Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xh0G0u8pfg_vM6mzkg3JpPC9MzY.roa
File: xh0G0u8pfg_vM6mzkg3JpPC9MzY.roa (raw, json)
Hash identifier: svty/VQsPuECsU+RMS8IX8Q4PJW+g/Ky2lJYj1heH8A=
Subject key identifier: C6:1D:06:D2:EF:29:7E:0F:EF:33:A9:B3:92:0D:C9:A4:F0:BD:33:36
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0197212F43164F81FE9DE4F5E9E9610618EE
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xh0G0u8pfg_vM6mzkg3JpPC9MzY.roa
Signing time: Fri 30 May 2025 12:33:54 +0000
ROA not before: Fri 30 May 2025 12:33:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
77.83.37.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 03 Jun 2025 13:16:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:21:2f:43:16:4f:81:fe:9d:e4:f5:e9:e9:61:06:18:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: May 30 12:33:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c61d06d2ef297e0fef33a9b3920dc9a4f0bd3336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ae:72:39:3d:11:c4:c3:2f:17:db:f6:52:39:
e9:1c:24:9b:1f:54:25:54:62:08:5b:d4:82:84:89:
8a:8d:e6:74:80:27:be:75:c6:df:4a:c2:67:9c:7b:
7c:16:da:c0:bf:35:05:de:da:b2:ef:f6:7f:78:97:
35:28:2d:b1:f9:94:8e:48:f5:af:28:a3:69:91:3a:
4a:4f:50:46:a4:cc:8e:4e:ec:99:4d:e8:79:f0:53:
aa:53:0d:0f:e6:9a:de:1c:19:f7:3d:dd:e9:fe:2f:
a0:14:b2:09:48:37:ed:b7:e3:42:7d:64:ef:17:c7:
ee:9a:5a:ea:88:46:ce:c5:0c:c4:00:28:9f:89:53:
5e:d3:7a:14:6c:e4:2e:ce:41:37:5f:63:d2:fc:d7:
b4:25:c9:62:c6:8f:ad:04:7e:7d:c8:03:5b:6f:18:
dc:e5:82:87:ae:3e:a1:66:f9:50:6b:e0:71:1a:6c:
9f:9f:34:97:3c:86:91:c5:ec:19:e1:35:fa:1b:31:
6e:d9:2c:05:ce:18:4b:d3:59:3e:16:f8:30:47:bf:
3a:41:9f:6b:c8:5d:95:cf:96:94:b8:f6:eb:49:58:
e1:7a:20:9e:ec:d7:77:95:33:8d:59:99:fa:a9:69:
95:df:08:e5:07:00:ab:2b:64:20:80:cb:59:2d:fd:
1d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1D:06:D2:EF:29:7E:0F:EF:33:A9:B3:92:0D:C9:A4:F0:BD:33:36
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xh0G0u8pfg_vM6mzkg3JpPC9MzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.88.136.0/24
45.94.171.0/24
45.132.180.0/24
45.132.182.0/23
77.83.37.0/24
91.223.110.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
42:f9:bc:4a:a3:7f:eb:4f:02:bc:12:bb:d8:9f:c5:74:86:20:
d0:b4:8d:6b:ea:bd:73:b7:61:09:b3:88:fc:8a:ce:16:d1:47:
94:14:0f:8e:fe:89:bd:ac:93:af:c9:26:b2:34:44:26:f2:51:
e5:3b:43:c8:eb:bd:2a:3b:f5:d9:b3:35:be:a2:6f:e6:fc:8b:
b0:6b:20:01:e6:0d:2a:82:72:7d:e6:a9:c0:3d:ae:b5:ce:0b:
4d:1f:32:2e:43:6b:72:ed:ea:e3:f8:60:c8:b6:f6:c4:17:8f:
f4:2b:2f:57:b5:54:69:c7:80:6d:47:0b:4e:34:3a:dd:70:c8:
c3:7e:57:b9:49:b6:ad:58:5d:8c:9c:38:33:3f:4c:8b:8a:37:
20:5b:7e:0e:4a:12:4a:59:55:89:31:55:be:34:31:fa:ed:22:
f1:2e:65:4d:b0:d5:34:e2:95:e1:98:8b:93:a7:81:84:ff:de:
c9:06:7b:9a:e9:31:7c:e6:cb:81:7c:b6:c7:1b:00:b3:5e:a2:
a4:ce:fe:6d:9a:44:38:a2:e1:10:8c:2f:3b:01:47:67:0c:9f:
59:f1:5c:9a:42:ab:01:67:42:28:27:b3:b8:bd:36:3d:14:ee:
d1:5b:80:1b:64:42:8d:24:7a:72:c1:fd:fc:58:5a:a0:7f:7a:
d1:51:9c:a9
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZchL0MWT4H+neT16elhBhjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNTMwMTIzMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFkMDZkMmVmMjk3ZTBmZWYzM2E5YjM5MjBkYzlhNGYwYmQzMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK5yOT0RxMMvF9v2UjnpHCSbH1Ql
VGIIW9SChImKjeZ0gCe+dcbfSsJnnHt8FtrAvzUF3tqy7/Z/eJc1KC2x+ZSOSPWv
KKNpkTpKT1BGpMyOTuyZTeh58FOqUw0P5preHBn3Pd3p/i+gFLIJSDftt+NCfWTv
F8fumlrqiEbOxQzEACifiVNe03oUbOQuzkE3X2PS/Ne0Jclixo+tBH59yANbbxjc
5YKHrj6hZvlQa+BxGmyfnzSXPIaRxewZ4TX6GzFu2SwFzhhL01k+FvgwR786QZ9r
yF2Vz5aUuPbrSVjheiCe7Nd3lTONWZn6qWmV3wjlBwCrK2QggMtZLf0dTwIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFMYdBtLvKX4P7zOps5INyaTwvTM2MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveGgwRzB1OHBmZ192TTZtemtnM0pwUEM5TXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCBkwQCAAEwgYwD
BAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1YiAMEAC1eqwMEAC2E
tAMEAS2EtgMEAE1TJQMEAFvfbgMEAJITfQMEAbkr+AMEALkr+wMEAbnIPgMEAMEe
8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYgMEAMM+GAMEAsOxXAMEAsPTvDB2BAIA
AjBwAwUAKgFxIAMFAyoHkgADBQAqCQNAAwUAKgkDQgMFACoJA0YDBQAqCcRAAwUA
KgxdQAMFAyoMpYADBQMqEN/AAwUAKhD6wAMFAyoRBYADBQAqERYAAwUAKhEqgAMF
ACoROQADBQAqEdaAAwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAQvm8SqN/608C
vBK72J/FdIYg0LSNa+q9c7dhCbOI/IrOFtFHlBQPjv6JvayTr8kmsjREJvJR5TtD
yOu9Kjv12bM1vqJv5vyLsGsgAeYNKoJyfeapwD2utc4LTR8yLkNrcu3q4/hgyLb2
xBeP9CsvV7VUaceAbUcLTjQ63XDIw35XuUm2rVhdjJw4Mz9Mi4o3IFt+DkoSSllV
iTFVvjQx+u0i8S5lTbDVNOKV4ZiLk6eBhP/eyQZ7mukxfObLgXy2xxsAs16ipM7+
bZpEOKLhEIwvOwFHZwyfWfFcmkKrAWdCKCezuL02PRTu0VuAG2RCjSR6csH9/Fha
oH960VGcqQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:34:42 2025 by rpki-client