Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/CgNpoto2X-fMFPQBbZ_u2O7ihqc.roa
File: CgNpoto2X-fMFPQBbZ_u2O7ihqc.roa (raw, json)
Hash identifier: b2BZGjfalzdaEuZ2lrHfMtwNKHQA+cJPfh+0c37OYPU=
Subject key identifier: 0A:03:69:A2:DA:36:5F:E7:CC:14:F4:01:6D:9F:EE:D8:EE:E2:86:A7
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 019D5323270A129C47F4B1C872EF0E6D8A75
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/CgNpoto2X-fMFPQBbZ_u2O7ihqc.roa
Signing time: Fri 03 Apr 2026 11:38:25 +0000
ROA not before: Fri 03 Apr 2026 11:38:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43641
IP address blocks: 45.11.56.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
85.137.48.0/24 maxlen: 24
85.137.52.0/24 maxlen: 24
85.137.53.0/24 maxlen: 24
85.137.54.0/23 maxlen: 23
91.222.172.0/22 maxlen: 24
91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
176.97.120.0/23 maxlen: 23
176.97.125.0/24 maxlen: 24
176.97.126.0/23 maxlen: 23
176.97.126.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.196.0/23 maxlen: 23
194.42.198.0/24 maxlen: 24
194.42.199.0/24 maxlen: 24
194.42.206.0/23 maxlen: 24
195.26.86.0/23 maxlen: 24
195.66.212.0/24 maxlen: 24
195.66.213.0/24 maxlen: 24
195.160.220.0/22 maxlen: 24
212.86.120.0/23 maxlen: 23
212.86.125.0/24 maxlen: 24
212.86.126.0/23 maxlen: 23
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 17 Apr 2026 15:25:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:53:23:27:0a:12:9c:47:f4:b1:c8:72:ef:0e:6d:8a:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Apr 3 11:38:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a0369a2da365fe7cc14f4016d9feed8eee286a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b5:07:87:84:5b:38:33:2f:b0:f0:8d:10:a6:
0b:5b:a9:4f:7a:c0:df:a7:d1:a6:92:8f:9e:2e:f9:
0a:24:a3:28:60:75:ba:ec:4b:c0:6e:2f:c6:6d:87:
0c:ec:3f:35:fd:fd:f5:23:c0:be:61:02:f4:cc:ae:
7b:1b:85:f2:c5:fd:fa:81:ed:5b:48:6c:6e:1b:bc:
e3:66:0b:c5:e4:2b:fe:2d:cb:15:91:f8:cf:12:00:
82:80:aa:86:9e:5b:85:fd:df:16:2c:0d:37:a2:82:
c8:0d:93:d6:d9:9a:68:07:68:de:49:4e:39:fa:89:
56:e5:09:5a:50:76:7c:73:0e:23:ed:b4:6a:c9:fd:
5d:de:dd:63:ff:f4:b9:26:0e:be:5c:2a:49:4c:48:
3c:ff:85:42:69:12:21:a0:4c:09:4a:71:be:47:dc:
e4:91:a5:ad:59:33:f7:85:da:b5:29:37:41:de:61:
cd:45:2b:91:73:22:ee:9c:15:df:d1:57:66:75:c8:
f6:bd:be:e8:a9:41:bb:00:c6:b0:e7:de:d1:c2:25:
b1:21:47:b4:3e:07:c0:4d:1e:c5:ef:b8:8a:d7:5d:
43:29:bb:d5:c4:ce:d6:24:b4:72:c7:f7:13:c8:03:
d3:3f:fc:60:f5:30:fd:ec:49:6d:92:87:4a:83:3b:
14:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:03:69:A2:DA:36:5F:E7:CC:14:F4:01:6D:9F:EE:D8:EE:E2:86:A7
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/CgNpoto2X-fMFPQBbZ_u2O7ihqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.11.59.0/24
