Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/M4jeqmcRgh4dBHm_VjQlxiMez0w.roa
File: M4jeqmcRgh4dBHm_VjQlxiMez0w.roa (raw, json)
Hash identifier: KJOYxxZtKl0SkYLcERSwvt49+sQVpxXclji2O/wgTWQ=
Subject key identifier: 33:88:DE:AA:67:11:82:1E:1D:04:79:BF:56:34:25:C6:23:1E:CF:4C
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 019A05AF8FB0CD8BABA28CEB3F465B19F175
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/M4jeqmcRgh4dBHm_VjQlxiMez0w.roa
Signing time: Tue 21 Oct 2025 07:33:02 +0000
ROA not before: Tue 21 Oct 2025 07:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203217
IP address blocks: 93.180.216.0/21 maxlen: 21
93.180.216.0/22 maxlen: 22
93.180.216.0/23 maxlen: 23
93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/23 maxlen: 23
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.220.0/22 maxlen: 22
93.180.220.0/23 maxlen: 23
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/23 maxlen: 23
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
138.124.156.0/22 maxlen: 22
138.124.156.0/23 maxlen: 23
138.124.156.0/24 maxlen: 24
138.124.157.0/24 maxlen: 24
138.124.158.0/23 maxlen: 23
138.124.158.0/24 maxlen: 24
138.124.159.0/24 maxlen: 24
144.86.228.0/22 maxlen: 22
144.86.228.0/23 maxlen: 23
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/23 maxlen: 23
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.20.196.0/22 maxlen: 22
185.20.196.0/23 maxlen: 23
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.198.0/23 maxlen: 23
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
185.138.120.0/22 maxlen: 22
185.138.120.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/23 maxlen: 23
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
185.254.12.0/22 maxlen: 22
185.254.12.0/23 maxlen: 23
185.254.13.0/24 maxlen: 24
185.254.14.0/23 maxlen: 23
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
195.133.220.0/22 maxlen: 22
195.133.220.0/23 maxlen: 23
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/23 maxlen: 23
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
199.74.188.0/22 maxlen: 22
199.74.188.0/23 maxlen: 23
199.74.188.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/23 maxlen: 23
199.74.190.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
2a0b:1880::/29 maxlen: 64
2a0b:1880::/48 maxlen: 48
2a0b:1880:1::/48 maxlen: 48
2a0b:1880:2::/48 maxlen: 48
2a0b:1880:3::/48 maxlen: 48
2a0b:1880:4::/48 maxlen: 48
2a0b:1880:5::/48 maxlen: 48
2a0b:1880:6::/48 maxlen: 48
2a0b:1880:7::/48 maxlen: 48
2a0b:1880:8::/48 maxlen: 48
2a0b:1880:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 Oct 2025 07:41:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:af:8f:b0:cd:8b:ab:a2:8c:eb:3f:46:5b:19:f1:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Oct 21 07:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3388deaa6711821e1d0479bf563425c6231ecf4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:08:1f:20:7e:7f:1b:26:09:a4:6a:50:c0:44:
0c:ca:ab:f3:79:d8:4e:63:7f:1f:27:16:02:fb:05:
af:a1:72:ba:8d:e7:56:1b:53:b9:32:e7:3c:79:cf:
6a:5f:ce:50:7b:0e:c0:e9:21:1c:ed:2c:5e:01:87:
9f:86:0b:7e:e6:0d:b8:b5:cb:1b:1c:be:e6:91:9c:
