Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/XgDSHPAfPq0vtoCu4efHIlCzrHs.roa
File: XgDSHPAfPq0vtoCu4efHIlCzrHs.roa (raw, json)
Hash identifier: gQxDgInNTjszOmyQHfg4Z3dXo3I1Lia0XgV94PeXWuM=
Subject key identifier: 5E:00:D2:1C:F0:1F:3E:AD:2F:B6:80:AE:E1:E7:C7:22:50:B3:AC:7B
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 019744F10E1AAF57DF8A3CC3F570B5D1A703
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/XgDSHPAfPq0vtoCu4efHIlCzrHs.roa
Signing time: Fri 06 Jun 2025 11:12:17 +0000
ROA not before: Fri 06 Jun 2025 11:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.79.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.86.0/24 maxlen: 24
89.23.88.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.144.0/24 maxlen: 24
178.254.145.0/24 maxlen: 24
178.254.146.0/24 maxlen: 24
178.254.148.0/24 maxlen: 24
178.254.149.0/24 maxlen: 24
178.254.151.0/24 maxlen: 24
178.254.152.0/24 maxlen: 24
178.254.153.0/24 maxlen: 24
178.254.154.0/24 maxlen: 24
178.254.155.0/24 maxlen: 24
178.254.156.0/24 maxlen: 24
178.254.157.0/24 maxlen: 24
178.254.158.0/24 maxlen: 24
178.254.159.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.168.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 09 Jun 2025 08:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:f1:0e:1a:af:57:df:8a:3c:c3:f5:70:b5:d1:a7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 6 11:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e00d21cf01f3ead2fb680aee1e7c72250b3ac7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:03:af:e5:f6:2b:83:6a:0b:ca:73:81:23:76:
5e:23:2d:30:c6:7f:ea:71:f9:8e:30:3f:da:a1:44:
7c:34:81:b6:9a:52:1b:09:d8:7c:0e:75:5d:31:82:
e9:6f:25:8c:0d:49:0a:fc:6a:10:43:26:d6:5e:3b:
8e:97:09:4e:c3:e9:ec:8d:36:97:2f:8d:53:bd:da:
fd:fb:0e:48:d0:56:06:e6:6c:ea:8f:40:47:5c:71:
dd:66:32:f4:12:bb:1f:8b:16:5e:5f:ff:c8:c1:e6:
f0:f2:7c:b8:0a:d7:12:8e:df:c3:38:7c:39:07:4d:
fc:9b:2a:b2:4d:47:5d:ba:c1:cd:0d:13:c7:78:f3:
c2:28:12:38:e0:12:9a:29:a2:24:18:d3:c8:2e:34:
c6:db:d4:dc:e8:88:91:4a:aa:6f:2b:45:bc:ba:19:
e6:bb:85:d1:3c:db:49:07:be:74:87:bc:d4:48:b5:
0e:1b:2d:5c:55:aa:3a:15:51:35:5b:a9:f7:fc:13:
6a:2c:c1:51:99:c1:d1:8c:a9:12:d6:76:c0:0d:06:
9f:d2:35:70:b7:b1:f5:f8:e6:60:c2:a7:02:03:42:
e0:bd:ed:69:f7:ed:61:37:44:fd:19:44:73:9b:8f:
dc:ef:7f:e5:66:71:4b:42:71:a5:e3:9f:5a:bc:9c:
cb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:00:D2:1C:F0:1F:3E:AD:2F:B6:80:AE:E1:E7:C7:22:50:B3:AC:7B
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/XgDSHPAfPq0vtoCu4efHIlCzrHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.79.255
89.23.83.0-89.23.84.255
89.23.86.0/24
89.23.88.0/24
