Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/khPmxiScY9A5wUohcKIfYIdO-V4.roa
File: khPmxiScY9A5wUohcKIfYIdO-V4.roa (raw, json)
Hash identifier: Rw4xHkqna2N22lHycOiJxjbeUTXm3aLBH9BH5Mm7sn4=
Subject key identifier: 92:13:E6:C6:24:9C:63:D0:39:C1:4A:21:70:A2:1F:60:87:4E:F9:5E
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 019763AEED992D77F7B170103603DF9DC54A
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/khPmxiScY9A5wUohcKIfYIdO-V4.roa
Signing time: Thu 12 Jun 2025 10:28:17 +0000
ROA not before: Thu 12 Jun 2025 10:28:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.66.0/24 maxlen: 24
89.23.67.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.79.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.86.0/24 maxlen: 24
89.23.88.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/24 maxlen: 24
178.254.145.0/24 maxlen: 24
178.254.146.0/24 maxlen: 24
178.254.148.0/24 maxlen: 24
178.254.149.0/24 maxlen: 24
178.254.151.0/24 maxlen: 24
178.254.152.0/24 maxlen: 24
178.254.153.0/24 maxlen: 24
178.254.154.0/24 maxlen: 24
178.254.155.0/24 maxlen: 24
178.254.156.0/24 maxlen: 24
178.254.157.0/24 maxlen: 24
178.254.158.0/24 maxlen: 24
178.254.159.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.168.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 13 Jun 2025 08:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:ae:ed:99:2d:77:f7:b1:70:10:36:03:df:9d:c5:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 12 10:28:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9213e6c6249c63d039c14a2170a21f60874ef95e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:5b:e1:6a:99:73:39:a5:6f:3d:71:97:30:
e0:d4:29:69:a7:f8:2a:37:a4:29:de:34:28:bc:b6:
6c:4b:d9:69:3f:82:2d:0b:15:75:2d:c3:7c:aa:85:
92:1f:a8:4f:9f:32:6b:c7:10:27:05:91:25:e7:86:
ab:4b:10:d7:61:b3:bd:20:28:2d:0e:df:5c:75:5e:
ca:e4:56:4f:a3:32:dc:03:df:4b:65:c1:68:ca:f6:
31:1a:80:61:4d:5d:39:b0:08:43:de:0c:70:67:64:
ad:64:b1:32:b3:dd:4b:9a:55:d9:c9:0a:2c:49:56:
89:c4:29:d7:1f:eb:e8:c8:56:93:74:7e:0b:7c:3c:
f6:4a:2b:de:cf:66:26:13:9a:39:61:04:b6:13:01:
a6:00:b4:e3:62:2a:ea:77:84:03:c1:e7:70:77:20:
32:a1:68:89:77:9d:9d:f4:7c:86:da:e0:fb:7b:c5:
15:dd:97:ef:1a:68:59:76:0f:3d:9f:ac:81:72:e4:
69:80:22:d9:73:ce:2a:d6:77:51:bb:89:0a:30:a1:
40:7c:0f:57:94:86:54:a1:03:8e:ac:38:dd:87:b4:
33:2d:3a:6e:2b:8e:d3:1a:76:b1:29:93:78:66:75:
b8:a3:8d:3f:a3:3c:82:2a:51:99:a6:30:70:d5:73:
63:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:13:E6:C6:24:9C:63:D0:39:C1:4A:21:70:A2:1F:60:87:4E:F9:5E
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/khPmxiScY9A5wUohcKIfYIdO-V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.79.255
89.23.83.0-89.23.84.255
89.23.86.0/24
89.23.88.0/24
89.23.90.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.250.255
