Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/X8EU0DI6KCvspAk-m85oQ0qfVfw.roa
File: X8EU0DI6KCvspAk-m85oQ0qfVfw.roa (raw, json)
Hash identifier: FbB2FkNo+Ougp5Jdz0a2dIInNJhPs7m85EXdvH7zZlU=
Subject key identifier: 5F:C1:14:D0:32:3A:28:2B:EC:A4:09:3E:9B:CE:68:43:4A:9F:55:FC
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0196C5C5B510EF34233607824E7DDA195B40
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/X8EU0DI6KCvspAk-m85oQ0qfVfw.roa
Signing time: Mon 12 May 2025 18:33:10 +0000
ROA not before: Mon 12 May 2025 18:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.73.0/24 maxlen: 24
62.216.74.0/24 maxlen: 24
62.216.75.0/24 maxlen: 24
62.216.81.0/24 maxlen: 24
62.216.82.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
62.216.94.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
188.119.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 17:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:c5:b5:10:ef:34:23:36:07:82:4e:7d:da:19:5b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 12 18:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fc114d0323a282beca4093e9bce68434a9f55fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5c:84:9b:e7:65:c6:01:72:15:36:fb:51:85:
dc:58:74:5a:46:d2:1f:bd:c9:4d:8e:f6:9b:29:39:
44:ad:d2:ab:90:fa:99:99:64:b2:16:fc:70:b4:51:
89:34:ab:39:0f:fd:86:f8:57:4c:3f:a9:82:bf:01:
49:8a:a4:ee:af:a1:1b:59:bc:1d:de:b9:f7:77:56:
51:d9:65:20:73:d3:56:81:9b:32:5c:91:e0:01:d9:
ca:d4:f3:ed:ee:e6:08:b7:ce:4d:75:00:61:ce:dc:
05:ff:71:7e:62:b6:e7:cc:98:f2:b0:44:3b:7a:4c:
b8:95:38:8d:0a:fd:7f:9e:84:ff:61:98:20:61:b1:
4d:32:46:e4:d5:44:56:d0:53:c7:2c:6c:91:8c:b4:
85:4e:f8:34:61:dd:a6:4a:00:e2:92:99:b4:51:57:
f3:c1:55:fa:f8:53:81:48:9b:37:fa:08:46:79:4e:
55:d1:5b:42:c9:d4:92:1d:7f:ee:49:e5:ed:98:ed:
38:0e:c0:15:2c:39:64:d8:df:a2:2b:f1:78:1e:ec:
34:43:5f:79:ac:54:9f:da:d3:8a:a4:d3:10:c0:c9:
fb:77:99:f0:0a:d0:29:41:24:da:b5:e2:cf:4b:cb:
50:d2:b6:4e:57:b7:77:d6:0f:d0:9e:05:14:41:7e:
88:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C1:14:D0:32:3A:28:2B:EC:A4:09:3E:9B:CE:68:43:4A:9F:55:FC
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/X8EU0DI6KCvspAk-m85oQ0qfVfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.73.0-62.216.75.255
62.216.81.0-62.216.82.255
62.216.92.0-62.216.94.255
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.110.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.128.0/24
188.74.130.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
