Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9mXM-0Fcxkxl1nL0WBnfievfIqI.roa
File: 9mXM-0Fcxkxl1nL0WBnfievfIqI.roa (raw, json)
Hash identifier: SFNP60oT54hGjCgMx0ezNZac9NotCudYx6YASjYVusw=
Subject key identifier: F6:65:CC:FB:41:5C:C6:4C:65:D6:72:F4:58:19:DF:89:EB:DF:22:A2
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01965CA308946CF0EEF6D1D3BE9650EEA407
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9mXM-0Fcxkxl1nL0WBnfievfIqI.roa
Signing time: Tue 22 Apr 2025 08:35:10 +0000
ROA not before: Tue 22 Apr 2025 08:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49685
IP address blocks: 31.3.8.0/21 maxlen: 24
31.3.96.0/21 maxlen: 24
31.223.160.0/20 maxlen: 24
37.17.208.0/20 maxlen: 24
37.34.48.0/21 maxlen: 24
37.230.96.0/21 maxlen: 24
46.226.56.0/21 maxlen: 24
78.108.128.0/20 maxlen: 24
79.170.88.0/21 maxlen: 24
80.84.224.0/19 maxlen: 24
80.246.192.0/20 maxlen: 24
80.246.207.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
81.4.64.0/19 maxlen: 24
81.4.84.0/22 maxlen: 24
81.4.96.0/22 maxlen: 24
81.4.112.0/21 maxlen: 24
81.21.136.0/21 maxlen: 24
81.30.32.0/20 maxlen: 24
83.96.128.0/17 maxlen: 24
83.96.157.0/24 maxlen: 24
83.96.200.0/22 maxlen: 24
83.96.204.0/22 maxlen: 24
83.96.212.0/22 maxlen: 24
83.96.216.0/22 maxlen: 24
83.96.224.0/19 maxlen: 24
83.96.236.0/22 maxlen: 24
83.96.240.0/22 maxlen: 24
83.96.244.0/22 maxlen: 24
83.96.252.0/22 maxlen: 24
85.10.160.0/19 maxlen: 24
85.10.172.0/22 maxlen: 24
85.10.176.0/22 maxlen: 24
85.222.224.0/21 maxlen: 24
89.31.96.0/21 maxlen: 24
91.142.240.0/20 maxlen: 24
91.189.208.0/22 maxlen: 24
91.205.32.0/22 maxlen: 24
91.216.162.0/24 maxlen: 24
93.191.128.0/21 maxlen: 24
94.142.208.0/21 maxlen: 24
141.138.192.0/20 maxlen: 24
141.255.176.0/22 maxlen: 24
141.255.180.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
171.33.128.0/24 maxlen: 24
176.74.224.0/19 maxlen: 24
178.18.80.0/20 maxlen: 24
185.3.208.0/22 maxlen: 24
185.15.248.0/22 maxlen: 24
185.21.188.0/22 maxlen: 24
185.65.52.0/22 maxlen: 24
185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
185.89.152.0/22 maxlen: 24
185.95.68.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
185.110.172.0/22 maxlen: 24
185.110.173.0/24 maxlen: 24
185.110.200.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
193.138.204.0/22 maxlen: 24
193.242.119.0/24 maxlen: 24
194.60.207.0/24 maxlen: 24
213.187.240.0/21 maxlen: 24
217.21.240.0/20 maxlen: 24
217.149.128.0/20 maxlen: 24
2001:828::/32 maxlen: 48
2001:4cb8::/29 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2a00:c080::/32 maxlen: 48
