Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/U54PVvrG4HNDTxAz2Cr2Wnn_u4A.roa
File: U54PVvrG4HNDTxAz2Cr2Wnn_u4A.roa (raw, json)
Hash identifier: rri2/I43K3/T6ZIiuZHmLfakrBGksIbDDWcR1NvgoFc=
Subject key identifier: 53:9E:0F:56:FA:C6:E0:73:43:4F:10:33:D8:2A:F6:5A:79:FF:BB:80
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019CED96D210B96DD37020B73E66B93AF579
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/U54PVvrG4HNDTxAz2Cr2Wnn_u4A.roa
Signing time: Sat 14 Mar 2026 18:23:30 +0000
ROA not before: Sat 14 Mar 2026 18:23:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.8.23.0/24 maxlen: 24
45.90.17.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.221.20.0/24 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.72.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Mar 2026 10:03:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ed:96:d2:10:b9:6d:d3:70:20:b7:3e:66:b9:3a:f5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 14 18:23:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=539e0f56fac6e073434f1033d82af65a79ffbb80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bb:6b:ae:a7:b3:f2:01:84:a7:26:ae:d4:3f:
0e:37:a7:a2:59:2c:53:27:87:30:71:2b:47:c7:78:
f6:db:b6:e0:21:c6:66:fe:73:59:45:f3:63:bc:72:
1c:1b:88:9f:a8:54:6d:9d:19:bd:ef:3c:e1:9f:70:
75:20:05:fb:ba:b9:c6:d0:f7:f2:de:e3:97:6c:43:
76:a4:7b:99:08:66:25:ea:1b:74:97:e1:a8:6d:88:
d7:c6:79:7c:0a:25:eb:ba:7e:e4:5c:25:ef:a5:8f:
e1:4d:83:a9:ed:4d:f4:14:26:7a:ed:1b:5e:4c:71:
b9:47:53:5f:d0:ad:bb:4e:1e:6d:93:aa:71:fd:39:
4d:0c:8f:bc:b2:9c:ab:71:0b:e5:f9:90:2f:17:db:
5c:d9:97:53:a4:06:ce:50:bb:30:19:ae:90:bb:76:
b7:d2:87:dd:35:7c:44:e1:05:3f:8c:77:0e:3b:54:
67:a8:e1:6c:02:5c:44:84:26:7e:50:fc:40:0c:cd:
96:22:49:b1:c2:62:e5:6b:1c:d5:55:90:c4:22:68:
6a:25:cf:db:e1:f5:f1:6a:71:06:c2:29:dd:e0:a1:
55:d8:e4:73:8d:d6:45:05:0f:c3:85:b4:13:88:b2:
9d:77:26:16:e6:10:ce:7a:aa:14:fc:69:46:d9:f1:
2b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:9E:0F:56:FA:C6:E0:73:43:4F:10:33:D8:2A:F6:5A:79:FF:BB:80
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/U54PVvrG4HNDTxAz2Cr2Wnn_u4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
45.90.17.0/24
45.131.134.0/23
185.108.204.0/24
185.126.82.0/24
185.199.54.0/24
185.199.158.0/23
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.233.0/24
185.210.235.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/22
185.221.20.0/24
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/22
185.226.104.0/23
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.72.0/24
185.228.75.0/24
185.230.67.0/24
185.232.206.0/24