188.119.190.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:21:03:44:97:57:32:e7:37:eb:bf:24:41:4b:01:a2:42:75:
07:1e:0c:f8:90:0c:af:b9:f2:5e:b2:e7:99:d7:3f:b6:11:8e:
1a:df:94:d7:72:91:15:30:34:6d:bf:64:4f:9a:5d:59:ec:ab:
b1:71:91:98:cc:0a:91:ab:6d:2c:01:37:3f:cf:3b:6c:d7:ff:
4c:b6:1c:e3:e7:8c:ca:ee:f0:35:01:e0:9b:cf:d2:1c:2a:37:
bf:2c:be:bd:d4:7b:c2:32:13:82:89:46:78:69:06:5d:0d:30:
f1:9d:4d:9a:88:cd:16:d3:26:cd:5c:a3:28:28:97:21:89:01:
b2:42:cd:8b:8a:0a:b8:ef:1e:38:1e:58:90:bb:a1:f5:11:f3:
60:c4:e0:03:52:dc:75:6f:28:bd:44:d5:d8:4e:3a:02:63:85:
a1:be:81:7a:db:1e:62:2b:20:25:41:19:cc:6e:20:fe:da:6a:
79:67:97:5a:e8:2f:e4:82:48:9f:46:b4:23:e1:ee:4e:3d:a4:
8a:02:71:53:f9:e0:a9:11:86:92:a2:72:cc:fd:53:0f:2e:62:
f1:05:b9:0a:14:e2:36:69:a0:d4:58:61:26:95:99:6a:5d:63:
c2:1e:ed:d6:73:e8:46:6b:17:ed:40:40:5b:e2:4c:4f:6e:a4:
17:b0:00:d6
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZbFxbUQ7zQjNgeCTn3aGVtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNTEyMTgzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmMxMTRkMDMyM2EyODJiZWNhNDA5M2U5YmNlNjg0MzRhOWY1NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1yEm+dlxgFyFTb7UYXcWHRaRtIf
vclNjvabKTlErdKrkPqZmWSyFvxwtFGJNKs5D/2G+FdMP6mCvwFJiqTur6EbWbwd
3rn3d1ZR2WUgc9NWgZsyXJHgAdnK1PPt7uYIt85NdQBhztwF/3F+YrbnzJjysEQ7
eky4lTiNCv1/noT/YZggYbFNMkbk1URW0FPHLGyRjLSFTvg0Yd2mSgDikpm0UVfz
wVX6+FOBSJs3+ghGeU5V0VtCydSSHX/uSeXtmO04DsAVLDlk2N+iK/F4Huw0Q195
rFSf2tOKpNMQwMn7d5nwCtApQSTateLPS8tQ0rZOV7d31g/QngUUQX6IVQIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFF/BFNAyOigr7KQJPpvOaENKn1X8MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvWDhFVTBESTZLQ3ZzcEFrLW04NW9RMHFmVmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
BZ2IAwQABZ2LAwQCBZ2gAwQBJSMkAwQAJSMnMAwDBAA+2EkDBAI+2EgwDAMEAD7Y
UQMEAD7YUjAMAwQCPthcAwQAPtheAwQBW+EOAwQAW+t7AwQBkkLQAwQCkkLUAwQC
kkLcAwQAsp1MAwQAsp1eAwQAsp1sAwQAsp1uAwQAsp18AwQAsp1+AwQAuUw8AwQA
uUw+AwQAvEqAAwQAvEqCAwQAvEqYAwQAvEqbAwQAvEqrAwQAvEq1AwQAvEq+AwQB
vErQAwQCvErUAwQAvEr1MAwDBAC8d6UDBAC8d6YDBAC8d7UDBAC8d74wDQYJKoZI
hvcNAQELBQADggEBAEohA0SXVzLnN+u/JEFLAaJCdQceDPiQDK+58l6y55nXP7YR
jhrflNdykRUwNG2/ZE+aXVnsq7FxkZjMCpGrbSwBNz/PO2zX/0y2HOPnjMru8DUB
4JvP0hwqN78svr3Ue8IyE4KJRnhpBl0NMPGdTZqIzRbTJs1coygolyGJAbJCzYuK
CrjvHjgeWJC7ofUR82DE4ANS3HVvKL1E1dhOOgJjhaG+gXrbHmIrICVBGcxuIP7a
anlnl1roL+SCSJ9GtCPh7k49pIoCcVP54KkRhpKicsz9Uw8uYvEFuQoU4jZpoNRY
YSaVmWpdY8Ie7dZz6EZrF+1AQFviTE9upBewANY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:43:52 2025 by rpki-client