Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/najzfnXuW8te8_RMcJ_bxjWJOFE.roa
File: najzfnXuW8te8_RMcJ_bxjWJOFE.roa (raw, json)
Hash identifier: 5Xj4sRLdfw/q+0oWFr98OCHdWaA4vBIaYYnl736u1+E=
Subject key identifier: 9D:A8:F3:7E:75:EE:5B:CB:5E:F3:F4:4C:70:9F:DB:C6:35:89:38:51
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01970C61A37CC90C3F947A7D6F752C8D957E
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/najzfnXuW8te8_RMcJ_bxjWJOFE.roa
Signing time: Mon 26 May 2025 11:36:54 +0000
ROA not before: Mon 26 May 2025 11:36:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
83.172.151.0/24 maxlen: 24
83.172.153.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.122.184.0/24 maxlen: 24
185.193.51.0/24 maxlen: 24
185.195.65.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f82:abcd::/48 maxlen: 48
2a03:f82:abcd:43::/64 maxlen: 64
2a03:f87:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 May 2025 13:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:61:a3:7c:c9:0c:3f:94:7a:7d:6f:75:2c:8d:95:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: May 26 11:36:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9da8f37e75ee5bcb5ef3f44c709fdbc635893851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:41:f6:32:6d:64:23:51:f7:14:a3:53:6e:c6:
fa:d2:3a:9c:c8:72:08:d7:79:05:ff:6d:94:d0:70:
fb:64:5b:2b:3e:0f:05:48:a5:1c:61:e7:df:0d:7c:
08:43:bd:a7:64:7e:58:06:13:35:20:2b:b8:84:ad:
a6:23:37:14:9d:b9:99:5f:a6:99:94:30:ab:1b:79:
05:51:cb:18:05:f7:5e:46:7c:a2:7b:a7:d0:32:0b:
ec:ac:c2:28:83:39:05:24:20:ee:f5:f1:68:aa:94:
bb:80:9b:2e:80:94:c4:16:f3:3a:c6:0f:78:0a:fe:
1a:86:b4:66:99:48:f6:00:91:ff:0f:00:e0:c0:8e:
96:96:3a:d6:55:53:46:08:bd:8b:e3:4a:98:6c:08:
52:32:24:a3:df:47:9a:54:49:ab:4f:65:d2:29:15:
50:ce:6b:4f:36:d9:70:37:67:73:2d:6f:61:82:22:
e5:bb:e5:47:bf:05:7e:73:0d:7f:54:30:97:37:81:
e6:e6:48:3d:1f:1c:2d:31:f4:e0:d3:c7:2f:f6:2a:
2d:03:56:2c:0e:01:8b:aa:be:58:7e:11:98:3b:97:
8c:da:6d:3f:ea:57:f4:4c:a2:fb:fc:fb:e9:fc:ed:
e2:86:6f:dd:96:3a:2c:42:1f:53:45:5d:70:bf:70:
c3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A8:F3:7E:75:EE:5B:CB:5E:F3:F4:4C:70:9F:DB:C6:35:89:38:51
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/najzfnXuW8te8_RMcJ_bxjWJOFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
45.153.125.0/24
83.172.151.0/24
83.172.153.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.46.238.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.205.0/24
103.57.250.0/24
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
185.122.184.0/24
185.193.51.0/24
185.195.65.0/24
188.214.33.0-188.214.34.255
188.214.38.0/23
213.183.54.0-213.183.57.255
IPv6:
2a03:f80:7::/48
2a03:f80:31::/48
2a03:f80:56::/47
2a03:f80:70::/48
2a03:f80:354::/48
2a03:f80:357::/48
2a03:f80:359::/48
2a03:f80:370::/47
2a03:f80:3991::/48
