Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/clLSB7yGZYotSd9e95WPvOmqym8.roa
File: clLSB7yGZYotSd9e95WPvOmqym8.roa (raw, json)
Hash identifier: zq+plaKz6bC2jtlHrgbiVpa+bLWGKybm2wpNsbnqWAc=
Subject key identifier: 72:52:D2:07:BC:86:65:8A:2D:49:DF:5E:F7:95:8F:BC:E9:AA:CA:6F
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 019731108D4989CE80DA0A72F5B96F9A5D7E
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/clLSB7yGZYotSd9e95WPvOmqym8.roa
Signing time: Mon 02 Jun 2025 14:34:17 +0000
ROA not before: Mon 02 Jun 2025 14:34:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15685
IP address blocks: 77.78.76.0/22 maxlen: 22
77.78.76.0/23 maxlen: 23
77.78.76.0/24 maxlen: 24
77.78.94.0/23 maxlen: 23
77.78.95.0/24 maxlen: 24
77.78.96.0/20 maxlen: 20
77.78.112.0/21 maxlen: 21
77.78.118.0/23 maxlen: 23
77.78.123.0/24 maxlen: 24
77.78.124.0/22 maxlen: 22
81.0.192.0/22 maxlen: 22
81.0.199.0/24 maxlen: 24
81.0.206.0/23 maxlen: 23
81.0.208.0/23 maxlen: 23
81.0.212.0/23 maxlen: 23
81.0.214.0/24 maxlen: 24
81.0.217.0/24 maxlen: 24
81.0.225.0/24 maxlen: 24
81.0.226.0/24 maxlen: 24
81.0.228.0/24 maxlen: 24
81.0.230.0/23 maxlen: 23
81.0.231.0/24 maxlen: 24
81.0.232.0/21 maxlen: 21
81.0.240.0/22 maxlen: 22
81.0.240.0/23 maxlen: 23
81.0.250.0/24 maxlen: 24
81.0.254.0/23 maxlen: 23
82.208.4.0/22 maxlen: 22
82.208.6.0/23 maxlen: 23
82.208.8.0/22 maxlen: 22
82.208.12.0/24 maxlen: 24
82.208.14.0/24 maxlen: 24
82.208.16.0/23 maxlen: 23
82.208.16.0/24 maxlen: 24
82.208.17.0/24 maxlen: 24
82.208.18.0/24 maxlen: 24
82.208.26.0/23 maxlen: 23
82.208.27.0/24 maxlen: 24
82.208.28.0/23 maxlen: 23
82.208.32.0/22 maxlen: 22
82.208.34.0/23 maxlen: 23
82.208.39.0/24 maxlen: 24
82.208.40.0/23 maxlen: 23
82.208.44.0/24 maxlen: 24
82.208.46.0/23 maxlen: 23
82.208.48.0/23 maxlen: 23
82.208.50.0/24 maxlen: 24
82.208.56.0/24 maxlen: 24
82.208.58.0/24 maxlen: 24
85.239.227.0/24 maxlen: 24
85.239.252.0/23 maxlen: 23
85.239.252.0/24 maxlen: 24
109.123.192.0/21 maxlen: 24
109.123.202.0/23 maxlen: 24
109.123.205.0/24 maxlen: 24
109.123.206.0/23 maxlen: 24
109.123.208.0/22 maxlen: 24
109.123.209.0/24 maxlen: 24
109.123.210.0/23 maxlen: 23
109.123.214.0/23 maxlen: 24
109.123.216.0/21 maxlen: 24
217.11.224.0/23 maxlen: 23
217.11.227.0/24 maxlen: 24
217.11.228.0/23 maxlen: 23
217.11.230.0/24 maxlen: 24
217.11.232.0/23 maxlen: 23
217.11.235.0/24 maxlen: 24
217.11.236.0/24 maxlen: 24
217.11.242.0/23 maxlen: 23
217.11.242.0/24 maxlen: 24
217.11.246.0/23 maxlen: 23
