Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/GiryPthtGQwe1D-XIl0RgjEEdak.roa
File: GiryPthtGQwe1D-XIl0RgjEEdak.roa (raw, json)
Hash identifier: tMa6loMlLhC3Y2MdC5J9fUH6kAP2yQ7f+UfhKC2yafs=
Subject key identifier: 1A:2A:F2:3E:D8:6D:19:0C:1E:D4:3F:97:22:5D:11:82:31:04:75:A9
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019E46FAB98657029E0AE3A9C2D575A5D5FE
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/GiryPthtGQwe1D-XIl0RgjEEdak.roa
Signing time: Wed 20 May 2026 20:01:37 +0000
ROA not before: Wed 20 May 2026 20:01:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215152
IP address blocks: 212.134.49.0/24 maxlen: 24
212.134.187.0/24 maxlen: 24
212.134.200.0/24 maxlen: 24
212.135.141.0/24 maxlen: 24
212.135.150.0/24 maxlen: 24
212.135.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 May 2026 06:10:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:46:fa:b9:86:57:02:9e:0a:e3:a9:c2:d5:75:a5:d5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 20 20:01:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a2af23ed86d190c1ed43f97225d1182310475a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:7e:ac:a7:a5:42:60:c0:c4:7f:91:47:99:
2c:71:87:de:bd:be:ea:c6:2f:35:b5:b4:5c:6d:ba:
11:a1:cf:49:c8:9f:bc:85:cd:04:31:af:99:c0:d3:
74:03:cf:47:33:9f:2b:dc:bd:ac:fb:e4:7b:10:5d:
f9:97:34:52:5e:2c:a5:b6:26:37:f3:13:0f:e3:85:
03:23:d1:33:0a:7e:61:94:fc:20:38:b7:14:9d:63:
04:bf:a0:ff:94:b9:bc:2e:e6:b4:09:d0:74:8c:b7:
f0:99:16:55:3e:ce:ed:c1:e4:21:83:3e:c5:39:bf:
a6:bd:c4:1c:8e:8d:3d:54:f3:47:d6:44:69:36:e6:
21:37:d4:0e:5d:cc:72:84:f6:25:1a:94:c6:0a:57:
21:c2:75:4d:16:15:4d:ee:8f:27:f1:94:76:7a:7e:
78:ad:75:18:da:c6:1d:24:a0:af:3c:9c:91:ef:96:
ab:86:cb:7c:ef:1f:15:ad:13:45:db:31:d2:6a:91:
b4:aa:9f:6b:78:07:27:82:5a:de:c1:94:45:e3:c1:
12:aa:84:bf:68:e9:7f:4e:83:9d:30:47:82:a4:05:
77:d3:63:5e:58:4f:fd:2b:59:ac:d9:1b:2a:98:eb:
dc:2f:54:eb:11:2e:89:d4:e7:9a:0a:0e:e3:1d:ff:
86:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2A:F2:3E:D8:6D:19:0C:1E:D4:3F:97:22:5D:11:82:31:04:75:A9
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/GiryPthtGQwe1D-XIl0RgjEEdak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.49.0/24
212.134.187.0/24
212.134.200.0/24
212.135.141.0/24
212.135.150.0/24
212.135.242.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:19:38:75:79:db:2e:87:29:28:33:56:6c:ee:d2:f5:29:1c:
40:17:0f:92:b3:6e:c7:2a:df:88:5b:ce:fe:96:df:fa:bc:b3:
8c:4f:3a:4d:e9:e1:d7:36:9c:79:64:35:15:f6:60:2e:7c:3a:
ec:2f:47:d9:92:d0:96:f3:3b:0d:ad:f4:43:96:df:16:db:5e:
73:89:4b:93:d9:ac:ba:6a:2d:41:bf:79:14:9a:55:5b:08:0b:
27:b8:8a:bd:35:a5:ab:fa:6d:7d:12:dd:fd:4a:85:f5:68:36:
05:bb:60:38:3a:cc:d4:81:25:35:b4:e2:87:31:0a:ee:f8:dc:
07:a9:75:01:43:33:cc:87:aa:14:18:36:5a:0a:da:ff:f1:5c:
97:de:5e:57:d8:17:58:0f:97:42:26:ac:6a:8b:77:98:6b:93:
35:b8:64:79:26:f3:a6:5e:ce:a9:7f:f4:f3:98:47:c4:8c:24:
ee:32:12:5f:d5:02:e6:18:8f:be:74:7c:b7:42:d3:0d:eb:c9:
41:d6:42:08:29:dd:d9:b7:83:ac:19:ae:cf:a6:d9:aa:73:29:
49:67:b5:1d:0e:03:d0:86:cf:ce:48:18:a3:73:8b:08:63:58:
2e:3d:83:30:4d:4f:ce:d9:9f:21:1b:27:2c:5d:89:a6:5e:ce:
97:d5:51:f1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ5G+rmGVwKeCuOpwtV1pdX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNTIwMjAwMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJhZjIzZWQ4NmQxOTBjMWVkNDNmOTcyMjVkMTE4MjMxMDQ3NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGN+rKelQmDAxH+RR5kscYfevb7q
xi81tbRcbboRoc9JyJ+8hc0EMa+ZwNN0A89HM58r3L2s++R7EF35lzRSXiyltiY3
8xMP44UDI9EzCn5hlPwgOLcUnWMEv6D/lLm8Lua0CdB0jLfwmRZVPs7tweQhgz7F
Ob+mvcQcjo09VPNH1kRpNuYhN9QOXcxyhPYlGpTGClchwnVNFhVN7o8n8ZR2en54
rXUY2sYdJKCvPJyR75arhst87x8VrRNF2zHSapG0qp9reAcnglrewZRF48ESqoS/
aOl/ToOdMEeCpAV302NeWE/9K1ms2RsqmOvcL1TrES6J1OeaCg7jHf+GKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBoq8j7YbRkMHtQ/lyJdEYIxBHWpMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvR2lyeVB0aHRHUXdlMUQtWElsMFJnakVFZGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQA1IYxAwQA
1Ia7AwQA1IbIAwQA1IeNAwQA1IeWAwQA1IfyMA0GCSqGSIb3DQEBCwUAA4IBAQCy
GTh1edsuhykoM1Zs7tL1KRxAFw+Ss27HKt+IW87+lt/6vLOMTzpN6eHXNpx5ZDUV
9mAufDrsL0fZktCW8zsNrfRDlt8W215ziUuT2ay6ai1Bv3kUmlVbCAsnuIq9NaWr
+m19Et39SoX1aDYFu2A4OszUgSU1tOKHMQru+NwHqXUBQzPMh6oUGDZaCtr/8VyX
3l5X2BdYD5dCJqxqi3eYa5M1uGR5JvOmXs6pf/TzmEfEjCTuMhJf1QLmGI++dHy3
QtMN68lB1kIIKd3Zt4OsGa7PptmqcylJZ7UdDgPQhs/OSBijc4sIY1guPYMwTU/O
2Z8hGycsXYmmXs6X1VHx
-----END CERTIFICATE-----
Generated at Mon May 25 05:43:45 2026 by rpki-client