Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AGZ9q3tu1eGo2b7uJoKlwkimOQ4.roa
File: AGZ9q3tu1eGo2b7uJoKlwkimOQ4.roa (raw, json)
Hash identifier: bu3IHF/lMNKd4gmF4886xmhAioXNlPR7H7cyaQr/TK8=
Subject key identifier: 00:66:7D:AB:7B:6E:D5:E1:A8:D9:BE:EE:26:82:A5:C2:48:A6:39:0E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019725F57EF5D1CEF53D448954B257B70903
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AGZ9q3tu1eGo2b7uJoKlwkimOQ4.roa
Signing time: Sat 31 May 2025 10:48:55 +0000
ROA not before: Sat 31 May 2025 10:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.5.64.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 14:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:25:f5:7e:f5:d1:ce:f5:3d:44:89:54:b2:57:b7:09:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 31 10:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00667dab7b6ed5e1a8d9beee2682a5c248a6390e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3e:cc:5b:1a:40:9a:cb:0d:a5:c1:eb:65:41:
73:92:5a:80:e5:96:51:ce:94:65:7c:f1:f0:79:64:
4b:cf:78:ed:c3:0c:5c:d1:a5:d4:17:91:b3:92:34:
34:1d:47:0a:bb:cb:f5:05:cc:d8:a0:89:df:a5:97:
4f:ac:b1:78:cd:70:ea:73:46:70:a6:5d:e1:d4:16:
40:4e:d9:9e:44:56:ff:64:f0:74:1d:2e:9c:4c:b1:
f1:da:22:80:9c:13:5b:80:71:ef:e9:c8:aa:5d:77:
3a:a2:7b:43:c6:83:bf:81:9e:b0:01:d8:3c:fd:56:
a0:01:2d:9d:87:7f:de:8e:6b:fb:a8:d1:54:dc:53:
fb:12:0e:d6:f7:ba:e4:b5:d3:33:7e:9b:0d:c1:c7:
ab:14:01:69:a3:01:18:c1:f6:67:e9:fd:f6:55:a8:
f9:8d:70:cf:a0:2e:87:65:ce:01:35:1a:15:ff:a1:
98:76:2e:c3:4b:49:99:d0:c2:c7:fa:78:3c:ef:54:
4a:88:28:1a:ac:e5:cc:74:2e:28:9d:2f:18:64:30:
db:94:5e:f6:0c:f3:99:fb:bb:34:5c:d3:f0:72:5d:
de:d1:2f:9c:7d:af:e5:50:00:93:91:22:48:a8:ab:
24:9a:18:65:4c:12:11:55:88:85:06:7f:96:ff:9e:
7a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:66:7D:AB:7B:6E:D5:E1:A8:D9:BE:EE:26:82:A5:C2:48:A6:39:0E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AGZ9q3tu1eGo2b7uJoKlwkimOQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.199.54.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0/24
185.209.75.0/24
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.222.28.0/23
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
185.246.112.0/24
193.8.112.0/23
193.58.146.0/23
194.5.64.0/24
194.5.67.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
31:06:8e:37:60:27:c8:b7:5d:a5:01:d1:32:3b:a3:3b:ea:bb:
5f:f8:91:b1:e7:11:11:12:2e:e6:2c:b3:ce:90:43:32:dd:95:
f4:77:3d:47:17:7c:4d:4d:4b:64:cc:2b:ef:00:00:af:92:90:
d0:b2:aa:44:9a:12:2c:48:c2:76:48:bb:d1:d4:b0:39:b6:4a:
df:2f:58:5d:c0:eb:1b:a0:f8:15:05:e0:cd:26:fa:57:fb:fb:
aa:d3:2e:a3:eb:ca:32:5c:3d:91:bc:23:9a:1e:f3:10:d6:07:
48:0b:9f:2c:5b:16:d4:09:aa:28:ed:ec:59:55:41:81:fc:d8:
f5:e2:ad:72:ca:9e:57:08:31:b3:a8:28:42:29:05:82:c7:49:
af:00:28:bb:24:70:fd:d1:4a:6f:a2:bd:8b:af:72:a0:4a:d9:
5f:0a:c3:98:3d:b7:7e:65:97:7c:8a:71:69:bc:90:a6:5a:5d:
ee:1f:a3:c4:cf:be:5f:c2:3f:2b:73:a3:c2:eb:f3:95:f1:e9:
ff:30:0c:07:73:94:80:9a:33:60:b8:c2:d6:7a:dd:6f:53:b1:
06:e2:4c:59:51:4f:4d:70:22:ec:93:0f:59:85:49:a6:46:c6:
a3:cc:22:f6:db:b7:bf:6f:bb:79:bd:5f:2a:02:9f:f2:5a:3a:
b6:7b:4b:32
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZcl9X710c71PUSJVLJXtwkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNTMxMTA0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY2N2RhYjdiNmVkNWUxYThkOWJlZWUyNjgyYTVjMjQ4YTYzOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD7MWxpAmssNpcHrZUFzklqA5ZZR
zpRlfPHweWRLz3jtwwxc0aXUF5GzkjQ0HUcKu8v1BczYoInfpZdPrLF4zXDqc0Zw
pl3h1BZATtmeRFb/ZPB0HS6cTLHx2iKAnBNbgHHv6ciqXXc6ontDxoO/gZ6wAdg8
/VagAS2dh3/ejmv7qNFU3FP7Eg7W97rktdMzfpsNwcerFAFpowEYwfZn6f32Vaj5
jXDPoC6HZc4BNRoV/6GYdi7DS0mZ0MLH+ng871RKiCgarOXMdC4onS8YZDDblF72
DPOZ+7s0XNPwcl3e0S+cfa/lUACTkSJIqKskmhhlTBIRVYiFBn+W/556wQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFABmfat7btXhqNm+7iaCpcJIpjkOMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQUdaOXEzdHUxZUdvMmI3dUpvS2x3a2ltT1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAAt
WhEDBAC5flIDBAC5xzYDBAC5zvsDBAC50SYDBAC50UkDBAC50UsDBAC50ukDBAC5
1mwDBAC52hQDBAC52mUDBAG53PoDBAG53hwDBAC535sDBAG54QADBAC54QMDBAC5
4mgDBAG545IDBAC55EsDBAC56M4DBAC59nADBAHBCHADBAHBOpIDBADCBUADBADC
BUMDBADCTKkDBADCTKwDBADCfEUwDQYJKoZIhvcNAQELBQADggEBADEGjjdgJ8i3
XaUB0TI7ozvqu1/4kbHnERESLuYss86QQzLdlfR3PUcXfE1NS2TMK+8AAK+SkNCy
qkSaEixIwnZIu9HUsDm2St8vWF3A6xug+BUF4M0m+lf7+6rTLqPryjJcPZG8I5oe
8xDWB0gLnyxbFtQJqijt7FlVQYH82PXirXLKnlcIMbOoKEIpBYLHSa8AKLskcP3R
Sm+ivYuvcqBK2V8Kw5g9t35ll3yKcWm8kKZaXe4fo8TPvl/CPytzo8Lr85Xx6f8w
DAdzlICaM2C4wtZ63W9TsQbiTFlRT01wIuyTD1mFSaZGxqPMIvbbt79vu3m9XyoC
n/JaOrZ7SzI=
-----END CERTIFICATE-----
Generated at Thu Jun 5 05:17:58 2025 by rpki-client