89.23.90.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.250.255
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.168.0/23
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
11:a6:c3:cd:ff:69:b0:75:0a:2f:0d:09:f4:05:8a:9c:3d:66:
99:7a:6f:36:d8:81:cf:12:6d:a4:10:2a:f1:d2:0a:ab:22:18:
2d:8c:ab:64:db:c8:0c:9a:c8:fc:17:41:4a:d1:94:c9:44:dc:
d6:7e:98:8f:c4:a1:8d:d4:5a:51:1f:93:d9:95:4c:62:ae:8f:
5e:c0:55:d4:87:fd:31:f3:80:30:aa:d7:db:f5:cb:a3:28:0f:
21:2c:59:2a:e5:13:38:b4:49:b3:3c:ad:30:a6:55:ca:e5:90:
d2:7a:1e:ae:23:47:9c:c8:a2:1d:8d:3f:67:a5:cf:5d:4a:29:
25:37:c5:9a:c1:63:eb:9a:61:e7:62:83:dc:a4:7d:54:24:f3:
be:98:83:c5:a1:22:f4:c4:0b:13:ec:34:f0:f0:5b:6f:94:0c:
6d:36:d2:1b:f6:74:46:ec:15:75:f6:6d:c1:17:db:d9:60:6b:
fc:1e:3a:b7:15:e9:67:87:cd:dd:a3:b4:fa:a3:b5:74:f4:6e:
04:c6:ac:82:ad:d9:da:b0:4a:b5:d3:2e:79:8a:b0:10:58:e8:
a4:85:30:68:ef:eb:7d:84:72:06:04:83:e1:d7:b4:0f:79:00:
d3:c3:75:e7:a0:dd:9e:fa:ac:bd:c3:c9:b9:3a:55:08:d2:3b:
0d:12:1c:3b
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZdE8Q4ar1ffijzD9XC10acDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwNjA2MTExMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAwZDIxY2YwMWYzZWFkMmZiNjgwYWVlMWU3YzcyMjUwYjNhYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QOv5fYrg2oLynOBI3ZeIy0wxn/q
cfmOMD/aoUR8NIG2mlIbCdh8DnVdMYLpbyWMDUkK/GoQQybWXjuOlwlOw+nsjTaX
L41Tvdr9+w5I0FYG5mzqj0BHXHHdZjL0ErsfixZeX//Iwebw8ny4CtcSjt/DOHw5
B038myqyTUddusHNDRPHePPCKBI44BKaKaIkGNPILjTG29Tc6IiRSqpvK0W8uhnm
u4XRPNtJB750h7zUSLUOGy1cVao6FVE1W6n3/BNqLMFRmcHRjKkS1nbADQaf0jVw
t7H1+OZgwqcCA0Lgve1p9+1hN0T9GURzm4/c73/lZnFLQnGl459avJzLUwIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFF4A0hzwHz6tL7aAruHnxyJQs6x7MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvWGdEU0hQQWZQcTB2dG9DdTRlZkhJbEN6ckhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCB/wQCAAEwgfgw
DAMEAAWsIQMEAwWsIDAMAwQAWRdBAwQAWRdGAwQBWRdKMAwDBABZF00DBARZF0Aw
DAMEAFkXUwMEAFkXVAMEAFkXVgMEAFkXWAMEAFkXWgMEAFkXXQMEA1wq+AMEA11d
wDAMAwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v8wMEAG1v
+jAMAwQCbW/8AwQAbW/+AwQFsv6AAwQAsv6jAwQAsv6lAwQBsv6oAwQAsv6sAwQA
sv6vAwQAsv6xMAwDBAGy/rYDBACy/rgwDAMEALL+uwMEBrL+gAMEALmdLAMEAMFo
RAMEBNmp0DANBAIAAjAHAwUAKgILWDANBgkqhkiG9w0BAQsFAAOCAQEAEabDzf9p
sHUKLw0J9AWKnD1mmXpvNtiBzxJtpBAq8dIKqyIYLYyrZNvIDJrI/BdBStGUyUTc
1n6Yj8ShjdRaUR+T2ZVMYq6PXsBV1If9MfOAMKrX2/XLoygPISxZKuUTOLRJszyt
MKZVyuWQ0noeriNHnMiiHY0/Z6XPXUopJTfFmsFj65ph52KD3KR9VCTzvpiDxaEi
9MQLE+w08PBbb5QMbTbSG/Z0RuwVdfZtwRfb2WBr/B46txXpZ4fN3aO0+qO1dPRu
BMasgq3Z2rBKtdMueYqwEFjopIUwaO/rfYRyBgSD4de0D3kA08N156DdnvqsvcPJ
uTpVCNI7DRIcOw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:55:51 2025 by rpki-client