Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/T2hOCDv6m2-xwQC3CusZcmLJE9Q.roa
File: T2hOCDv6m2-xwQC3CusZcmLJE9Q.roa (raw, json)
Hash identifier: s/bq69awguU+TWnFCVVnhezEhuVWiA6m7qtBL8GJsQM=
Subject key identifier: 4F:68:4E:08:3B:FA:9B:6F:B1:C1:00:B7:0A:EB:19:72:62:C9:13:D4
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 01975A579226BFC956A88E2AB10A6CD544E1
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/T2hOCDv6m2-xwQC3CusZcmLJE9Q.roa
Signing time: Tue 10 Jun 2025 14:56:17 +0000
ROA not before: Tue 10 Jun 2025 14:56:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.66.0/24 maxlen: 24
89.23.67.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.79.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.86.0/24 maxlen: 24
89.23.88.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
89.23.95.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/24 maxlen: 24
178.254.145.0/24 maxlen: 24
178.254.146.0/24 maxlen: 24
178.254.148.0/24 maxlen: 24
178.254.149.0/24 maxlen: 24
178.254.151.0/24 maxlen: 24
178.254.152.0/24 maxlen: 24
178.254.153.0/24 maxlen: 24
178.254.154.0/24 maxlen: 24
178.254.155.0/24 maxlen: 24
178.254.156.0/24 maxlen: 24
178.254.157.0/24 maxlen: 24
178.254.158.0/24 maxlen: 24
178.254.159.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.168.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 11 Jun 2025 09:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5a:57:92:26:bf:c9:56:a8:8e:2a:b1:0a:6c:d5:44:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 10 14:56:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f684e083bfa9b6fb1c100b70aeb197262c913d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1f:6d:02:35:56:d4:ab:40:3b:5d:87:33:f3:
03:33:f8:5d:03:fc:a0:56:72:f4:df:9e:6d:78:46:
03:10:53:d2:b8:1a:ea:8a:be:04:19:86:81:b8:c8:
50:30:e7:d4:69:75:fc:cd:c2:b5:37:10:15:d4:18:
ce:6a:0b:28:ea:1e:4a:7a:90:76:58:25:ad:35:12:
bb:0e:e0:91:ee:1f:cc:e2:43:4e:89:1b:f1:32:27:
56:e7:c9:03:dc:86:d0:cb:ca:d7:c5:74:03:06:3e:
a9:9e:5f:65:f5:96:32:0f:b2:98:82:5d:c2:e3:67:
4a:f8:aa:54:8f:e3:f5:05:9a:38:ee:bf:8e:91:7b:
47:6c:7c:ac:67:c1:27:6d:73:90:3b:03:f9:78:d0:
12:4a:d9:5f:b7:49:ed:0f:6a:da:4c:bf:7c:f6:c4:
4b:2a:e9:5d:7c:dc:4d:a2:ce:f4:db:1a:db:30:7d:
80:23:1f:92:d2:ad:33:32:d8:fc:ef:b9:73:8f:bc:
25:3d:13:44:97:5c:51:1f:27:18:2a:c9:1d:ac:c2:
83:c9:97:2e:78:22:a9:1d:4a:26:c9:14:b4:02:f1:
d7:4f:38:39:7c:5d:f5:05:af:9e:bd:d3:78:08:d5:
4c:0f:cd:95:81:cd:8b:1f:ec:02:25:bd:34:43:98:
ae:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:68:4E:08:3B:FA:9B:6F:B1:C1:00:B7:0A:EB:19:72:62:C9:13:D4
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/T2hOCDv6m2-xwQC3CusZcmLJE9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.79.255
89.23.83.0-89.23.84.255
89.23.86.0/24
89.23.88.0/24
89.23.90.0/24
89.23.93.0/24