217.11.248.0/23 maxlen: 23
217.11.249.0/24 maxlen: 24
217.11.251.0/24 maxlen: 24
217.11.254.0/24 maxlen: 24
2001:1528::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Jun 2025 12:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:10:8d:49:89:ce:80:da:0a:72:f5:b9:6f:9a:5d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Jun 2 14:34:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7252d207bc86658a2d49df5ef7958fbce9aaca6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a3:65:56:e7:d3:a2:4e:5e:7a:4e:22:86:80:
69:4d:03:2a:e2:6c:80:f6:8a:e0:d9:d0:f4:49:cf:
8f:6e:2f:a8:dc:5f:62:ae:d2:55:8d:b9:ab:3e:58:
22:f7:f5:9f:e7:fa:f3:7b:5c:32:01:cc:e8:6c:b9:
d3:4f:26:c5:7e:3c:0d:51:0a:aa:7d:60:83:fb:53:
00:55:07:97:3f:43:89:e4:fd:40:c0:1e:b6:b8:f1:
e8:57:58:6b:0a:6e:e1:48:65:b5:1f:d9:76:03:31:
5c:13:ef:3d:fa:99:d8:22:0a:32:c7:d6:0a:50:c9:
98:04:af:ef:49:ae:13:62:3a:3e:a0:48:38:9b:0c:
2d:c4:48:ca:ca:64:ec:7a:ff:4f:62:07:cc:e3:2e:
18:00:e2:c2:6b:3c:80:6f:38:7b:f8:86:21:18:aa:
94:e1:03:d3:fe:c2:a3:2d:45:79:50:a4:01:5e:58:
3e:ea:bf:9e:a4:da:7a:e9:89:78:79:92:5f:e8:af:
1c:65:02:b3:ca:f4:85:17:ad:6d:77:1b:8b:d8:fc:
c5:d1:23:b4:01:16:5a:ca:b2:fe:e8:14:e4:32:93:
77:3b:e8:34:a0:d8:e6:72:0d:d0:10:16:64:48:42:
15:a2:f3:b4:d1:d6:d9:df:de:34:3d:d4:7b:3c:04:
79:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:52:D2:07:BC:86:65:8A:2D:49:DF:5E:F7:95:8F:BC:E9:AA:CA:6F
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/clLSB7yGZYotSd9e95WPvOmqym8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.76.0/22
77.78.94.0-77.78.119.255
77.78.123.0-77.78.127.255
81.0.192.0/22
81.0.199.0/24
81.0.206.0-81.0.209.255
81.0.212.0-81.0.214.255
81.0.217.0/24
81.0.225.0-81.0.226.255
81.0.228.0/24
81.0.230.0-81.0.243.255
81.0.250.0/24
81.0.254.0/23
82.208.4.0-82.208.12.255
82.208.14.0/24
82.208.16.0-82.208.18.255
82.208.26.0-82.208.29.255
82.208.32.0/22
82.208.39.0-82.208.41.255
82.208.44.0/24
82.208.46.0-82.208.50.255
82.208.56.0/24
82.208.58.0/24
85.239.227.0/24
85.239.252.0/23
109.123.192.0/21
109.123.202.0/23
109.123.205.0-109.123.211.255
109.123.214.0-109.123.223.255
217.11.224.0/23
217.11.227.0-217.11.230.255
217.11.232.0/23
217.11.235.0-217.11.236.255
217.11.242.0/23
217.11.246.0-217.11.249.255
217.11.251.0/24
217.11.254.0/24
IPv6:
2001:1528::/32
Signature Algorithm: sha256WithRSAEncryption
1e:88:0b:06:07:24:ad:8b:77:97:6b:3b:62:e6:41:20:21:9e:
23:43:cf:de:2d:70:10:85:dd:ac:b6:36:6c:96:1e:41:51:f3:
87:f5:ed:32:30:c0:cf:bc:fb:a2:1d:08:1e:c4:a0:68:42:1e:
