Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pQxighartip4S2AsRHfKtg5qNkY.roa
File: pQxighartip4S2AsRHfKtg5qNkY.roa (raw, json)
Hash identifier: 1BEGt3suMs1eB9Xza355rFtQFaZZDKapCOhn9D54D6k=
Subject key identifier: A5:0C:62:82:16:AB:B6:2A:78:4B:60:2C:44:77:CA:B6:0E:6A:36:46
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019865AD414C3758D8E96D1597297C103A28
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pQxighartip4S2AsRHfKtg5qNkY.roa
Signing time: Fri 01 Aug 2025 12:48:29 +0000
ROA not before: Fri 01 Aug 2025 12:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.20.0/23 maxlen: 23
87.121.22.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.88.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/22 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
195.178.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Aug 2025 08:55:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:ad:41:4c:37:58:d8:e9:6d:15:97:29:7c:10:3a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 1 12:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a50c628216abb62a784b602c4477cab60e6a3646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:71:e9:84:f0:f7:7e:51:29:68:26:ae:5f:9a:
a7:4f:0a:48:b3:13:3f:78:bf:0d:9b:4a:99:16:f6:
38:e9:ec:b0:be:be:36:5d:c0:b4:31:28:45:52:59:
42:fb:6a:a3:39:db:3f:d6:57:c2:36:b0:05:fd:c9:
a0:e3:c9:a2:dd:eb:80:77:36:f8:11:06:6c:6e:ec:
5f:48:88:d6:93:5a:9d:f5:7f:c3:73:b4:f0:ac:c2:
02:54:00:5b:cb:c3:67:6e:ee:5a:9a:6e:15:cc:e2:
77:de:4e:f4:e1:3c:42:c9:4e:f6:4d:a0:94:81:2a:
9e:c4:b7:14:8f:98:18:89:f5:55:03:97:cd:80:e1:
a1:6b:a3:89:d9:0e:7d:d9:ad:22:4b:c5:9d:b4:89:
77:56:1e:d2:a4:62:68:75:f4:fd:ae:7a:8f:d3:b1:
a8:14:9e:19:1c:75:9b:d2:66:2d:df:be:c6:ea:ce:
85:68:35:fc:e0:a6:0a:69:5c:e2:fd:2f:d1:1e:1d:
8e:bc:9e:8e:7f:e7:97:6c:01:11:bd:93:aa:c0:b8:
c1:ce:d7:c8:e4:7e:33:98:8d:b2:db:04:07:0a:84:
c8:11:a5:55:e8:c6:30:a5:be:e2:c0:85:cc:6b:e3:
8d:6e:6d:99:f6:a2:7c:19:2b:d1:1a:2c:af:83:94:
55:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:0C:62:82:16:AB:B6:2A:78:4B:60:2C:44:77:CA:B6:0E:6A:36:46
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pQxighartip4S2AsRHfKtg5qNkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
31.13.211.0/24
45.9.157.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
81.161.238.0/24
82.115.211.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.121.20.0-87.121.22.255
87.121.45.0/24
87.121.87.0-87.121.88.255
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
92.249.50.0/24
93.123.47.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.162.0/23
94.156.64.0/22
94.156.239.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
