Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/H6m0h8A2xUIgulX7cWhV60TEDOQ.roa
File: H6m0h8A2xUIgulX7cWhV60TEDOQ.roa (raw, json)
Hash identifier: ZvGx9wxA54/eXmFfqCDISZIuOLbgcJYw2IYMb43vlPc=
Subject key identifier: 1F:A9:B4:87:C0:36:C5:42:20:BA:55:FB:71:68:55:EB:44:C4:0C:E4
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 01994C89FC2A67EAAE22A18E3DCBC31C989E
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/H6m0h8A2xUIgulX7cWhV60TEDOQ.roa
Signing time: Mon 15 Sep 2025 08:42:15 +0000
ROA not before: Mon 15 Sep 2025 08:42:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8849
IP address blocks: 5.42.206.0/24 maxlen: 24
5.44.249.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
89.36.162.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
95.81.85.0/24 maxlen: 24
95.81.107.0/24 maxlen: 24
95.81.110.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
103.97.91.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
103.253.36.0/24 maxlen: 24
109.122.200.0/23 maxlen: 23
109.122.207.0/24 maxlen: 24
146.19.196.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
185.224.249.0/24 maxlen: 24
185.230.245.0/24 maxlen: 24
193.35.224.0/24 maxlen: 24
213.111.130.0/24 maxlen: 24
213.111.131.0/24 maxlen: 24
213.111.142.0/24 maxlen: 24
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
2a06:f902:4000::/36 maxlen: 36
2a06:f902:8000::/36 maxlen: 36
2a06:f903:4000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 19 Sep 2025 07:39:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4c:89:fc:2a:67:ea:ae:22:a1:8e:3d:cb:c3:1c:98:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Sep 15 08:42:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fa9b487c036c54220ba55fb716855eb44c40ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e6:81:d1:81:5d:d8:79:f0:6a:e5:e0:78:e4:
29:0f:35:fb:cd:44:3c:cc:63:d6:79:68:cd:4c:32:
bf:a4:38:ea:35:53:dc:de:8c:09:fe:13:31:47:73:
14:17:a1:b0:47:df:59:ee:f3:34:98:9a:47:30:b5:
e4:9e:eb:ce:82:23:7a:8f:1f:35:f5:6d:be:2b:ba:
e7:25:34:80:bd:73:ec:c8:f9:c1:a5:6d:0f:0e:c4:
2c:12:94:4d:34:0f:13:8d:4e:44:8d:b5:5d:6b:d7:
14:c2:1b:1b:fd:d3:3f:da:69:24:78:45:a4:5b:41:
64:e0:04:39:87:b0:a3:a1:93:b4:00:c6:0b:7c:a8:
f4:88:ca:9f:8e:35:e5:1a:59:84:57:84:c9:8d:78:
15:7f:c0:33:f6:9b:03:9f:64:46:d2:36:ca:a3:0d:
f2:5e:24:67:72:e4:96:b3:88:0e:4d:44:22:3d:8d:
33:86:e7:42:f6:80:bb:bd:44:13:12:5c:b3:d1:4a:
47:d7:e3:dc:04:52:1a:3d:92:8f:0c:54:c3:8f:c2:
42:17:2b:d5:74:85:68:97:dc:e3:3b:0c:f4:bb:14:
be:f8:b9:0d:65:bc:ca:d5:5a:94:f0:23:fc:46:c3:
63:e0:a2:82:d5:0e:80:7b:dc:37:9d:fc:a9:b9:32:
cb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A9:B4:87:C0:36:C5:42:20:BA:55:FB:71:68:55:EB:44:C4:0C:E4
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/H6m0h8A2xUIgulX7cWhV60TEDOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.206.0/24
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.81.85.0/24
