Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/g6nZh-r6m1gH9jYmbV2tWh3dO78.roa
File: g6nZh-r6m1gH9jYmbV2tWh3dO78.roa (raw, json)
Hash identifier: H8vBwPhmLr6Jn0fggsaFxKrysNSqAhbPSbfdofg99c8=
Subject key identifier: 83:A9:D9:87:EA:FA:9B:58:07:F6:36:26:6D:5D:AD:5A:1D:DD:3B:BF
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 019831A35A1A056CFAA59EE76EA65FCFC3CE
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/g6nZh-r6m1gH9jYmbV2tWh3dO78.roa
Signing time: Tue 22 Jul 2025 10:17:25 +0000
ROA not before: Tue 22 Jul 2025 10:17:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213176
IP address blocks: 209.35.224.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.230.0/24 maxlen: 24
209.35.231.0/24 maxlen: 24
209.35.233.0/24 maxlen: 24
209.35.234.0/24 maxlen: 24
209.35.235.0/24 maxlen: 24
209.35.236.0/24 maxlen: 24
209.35.237.0/24 maxlen: 24
209.35.238.0/24 maxlen: 24
209.35.239.0/24 maxlen: 24
209.35.240.0/24 maxlen: 24
209.35.241.0/24 maxlen: 24
209.35.242.0/24 maxlen: 24
212.59.64.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Aug 2025 08:56:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:a3:5a:1a:05:6c:fa:a5:9e:e7:6e:a6:5f:cf:c3:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Jul 22 10:17:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83a9d987eafa9b5807f636266d5dad5a1ddd3bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b9:44:14:30:4f:bf:75:b1:c9:0f:51:a8:ff:
1b:77:bc:75:88:32:54:37:7e:2b:65:f9:31:64:31:
6e:5c:2f:93:c8:5c:8a:a0:99:66:61:2a:64:29:e3:
a8:4a:51:ef:9d:49:d2:c0:e3:1f:7f:1d:ce:89:64:
9f:4f:9d:b0:1c:4a:65:22:96:61:2a:b8:a9:82:56:
92:fe:51:3d:e7:ad:fb:0d:7b:ca:65:cb:b3:46:99:
49:cc:3a:a2:cb:ac:f0:f9:d6:13:6c:a1:7f:7e:5f:
6c:09:df:1f:d2:63:6b:e3:19:77:b1:76:60:c0:39:
77:31:99:8d:ec:0c:ba:8c:8e:4d:e7:0b:99:3b:a7:
3a:b8:88:58:38:d1:2f:fc:da:1c:45:2e:e7:89:20:
82:bd:72:5a:e1:a3:4a:2d:c1:bc:53:77:db:22:dd:
94:b1:d7:a8:e9:d4:ec:8e:8b:64:15:12:a6:36:d0:
00:b5:81:5a:8a:c7:fe:58:18:17:31:82:ec:be:57:
da:41:dd:e6:eb:6d:bd:ab:89:9e:14:c0:6d:56:d2:
0e:ec:4c:21:99:50:52:ea:b0:f1:60:41:ce:b4:36:
34:89:5c:bf:b4:15:cf:f1:fa:2e:ee:58:2d:ff:19:
7a:bf:30:d1:3f:26:b7:a2:68:e0:0d:51:4a:5e:69:
78:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A9:D9:87:EA:FA:9B:58:07:F6:36:26:6D:5D:AD:5A:1D:DD:3B:BF
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/g6nZh-r6m1gH9jYmbV2tWh3dO78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/21
209.35.233.0-209.35.242.255
212.59.64.0/21
Signature Algorithm: sha256WithRSAEncryption
74:eb:10:e0:e5:22:cb:1d:2d:2f:b8:ff:5f:f5:3a:05:af:9a:
da:a3:46:d1:b1:de:60:44:2c:19:43:65:6a:91:e8:e4:df:82:
06:fa:6c:7d:bc:aa:09:01:eb:3d:99:b8:9e:62:ce:4c:7c:bd:
71:1e:23:52:df:82:2d:80:98:ba:96:c3:ff:8d:60:2e:a6:63:
3a:1e:36:3c:3e:96:81:89:75:c9:dc:57:69:a9:38:43:89:b9:
9c:f2:cb:0c:93:66:b6:0f:f7:9d:2b:65:9a:f3:ab:bd:32:55:
3f:6a:df:7b:1a:c3:d0:e3:c2:11:8e:0e:a6:e3:c0:89:3e:a5:
ca:2d:63:a9:a3:c4:32:32:23:a4:05:c4:0c:00:cf:a8:c3:9a:
f3:b3:86:1a:b9:46:28:2a:92:b6:43:06:2b:5a:6a:34:e2:b7:
a7:aa:a3:f2:d4:51:d7:24:7b:f7:45:59:1d:5d:6c:ff:a7:6b:
be:38:8b:2e:c7:8f:e4:ae:96:6b:52:ae:9e:60:e6:4d:27:b3:
17:a3:88:42:a4:60:71:d1:ae:92:aa:bc:9e:29:c5:e3:a2:e7:
6b:c3:7c:6c:f5:7e:14:29:73:4d:9d:2b:cd:7a:56:d8:38:45:
4d:57:5a:61:51:3b:09:88:80:94:29:a8:50:e3:60:dc:b1:ca:
0c:c2:b7:d2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZgxo1oaBWz6pZ7nbqZfz8POMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjUwNzIyMTAxNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2E5ZDk4N2VhZmE5YjU4MDdmNjM2MjY2ZDVkYWQ1YTFkZGQzYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtblEFDBPv3WxyQ9RqP8bd7x1iDJU
N34rZfkxZDFuXC+TyFyKoJlmYSpkKeOoSlHvnUnSwOMffx3OiWSfT52wHEplIpZh
KripglaS/lE95637DXvKZcuzRplJzDqiy6zw+dYTbKF/fl9sCd8f0mNr4xl3sXZg
wDl3MZmN7Ay6jI5N5wuZO6c6uIhYONEv/NocRS7niSCCvXJa4aNKLcG8U3fbIt2U
sdeo6dTsjotkFRKmNtAAtYFaisf+WBgXMYLsvlfaQd3m6229q4meFMBtVtIO7Ewh
mVBS6rDxYEHOtDY0iVy/tBXP8fou7lgt/xl6vzDRPya3omjgDVFKXml4MwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIOp2Yfq+ptYB/Y2Jm1drVod3Tu/MB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvZzZuWmgtcjZtMWdIOWpZbWJWMnRXaDNkTzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQD0SPgMAwD
BADRI+kDBADRI/IDBAPUO0AwDQYJKoZIhvcNAQELBQADggEBAHTrEODlIssdLS+4
/1/1OgWvmtqjRtGx3mBELBlDZWqR6OTfggb6bH28qgkB6z2ZuJ5izkx8vXEeI1Lf
gi2AmLqWw/+NYC6mYzoeNjw+loGJdcncV2mpOEOJuZzyywyTZrYP950rZZrzq70y
VT9q33saw9DjwhGODqbjwIk+pcotY6mjxDIyI6QFxAwAz6jDmvOzhhq5RigqkrZD
BitaajTit6eqo/LUUdcke/dFWR1dbP+na744iy7Hj+SulmtSrp5g5k0nsxejiEKk
YHHRrpKqvJ4pxeOi52vDfGz1fhQpc02dK816Vtg4RU1XWmFROwmIgJQpqFDjYNyx
ygzCt9I=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:09:52 2025 by rpki-client