05:3f:32:ce:6a:35:cd:bc:a5:2d:0b:cf:ac:a7:4a:b5:d4:a4:
a0:ae:33:32:79:5f:7f:b2:d5:a5:72:88:ac:9f:7a:c1:c4:9a:
80:5d:76:ab:90:76:dc:c6:06:72:d3:79:92:24:fe:92:10:61:
11:2e:e6:d2:6c:42:db:33:46:25:12:09:bd:45:dc:7b:67:6f:
4a:eb:65:ca:b6:55:26:f7:ff:b4:80:21:95:78:ac:6c:0d:3e:
b3:25:a1:64:fa:81:a7:70:90:39:83:22:81:c4:c1:c6:5f:ab:
0c:2f:2e:53:40:9e:20:07:68:3d:66:d6:b6:f3:14:25:64:ce:
bb:95:ca:6c:7e:f7:85:dd:8f:9a:86:1e:47:75:d2:22:af:5b:
6a:b5:06:42:2b:da:d1:17:8a:6c:29:d6:18:c5:a8:fe:23:77:
ac:0d:68:1f:27:95:1c:f7:54:24:99:09:f6:16:6f:a9:02:16:
4e:5f:5a:29:e7:4c:90:17:d4:8c:58:a2:6c:c6:d6:03:bc:48:
e0:c3:24:32
-----BEGIN CERTIFICATE-----
MIIGbjCCBVagAwIBAgISAZcxEI1Jic6A2gpy9blvml1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjUwNjAyMTQzNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjUyZDIwN2JjODY2NThhMmQ0OWRmNWVmNzk1OGZiY2U5YWFjYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qNlVufTok5eek4ihoBpTQMq4myA
9org2dD0Sc+Pbi+o3F9irtJVjbmrPlgi9/Wf5/rze1wyAczobLnTTybFfjwNUQqq
fWCD+1MAVQeXP0OJ5P1AwB62uPHoV1hrCm7hSGW1H9l2AzFcE+89+pnYIgoyx9YK
UMmYBK/vSa4TYjo+oEg4mwwtxEjKymTsev9PYgfM4y4YAOLCazyAbzh7+IYhGKqU
4QPT/sKjLUV5UKQBXlg+6r+epNp66Yl4eZJf6K8cZQKzyvSFF61tdxuL2PzF0SO0
ARZayrL+6BTkMpN3O+g0oNjmcg3QEBZkSEIVovO00dbZ3940PdR7PAR5wwIDAQAB
o4IDejCCA3YwHQYDVR0OBBYEFHJS0ge8hmWKLUnfXveVj7zpqspvMB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvY2xMU0I3eUdaWW90U2Q5ZTk1V1B2T21xeW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjgYIKwYBBQUHAQcBAf8EggF9MIIBeTCCAWYEAgABMIIB
XgMEAk1OTDAMAwQBTU5eAwQDTU5wMAwDBABNTnsDBAdNTgADBAJRAMADBABRAMcw
DAMEAVEAzgMEAVEA0DAMAwQCUQDUAwQAUQDWAwQAUQDZMAwDBABRAOEDBABRAOID
BABRAOQwDAMEAVEA5gMEAlEA8AMEAFEA+gMEAVEA/jAMAwQCUtAEAwQAUtAMAwQA
UtAOMAwDBARS0BADBABS0BIwDAMEAVLQGgMEAVLQHAMEAlLQIDAMAwQAUtAnAwQB
UtAoAwQAUtAsMAwDBAFS0C4DBABS0DIDBABS0DgDBABS0DoDBABV7+MDBAFV7/wD
BANte8ADBAFte8owDAMEAG17zQMEAm170DAMAwQBbXvWAwQFbXvAAwQB2QvgMAwD
BADZC+MDBADZC+YDBAHZC+gwDAMEANkL6wMEANkL7AMEAdkL8jAMAwQB2Qv2AwQB
2Qv4AwQA2Qv7AwQA2Qv+MA0EAgACMAcDBQAgARUoMA0GCSqGSIb3DQEBCwUAA4IB
AQAeiAsGBySti3eXazti5kEgIZ4jQ8/eLXAQhd2stjZslh5BUfOH9e0yMMDPvPui
HQgexKBoQh4FPzLOajXNvKUtC8+sp0q11KSgrjMyeV9/stWlcoisn3rBxJqAXXar
kHbcxgZy03mSJP6SEGERLubSbELbM0YlEgm9Rdx7Z29K62XKtlUm9/+0gCGVeKxs
DT6zJaFk+oGncJA5gyKBxMHGX6sMLy5TQJ4gB2g9Zta28xQlZM67lcpsfveF3Y+a
hh5HddIir1tqtQZCK9rRF4psKdYYxaj+I3esDWgfJ5Uc91QkmQn2Fm+pAhZOX1op
50yQF9SMWKJsxtYDvEjgwyQy
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:53:44 2025 by rpki-client