89.23.95.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.250.255
109.111.252.0-109.111.254.255
178.254.128.0-178.254.146.255
178.254.148.0/23
178.254.151.0-178.254.159.255
178.254.163.0/24
178.254.165.0/24
178.254.168.0/23
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
23:43:ee:01:9d:26:80:7f:58:6f:b9:89:ff:f4:9e:75:b1:06:
62:b4:4d:bb:8c:48:19:5c:ba:08:78:83:2c:c0:18:a0:9c:16:
a9:02:a4:b2:3f:5a:9c:10:8d:4d:66:e5:94:ab:fe:77:e7:7f:
3e:8d:c9:55:c4:5b:b0:a9:f1:e8:aa:f0:b6:2f:12:da:57:b6:
a6:0b:8a:a2:a5:23:e0:36:74:52:e2:eb:45:10:01:23:7a:f0:
e6:61:4e:81:e7:66:e1:bd:9a:b3:38:6d:57:ed:16:ac:81:6d:
17:1d:17:9c:ea:85:74:3d:1e:f7:3f:b6:e3:ab:2c:07:f7:c9:
56:5d:62:7b:93:3d:0e:af:9d:5e:af:c8:fa:2e:91:3d:28:f7:
c3:dc:1c:81:79:ea:33:92:af:d3:26:13:71:d7:f4:0b:65:b7:
95:b4:5e:cf:2a:af:f9:c0:ad:2f:da:3c:a0:92:66:e8:b2:bb:
95:15:71:ab:92:bf:e0:36:0a:c3:3d:cd:2c:46:7a:0a:0e:82:
90:b7:6f:12:2b:16:55:ec:2e:d3:25:f0:24:8a:4f:23:c0:49:
5e:d2:cc:27:1d:4a:e8:1f:b5:0b:28:9a:1e:64:b4:b0:67:43:
a2:e2:ec:f1:5c:f4:43:69:47:f3:5f:4b:4b:81:08:f6:45:34:
23:bf:b6:37
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgISAZdaV5Imv8lWqI4qsQps1UThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwNjEwMTQ1NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjY4NGUwODNiZmE5YjZmYjFjMTAwYjcwYWViMTk3MjYyYzkxM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1R9tAjVW1KtAO12HM/MDM/hdA/yg
VnL0355teEYDEFPSuBrqir4EGYaBuMhQMOfUaXX8zcK1NxAV1BjOagso6h5KepB2
WCWtNRK7DuCR7h/M4kNOiRvxMidW58kD3IbQy8rXxXQDBj6pnl9l9ZYyD7KYgl3C
42dK+KpUj+P1BZo47r+OkXtHbHysZ8EnbXOQOwP5eNASStlft0ntD2raTL989sRL
KuldfNxNos702xrbMH2AIx+S0q0zMtj877lzj7wlPRNEl1xRHycYKskdrMKDyZcu
eCKpHUomyRS0AvHXTzg5fF31Ba+evdN4CNVMD82Vgc2LH+wCJb00Q5iuaQIDAQAB
o4IDNjCCAzIwHQYDVR0OBBYEFE9oTgg7+ptvscEAtwrrGXJiyRPUMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvVDJoT0NEdjZtMi14d1FDM0N1c1pjbUxKRTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSgYIKwYBBQUHAQcBAf8EggE5MIIBNTCCASIEAgABMIIB
GjAMAwQABawhAwQDBawgMAwDBABZF0EDBABZF0YDBAFZF0owDAMEAFkXTQMEBFkX
QDAMAwQAWRdTAwQAWRdUAwQAWRdWAwQAWRdYAwQAWRdaAwQAWRddAwQAWRdfAwQD
XCr4AwQDXV3AMAwDBARfjHADBAFfjHgDBAJfjHwwDAMEBW1v4AMEAG1v8DAMAwQA
bW/zAwQAbW/6MAwDBAJtb/wDBABtb/4wDAMEB7L+gAMEALL+kgMEAbL+lDAMAwQA
sv6XAwQFsv6AAwQAsv6jAwQAsv6lAwQBsv6oAwQAsv6sAwQAsv6vAwQAsv6xMAwD
BAGy/rYDBACy/rgwDAMEALL+uwMEBrL+gAMEALmdLAMEAMFoRAMEBNmp0DANBAIA
AjAHAwUAKgILWDANBgkqhkiG9w0BAQsFAAOCAQEAI0PuAZ0mgH9Yb7mJ//SedbEG
YrRNu4xIGVy6CHiDLMAYoJwWqQKksj9anBCNTWbllKv+d+d/Po3JVcRbsKnx6Krw
ti8S2le2pguKoqUj4DZ0UuLrRRABI3rw5mFOgedm4b2aszhtV+0WrIFtFx0XnOqF
dD0e9z+246ssB/fJVl1ie5M9Dq+dXq/I+i6RPSj3w9wcgXnqM5Kv0yYTcdf0C2W3
lbRezyqv+cCtL9o8oJJm6LK7lRVxq5K/4DYKwz3NLEZ6Cg6CkLdvEisWVewu0yXw
JIpPI8BJXtLMJx1K6B+1CyiaHmS0sGdDouLs8Vz0Q2lH819LS4EI9kU0I7+2Nw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:35:49 2025 by rpki-client