Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xDtqM97s-EV0YeChNPVWrkn-TK4.roa
File: xDtqM97s-EV0YeChNPVWrkn-TK4.roa (raw, json)
Hash identifier: uLqtuoNEYkuIoU7BapAFghXaJ4pmdK+I2Y3obEelf2w=
Subject key identifier: C4:3B:6A:33:DE:EC:F8:45:74:61:E0:A1:34:F5:56:AE:49:FE:4C:AE
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01993872901781C405747441661B04305413
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xDtqM97s-EV0YeChNPVWrkn-TK4.roa
Signing time: Thu 11 Sep 2025 11:04:15 +0000
ROA not before: Thu 11 Sep 2025 11:04:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 45.144.172.0/24 maxlen: 24
45.144.174.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
86.107.50.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
93.113.171.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.179.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.181.0/24 maxlen: 24
167.17.183.0/24 maxlen: 24
167.17.184.0/24 maxlen: 24
167.17.185.0/24 maxlen: 24
167.17.186.0/24 maxlen: 24
167.17.187.0/24 maxlen: 24
167.17.188.0/24 maxlen: 24
167.17.189.0/24 maxlen: 24
167.17.190.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
185.141.219.0/24 maxlen: 24
185.193.102.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
188.212.121.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.0.0/24 maxlen: 24
204.77.2.0/24 maxlen: 24
204.77.3.0/24 maxlen: 24
206.245.128.0/24 maxlen: 24
206.245.130.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.20.0/24 maxlen: 24
212.192.21.0/24 maxlen: 24
212.192.23.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Sep 2025 11:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:72:90:17:81:c4:05:74:74:41:66:1b:04:30:54:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 11 11:04:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c43b6a33deecf8457461e0a134f556ae49fe4cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a5:8b:20:df:54:7d:1e:c2:1f:03:00:51:e4:
2c:24:b6:96:7b:06:86:62:f1:d9:51:42:99:92:0e:
ea:bf:96:cb:11:ce:9e:a7:3e:60:06:56:eb:89:20:
67:2f:9d:ce:f2:d1:92:69:41:1f:72:af:38:0f:c3:
8f:25:a9:c5:3c:79:56:93:f3:84:4c:c7:f6:2a:8b:
4a:ba:ee:ce:cf:49:32:22:b2:52:4d:12:1c:ec:7f:
8c:6d:20:d8:79:19:97:eb:a2:e7:a0:2b:cb:95:f4:
b7:f8:29:fa:a8:47:73:92:71:67:52:7f:8e:20:06:
13:86:36:6d:e7:9f:dc:3b:9e:64:cb:41:65:da:92:
ef:9c:a8:91:d3:4a:8f:13:7a:4c:6f:9a:d9:02:e3:
22:4e:fb:c7:a6:bf:1c:ac:93:b1:67:bd:7b:24:3d:
7c:82:45:0b:ba:7b:51:a3:40:98:05:23:14:04:0d:
83:37:92:c6:d9:e9:f0:78:dd:8f:ee:01:cb:54:04:
cc:46:04:67:61:ef:4a:33:e3:43:3b:f8:58:e5:67:
e1:4b:04:ba:7b:89:76:9f:29:d4:d6:42:da:05:26:
56:d6:35:15:33:a0:95:24:7f:d8:56:13:ce:73:73:
83:54:43:67:0f:08:10:4c:28:a2:c4:a4:89:47:f0:
18:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3B:6A:33:DE:EC:F8:45:74:61:E0:A1:34:F5:56:AE:49:FE:4C:AE
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xDtqM97s-EV0YeChNPVWrkn-TK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.172.0/24
45.144.174.0/24
77.81.101.0/24
86.107.50.0/24