109.111.252.0-109.111.254.255
178.254.128.0-178.254.146.255
178.254.148.0/23
178.254.151.0-178.254.159.255
178.254.163.0/24
178.254.165.0/24
178.254.168.0/23
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
68:f3:03:43:6e:32:6f:02:d7:87:b3:1b:41:49:3e:e9:53:6a:
c2:f8:de:93:81:71:0f:be:0b:ba:1f:79:c7:dd:98:b2:fc:07:
ab:4f:7a:20:7a:d7:bd:40:5d:d0:58:49:32:5a:eb:b9:c9:7c:
96:43:9e:8a:1b:e4:86:2c:f2:9d:88:a9:e0:f0:74:01:54:71:
2d:1d:6e:21:2f:d7:14:1a:46:8c:5b:b6:94:7a:67:f9:ef:5d:
b8:a2:d4:eb:f3:42:30:69:4b:9c:5d:ad:ec:97:60:62:94:bd:
0d:33:1e:bf:73:f6:52:e5:88:41:2c:f5:22:24:72:4b:31:92:
8a:b0:e8:91:c3:cb:fe:e6:a6:41:31:1d:a8:87:97:45:2a:6a:
bf:cb:91:d9:2c:9e:84:cd:8f:58:bb:cf:ff:27:3f:8b:df:6c:
45:0e:9e:95:5d:82:1e:e1:98:05:41:bb:4d:8d:6a:ad:6f:c3:
2b:7a:96:b7:2a:3e:12:b6:97:82:8a:45:71:a2:f0:60:d5:2b:
49:8c:72:d8:c5:9e:12:43:86:6b:d9:e6:f9:55:ad:d0:0e:0c:
e0:0b:12:ed:5c:17:dc:af:a3:2e:76:5f:cc:f6:98:9a:7a:06:
da:9e:61:e6:7e:0c:b5:23:2c:7e:36:6b:44:ad:f1:4c:34:b3:
c7:29:92:2f
-----BEGIN CERTIFICATE-----
MIIGHjCCBQagAwIBAgISAZdjru2ZLXf3sXAQNgPfncVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwNjEyMTAyODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjEzZTZjNjI0OWM2M2QwMzljMTRhMjE3MGEyMWY2MDg3NGVmOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8hb4WqZczmlbz1xlzDg1Clpp/gq
N6Qp3jQovLZsS9lpP4ItCxV1LcN8qoWSH6hPnzJrxxAnBZEl54arSxDXYbO9ICgt
Dt9cdV7K5FZPozLcA99LZcFoyvYxGoBhTV05sAhD3gxwZ2StZLEys91LmlXZyQos
SVaJxCnXH+voyFaTdH4LfDz2Sivez2YmE5o5YQS2EwGmALTjYirqd4QDwedwdyAy
oWiJd52d9HyG2uD7e8UV3ZfvGmhZdg89n6yBcuRpgCLZc84q1ndRu4kKMKFAfA9X
lIZUoQOOrDjdh7QzLTpuK47TGnaxKZN4ZnW4o40/ozyCKlGZpjBw1XNj9wIDAQAB
o4IDKjCCAyYwHQYDVR0OBBYEFJIT5sYknGPQOcFKIXCiH2CHTvleMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEva2hQbXhpU2NZOUE1d1VvaGNLSWZZSWRPLVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPgYIKwYBBQUHAQcBAf8EggEtMIIBKTCCARYEAgABMIIB
DjAMAwQABawhAwQDBawgMAwDBABZF0EDBABZF0YDBAFZF0owDAMEAFkXTQMEBFkX
QDAMAwQAWRdTAwQAWRdUAwQAWRdWAwQAWRdYAwQAWRdaAwQDXCr4AwQDXV3AMAwD
BARfjHADBAFfjHgDBAJfjHwwDAMEBW1v4AMEAG1v8DAMAwQAbW/zAwQAbW/6MAwD
BAJtb/wDBABtb/4wDAMEB7L+gAMEALL+kgMEAbL+lDAMAwQAsv6XAwQFsv6AAwQA
sv6jAwQAsv6lAwQBsv6oAwQAsv6sAwQAsv6vAwQAsv6xMAwDBAGy/rYDBACy/rgw
DAMEALL+uwMEBrL+gAMEALmdLAMEAMFoRAMEBNmp0DANBAIAAjAHAwUAKgILWDAN
BgkqhkiG9w0BAQsFAAOCAQEAaPMDQ24ybwLXh7MbQUk+6VNqwvjek4FxD74Luh95
x92YsvwHq096IHrXvUBd0FhJMlrrucl8lkOeihvkhizynYip4PB0AVRxLR1uIS/X
FBpGjFu2lHpn+e9duKLU6/NCMGlLnF2t7JdgYpS9DTMev3P2UuWIQSz1IiRySzGS
irDokcPL/uamQTEdqIeXRSpqv8uR2SyehM2PWLvP/yc/i99sRQ6elV2CHuGYBUG7
TY1qrW/DK3qWtyo+EraXgopFcaLwYNUrSYxy2MWeEkOGa9nm+VWt0A4M4AsS7VwX
3K+jLnZfzPaYmnoG2p5h5n4MtSMsfjZrRK3xTDSzxymSLw==
-----END CERTIFICATE-----
Generated at Fri Jun 20 16:22:31 2025 by rpki-client