95.81.107.0/24
95.81.110.0/24
95.174.68.0/22
103.97.91.0/24
103.111.112.0/22
103.253.36.0/24
109.122.200.0/23
109.122.207.0/24
146.19.196.0/24
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.224.249.0/24
185.230.245.0/24
193.35.224.0/24
213.111.130.0/23
213.111.142.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
2a06:f902:8000::/36
2a06:f903:4000::/36
Signature Algorithm: sha256WithRSAEncryption
1e:62:68:7a:56:15:45:6d:c2:47:9a:ec:f4:36:f1:05:0e:74:
c6:bf:58:aa:d3:dc:11:8f:58:a4:cc:63:0d:f6:c6:d6:22:f0:
0d:59:ed:8b:3b:18:97:fa:de:c9:c5:7a:79:2f:b9:26:1b:7e:
e0:56:23:c6:cc:36:12:fb:24:86:f3:22:51:21:dc:5c:40:ee:
2d:9c:d3:c6:02:4d:2f:1c:f4:f0:25:9a:1d:01:ca:58:3f:2d:
ee:d5:24:ef:a6:c7:ee:b7:d8:8c:af:64:0c:3c:4c:ea:5b:77:
af:2d:88:ff:56:e4:50:af:e0:55:eb:25:cc:37:f8:c1:2b:94:
35:10:9c:92:d3:78:0e:64:47:41:9d:56:0e:70:10:6a:1a:5a:
d5:fd:d3:f9:a9:ae:7c:08:45:8f:8d:6c:9e:6f:8b:fd:18:31:
7f:6e:e8:0d:e2:3a:41:58:f9:36:08:3a:ec:15:31:85:1e:92:
2f:bd:3d:d8:f9:2f:4a:b1:4b:f0:18:cc:bb:6d:cf:4b:38:58:
07:6d:ad:15:08:74:25:db:70:83:7c:da:4e:f6:23:10:53:e7:
5c:df:f1:2e:88:2c:50:a5:36:a5:06:af:82:34:06:bc:13:91:
b9:88:d2:f7:ba:4a:a3:65:3f:c8:47:be:1f:5e:42:80:d8:8e:
82:0d:af:ee
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZlMifwqZ+quIqGOPcvDHJieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjUwOTE1MDg0MjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmE5YjQ4N2MwMzZjNTQyMjBiYTU1ZmI3MTY4NTVlYjQ0YzQwY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOaB0YFd2HnwauXgeOQpDzX7zUQ8
zGPWeWjNTDK/pDjqNVPc3owJ/hMxR3MUF6GwR99Z7vM0mJpHMLXknuvOgiN6jx81
9W2+K7rnJTSAvXPsyPnBpW0PDsQsEpRNNA8TjU5EjbVda9cUwhsb/dM/2mkkeEWk
W0Fk4AQ5h7CjoZO0AMYLfKj0iMqfjjXlGlmEV4TJjXgVf8Az9psDn2RG0jbKow3y
XiRncuSWs4gOTUQiPY0zhudC9oC7vUQTElyz0UpH1+PcBFIaPZKPDFTDj8JCFyvV
dIVol9zjOwz0uxS++LkNZbzK1VqU8CP8RsNj4KKC1Q6Ae9w3nfypuTLLhwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFB+ptIfANsVCILpV+3FoVetExAzkMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvSDZtMGg4QTJ4VUlndWxYN2NXaFY2MFRFRE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBqQQCAAEwgaIDBAAF
Ks4DBAAFLPkDBAAf3uIDBAA+ersDBAFY0iQDBAFZJKIDBABZKOIDBABbwFEDBABf
UVUDBABfUWsDBABfUW4DBAJfrkQDBABnYVsDBAJnb3ADBABn/SQDBAFtesgDBABt
es8DBACSE8QDBACe/0wDBACwYcADBAG5jNIDBAC5kzUDBAC54PkDBAC55vUDBADB
I+ADBAHVb4IDBADVb44wNgQCAAIwMAMGBCoG+QFAAwYEKgb5AYADBgQqBvkBwAMG
BCoG+QJAAwYEKgb5AoADBgQqBvkDQDANBgkqhkiG9w0BAQsFAAOCAQEAHmJoelYV
RW3CR5rs9DbxBQ50xr9YqtPcEY9YpMxjDfbG1iLwDVntizsYl/reycV6eS+5Jht+
4FYjxsw2EvskhvMiUSHcXEDuLZzTxgJNLxz08CWaHQHKWD8t7tUk76bH7rfYjK9k
DDxM6lt3ry2I/1bkUK/gVeslzDf4wSuUNRCcktN4DmRHQZ1WDnAQahpa1f3T+amu
fAhFj41snm+L/Rgxf27oDeI6QVj5Ngg67BUxhR6SL7092PkvSrFL8BjMu23PSzhY
B22tFQh0Jdtwg3zaTvYjEFPnXN/xLogsUKU2pQavgjQGvBORuYjS97pKo2U/yEe+
H15CgNiOgg2v7g==
-----END CERTIFICATE-----
Generated at Fri Sep 19 11:11:28 2025 by rpki-client