45.134.174.0/23
85.137.48.0/24
85.137.52.0/22
91.222.172.0/22
91.234.198.0/23
176.97.120.0/23
176.97.125.0-176.97.127.255
185.254.199.0/24
194.42.196.0/22
194.42.206.0/23
195.26.86.0/23
195.66.212.0/23
195.160.220.0/22
212.86.120.0/23
212.86.125.0-212.86.127.255
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
8d:ee:00:78:3f:f6:9d:b0:28:57:6f:3a:77:c1:87:e9:5f:30:
8b:a7:5d:7c:31:b0:49:bb:d1:c0:f9:d5:57:d0:0a:8b:6d:10:
51:fd:1a:ab:52:28:eb:f5:f4:0f:5c:00:df:9e:65:2b:38:69:
60:b4:a2:1a:bb:c5:c5:30:59:06:4b:87:2c:05:24:71:fb:24:
f4:52:28:bd:ac:9b:a0:45:7a:61:50:9d:da:70:ec:80:36:69:
04:d9:45:e0:67:51:92:8b:d9:2d:bc:4f:56:c0:43:56:dc:56:
38:d0:3f:7e:0e:fe:62:2d:4a:ec:c0:3a:d8:63:77:b2:2f:c2:
85:22:2a:7d:56:fe:dc:40:d9:b3:64:f0:b6:c6:da:40:af:12:
13:d7:b1:6b:e4:5c:c9:6c:60:8b:20:0a:b9:5a:5b:e8:6f:5b:
8f:3c:48:fd:c0:c2:44:9a:f2:e3:41:82:4f:04:c3:9e:6f:3a:
ab:85:d9:c5:1f:52:9b:78:fa:e4:25:79:96:0d:af:2c:04:8c:
83:f6:80:11:86:90:d8:d2:08:36:1c:81:fa:d1:11:fd:fc:96:
52:f0:4f:7c:30:f8:c0:b3:a6:8c:76:d1:54:82:5e:e6:e6:23:
15:c1:6e:e2:64:11:04:30:9f:01:db:60:08:26:47:24:b3:68:
bc:ba:a9:b0
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZ1TIycKEpxH9LHIcu8ObYp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjYwNDAzMTEzODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTAzNjlhMmRhMzY1ZmU3Y2MxNGY0MDE2ZDlmZWVkOGVlZTI4NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7UHh4RbODMvsPCNEKYLW6lPesDf
p9Gmko+eLvkKJKMoYHW67EvAbi/GbYcM7D81/f31I8C+YQL0zK57G4Xyxf36ge1b
SGxuG7zjZgvF5Cv+LcsVkfjPEgCCgKqGnluF/d8WLA03ooLIDZPW2ZpoB2jeSU45
+olW5QlaUHZ8cw4j7bRqyf1d3t1j//S5Jg6+XCpJTEg8/4VCaRIhoEwJSnG+R9zk
kaWtWTP3hdq1KTdB3mHNRSuRcyLunBXf0Vdmdcj2vb7oqUG7AMaw597RwiWxIUe0
PgfATR7F77iK111DKbvVxM7WJLRyx/cTyAPTP/xg9TD97EltkodKgzsUGQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFAoDaaLaNl/nzBT0AW2f7tju4oanMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvQ2dOcG90bzJYLWZNRlBRQmJaX3UyTzdpaHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQALQs4
AwQALQs7AwQBLYauAwQAVYkwAwQCVYk0AwQCW96sAwQBW+rGAwQBsGF4MAwDBACw
YX0DBAewYQADBAC5/scDBALCKsQDBAHCKs4DBAHDGlYDBAHDQtQDBALDoNwDBAHU
VngwDAMEANRWfQMEB9RWADANBAIAAjAHAwUAKgktwTANBgkqhkiG9w0BAQsFAAOC
AQEAje4AeD/2nbAoV286d8GH6V8wi6ddfDGwSbvRwPnVV9AKi20QUf0aq1Io6/X0
D1wA355lKzhpYLSiGrvFxTBZBkuHLAUkcfsk9FIovayboEV6YVCd2nDsgDZpBNlF
4GdRkovZLbxPVsBDVtxWONA/fg7+Yi1K7MA62GN3si/ChSIqfVb+3EDZs2Twtsba
QK8SE9exa+RcyWxgiyAKuVpb6G9bjzxI/cDCRJry40GCTwTDnm86q4XZxR9Sm3j6
5CV5lg2vLASMg/aAEYaQ2NIINhyB+tER/fyWUvBPfDD4wLOmjHbRVIJe5uYjFcFu
4mQRBDCfAdtgCCZHJLNovLqpsA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:33:02 2026 by rpki-client