185.234.22.0/24
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
194.5.67.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
69:29:50:80:58:3c:b5:c1:ee:b8:21:3a:d5:29:d5:2f:16:4f:
1a:a2:85:30:0c:f2:c8:ed:47:77:f5:dc:61:82:97:f5:75:c3:
2b:8f:c8:6e:b1:bf:b5:31:ac:15:9a:1b:46:c3:00:3a:62:84:
3f:d9:aa:20:d2:0b:12:5e:fd:ec:f3:a0:b7:05:d0:0e:63:9a:
0f:0c:6d:83:4a:f4:58:d5:3c:26:af:8b:fa:89:74:dd:9d:b9:
16:d8:a6:2f:59:0a:10:98:bb:c4:e0:d0:ec:9d:7a:34:2b:e4:
15:8d:bb:b2:3f:f5:f5:af:e3:b9:7e:cd:62:fa:88:c8:a1:04:
0f:80:d8:f4:f0:ba:c3:01:90:5f:e4:d2:99:95:b5:21:14:ba:
76:14:62:fe:0b:3f:66:58:a5:cc:f1:0e:ce:e8:d3:ee:49:90:
c6:0d:bd:25:52:f8:90:ae:cd:4c:fb:c3:8b:3b:74:92:43:11:
a3:64:5b:1e:1c:c1:db:72:6c:03:07:97:8c:93:73:38:18:a7:
f4:5c:12:9c:59:65:9f:8a:e0:55:d3:cb:80:8a:f0:de:9c:25:
65:05:ef:f1:cf:ee:69:70:93:e1:1b:6c:27:5b:b5:9d:f3:48:
3c:97:18:9e:10:ef:ac:e9:db:0c:a9:64:67:f6:fd:b0:30:24:
21:e2:e0:31
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZztltIQuW3TcCC3Pma5OvV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMzE0MTgyMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzllMGY1NmZhYzZlMDczNDM0ZjEwMzNkODJhZjY1YTc5ZmZiYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17trrqez8gGEpyau1D8ON6eiWSxT
J4cwcStHx3j227bgIcZm/nNZRfNjvHIcG4ifqFRtnRm97zzhn3B1IAX7urnG0Pfy
3uOXbEN2pHuZCGYl6ht0l+GobYjXxnl8CiXrun7kXCXvpY/hTYOp7U30FCZ67Rte
THG5R1Nf0K27Th5tk6px/TlNDI+8spyrcQvl+ZAvF9tc2ZdTpAbOULswGa6Qu3a3
0ofdNXxE4QU/jHcOO1RnqOFsAlxEhCZ+UPxADM2WIkmxwmLlaxzVVZDEImhqJc/b
4fXxanEGwind4KFV2ORzjdZFBQ/DhbQTiLKddyYW5hDOeqoU/GlG2fEr2QIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFFOeD1b6xuBzQ08QM9gq9lp5/7uAMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVTU0UFZ2ckc0SE5EVHhBejJDcjJXbm5fdTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQALQgXAwQALVoRAwQBLYOGAwQAuWzMAwQAuX5SAwQAucc2AwQBuceeAwQAuc77
AwQAudEmMAwDBAC50UkDBAK50UgDBAC50ukDBAC50usDBAC51mwDBAC52hQDBAC5
2mUDBAK53PgDBAC53RQDBAG53hwDBAC531ADBAC535sDBAK54QADBAG54mgDBAC5
4msDBAC545ADBAG545IDBAC55EgDBAC55EsDBAC55kMDBAC56M4DBAC56hYDBAC5
9nAwDAMEBMEIcAMEAMEIcgMEAME6kAMEAcE6kgMEAMIFQQMEAMIFQwMEAMJMqQME
AMJMrAMEAMJ8RTANBgkqhkiG9w0BAQsFAAOCAQEAaSlQgFg8tcHuuCE61SnVLxZP
GqKFMAzyyO1Hd/XcYYKX9XXDK4/IbrG/tTGsFZobRsMAOmKEP9mqINILEl797POg
twXQDmOaDwxtg0r0WNU8Jq+L+ol03Z25FtimL1kKEJi7xODQ7J16NCvkFY27sj/1
9a/juX7NYvqIyKEED4DY9PC6wwGQX+TSmZW1IRS6dhRi/gs/ZlilzPEOzujT7kmQ
xg29JVL4kK7NTPvDizt0kkMRo2RbHhzB23JsAweXjJNzOBin9FwSnFlln4rgVdPL
gIrw3pwlZQXv8c/uaXCT4RtsJ1u1nfNIPJcYnhDvrOnbDKlkZ/b9sDAkIeLgMQ==
-----END CERTIFICATE-----
Generated at Wed Apr 15 08:27:29 2026 by rpki-client