193.222.96.0/24
193.222.98.0/24
194.55.186.0/24
194.169.175.0/24
195.178.111.0/24
Signature Algorithm: sha256WithRSAEncryption
52:32:32:42:13:e9:69:9d:fd:7b:bb:ca:30:8d:98:67:22:a2:
9a:43:f7:6a:1f:5d:5f:eb:64:f9:1f:b2:c1:fd:ee:bc:20:43:
e3:96:71:4a:d4:2b:64:dc:d0:3b:e5:9d:dd:a8:9d:3b:99:61:
f5:ae:a6:52:1b:34:dd:36:1b:1d:af:08:bd:0f:6d:0a:5c:3a:
60:81:fe:1a:46:99:30:80:c1:ee:ee:f5:76:d1:f4:81:13:e8:
38:0e:01:7b:07:4b:a1:33:a7:b0:e8:fa:45:b3:1f:fd:5a:f7:
94:63:64:fd:0d:97:61:da:45:62:fd:9f:40:b5:7f:11:e5:31:
5e:5c:a4:4e:64:f3:e1:98:4f:8f:f3:32:f2:2a:e4:82:83:0d:
47:df:39:c3:3f:a3:c9:6b:2a:71:61:27:8a:b4:c1:d0:6c:c0:
39:f8:d2:89:98:ba:bd:6c:fb:a7:1d:e7:24:fe:7b:ef:9c:1a:
1e:78:ee:3a:02:e0:5e:fe:03:b2:fd:e7:67:cb:12:98:69:45:
6f:c8:65:dd:09:3d:02:41:55:e1:97:1e:72:7b:ea:1b:dc:a4:
6a:cb:5c:a7:38:e5:1e:08:85:ea:a4:f2:57:b6:f2:94:7d:7b:
97:3d:2d:c9:01:9a:f9:58:fd:4f:32:91:e2:ca:ef:55:d4:e0:
f9:dd:60:f0
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAZhlrUFMN1jY6W0Vlyl8EDooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwODAxMTI0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTBjNjI4MjE2YWJiNjJhNzg0YjYwMmM0NDc3Y2FiNjBlNmEzNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nHphPD3flEpaCauX5qnTwpIsxM/
eL8Nm0qZFvY46eywvr42XcC0MShFUllC+2qjOds/1lfCNrAF/cmg48mi3euAdzb4
EQZsbuxfSIjWk1qd9X/Dc7TwrMICVABby8Nnbu5amm4VzOJ33k704TxCyU72TaCU
gSqexLcUj5gYifVVA5fNgOGha6OJ2Q592a0iS8WdtIl3Vh7SpGJodfT9rnqP07Go
FJ4ZHHWb0mYt377G6s6FaDX84KYKaVzi/S/RHh2OvJ6Of+eXbAERvZOqwLjBztfI
5H4zmI2y2wQHCoTIEaVV6MYwpb7iwIXMa+ONbm2Z9qJ8GSvRGiyvg5RVOwIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFKUMYoIWq7YqeEtgLER3yrYOajZGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcFF4aWdoYXJ0aXA0UzJBc1JIZkt0ZzVxTmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCASgEAgABMIIB
IAMEAgX8hAMEAB8N0wMEAC0JnQMEAC1C5AMEAC1C5wMEAC1RJwMEAC1YQAMEAC1Z
9wMEAC1aWQMEAC2LagMEAS2NngMEAFGh7gMEAFJz0wMEAFPbYQMEAFQ2MAMEAFd4
VwMEAFd4fgMEAFd4pjAMAwQCV3kUAwQAV3kWAwQAV3ktMAwDBABXeVcDBABXeVgD
BABXeaUDBARbXPADBAFcd8QDBABc+TIDBABdey8DBABde20DBABde3UDBABde3cD
BABeZ30DBAFemqIDBAJenEADBABenO8DBACNYgYwDAMEAKsWSQMEAqsWSAMEALLX
4wMEArnYVAMEAMEZ2AMEAMEjEgMEAMHeYAMEAMHeYgMEAMI3ugMEAMKprwMEAMOy
bzANBgkqhkiG9w0BAQsFAAOCAQEAUjIyQhPpaZ39e7vKMI2YZyKimkP3ah9dX+tk
+R+ywf3uvCBD45ZxStQrZNzQO+Wd3aidO5lh9a6mUhs03TYbHa8IvQ9tClw6YIH+
GkaZMIDB7u71dtH0gRPoOA4BewdLoTOnsOj6RbMf/Vr3lGNk/Q2XYdpFYv2fQLV/
EeUxXlykTmTz4ZhPj/My8irkgoMNR985wz+jyWsqcWEnirTB0GzAOfjSiZi6vWz7
px3nJP5775waHnjuOgLgXv4Dsv3nZ8sSmGlFb8hl3Qk9AkFV4ZcecnvqG9ykastc
pzjlHgiF6qTyV7bylH17lz0tyQGa+Vj9TzKR4srvVdTg+d1g8A==
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:28:47 2025 by rpki-client