Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MuWgN8b5yh7QSIwTTmKEQAAqsr4.roa
File: MuWgN8b5yh7QSIwTTmKEQAAqsr4.roa (raw, json)
Hash identifier: 2b06/exJFEWo0G2woP0NFX/gp7nzamfEY8VfGpFP9FY=
Subject key identifier: 32:E5:A0:37:C6:F9:CA:1E:D0:48:8C:13:4E:62:84:40:00:2A:B2:BE
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0197E98EA461A41CEE700CDCF54AD315E392
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MuWgN8b5yh7QSIwTTmKEQAAqsr4.roa
Signing time: Tue 08 Jul 2025 10:22:08 +0000
ROA not before: Tue 08 Jul 2025 10:22:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.5.64.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Jul 2025 11:32:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:8e:a4:61:a4:1c:ee:70:0c:dc:f5:4a:d3:15:e3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 8 10:22:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32e5a037c6f9ca1ed0488c134e628440002ab2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:51:c1:c5:ea:bc:ed:bc:72:ba:b0:a4:64:c8:
36:35:06:c2:f5:ad:7f:2b:bb:af:0c:50:3f:cd:96:
f1:c7:88:50:0e:ab:e1:bb:60:92:47:b4:ca:65:05:
c4:77:cd:0b:da:93:9a:9a:01:33:f7:56:2f:a7:6a:
af:65:d5:b8:bb:56:ff:3c:52:29:dc:bf:17:d1:7b:
9b:bb:99:1c:7d:69:7b:ae:a6:fb:ea:28:9a:e1:ab:
40:de:ac:ec:2a:9c:46:87:9f:40:9c:e6:db:8b:4d:
d1:c5:c9:a8:c7:50:83:5d:dd:d2:41:b5:82:3c:25:
05:73:1e:5b:36:e3:cf:12:a7:82:ee:36:79:e3:e6:
62:e4:15:17:8a:6d:b3:b6:8d:37:fe:93:76:a6:17:
02:d3:84:ac:01:1a:ac:80:c1:6a:04:b5:e0:d5:ae:
42:ef:07:cc:1c:ed:de:45:f3:10:41:a9:75:16:5d:
9e:64:ad:6a:5c:ff:e0:df:bf:ac:f5:75:1a:6f:f8:
95:de:42:3b:01:4e:c0:98:b1:2f:82:e1:e4:88:de:
0f:57:66:e7:eb:6b:ef:de:4a:13:75:23:c4:af:aa:
20:d2:3f:99:3a:78:10:b2:a5:22:db:17:46:9a:eb:
a0:0b:ab:cf:c1:35:4c:48:c9:78:fb:c6:0f:0b:66:
f2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E5:A0:37:C6:F9:CA:1E:D0:48:8C:13:4E:62:84:40:00:2A:B2:BE
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MuWgN8b5yh7QSIwTTmKEQAAqsr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.199.54.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.222.28.0/23
185.223.80.0/24
185.223.82.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.5.64.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
99:70:eb:fb:2f:70:25:fa:d8:b6:fb:83:30:6c:e1:07:5a:b4:
a4:ac:3c:6e:cd:34:a8:8b:5c:88:50:d1:8e:6e:81:79:8d:ba:
51:c5:34:94:86:b2:b1:6d:2b:aa:15:dd:b9:b8:95:c8:75:85:
a8:09:4a:e5:d4:fb:8a:07:63:46:da:2d:ce:62:20:93:03:4a:
30:d5:bb:00:78:21:b2:8c:d0:8b:93:41:9b:b4:06:cc:e0:a3:
43:46:2c:6e:60:d8:34:37:71:52:28:02:dd:77:58:de:4a:04:
40:56:b7:9d:b3:45:78:77:a6:22:d3:05:6a:c9:38:c2:51:27:
22:9e:06:52:a4:25:61:15:e3:9a:2e:57:d2:07:66:c1:05:bc:
96:64:de:ec:16:c3:74:f2:e6:57:a2:cf:db:d0:97:e6:50:a2:
0b:69:ce:0c:41:3a:9c:e6:8c:4f:e9:18:b4:71:18:b6:ef:b9:
78:0e:e5:e0:93:0e:34:2e:00:83:89:a8:40:52:6c:b1:47:d2:
39:de:16:e5:fe:e8:2d:fa:73:62:db:98:3c:31:92:85:37:01:
24:04:39:20:af:f8:fb:61:fc:c2:d9:cc:7e:52:3c:e0:15:25:
42:26:c4:a8:e8:d9:90:73:92:ec:78:c5:4d:fd:de:da:9a:6c:
f3:66:f5:be
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZfpjqRhpBzucAzc9UrTFeOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNzA4MTAyMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmU1YTAzN2M2ZjljYTFlZDA0ODhjMTM0ZTYyODQ0MDAwMmFiMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslHBxeq87bxyurCkZMg2NQbC9a1/
K7uvDFA/zZbxx4hQDqvhu2CSR7TKZQXEd80L2pOamgEz91Yvp2qvZdW4u1b/PFIp
3L8X0Xubu5kcfWl7rqb76iia4atA3qzsKpxGh59AnObbi03Rxcmox1CDXd3SQbWC
PCUFcx5bNuPPEqeC7jZ54+Zi5BUXim2zto03/pN2phcC04SsARqsgMFqBLXg1a5C
7wfMHO3eRfMQQal1Fl2eZK1qXP/g37+s9XUab/iV3kI7AU7AmLEvguHkiN4PV2bn
62vv3koTdSPEr6og0j+ZOngQsqUi2xdGmuugC6vPwTVMSMl4+8YPC2byowIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFDLloDfG+coe0EiME05ihEAAKrK+MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTXVXZ044YjV5aDdRU0l3VFRtS0VRQUFxc3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAAt
WhEDBAC5flIDBAC5xzYDBAC5zvsDBAC50SYwDAMEALnRSQMEArnRSAMEALnS6QME
ALnWbAMEALnaFAMEALnaZQMEAbnc+gMEAbneHAMEALnfUAMEALnfUgMEALnfmwME
AbnhAAMEALnhAwMEALniaAMEALniawMEALnjkAMEAbnjkgMEALnkSwMEALnozgME
ALn2cDAMAwQEwQhwAwQAwQhyAwQBwTqSAwQAwgVAAwQAwkypAwQAwkysAwQAwnxF
MA0GCSqGSIb3DQEBCwUAA4IBAQCZcOv7L3Al+ti2+4MwbOEHWrSkrDxuzTSoi1yI
UNGOboF5jbpRxTSUhrKxbSuqFd25uJXIdYWoCUrl1PuKB2NG2i3OYiCTA0ow1bsA
eCGyjNCLk0GbtAbM4KNDRixuYNg0N3FSKALdd1jeSgRAVreds0V4d6Yi0wVqyTjC
UScingZSpCVhFeOaLlfSB2bBBbyWZN7sFsN08uZXos/b0JfmUKILac4MQTqc5oxP
6Ri0cRi277l4DuXgkw40LgCDiahAUmyxR9I53hbl/ugt+nNi25g8MZKFNwEkBDkg
r/j7YfzC2cx+UjzgFSVCJsSo6NmQc5LseMVN/d7ammzzZvW+
-----END CERTIFICATE-----
Generated at Wed Jul 30 20:54:48 2025 by rpki-client