAQAB
o4IDrjCCA6owHQYDVR0OBBYEFGmCKAIhY6CwOiX5TZHCxpuQKiH7MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvYVlJb0FpRmpvTEE2SmZsTmtjTEdtNUFxSWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBwgYIKwYBBQUHAQcBAf8EggGxMIIBrTCCARYEAgABMIIB
DgMEAAW7IQMEACXrMAMEACXrMwMEAC2ZfwMEAC63uzAMAwQBU6yGAwQAU6yIAwQA
U6yKAwQAU6yWAwQBU/N4AwQBWR94AwQAWR97MAwDBANZLugDBABZLuwDBAFbhFwD
BABbhF8DBABc80ADBABfnMwDBABfnM8DBAFnOfgDBABnOfsDBACG/9MwDAMEAJWa
nQMEBZWagAMEAJfsBDAMAwQAl+wPAwQAl+wSMAwDBAKX7BQDBACX7BYDBACX7BkD
BACe/9AwDAMEAJ7/1QMEA57/0AMEALB+YwMEALka7AMEAbka7gMEAblMTgMEALl6
uwMEALnBMAMEALnDQAMEALnDQgMEALzWIAMEANW3NzCBkAQCAAIwgYkDBwEqAw+A
ADIDBwAqAw+AADkDBwEqAw+AAEADBwEqAw+AAEQwEgMHACoDD4AARwMHASoDD4AA
SAMHACoDD4AAYQMHACoDD4AAZQMHACoDD4AAgQMHACoDD4ADWAMHACoDD4ADgQMH
ACoDD4AIUgMHACoDD4AJcQMHACoDD4BEFgMHACoDD4DtUTANBgkqhkiG9w0BAQsF
AAOCAQEAWPC5pEaYxsHwOrBUhP7Pg1yO0VQoBvgyUMvnNGFQmStmT1jSPKhg/exO
GRW0NswZ+gvT7dH2WV3cMAGemoimI2kYV0nfm+5YHeBcuieGmOKMi/pE4g0RrTkh
zZGEwib9Mh6em5nL3J1A3aPBsRkI94+nS45EmLT5Dn4f0a2IAmUTIr9FgdduRigC
HHWqcQXAWl1eiCZE5hMKVbWpnuJC5xjCqmzBd/Ax1JBrDAFw9HvNMCwmWpL+v6d9
Sf2TdONMyQJ24DMVVxOqFCqGCqgk7othvXRsw7w3L6Bs9Z+Qpk3n4jBUT00EaclQ
4Toyk76nMkKZzwp6mEMpPdyZpA9ErQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:25:18 2025 by rpki-client