Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hp8XMXjiKdcdJZ75hDHTWlMCiJY.roa
File: hp8XMXjiKdcdJZ75hDHTWlMCiJY.roa (raw, json)
Hash identifier: gOGwgpSrmsTeYZj1kIRrQEyoBsi043iGkJgW1u02WUI=
Subject key identifier: 86:9F:17:31:78:E2:29:D7:1D:25:9E:F9:84:31:D3:5A:53:02:88:96
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0196C5C4CB68B1DFD4779078765E47D0B16D
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hp8XMXjiKdcdJZ75hDHTWlMCiJY.roa
Signing time: Mon 12 May 2025 18:32:10 +0000
ROA not before: Mon 12 May 2025 18:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.74.0/24 maxlen: 24
62.216.81.0/24 maxlen: 24
62.216.82.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
62.216.94.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
188.119.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 18:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:c4:cb:68:b1:df:d4:77:90:78:76:5e:47:d0:b1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 12 18:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=869f173178e229d71d259ef98431d35a53028896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:a1:f3:89:b2:b6:a1:be:db:b2:7a:51:88:dd:
46:de:cc:b5:16:89:e2:97:f2:10:b7:43:0b:25:0e:
ca:b0:3a:06:1c:79:2c:72:5b:19:a5:6e:31:bf:c5:
1f:17:0f:6d:a1:a7:c6:f9:c1:51:94:94:ce:39:a3:
10:00:97:d6:7d:6c:3d:73:0c:c0:be:bf:e2:b1:6f:
ea:73:4a:47:b0:87:15:65:24:c1:9a:d1:ba:0b:65:
d4:f5:53:2c:35:01:a1:03:ba:02:ef:f7:cd:60:93:
47:32:45:ad:cd:99:52:97:be:7d:3f:b7:95:32:10:
53:24:4e:41:3a:60:04:17:9d:95:c5:64:af:17:39:
fa:da:fb:7f:13:a6:18:19:17:85:2a:59:35:e0:3e:
d4:8b:75:d1:3c:00:ba:6f:56:bd:d1:f6:d3:c2:09:
24:b9:76:19:5a:4e:06:89:38:f9:61:99:43:e3:e4:
76:54:d1:00:8a:2f:b5:95:1d:0a:17:39:97:01:18:
e0:85:70:a0:8b:b1:4a:58:74:ae:d8:bb:56:ec:30:
fd:bc:25:77:2f:f7:02:72:1f:c3:9d:ba:a8:4f:25:
87:1b:ec:08:70:6e:19:41:80:ce:c8:4a:91:83:20:
c5:65:bf:c8:74:f5:96:59:4b:a8:18:e3:7b:8f:b1:
d4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9F:17:31:78:E2:29:D7:1D:25:9E:F9:84:31:D3:5A:53:02:88:96
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hp8XMXjiKdcdJZ75hDHTWlMCiJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.74.0/24
62.216.81.0-62.216.82.255
62.216.92.0-62.216.94.255
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.110.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.128.0/24
188.74.130.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
188.119.190.0/24