fd:fe:9f:50:32:20:1d:3a:7d:f2:54:d1:3f:a6:e7:
63:02:6a:c7:0b:67:23:47:25:f4:cc:16:ac:bb:03:
fe:69:a8:aa:e8:75:fc:79:d4:8b:c8:cd:c2:9b:9f:
f2:5a:da:cc:ef:29:0c:7c:2c:48:88:6d:73:92:a0:
05:cd:61:f9:71:15:0c:19:ba:cc:1a:06:17:f7:5b:
06:2c:d1:91:1c:e6:7b:d0:b1:b7:58:fe:76:a4:7b:
8e:fc:8c:23:24:c7:2b:8b:82:d0:70:e2:6c:89:64:
c9:15:97:08:94:12:91:3b:1a:23:c3:42:5f:41:b7:
aa:2a:c3:81:f8:86:81:00:88:af:34:b5:96:39:56:
ce:16:47:31:72:1b:f6:61:37:06:b2:3d:f3:44:f7:
a7:71:e4:cc:5e:03:6d:70:b5:19:55:ae:b1:5a:9e:
7f:f4:f2:24:e3:b4:23:c5:ce:94:54:32:48:80:77:
d4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:88:DE:AA:67:11:82:1E:1D:04:79:BF:56:34:25:C6:23:1E:CF:4C
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/M4jeqmcRgh4dBHm_VjQlxiMez0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
138.124.156.0/22
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.12.0/22
195.133.220.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/29
Signature Algorithm: sha256WithRSAEncryption
0d:14:bb:94:bb:ce:e9:74:94:e5:12:14:29:1c:cd:54:ca:b4:
76:a2:c4:3d:f5:89:b0:3b:91:9a:04:6f:21:9a:35:18:06:57:
eb:c5:4f:f1:13:ae:d9:46:6c:94:3d:63:5f:2b:dc:df:48:c8:
b7:57:d4:ab:22:83:d8:48:f2:77:5b:ed:77:a5:c7:17:d4:d9:
3f:4e:89:58:55:0f:c4:09:2f:8c:93:49:b7:39:45:79:e0:19:
e1:fc:f2:5c:5d:29:60:92:33:32:48:d0:04:b0:52:f0:49:4c:
17:29:f5:b1:a1:b8:de:86:63:78:e0:74:ee:85:95:9d:b2:47:
56:ea:f2:78:6c:62:58:b6:79:ef:bd:1f:ba:ce:8a:44:0d:0c:
e5:db:a8:43:bc:20:34:e9:26:02:2b:59:d4:70:62:a8:50:08:
2e:22:1d:75:1d:40:b7:1d:b6:4b:6a:3f:10:4e:35:3d:b8:3d:
98:b9:e4:da:ad:5c:4f:d3:42:63:ee:39:9d:76:c0:3a:e3:a1:
63:4b:72:92:51:3d:27:3f:80:69:ac:2f:5c:8f:72:de:5f:59:
48:1f:bf:9b:35:8f:21:5a:c9:6d:17:44:6e:df:fa:94:d9:c7:
31:c7:f4:ee:57:f7:7d:5c:ae:20:0a:d3:c2:47:37:a5:f8:6a:
d1:fe:10:01
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZoFr4+wzYuroozrP0ZbGfF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUxMDIxMDczMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzg4ZGVhYTY3MTE4MjFlMWQwNDc5YmY1NjM0MjVjNjIzMWVjZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ggfIH5/GyYJpGpQwEQMyqvzedhO
Y38fJxYC+wWvoXK6jedWG1O5Muc8ec9qX85Qew7A6SEc7SxeAYefhgt+5g24tcsb
HL7mkZz9/p9QMiAdOn3yVNE/pudjAmrHC2cjRyX0zBasuwP+aaiq6HX8edSLyM3C
m5/yWtrM7ykMfCxIiG1zkqAFzWH5cRUMGbrMGgYX91sGLNGRHOZ70LG3WP52pHuO
/IwjJMcri4LQcOJsiWTJFZcIlBKROxojw0JfQbeqKsOB+IaBAIivNLWWOVbOFkcx
chv2YTcGsj3zRPenceTMXgNtcLUZVa6xWp5/9PIk47Qjxc6UVDJIgHfULwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDOI3qpnEYIeHQR5v1Y0JcYjHs9MMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvTTRqZXFtY1JnaDRkQkhtX1ZqUWx4aU1lejB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDXbTYAwQC
inycAwQCkFbkAwQCuRTEAwQCuYp4AwQCuf4MAwQCw4XcAwQCx0q8MA0EAgACMAcD
BQMqCxiAMA0GCSqGSIb3DQEBCwUAA4IBAQANFLuUu87pdJTlEhQpHM1UyrR2osQ9
9YmwO5GaBG8hmjUYBlfrxU/xE67ZRmyUPWNfK9zfSMi3V9SrIoPYSPJ3W+13pccX
1Nk/TolYVQ/ECS+Mk0m3OUV54Bnh/PJcXSlgkjMySNAEsFLwSUwXKfWxobjehmN4
4HTuhZWdskdW6vJ4bGJYtnnvvR+6zopEDQzl26hDvCA06SYCK1nUcGKoUAguIh11
HUC3HbZLaj8QTjU9uD2YueTarVxP00Jj7jmddsA646FjS3KSUT0nP4BprC9cj3Le
X1lIH7+bNY8hWsltF0Ru3/qU2ccxx/TuV/d9XK4gCtPCRzel+GrR/hAB
-----END CERTIFICATE-----
Generated at Fri Oct 24 06:58:32 2025 by rpki-client