2a02:348::/32 maxlen: 48
2a02:348:28::/48 maxlen: 48
2a02:348:29::/48 maxlen: 48
2a02:348:7d::/48 maxlen: 48
2a03:4f00::/32 maxlen: 48
2a03:5700::/32 maxlen: 48
2a05:2500::/32 maxlen: 48
2a05:a282::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Apr 2025 12:46:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:a3:08:94:6c:f0:ee:f6:d1:d3:be:96:50:ee:a4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Apr 22 08:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f665ccfb415cc64c65d672f45819df89ebdf22a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7a:de:b9:ef:1f:af:f5:0e:53:13:9c:2e:e6:
05:94:ce:b7:2a:e8:1f:64:11:32:56:73:8e:0f:d6:
8b:fa:52:fe:07:ba:b3:81:59:32:c9:6d:d8:7f:fa:
91:f2:ee:0c:c3:35:e0:14:04:3d:42:74:7a:96:e1:
eb:b8:0a:95:17:38:39:c6:cb:c9:d5:17:19:80:06:
a9:ef:4d:86:c0:a4:8f:7f:44:45:13:7a:b5:41:2b:
9a:af:8f:57:e1:0b:f5:52:9a:f2:b1:d5:b7:b4:1e:
d5:b4:05:b5:ba:69:7a:f0:f4:a1:42:b1:78:1e:83:
96:3c:4d:3f:fb:35:2d:1a:73:7a:80:02:75:b4:a6:
11:cb:8f:98:40:d6:4f:69:dd:6b:82:a6:cb:ba:73:
0b:64:d6:c1:7b:44:8a:b2:07:ed:84:0b:18:b6:53:
31:b6:21:67:24:3b:1d:ff:46:cc:9e:f8:dd:d0:a1:
80:52:5c:16:f9:c3:05:aa:41:20:9a:76:8e:2f:70:
68:2b:60:c6:49:98:32:3b:c9:aa:3e:df:8c:bc:85:
31:57:08:ad:5b:3c:7b:cd:96:84:6e:59:b8:dd:8f:
0e:43:0a:4b:2f:9c:ba:15:27:b6:66:ad:1a:c0:77:
e9:21:3f:7d:52:b0:ab:7b:81:3c:95:d3:5b:2a:7e:
90:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:65:CC:FB:41:5C:C6:4C:65:D6:72:F4:58:19:DF:89:EB:DF:22:A2
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9mXM-0Fcxkxl1nL0WBnfievfIqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.8.0/21
31.3.96.0/21
31.223.160.0/20
37.17.208.0/20
37.34.48.0/21
37.230.96.0/21
46.226.56.0/21
78.108.128.0/20
79.170.88.0/21
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0/17
85.10.160.0/19
85.222.224.0/21
89.31.96.0/21
91.142.240.0/20
91.189.208.0/22
91.205.32.0/22
91.216.162.0/24
93.191.128.0/21
94.142.208.0/21
141.138.192.0/20
141.255.176.0/21
171.33.128.0/21
176.74.224.0/19
178.18.80.0/20
185.3.208.0/22
185.15.248.0/22
185.21.188.0/22
185.65.52.0/22
185.69.232.0/22
185.84.72.0/22
185.89.152.0/22
185.95.68.0/22
185.105.204.0/22
185.105.216.0/22
185.110.172.0/22
185.110.200.0/22
193.93.172.0/22
193.138.204.0/22
193.242.119.0/24
194.60.207.0/24
213.187.240.0/21
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a00:c080::/32
2a02:348::/32
2a03:4f00::/32
2a03:5700::/32
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
44:7a:85:fe:72:b6:bd:aa:22:2c:30:0c:e2:f5:e4:1f:9c:91:
ba:dd:80:07:dd:92:5d:be:82:54:8d:0b:8a:d3:0f:4e:88:71:
9b:e0:81:8a:f3:0e:55:e5:2c:ea:42:be:94:c1:60:7a:f6:7c:
d8:59:d3:9e:4f:27:09:77:19:88:f0:88:3f:7e:dd:39:46:20:
ca:d2:ac:ae:bf:aa:0a:d6:98:2b:a6:ae:a6:42:04:41:0e:f0:
c5:69:a8:8e:a6:74:a4:58:07:41:14:ce:34:a0:70:08:9f:13:
d7:97:d3:6f:fd:b5:f1:a8:9d:c9:57:06:34:7f:98:00:d0:40:
d6:10:07:b4:c1:39:5a:3d:18:cd:a9:2c:1a:fc:ce:f1:e7:0b:
83:06:96:e2:25:4f:95:03:7f:2c:f1:85:88:7d:2a:79:84:92:
c6:3c:b0:a3:72:4e:62:7d:76:23:58:29:6c:9d:77:2d:ce:36:
b9:f9:78:1e:43:a3:3e:13:b2:7a:28:89:db:71:f7:00:5c:4f:
61:6e:26:41:7d:0e:46:41:a5:1c:a5:34:a2:fb:43:12:85:c8:
1f:5d:a8:38:85:4b:e7:81:1e:15:01:c9:71:14:4f:eb:90:54:
a6:9d:e8:e7:ae:4c:f6:74:42:e6:03:66:64:28:9d:ac:54:f5:
17:69:de:6f
-----BEGIN CERTIFICATE-----
MIIGdTCCBV2gAwIBAgISAZZcowiUbPDu9tHTvpZQ7qQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwNDIyMDgzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjY1Y2NmYjQxNWNjNjRjNjVkNjcyZjQ1ODE5ZGY4OWViZGYyMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnreue8fr/UOUxOcLuYFlM63Kugf
ZBEyVnOOD9aL+lL+B7qzgVkyyW3Yf/qR8u4MwzXgFAQ9QnR6luHruAqVFzg5xsvJ
1RcZgAap702GwKSPf0RFE3q1QSuar49X4Qv1UprysdW3tB7VtAW1uml68PShQrF4
HoOWPE0/+zUtGnN6gAJ1tKYRy4+YQNZPad1rgqbLunMLZNbBe0SKsgfthAsYtlMx
tiFnJDsd/0bMnvjd0KGAUlwW+cMFqkEgmnaOL3BoK2DGSZgyO8mqPt+MvIUxVwit
Wzx7zZaEblm43Y8OQwpLL5y6FSe2Zq0awHfpIT99UrCre4E8ldNbKn6QTQIDAQAB
o4IDgTCCA30wHQYDVR0OBBYEFPZlzPtBXMZMZdZy9FgZ34nr3yKiMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvOW1YTS0wRmN4a3hsMW5MMFdCbmZpZXZmSXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlQYIKwYBBQUHAQcBAf8EggGEMIIBgDCCATwEAgABMIIB
NAMEAx8DCAMEAx8DYAMEBB/foAMEBCUR0AMEAyUiMAMEAyXmYAMEAy7iOAMEBE5s
gAMEA0+qWAMEBVBU4AMEBFD2wAMEBFD/8DAMAwQGUQRAAwQCUQRgAwQDUQRwAwQD
URWIAwQEUR4gAwQHU2CAAwQFVQqgAwQDVd7gAwQDWR9gAwQEW47wAwQCW73QAwQC
W80gAwQAW9iiAwQDXb+AAwQDXo7QAwQEjYrAAwQDjf+wAwQDqyGAAwQFsErgAwQE
shJQAwQCuQPQAwQCuQ/4AwQCuRW8AwQCuUE0AwQCuUXoAwQCuVRIAwQCuVmYAwQC
uV9EAwQCuWnMAwQCuWnYAwQCuW6sAwQCuW7IAwQCwV2sAwQCwYrMAwQAwfJ3AwQA
wjzPAwQD1bvwAwQE2RXwAwQE2ZWAMD4EAgACMDgDBQAgAQgoAwUDIAFMuAMFACoA
wIADBQAqAgNIAwUAKgNPAAMFACoDVwADBQAqBSUAAwUAKgWigjANBgkqhkiG9w0B
AQsFAAOCAQEARHqF/nK2vaoiLDAM4vXkH5yRut2AB92SXb6CVI0LitMPTohxm+CB
ivMOVeUs6kK+lMFgevZ82FnTnk8nCXcZiPCIP37dOUYgytKsrr+qCtaYK6aupkIE
QQ7wxWmojqZ0pFgHQRTONKBwCJ8T15fTb/218aidyVcGNH+YANBA1hAHtME5Wj0Y
zaksGvzO8ecLgwaW4iVPlQN/LPGFiH0qeYSSxjywo3JOYn12I1gpbJ13Lc42ufl4
HkOjPhOyeiiJ23H3AFxPYW4mQX0ORkGlHKU0ovtDEoXIH12oOIVL54EeFQHJcRRP
65BUpp3o565M9nRC5gNmZCidrFT1F2nebw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:25:03 2025 by rpki-client