86.107.100.0/24
89.37.185.0/24
92.114.54.0/24
93.113.171.0/24
103.56.84.0/24
167.17.178.0-167.17.181.255
167.17.183.0-167.17.190.255
185.72.8.0/24
185.141.219.0/24
185.193.102.0/24
185.198.235.0/24
188.64.142.0/24
188.212.121.0/24
193.124.49.0/24
194.58.34.0/24
194.58.44.0-194.58.46.255
195.88.89.0/24
195.133.192.0/23
202.71.15.0/24
204.77.0.0/24
204.77.2.0/23
206.245.128.0/24
206.245.130.0/23
206.245.133.0/24
212.192.6.0/24
212.192.12.0/23
212.192.15.0/24
212.192.20.0/23
212.192.23.0/24
212.192.214.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:be:c4:7a:67:34:dc:27:07:e5:17:71:f2:0d:e1:ae:8c:ff:
58:27:4d:0f:83:05:d7:3e:a4:b7:b9:47:e0:d6:29:61:7c:ff:
d5:35:f4:10:2a:d5:5d:1e:7e:a5:8f:c2:69:70:59:01:d1:f5:
16:88:c2:20:ea:43:66:4e:ec:e5:79:d9:fd:c5:8e:2b:fb:a0:
0e:65:f4:27:1a:38:aa:f0:67:5c:c6:e7:3c:7c:77:7e:72:f0:
4d:44:67:47:e7:5b:7a:02:41:e3:e8:19:01:5f:52:ee:be:b3:
b7:de:ef:83:86:5f:21:0d:2d:fe:86:81:ef:6f:ab:9d:1d:04:
17:13:b3:07:89:58:03:cb:97:32:89:ec:62:31:0b:5f:73:d8:
95:96:59:0d:85:98:3e:6b:0a:a4:2e:66:93:8c:fb:1c:57:cc:
9b:07:af:72:ed:39:ef:a2:4c:80:f7:03:e7:96:81:71:cf:0c:
2d:0d:99:19:0a:36:c4:42:fa:22:ee:ca:29:14:1a:4f:a3:7b:
72:ed:27:3f:f1:12:50:a1:a0:b8:29:aa:1a:eb:c5:6c:e2:ae:
c4:c3:1a:92:e0:2d:a5:98:ea:69:bf:62:3c:40:71:05:d7:f7:
88:b1:f9:1b:c7:44:1c:8a:0e:cb:9b:95:b4:df:e4:80:0b:62:
98:62:99:39
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZk4cpAXgcQFdHRBZhsEMFQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwOTExMTEwNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDNiNmEzM2RlZWNmODQ1NzQ2MWUwYTEzNGY1NTZhZTQ5ZmU0Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6WLIN9UfR7CHwMAUeQsJLaWewaG
YvHZUUKZkg7qv5bLEc6epz5gBlbriSBnL53O8tGSaUEfcq84D8OPJanFPHlWk/OE
TMf2KotKuu7Oz0kyIrJSTRIc7H+MbSDYeRmX66LnoCvLlfS3+Cn6qEdzknFnUn+O
IAYThjZt55/cO55ky0Fl2pLvnKiR00qPE3pMb5rZAuMiTvvHpr8crJOxZ717JD18
gkULuntRo0CYBSMUBA2DN5LG2enweN2P7gHLVATMRgRnYe9KM+NDO/hY5WfhSwS6
e4l2nynU1kLaBSZW1jUVM6CVJH/YVhPOc3ODVENnDwgQTCiixKSJR/AY3wIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFMQ7ajPe7PhFdGHgoTT1Vq5J/kyuMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEveER0cU05N3MtRVYwWWVDaE5QVldya24tVEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
LZCsAwQALZCuAwQATVFlAwQAVmsyAwQAVmtkAwQAWSW5AwQAXHI2AwQAXXGrAwQA
ZzhUMAwDBAGnEbIDBAGnEbQwDAMEAKcRtwMEAKcRvgMEALlICAMEALmN2wMEALnB
ZgMEALnG6wMEALxAjgMEALzUeQMEAMF8MQMEAMI6IjAMAwQCwjosAwQAwjouAwQA
w1hZAwQBw4XAAwQAykcPAwQAzE0AAwQBzE0CAwQAzvWAAwQBzvWCAwQAzvWFAwQA
1MAGAwQB1MAMAwQA1MAPAwQB1MAUAwQA1MAXAwQB1MDWMA0GCSqGSIb3DQEBCwUA
A4IBAQBuvsR6ZzTcJwflF3HyDeGujP9YJ00PgwXXPqS3uUfg1ilhfP/VNfQQKtVd
Hn6lj8JpcFkB0fUWiMIg6kNmTuzledn9xY4r+6AOZfQnGjiq8Gdcxuc8fHd+cvBN
RGdH51t6AkHj6BkBX1LuvrO33u+Dhl8hDS3+hoHvb6udHQQXE7MHiVgDy5cyiexi
MQtfc9iVllkNhZg+awqkLmaTjPscV8ybB69y7TnvokyA9wPnloFxzwwtDZkZCjbE
Qvoi7sopFBpPo3ty7Sc/8RJQoaC4Kaoa68Vs4q7EwxqS4C2lmOppv2I8QHEF1/eI
sfkbx0Qcig7Lm5W03+SAC2KYYpk5
-----END CERTIFICATE-----
Generated at Fri Sep 19 15:08:42 2025 by rpki-client