
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/1-IvZla6HQ6YhubQakiWZeWPnB4Q.roa
File: 1-IvZla6HQ6YhubQakiWZeWPnB4Q.roa (raw, json)
Hash identifier: +GnrRupEf7I1cAq6OOyLBJ972blPhwe7S4GiR7Vx2NY=
Subject key identifier: F8:8B:D9:95:AE:87:43:A6:21:B9:B4:1A:92:25:99:79:63:E7:07:84
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 01987972467912E433E9815234337A9B7CFC
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/1-IvZla6HQ6YhubQakiWZeWPnB4Q.roa
Signing time: Tue 05 Aug 2025 08:56:28 +0000
ROA not before: Tue 05 Aug 2025 08:56:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213176
IP address blocks: 209.35.224.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.230.0/24 maxlen: 24
209.35.231.0/24 maxlen: 24
209.35.233.0/24 maxlen: 24
209.35.234.0/24 maxlen: 24
209.35.235.0/24 maxlen: 24
209.35.236.0/24 maxlen: 24
209.35.237.0/24 maxlen: 24
209.35.238.0/24 maxlen: 24
209.35.239.0/24 maxlen: 24
209.35.240.0/24 maxlen: 24
209.35.241.0/24 maxlen: 24
209.35.242.0/24 maxlen: 24
209.35.243.0/24 maxlen: 24
212.59.64.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Aug 2025 10:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:72:46:79:12:e4:33:e9:81:52:34:33:7a:9b:7c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Aug 5 08:56:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f88bd995ae8743a621b9b41a9225997963e70784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3f:c5:a0:bc:bb:83:33:b1:20:18:59:5e:7a:
ed:fa:24:78:1d:7f:7f:2f:4a:63:32:53:69:45:00:
bf:7c:71:c0:97:01:36:d2:99:c3:31:fb:95:fe:3b:
f9:a0:1c:7c:df:a8:18:b6:a1:e7:6c:35:19:d9:45:
09:f4:f4:f8:68:72:3b:99:d0:cd:d5:72:2a:5c:60:
4c:96:0d:ab:42:ab:6e:32:25:36:2d:93:ad:6a:5d:
44:12:74:d4:f3:46:7f:e3:d0:a1:1a:0b:aa:d4:1b:
60:1e:cb:db:15:ab:84:38:b9:a7:f5:1a:84:f8:4a:
dd:7c:68:5f:06:df:57:e5:54:b2:bd:6e:b2:ed:4c:
9c:c6:ff:ae:62:5f:48:3d:e3:cd:ea:7b:33:42:ec:
dd:a7:34:f7:8e:30:e6:50:06:19:c2:19:53:48:d9:
69:9d:3c:66:c6:97:50:63:a8:ba:f6:14:84:bf:64:
9f:43:06:11:36:da:80:9c:cd:d3:71:63:e6:b3:68:
f9:0c:60:07:b2:78:7d:10:e8:ec:93:a8:0c:50:dc:
8a:7a:02:a3:72:d4:8e:eb:1e:e7:ef:b5:54:22:79:
4f:b2:33:f8:94:57:69:58:c1:4e:8d:e1:f4:b7:53:
84:3f:92:db:6a:f8:bc:6e:98:9e:30:b7:19:59:68:
cf:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8B:D9:95:AE:87:43:A6:21:B9:B4:1A:92:25:99:79:63:E7:07:84
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/1-IvZla6HQ6YhubQakiWZeWPnB4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/21
