Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/IH5m-W4JKWods1C9iKvdH5hz6xg.roa
File: IH5m-W4JKWods1C9iKvdH5hz6xg.roa (raw, json)
Hash identifier: 33e2aQIale08YQyRApujZig1W6HC7CGvpbmom2/TiKg=
Subject key identifier: 20:7E:66:F9:6E:09:29:6A:1D:B3:50:BD:88:AB:DD:1F:98:73:EB:18
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0198E87C1B33DB23C483B591F1155DF7008A
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/IH5m-W4JKWods1C9iKvdH5hz6xg.roa
Signing time: Tue 26 Aug 2025 22:25:04 +0000
ROA not before: Tue 26 Aug 2025 22:25:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
103.210.13.0/24 maxlen: 24
103.210.14.0/24 maxlen: 24
103.210.15.0/24 maxlen: 24
103.216.198.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.198.91.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
192.145.70.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Sep 2025 23:56:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e8:7c:1b:33:db:23:c4:83:b5:91:f1:15:5d:f7:00:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Aug 26 22:25:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=207e66f96e09296a1db350bd88abdd1f9873eb18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:33:95:52:b5:43:13:0c:5f:03:d7:c6:ba:dc:
22:01:db:d9:18:4a:46:64:a6:92:2d:a8:01:7d:83:
40:61:bd:cf:44:1f:34:4f:30:f5:f6:fe:d0:1a:c8:
10:cc:40:a0:31:5f:87:7e:48:f8:a1:5a:c9:70:b7:
0f:7f:56:82:f0:d4:c6:d5:74:3b:c1:e2:66:51:fc:
fe:d0:4e:a9:22:4e:15:6e:73:16:27:d0:5c:e0:8c:
47:86:0d:65:bf:dc:42:7d:95:3e:b4:b3:34:17:84:
96:00:2b:46:22:97:d0:4a:2a:89:5b:cf:5e:c7:b8:
b9:5c:92:c9:d2:3c:5c:19:16:5c:92:a7:83:bd:0e:
3c:f3:2e:03:d4:cb:93:30:f5:fb:a8:57:ee:d5:3a:
72:95:1d:f7:e2:e5:c9:c4:db:38:4a:4e:78:6b:d7:
7c:5f:e6:16:62:4d:f3:99:71:98:de:7d:80:55:5f:
d3:19:6a:10:88:2d:00:19:10:10:4d:b5:18:23:06:
c8:6e:a6:27:cc:3e:4f:9c:b8:4a:3a:53:70:87:3f:
28:0d:5f:c3:47:3f:a3:2d:a9:62:d2:e9:36:04:5f:
3f:db:85:fd:c1:a2:73:6e:7e:42:f5:93:7d:14:f0:
f7:5b:d2:e0:80:8b:9f:5f:c4:4f:60:88:76:8b:03:
8a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7E:66:F9:6E:09:29:6A:1D:B3:50:BD:88:AB:DD:1F:98:73:EB:18
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/IH5m-W4JKWods1C9iKvdH5hz6xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
103.210.13.0-103.210.15.255
103.216.198.0/24
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.91.255
185.201.42.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
192.145.70.0/24
212.60.13.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
1e:33:1e:47:6d:f7:c0:e7:c6:8c:dd:f5:47:7d:c6:a7:0a:9b:
c8:70:7e:5d:af:98:36:7d:95:d9:db:5f:f3:12:8e:dd:31:22:
56:cd:aa:2a:95:45:3a:bf:f6:ee:dd:42:64:51:17:81:e7:ec:
da:69:e7:38:1c:e2:ab:5b:32:d1:de:07:09:d8:14:c1:b6:a0:
70:18:cc:83:bc:91:32:51:04:fb:ed:f4:8e:fc:09:c4:59:cd:
91:59:7b:d7:50:bd:66:2f:19:5e:ca:d3:4d:46:84:24:0a:75:
83:08:84:17:7e:23:c5:a4:3e:e0:d1:b0:8b:be:db:a6:9d:f2:
46:47:b1:d1:56:44:e9:d8:2b:8c:69:25:c5:ec:40:eb:58:2e:
1a:dd:95:fc:34:fb:51:a0:40:b6:fe:c0:a8:0e:f8:81:16:11:
42:19:95:af:f9:2b:bf:69:52:93:c1:9c:fd:15:29:1e:59:ae:
fa:47:55:ab:c0:20:32:6b:e0:fe:f9:b0:a2:9d:5c:76:30:d1:
a8:37:8d:af:00:31:15:f3:69:73:8b:47:04:30:a5:72:17:df:
25:21:b7:df:9a:0e:76:24:02:56:4f:21:9b:d6:3a:86:69:53:
3b:ab:0c:77:c8:78:5b:c7:a8:d0:52:7d:e7:09:ad:71:12:17:
b6:5e:ab:c0
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZjofBsz2yPEg7WR8RVd9wCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwODI2MjIyNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDdlNjZmOTZlMDkyOTZhMWRiMzUwYmQ4OGFiZGQxZjk4NzNlYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jOVUrVDEwxfA9fGutwiAdvZGEpG
ZKaSLagBfYNAYb3PRB80TzD19v7QGsgQzECgMV+Hfkj4oVrJcLcPf1aC8NTG1XQ7
weJmUfz+0E6pIk4VbnMWJ9Bc4IxHhg1lv9xCfZU+tLM0F4SWACtGIpfQSiqJW89e
x7i5XJLJ0jxcGRZckqeDvQ488y4D1MuTMPX7qFfu1TpylR334uXJxNs4Sk54a9d8
X+YWYk3zmXGY3n2AVV/TGWoQiC0AGRAQTbUYIwbIbqYnzD5PnLhKOlNwhz8oDV/D
Rz+jLali0uk2BF8/24X9waJzbn5C9ZN9FPD3W9LggIufX8RPYIh2iwOK2QIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFCB+ZvluCSlqHbNQvYir3R+Yc+sYMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSUg1bS1XNEpLV29kczFDOWlLdmRINWh6NnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBowQCAAEwgZwDBAAF
trkDBAEFtsQDBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrAwDAMEAGfSDQME
BGfSAAMEAGfYxgMEAGjoJAMEAJNOzwMEAKLaXQMEAbk0igMEALmhvgMEAbm71jAM
AwQAucZZAwQCucZYAwQAuckqMAwDBAO50JgDBAC50JoDBAC55nkDBAG5/XgDBADA
kUYDBADUPA0wLAQCAAIwJgMHACoKj0AAAzASAwcAKgqPQAAHAwcAKgqPQAAMAwcA
KgqPQAAcMA0GCSqGSIb3DQEBCwUAA4IBAQAeMx5HbffA58aM3fVHfcanCpvIcH5d
r5g2fZXZ21/zEo7dMSJWzaoqlUU6v/bu3UJkUReB5+zaaec4HOKrWzLR3gcJ2BTB
tqBwGMyDvJEyUQT77fSO/AnEWc2RWXvXUL1mLxleytNNRoQkCnWDCIQXfiPFpD7g
0bCLvtumnfJGR7HRVkTp2CuMaSXF7EDrWC4a3ZX8NPtRoEC2/sCoDviBFhFCGZWv
+Su/aVKTwZz9FSkeWa76R1WrwCAya+D++bCinVx2MNGoN42vADEV82lzi0cEMKVy
F98lIbffmg52JAJWTyGb1jqGaVM7qwx3yHhbx6jQUn3nCa1xEhe2XqvA
-----END CERTIFICATE-----
Generated at Fri Sep 5 04:29:46 2025 by rpki-client