Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/66fG4OzfuP_rz-H1BAqWJMDfdNw.roa
File: 66fG4OzfuP_rz-H1BAqWJMDfdNw.roa (raw, json)
Hash identifier: VEFDrb5X8Gp76tKDMXEgzoMCqPdLTcKy/H0Vg6vUSxo=
Subject key identifier: EB:A7:C6:E0:EC:DF:B8:FF:EB:CF:E1:F5:04:0A:96:24:C0:DF:74:DC
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 019A3520F3ADD150633294EF2679BED749C7
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/66fG4OzfuP_rz-H1BAqWJMDfdNw.roa
Signing time: Thu 30 Oct 2025 12:39:03 +0000
ROA not before: Thu 30 Oct 2025 12:39:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29205
IP address blocks: 45.156.236.0/22 maxlen: 24
91.230.36.0/23 maxlen: 23
185.49.12.0/22 maxlen: 24
185.49.15.0/24 maxlen: 24
185.100.228.0/23 maxlen: 24
185.100.228.0/24 maxlen: 24
185.100.231.0/24 maxlen: 24
185.192.102.0/24 maxlen: 24
188.214.16.0/21 maxlen: 24
188.215.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Nov 2025 10:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:35:20:f3:ad:d1:50:63:32:94:ef:26:79:be:d7:49:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Oct 30 12:39:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eba7c6e0ecdfb8ffebcfe1f5040a9624c0df74dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:3a:c9:02:bb:60:9a:17:0c:4c:af:e4:2a:65:
d7:e3:9f:6e:f0:1a:78:75:a5:fc:3f:94:62:60:11:
04:59:18:37:ef:83:e9:ea:62:6a:31:c8:52:26:47:
f1:aa:61:f9:78:04:8c:7c:35:d0:22:69:a0:c8:34:
fb:ec:7f:a7:bb:b2:a2:bc:3f:b9:0c:ac:d5:e8:f2:
05:f9:d7:b9:6c:c4:7f:2b:a1:f3:b2:5f:cd:ee:b0:
33:86:d7:c5:90:62:2b:00:cd:e5:9b:21:6c:fa:ed:
cf:90:81:50:91:0a:a1:35:31:44:57:6b:b2:fb:0a:
c3:44:8e:10:81:30:9f:fe:75:2f:4c:4d:20:0e:18:
34:54:4d:06:55:32:ce:3b:78:71:13:45:a5:ae:a5:
7e:1f:e3:ab:e7:00:63:85:9e:06:27:7d:d1:73:85:
22:0a:a4:5d:de:ce:bd:32:a0:a4:c6:fc:83:87:ed:
ac:b3:7e:e4:d2:1c:ae:ed:df:02:da:db:38:fb:93:
57:ce:c9:d6:77:d8:c7:2d:45:e7:55:b1:63:aa:9a:
7e:13:68:94:71:16:4e:94:b0:83:d6:88:f4:e1:c7:
25:9c:01:a5:a3:6a:62:30:e6:7a:d7:32:71:75:f5:
2b:73:e6:06:a0:3c:c7:eb:57:91:e4:8a:cc:3e:19:
2f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A7:C6:E0:EC:DF:B8:FF:EB:CF:E1:F5:04:0A:96:24:C0:DF:74:DC
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/66fG4OzfuP_rz-H1BAqWJMDfdNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.236.0/22
91.230.36.0/23
185.49.12.0/22
185.100.228.0/23
185.100.231.0/24
185.192.102.0/24
188.214.16.0/21
188.215.64.0/24
Signature Algorithm: sha256WithRSAEncryption
47:91:3f:3b:92:74:54:ee:71:42:3b:a4:8a:4b:0d:e0:b3:24:
ff:04:dd:e9:99:a7:39:47:50:67:f1:1f:5a:05:ca:e7:7c:39:
91:2c:cc:45:81:08:ae:86:2a:2d:6f:32:c6:90:70:04:41:b7:
65:91:d4:4d:57:12:75:72:28:c1:e0:51:c8:75:57:05:87:d1:
7e:b1:54:85:6e:e1:d7:23:91:6b:0c:3b:c3:f0:73:02:20:63:
0d:3e:07:83:cc:fa:5f:30:66:f4:2b:ff:bf:be:c8:0c:ee:f5:
cc:32:55:58:61:bb:f3:7b:3a:7a:a5:eb:62:66:c4:37:f4:3e:
7a:2a:34:b5:63:47:a6:32:66:94:3a:16:12:0b:b7:4b:1d:36:
51:59:ae:af:4c:02:49:04:36:79:49:22:79:6d:ae:6a:81:cf:
f8:69:a1:87:17:db:54:03:ca:54:dd:7f:c5:50:b8:61:e2:1a:
1f:86:3b:7e:da:68:76:a9:e4:62:bd:ae:43:1e:fa:b6:6d:e6:
0b:9e:76:44:5a:e3:f7:8f:12:ca:0e:7e:28:d9:d0:d2:8b:bb:
22:1b:80:6f:06:d9:46:95:88:cf:36:a2:45:21:92:03:88:23:
54:e3:e8:11:bc:92:73:4c:76:62:6e:09:fb:d7:a4:07:eb:fa:
90:09:b8:74
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZo1IPOt0VBjMpTvJnm+10nHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjUxMDMwMTIzOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmE3YzZlMGVjZGZiOGZmZWJjZmUxZjUwNDBhOTYyNGMwZGY3NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+TrJArtgmhcMTK/kKmXX459u8Bp4
daX8P5RiYBEEWRg374Pp6mJqMchSJkfxqmH5eASMfDXQImmgyDT77H+nu7KivD+5
DKzV6PIF+de5bMR/K6Hzsl/N7rAzhtfFkGIrAM3lmyFs+u3PkIFQkQqhNTFEV2uy
+wrDRI4QgTCf/nUvTE0gDhg0VE0GVTLOO3hxE0WlrqV+H+Or5wBjhZ4GJ33Rc4Ui
CqRd3s69MqCkxvyDh+2ss37k0hyu7d8C2ts4+5NXzsnWd9jHLUXnVbFjqpp+E2iU
cRZOlLCD1oj04cclnAGlo2piMOZ61zJxdfUrc+YGoDzH61eR5IrMPhkv/wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOunxuDs37j/68/h9QQKliTA33TcMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvNjZmRzRPemZ1UF9yei1IMUJBcVdKTURmZE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLZzsAwQB
W+YkAwQCuTEMAwQBuWTkAwQAuWTnAwQAucBmAwQDvNYQAwQAvNdAMA0GCSqGSIb3
DQEBCwUAA4IBAQBHkT87knRU7nFCO6SKSw3gsyT/BN3pmac5R1Bn8R9aBcrnfDmR
LMxFgQiuhiotbzLGkHAEQbdlkdRNVxJ1cijB4FHIdVcFh9F+sVSFbuHXI5FrDDvD
8HMCIGMNPgeDzPpfMGb0K/+/vsgM7vXMMlVYYbvzezp6petiZsQ39D56KjS1Y0em
MmaUOhYSC7dLHTZRWa6vTAJJBDZ5SSJ5ba5qgc/4aaGHF9tUA8pU3X/FULhh4hof
hjt+2mh2qeRiva5DHvq2beYLnnZEWuP3jxLKDn4o2dDSi7siG4BvBtlGlYjPNqJF
IZIDiCNU4+gRvJJzTHZibgn716QH6/qQCbh0
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:04:19 2025 by rpki-client