Signature Algorithm: sha256WithRSAEncryption
54:c5:27:4d:fb:e3:56:ce:a2:40:61:d4:a0:85:ba:dc:5a:56:
b8:67:b5:7a:ff:28:27:dc:4d:4c:cd:f4:4c:db:fc:7a:71:b4:
b1:ef:14:8f:cd:65:6f:40:74:80:1f:f8:4e:3c:4d:cf:0d:6c:
40:4d:5d:f4:7f:c2:6b:18:9f:bb:20:4f:02:93:d1:d1:fd:5a:
b3:3b:3f:97:7c:ca:d7:4b:44:33:0c:10:45:e3:e4:9f:7c:b7:
07:a1:70:b3:99:10:f8:e6:d9:3b:31:b1:1f:fa:32:a5:1a:fc:
41:90:ae:62:2e:1b:af:9a:30:aa:49:b1:9c:62:b4:27:b7:75:
7e:dc:40:25:87:6c:90:2f:56:45:84:a9:09:55:6f:24:0e:dd:
04:30:6e:4a:72:4f:75:45:88:a5:0c:04:e3:d1:08:b9:d3:dc:
db:3e:95:f3:25:8b:28:b8:a5:2c:ff:52:2b:fb:42:6c:71:2e:
12:f1:e2:c8:42:e3:f3:4e:cc:04:16:75:52:aa:b6:32:98:8d:
31:ef:83:29:7e:66:e4:98:6b:db:51:4c:42:d8:15:4c:d5:75:
6d:b3:62:a8:c3:78:18:7e:2a:36:24:c0:d3:8f:fd:8f:d2:10:
8c:6d:3e:07:90:3b:cb:69:6b:89:0e:fb:5c:3f:46:97:d0:74:
b1:e0:fb:8f
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZbFxMtosd/Ud5B4dl5H0LFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNTEyMTgzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlmMTczMTc4ZTIyOWQ3MWQyNTllZjk4NDMxZDM1YTUzMDI4ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9aHzibK2ob7bsnpRiN1G3sy1Foni
l/IQt0MLJQ7KsDoGHHksclsZpW4xv8UfFw9toafG+cFRlJTOOaMQAJfWfWw9cwzA
vr/isW/qc0pHsIcVZSTBmtG6C2XU9VMsNQGhA7oC7/fNYJNHMkWtzZlSl759P7eV
MhBTJE5BOmAEF52VxWSvFzn62vt/E6YYGReFKlk14D7Ui3XRPAC6b1a90fbTwgkk
uXYZWk4GiTj5YZlD4+R2VNEAii+1lR0KFzmXARjghXCgi7FKWHSu2LtW7DD9vCV3
L/cCch/DnbqoTyWHG+wIcG4ZQYDOyEqRgyDFZb/IdPWWWUuoGON7j7HU6wIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFIafFzF44inXHSWe+YQx01pTAoiWMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvaHA4WE1YamlLZGNkSlo3NWhESFRXbE1DaUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
BZ2IAwQABZ2LAwQCBZ2gAwQBJSMkAwQAJSMnAwQAPthKMAwDBAA+2FEDBAA+2FIw
DAMEAj7YXAMEAD7YXgMEAVvhDgMEAFvrewMEAZJC0AMEApJC1AMEApJC3AMEALKd
TAMEALKdXgMEALKdbAMEALKdbgMEALKdfAMEALKdfgMEALlMPAMEALlMPgMEALxK
gAMEALxKggMEALxKmAMEALxKmwMEALxKqwMEALxKtQMEALxKvgMEAbxK0AMEArxK
1AMEALxK9TAMAwQAvHelAwQAvHemAwQAvHe1AwQAvHe+MA0GCSqGSIb3DQEBCwUA
A4IBAQBUxSdN++NWzqJAYdSghbrcWla4Z7V6/ygn3E1MzfRM2/x6cbSx7xSPzWVv
QHSAH/hOPE3PDWxATV30f8JrGJ+7IE8Ck9HR/VqzOz+XfMrXS0QzDBBF4+SffLcH
oXCzmRD45tk7MbEf+jKlGvxBkK5iLhuvmjCqSbGcYrQnt3V+3EAlh2yQL1ZFhKkJ
VW8kDt0EMG5Kck91RYilDATj0Qi509zbPpXzJYsouKUs/1Ir+0JscS4S8eLIQuPz
TswEFnVSqrYymI0x74MpfmbkmGvbUUxC2BVM1XVts2Kow3gYfio2JMDTj/2P0hCM
bT4HkDvLaWuJDvtcP0aX0HSx4PuP
-----END CERTIFICATE-----
Generated at Sun Jun 15 12:30:22 2025 by rpki-client