Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5X4W68JQ4Wk86c7_lewtMKvFC2A.roa
File: 5X4W68JQ4Wk86c7_lewtMKvFC2A.roa (raw, json)
Hash identifier: Z8y4y+bUEajhmyChTfW5Cvcn9+ReenKl897GRL7m1Ro=
Subject key identifier: E5:7E:16:EB:C2:50:E1:69:3C:E9:CE:FF:95:EC:2D:30:AB:C5:0B:60
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019E44719EBB0A45406DCA58F0A70995C979
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5X4W68JQ4Wk86c7_lewtMKvFC2A.roa
Signing time: Wed 20 May 2026 08:12:37 +0000
ROA not before: Wed 20 May 2026 08:12:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3301
IP address blocks: 192.36.96.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.121.109.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
192.165.8.0/24 maxlen: 24
192.165.12.0/24 maxlen: 24
192.165.31.0/24 maxlen: 24
192.165.95.0/24 maxlen: 24
192.165.173.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
192.165.229.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
193.180.175.0/24 maxlen: 24
193.180.176.0/24 maxlen: 24
193.181.72.0/24 maxlen: 24
193.181.73.0/24 maxlen: 24
193.181.74.0/24 maxlen: 24
193.181.184.0/23 maxlen: 23
193.182.107.0/24 maxlen: 24
193.182.126.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
193.182.188.0/24 maxlen: 24
193.182.190.0/24 maxlen: 24
193.183.228.0/23 maxlen: 23
193.183.230.0/23 maxlen: 23
193.183.236.0/23 maxlen: 23
193.234.184.0/24 maxlen: 24
193.234.185.0/24 maxlen: 24
193.235.152.0/24 maxlen: 24
194.14.8.0/24 maxlen: 24
194.14.154.0/24 maxlen: 24
194.14.155.0/24 maxlen: 24
194.14.156.0/24 maxlen: 24
194.14.245.0/24 maxlen: 24
194.68.72.0/22 maxlen: 22
194.68.76.0/23 maxlen: 23
194.68.79.0/24 maxlen: 24
194.68.94.0/24 maxlen: 24
194.68.127.0/24 maxlen: 24
194.71.132.0/22 maxlen: 22
194.103.240.0/21 maxlen: 21
194.132.95.0/24 maxlen: 24
194.132.188.0/23 maxlen: 23
194.132.190.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 11 Jun 2026 12:19:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:44:71:9e:bb:0a:45:40:6d:ca:58:f0:a7:09:95:c9:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 20 08:12:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e57e16ebc250e1693ce9ceff95ec2d30abc50b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5d:b1:11:41:40:b6:14:ef:51:c2:d3:08:a7:
ea:78:49:9e:e1:e8:53:23:04:6c:17:95:3b:d9:4c:
9a:82:30:ab:19:78:af:35:d0:40:cb:84:a7:83:ec:
2c:c8:2f:cd:1e:ac:d0:85:ca:8f:05:6d:21:d4:41:
fd:49:7c:d7:4a:a4:b0:7a:15:9d:63:9f:94:34:b4:
21:d9:ff:9c:60:8a:95:82:1e:37:13:c6:76:72:20:
95:f6:00:5a:7b:dd:d6:20:dd:be:55:6b:9a:7e:97:
7c:c6:b2:f7:a1:56:b5:e3:11:7e:76:f6:23:24:9c:
79:30:d9:16:63:61:12:22:16:3b:af:f6:ce:05:25:
92:84:c9:35:7e:b3:42:f9:41:72:2a:c8:fd:d5:b6:
79:c6:0b:15:42:91:dd:40:02:40:ce:53:4a:85:ce:
c8:17:32:fb:9c:66:a8:8a:58:c1:97:b7:14:16:40:
c4:78:7c:34:12:d7:da:0c:b4:5a:89:23:17:b8:f6:
5a:b3:36:de:3d:f4:f2:b4:1a:e7:f1:56:a6:de:2c:
19:df:6d:fb:24:7c:c1:64:c4:f3:59:6f:e2:0c:1e:
83:89:b0:a6:3e:5d:40:12:4f:0e:cb:08:aa:fa:fd:
01:21:3c:42:c3:10:68:6f:c5:74:ba:2d:95:18:27:
2a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:7E:16:EB:C2:50:E1:69:3C:E9:CE:FF:95:EC:2D:30:AB:C5:0B:60
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5X4W68JQ4Wk86c7_lewtMKvFC2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.96.0/24