2a03:f80:ad15::/48
2a03:f80:ed15::-2a03:f80:ed17:ffff:ffff:ffff:ffff:ffff
2a03:f80:ed31::/48
2a03:f80:ed51::/48
2a03:f82:abcd::/48
2a03:f87:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
be:98:1f:77:b3:77:96:de:07:4e:cb:12:53:a5:c1:c1:0a:65:
67:4f:5a:fc:f6:f6:f0:cc:d4:43:c6:da:b3:c0:c2:b7:e1:83:
0a:49:a2:85:fc:80:0c:f4:a1:11:b4:e1:ec:03:5f:6d:5e:7e:
2b:37:c2:9f:2d:c1:30:60:89:ad:63:be:a5:ea:db:bf:50:d6:
f8:c4:2d:e4:5c:26:33:ce:90:c0:5d:1c:d7:12:63:04:44:b3:
6f:d9:c5:da:0d:fd:f2:0d:4d:0d:5e:4e:fc:50:dc:8c:e8:c4:
3b:aa:5d:60:fa:bd:22:e7:32:64:a3:b4:5f:52:c0:83:8a:c6:
95:23:bf:2c:3e:14:47:0d:43:78:ec:d3:43:8a:72:68:1e:89:
69:77:cd:fb:82:34:c5:56:3a:c8:66:aa:ca:07:da:b4:03:4d:
b8:48:ff:14:7b:4c:87:71:bd:9e:d2:c9:05:52:cf:b5:f9:07:
1f:42:b6:5d:2c:0f:9d:54:e9:a6:fc:50:fc:e3:df:8e:45:d2:
85:2d:93:9a:ba:c9:07:d4:e4:71:a3:8e:83:77:e6:52:39:cd:
e2:94:ed:a8:20:d0:e3:56:ca:42:0b:e9:c1:06:6a:62:49:08:
ed:04:5f:8a:8c:16:b1:d5:f0:05:cd:51:22:d1:c0:db:dd:0e:
5e:77:47:e2
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAZcMYaN8yQw/lHp9b3UsjZV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNTI2MTEzNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE4ZjM3ZTc1ZWU1YmNiNWVmM2Y0NGM3MDlmZGJjNjM1ODkzODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUH2Mm1kI1H3FKNTbsb60jqcyHII
13kF/22U0HD7ZFsrPg8FSKUcYeffDXwIQ72nZH5YBhM1ICu4hK2mIzcUnbmZX6aZ
lDCrG3kFUcsYBfdeRnyie6fQMgvsrMIogzkFJCDu9fFoqpS7gJsugJTEFvM6xg94
Cv4ahrRmmUj2AJH/DwDgwI6WljrWVVNGCL2L40qYbAhSMiSj30eaVEmrT2XSKRVQ
zmtPNtlwN2dzLW9hgiLlu+VHvwV+cw1/VDCXN4Hm5kg9HxwtMfTg08cv9iotA1Ys
DgGLqr5YfhGYO5eM2m0/6lf0TKL7/Pvp/O3ihm/dljosQh9TRV1wv3DDeQIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFJ2o83517lvLXvP0THCf28Y1iThRMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvbmFqemZuWHVXOHRlOF9STWNKX2J4aldKT0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCB0QQCAAEwgcoD
BAAFtHIDBAQl6zADBAAtmX0DBABTrJcDBABTrJkDBABT83gDBAFT83oDBABU9z0D
BABWancDBABZH3sDBABZLu4DBABbhF4DBAFb48wDBABc80IDBABfnM0DBABnOfoD
BACG/9IwDAMEA5WamAMEAJWanAMEBZfsADAMAwQAnv/RAwQAnv/UMAwDBAK5GuwD
BAC5Gu4DBAC5ergDBAC5wTMDBAC5w0EwDAMEALzWIQMEALzWIgMEAbzWJjAMAwQB
1bc2AwQB1bc4MIGZBAIAAjCBkgMHACoDD4AABwMHACoDD4AAMQMHASoDD4AAVgMH
ACoDD4AAcAMHACoDD4ADVAMHACoDD4ADVwMHACoDD4ADWQMHASoDD4ADcAMHACoD
D4A5kQMHACoDD4CtFTASAwcAKgMPgO0VAwcDKgMPgO0QAwcAKgMPgO0xAwcAKgMP
gO1RAwcAKgMPgqvNAwcAKgMPh///MA0GCSqGSIb3DQEBCwUAA4IBAQC+mB93s3eW
3gdOyxJTpcHBCmVnT1r89vbwzNRDxtqzwMK34YMKSaKF/IAM9KERtOHsA19tXn4r
N8KfLcEwYImtY76l6tu/UNb4xC3kXCYzzpDAXRzXEmMERLNv2cXaDf3yDU0NXk78
UNyM6MQ7ql1g+r0i5zJko7RfUsCDisaVI78sPhRHDUN47NNDinJoHolpd837gjTF
VjrIZqrKB9q0A024SP8Ue0yHcb2e0skFUs+1+QcfQrZdLA+dVOmm/FD849+ORdKF
LZOauskH1ORxo46Dd+ZSOc3ilO2oINDjVspCC+nBBmpiSQjtBF+KjBax1fAFzVEi
0cDb3Q5ed0fi
-----END CERTIFICATE-----
Generated at Tue Jun 10 08:39:58 2025 by rpki-client