Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ANrG9wSyZkwSHcA7jfjtISopPyM.roa
File: ANrG9wSyZkwSHcA7jfjtISopPyM.roa (raw, json)
Hash identifier: iQrybHJmwGptWUGrmiinUocElTY+/Ld+rsHO/kHVgcs=
Subject key identifier: 00:DA:C6:F7:04:B2:66:4C:12:1D:C0:3B:8D:F8:ED:21:2A:29:3F:23
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0197C5428EB46C5B24F4ABACEAFC8316039C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ANrG9wSyZkwSHcA7jfjtISopPyM.roa
Signing time: Tue 01 Jul 2025 09:12:42 +0000
ROA not before: Tue 01 Jul 2025 09:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.5.64.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Jul 2025 08:41:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:42:8e:b4:6c:5b:24:f4:ab:ac:ea:fc:83:16:03:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 1 09:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00dac6f704b2664c121dc03b8df8ed212a293f23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:27:97:b9:5a:9f:d9:82:bf:f5:aa:cb:2c:0f:
a8:d7:9c:12:dc:23:8e:33:7a:dd:07:e3:78:2f:d8:
95:61:30:b2:70:ed:6e:0c:3d:0b:00:6f:ab:2a:13:
6f:52:26:c2:6d:ef:e2:df:d5:d6:b9:50:15:39:be:
09:0f:c7:57:4c:48:43:a1:82:b2:c9:ae:3f:c4:1b:
12:96:03:ad:b0:af:2b:ab:18:a5:19:fb:57:a3:3a:
af:fc:16:51:fc:bc:e1:9a:9a:68:85:af:5e:b5:81:
10:f8:77:ab:f3:64:fb:a0:a6:bc:78:b0:d2:96:91:
45:b3:db:7f:7f:cf:9a:14:cb:ba:1e:38:65:1f:a4:
32:cb:eb:17:f0:ad:61:d5:58:09:d6:7a:be:a0:11:
63:f9:48:9a:dd:73:5e:65:bf:3c:43:74:d9:86:66:
84:98:70:fe:68:a1:87:5a:8c:2f:2f:42:f3:cf:29:
b1:13:2d:17:08:33:50:79:f0:87:0b:bf:03:38:ea:
c3:e7:42:85:1a:ae:44:df:cf:83:78:9e:88:98:d8:
0f:df:30:25:4a:64:63:2a:a2:9c:7d:6b:bf:a8:b8:
41:4b:83:a8:0c:57:52:ba:d4:14:fa:d0:e9:02:09:
81:5f:74:da:eb:26:5d:cd:53:06:63:0e:9a:58:d9:
3a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DA:C6:F7:04:B2:66:4C:12:1D:C0:3B:8D:F8:ED:21:2A:29:3F:23
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ANrG9wSyZkwSHcA7jfjtISopPyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.199.54.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.5.64.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:99:01:f4:a9:71:56:79:c3:85:6d:78:57:61:08:f5:f0:35:
fa:a8:19:bc:ff:49:22:f0:e5:eb:b7:3b:d4:70:3c:78:8a:90:
b5:08:58:d6:67:86:30:11:f7:85:7c:07:d6:89:fc:21:bb:f8:
bd:2b:90:5f:a9:2d:a3:d7:af:40:b8:c8:2e:c0:22:76:5a:db:
22:74:10:36:98:11:87:72:aa:b6:93:cf:46:31:28:13:16:5f:
1d:66:2c:eb:d1:53:83:cf:31:af:60:8f:65:21:20:46:99:71:
45:71:f6:4b:67:a9:b4:af:49:8f:35:b8:32:80:8a:c2:c4:3d:
2c:79:f1:46:0a:60:0e:6d:79:d4:e7:4e:71:55:93:6e:c0:68:
5d:d7:e6:90:01:88:46:f1:03:d0:ae:7d:0a:77:50:0e:e6:63:
62:29:15:be:dc:30:40:ff:e6:8d:b0:71:e2:48:7b:4f:5d:12:
fb:32:95:00:26:eb:8c:d6:7c:c2:37:85:2f:78:db:dc:6a:b5:
51:2a:6d:5e:95:bf:25:85:14:d8:8b:1a:1f:e1:52:bb:e0:22:
7b:74:7a:7d:b2:6e:6d:61:3c:55:ad:ad:78:0d:cf:b8:5a:0d:
3d:af:ec:d5:e0:cd:a4:fa:27:e8:ea:e3:79:ce:43:13:0c:27:
aa:12:fa:cf
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZfFQo60bFsk9Kus6vyDFgOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNzAxMDkxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRhYzZmNzA0YjI2NjRjMTIxZGMwM2I4ZGY4ZWQyMTJhMjkzZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8SeXuVqf2YK/9arLLA+o15wS3COO
M3rdB+N4L9iVYTCycO1uDD0LAG+rKhNvUibCbe/i39XWuVAVOb4JD8dXTEhDoYKy
ya4/xBsSlgOtsK8rqxilGftXozqv/BZR/Lzhmppoha9etYEQ+Her82T7oKa8eLDS
lpFFs9t/f8+aFMu6HjhlH6Qyy+sX8K1h1VgJ1nq+oBFj+Uia3XNeZb88Q3TZhmaE
mHD+aKGHWowvL0LzzymxEy0XCDNQefCHC78DOOrD50KFGq5E38+DeJ6ImNgP3zAl
SmRjKqKcfWu/qLhBS4OoDFdSutQU+tDpAgmBX3Ta6yZdzVMGYw6aWNk6XwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFADaxvcEsmZMEh3AO4347SEqKT8jMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQU5yRzl3U3laa3dTSGNBN2pmanRJU29wUHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAAt
WhEDBAC5flIDBAC5xzYDBAC5zvsDBAC50SYwDAMEALnRSQMEArnRSAMEALnS6QME
ALnWbAMEALnaFAMEALnaZQMEAbnc+gMEAbneHAMEALnfUAMEALnfmwMEAbnhAAME
ALnhAwMEALniaAMEALniawMEALnjkAMEAbnjkgMEALnkSwMEALnozgMEALn2cDAM
AwQEwQhwAwQAwQhyAwQBwTqSAwQAwgVAAwQAwkypAwQAwkysAwQAwnxFMA0GCSqG
SIb3DQEBCwUAA4IBAQCgmQH0qXFWecOFbXhXYQj18DX6qBm8/0ki8OXrtzvUcDx4
ipC1CFjWZ4YwEfeFfAfWifwhu/i9K5BfqS2j169AuMguwCJ2WtsidBA2mBGHcqq2
k89GMSgTFl8dZizr0VODzzGvYI9lISBGmXFFcfZLZ6m0r0mPNbgygIrCxD0sefFG
CmAObXnU505xVZNuwGhd1+aQAYhG8QPQrn0Kd1AO5mNiKRW+3DBA/+aNsHHiSHtP
XRL7MpUAJuuM1nzCN4UveNvcarVRKm1elb8lhRTYixof4VK74CJ7dHp9sm5tYTxV
ra14Dc+4Wg09r+zV4M2k+ifo6uN5zkMTDCeqEvrP
-----END CERTIFICATE-----
Generated at Fri Jul 4 10:22:55 2025 by rpki-client