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.109.0/24
192.121.115.0/24
192.121.229.0/24
192.165.8.0/24
192.165.12.0/24
192.165.31.0/24
192.165.95.0/24
192.165.173.0/24
192.165.180.0/24
192.165.229.0/24
192.176.124.0/24
193.180.7.0/24
193.180.175.0-193.180.176.255
193.181.72.0-193.181.74.255
193.181.184.0/23
193.182.107.0/24
193.182.126.0/24
193.182.152.0/23
193.182.188.0/24
193.182.190.0/24
193.183.228.0/22
193.183.236.0/23
193.234.184.0/23
193.235.152.0/24
194.14.8.0/24
194.14.154.0-194.14.156.255
194.14.245.0/24
194.68.72.0-194.68.77.255
194.68.79.0/24
194.68.94.0/24
194.68.127.0/24
194.71.132.0/22
194.103.240.0/21
194.132.95.0/24
194.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:27:2b:04:fd:de:52:ef:4f:26:8d:f6:00:0d:49:4e:99:d1:
92:1e:04:25:ca:a2:84:6f:bd:81:9b:be:56:bc:c1:1a:8c:df:
9d:33:88:e7:52:ef:19:8d:c9:a8:38:20:72:4a:14:04:f1:04:
00:c9:c6:7f:59:ef:16:f3:e3:e6:dc:d0:34:9d:ed:2a:03:d1:
35:f2:cb:af:62:64:04:1e:3f:8b:ac:1a:53:28:62:b1:13:f5:
f2:f5:ab:f1:b7:0a:56:25:d0:1c:40:ca:f4:ff:0d:9f:6d:7b:
5f:04:26:30:29:19:47:83:c6:1a:61:31:7b:47:ee:f7:1d:0a:
e0:bb:8f:a0:fc:98:6e:0a:b1:ec:14:9f:a0:fd:3a:86:3c:7c:
d4:aa:66:78:3a:4a:6c:cc:52:3e:6c:5a:cd:a7:49:e1:60:2d:
27:b8:21:0e:14:3d:7b:6c:4a:34:54:91:40:55:83:3e:91:7f:
c5:e0:72:57:ce:ed:8d:7f:09:ae:8e:57:59:c0:e7:d8:b2:11:
ac:31:30:80:37:5d:a6:be:7c:e2:96:58:f4:b3:17:84:aa:68:
90:40:ec:fb:e3:14:eb:e7:9c:9b:46:c5:6a:5b:70:b3:60:8e:
3d:4d:2c:d9:c0:9a:3b:43:cf:16:2a:2e:76:3a:db:65:29:0c:
31:fa:15:9a
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZ5EcZ67CkVAbcpY8KcJlcl5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNTIwMDgxMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTdlMTZlYmMyNTBlMTY5M2NlOWNlZmY5NWVjMmQzMGFiYzUwYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl2xEUFAthTvUcLTCKfqeEme4ehT
IwRsF5U72UyagjCrGXivNdBAy4Sng+wsyC/NHqzQhcqPBW0h1EH9SXzXSqSwehWd
Y5+UNLQh2f+cYIqVgh43E8Z2ciCV9gBae93WIN2+VWuafpd8xrL3oVa14xF+dvYj
JJx5MNkWY2ESIhY7r/bOBSWShMk1frNC+UFyKsj91bZ5xgsVQpHdQAJAzlNKhc7I
FzL7nGaoiljBl7cUFkDEeHw0EtfaDLRaiSMXuPZaszbePfTytBrn8Vam3iwZ3237
JHzBZMTzWW/iDB6DibCmPl1AEk8Oywiq+v0BITxCwxBob8V0ui2VGCcqywIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFOV+FuvCUOFpPOnO/5XsLTCrxQtgMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNVg0VzY4SlE0V2s4NmM3X2xld3RNS3ZGQzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAMAkYAMEAMB5KDAMAwQBwHkyAwQAwHk0AwQAwHltAwQAwHlzAwQAwHnlAwQA
wKUIAwQAwKUMAwQAwKUfAwQAwKVfAwQAwKWtAwQAwKW0AwQAwKXlAwQAwLB8AwQA
wbQHMAwDBADBtK8DBADBtLAwDAMEA8G1SAMEAMG1SgMEAcG1uAMEAMG2awMEAMG2
fgMEAcG2mAMEAMG2vAMEAMG2vgMEAsG35AMEAcG37AMEAcHquAMEAMHrmAMEAMIO
CDAMAwQBwg6aAwQAwg6cAwQAwg71MAwDBAPCREgDBAHCREwDBADCRE8DBADCRF4D
BADCRH8DBALCR4QDBAPCZ/ADBADChF8DBALChLwwDQYJKoZIhvcNAQELBQADggEB
AAsnKwT93lLvTyaN9gANSU6Z0ZIeBCXKooRvvYGbvla8wRqM350ziOdS7xmNyag4
IHJKFATxBADJxn9Z7xbz4+bc0DSd7SoD0TXyy69iZAQeP4usGlMoYrET9fL1q/G3
ClYl0BxAyvT/DZ9te18EJjApGUeDxhphMXtH7vcdCuC7j6D8mG4KsewUn6D9OoY8
fNSqZng6SmzMUj5sWs2nSeFgLSe4IQ4UPXtsSjRUkUBVgz6Rf8XgclfO7Y1/Ca6O
V1nA59iyEawxMIA3Xaa+fOKWWPSzF4SqaJBA7PvjFOvnnJtGxWpbcLNgjj1NLNnA
mjtDzxYqLnY622UpDDH6FZo=
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:38 2026 by rpki-client