209.35.233.0-209.35.243.255
212.59.64.0/21
Signature Algorithm: sha256WithRSAEncryption
53:ef:38:9e:d1:26:dc:3f:ba:7a:86:32:d2:11:1a:07:8c:6a:
90:7e:bb:1d:e8:13:53:9a:d7:f9:3c:f5:20:e3:1b:b6:b8:cd:
d2:45:7e:b4:b6:40:41:5a:08:e4:be:e9:0d:a0:fc:04:8f:63:
2f:fc:4a:43:2d:d7:84:64:29:59:6d:47:2b:d5:6b:37:18:59:
5f:d7:10:5d:63:c8:95:0c:06:08:54:9a:96:c4:71:cb:f9:e1:
e5:da:62:58:b1:7a:42:b3:43:bf:74:fd:e6:a4:f1:79:bb:1b:
7e:3d:fd:1d:1a:0f:02:a8:0f:83:76:b4:7a:24:4d:8b:5a:93:
8c:16:7b:af:dd:64:28:5c:63:03:9f:37:4a:8f:7f:ca:8e:00:
56:b1:ab:cf:a9:ca:24:0f:2c:16:bf:35:9e:47:21:e3:89:a5:
79:3c:1d:a6:4a:29:e0:35:fd:19:1c:29:d1:09:0c:21:a0:f1:
04:bf:b0:9b:21:ef:6b:83:4f:1c:8e:4d:18:85:25:8a:50:f2:
0c:f0:ed:37:1c:85:ba:30:48:3e:ac:52:9e:1d:7c:30:a1:8e:
73:2c:af:45:73:8d:8b:43:1b:7e:d9:0a:9a:d5:30:5a:3b:77:
df:95:69:4f:2e:1f:b9:07:94:23:58:45:13:44:64:cd:fa:64:
fd:f3:88:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZh5ckZ5EuQz6YFSNDN6m3z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjUwODA1MDg1NjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODhiZDk5NWFlODc0M2E2MjFiOWI0MWE5MjI1OTk3OTYzZTcwNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT/FoLy7gzOxIBhZXnrt+iR4HX9/
L0pjMlNpRQC/fHHAlwE20pnDMfuV/jv5oBx836gYtqHnbDUZ2UUJ9PT4aHI7mdDN
1XIqXGBMlg2rQqtuMiU2LZOtal1EEnTU80Z/49ChGguq1BtgHsvbFauEOLmn9RqE
+ErdfGhfBt9X5VSyvW6y7Uycxv+uYl9IPePN6nszQuzdpzT3jjDmUAYZwhlTSNlp
nTxmxpdQY6i69hSEv2SfQwYRNtqAnM3TcWPms2j5DGAHsnh9EOjsk6gMUNyKegKj
ctSO6x7n77VUInlPsjP4lFdpWMFOjeH0t1OEP5Lbavi8bpieMLcZWWjP/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPiL2ZWuh0OmIbm0GpIlmXlj5weEMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvMS1JdlpsYTZIUTZZaHViUWFraVdaZVdQbkI0US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvZDI1YTcyLWJiZTMtNGFiMC05NTY0LWZlNDVkNTE2MGMz
OS8xL2dhTFEzTlVLYUMtWFhxUFl3NDVlWjdzREl2ay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEA9Ej4DAM
AwQA0SPpAwQC0SPwAwQD1DtAMA0GCSqGSIb3DQEBCwUAA4IBAQBT7zie0SbcP7p6
hjLSERoHjGqQfrsd6BNTmtf5PPUg4xu2uM3SRX60tkBBWgjkvukNoPwEj2Mv/EpD
LdeEZClZbUcr1Ws3GFlf1xBdY8iVDAYIVJqWxHHL+eHl2mJYsXpCs0O/dP3mpPF5
uxt+Pf0dGg8CqA+DdrR6JE2LWpOMFnuv3WQoXGMDnzdKj3/KjgBWsavPqcokDywW
vzWeRyHjiaV5PB2mSingNf0ZHCnRCQwhoPEEv7CbIe9rg08cjk0YhSWKUPIM8O03
HIW6MEg+rFKeHXwwoY5zLK9Fc42LQxt+2Qqa1TBaO3fflWlPLh+5B5QjWEUTRGTN
+mT984iZ
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:38:12 2025 by rpki-client