Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/M5m8qDTxX3BcAbD-ZrSacKDproI.roa
File: M5m8qDTxX3BcAbD-ZrSacKDproI.roa (raw, json)
Hash identifier: A2hpcisPRvrE+64Fkv9q01J5cY+nG6EHErGJomhPvw4=
Subject key identifier: 33:99:BC:A8:34:F1:5F:70:5C:01:B0:FE:66:B4:9A:70:A0:E9:AE:82
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01975410D196BC9590F3A0A5C10F4FD6DFA0
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/M5m8qDTxX3BcAbD-ZrSacKDproI.roa
Signing time: Mon 09 Jun 2025 09:41:17 +0000
ROA not before: Mon 09 Jun 2025 09:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6739
IP address blocks: 2.152.0.0/14 maxlen: 17
2.152.0.0/16 maxlen: 16
2.154.0.0/15 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
2.155.0.0/16 maxlen: 16
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.101.160.0/19 maxlen: 19
62.174.0.0/15 maxlen: 19
80.174.0.0/16 maxlen: 17
80.224.0.0/16 maxlen: 16
81.60.0.0/15 maxlen: 18
81.184.0.0/16 maxlen: 16
81.202.0.0/15 maxlen: 15
81.202.0.0/16 maxlen: 16
82.158.0.0/15 maxlen: 16
82.159.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 17
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
213.254.64.0/18 maxlen: 18
2a02:a800::/26 maxlen: 26
Validation: Failed, certificate revoked on Mon 16 Jun 2025 08:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:10:d1:96:bc:95:90:f3:a0:a5:c1:0f:4f:d6:df:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 9 09:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3399bca834f15f705c01b0fe66b49a70a0e9ae82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9d:a3:1b:00:2c:4c:43:43:b7:37:39:63:47:
7a:7e:eb:f5:91:28:3f:b8:c8:e5:04:59:a0:32:a4:
c8:6b:6c:49:57:0c:0e:05:9c:12:9b:5c:fd:54:4d:
38:67:14:0c:87:e4:33:f6:41:a1:12:19:b8:d5:90:
aa:0b:45:4a:1d:6c:46:ca:be:d1:d3:ed:94:5a:88:
04:b9:87:e6:1a:df:be:f4:74:ce:5b:7b:38:c9:eb:
ac:4d:34:a5:7b:5c:e8:61:37:4b:2a:0f:4a:36:7d:
04:82:6a:86:e3:2d:dc:13:15:da:10:7c:b0:48:c1:
e2:2b:68:12:39:22:37:81:1b:49:9d:8f:88:bd:66:
4a:67:d2:09:60:54:19:55:e4:5a:58:a2:d8:2c:bb:
a9:92:ae:60:ef:90:28:64:6e:9a:3b:94:34:c6:45:
a9:6b:cb:1a:34:a2:a6:a7:d6:81:c3:37:a2:8e:39:
fa:b5:ea:6b:7f:14:b1:53:36:92:8c:90:4a:93:dc:
72:a3:9f:81:a6:48:c1:ee:c1:44:92:41:3d:ff:f1:
b1:54:8b:9d:cc:b6:d1:b2:a2:bb:4d:7c:19:c7:83:
75:f4:eb:c6:97:94:64:4a:20:6b:42:98:b9:95:cc:
cb:5e:e9:dc:d1:f8:25:51:b6:5c:0e:db:c9:81:da:
64:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:99:BC:A8:34:F1:5F:70:5C:01:B0:FE:66:B4:9A:70:A0:E9:AE:82
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/M5m8qDTxX3BcAbD-ZrSacKDproI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.174.0.0/15
80.174.0.0/16
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/16
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
7f:2a:cb:8b:af:01:5c:f8:78:08:6f:2d:ef:76:90:2c:94:27:
83:71:e5:59:71:fe:29:97:f8:c5:c2:f8:62:38:26:21:6c:cb:
0e:16:ed:af:c7:e7:3a:c5:b6:f5:49:bc:30:d3:80:71:cd:65:
e0:f3:ca:f6:36:60:aa:29:6b:da:a0:1e:67:4b:8e:aa:7c:ac:
fa:12:e1:73:5b:72:4d:28:d3:d1:24:7d:f2:ef:26:34:aa:c3:
57:b7:df:01:77:2b:98:e2:a7:48:cf:85:c8:67:b9:bb:d0:12:
de:76:b4:a8:45:31:a8:88:b6:28:f8:c2:34:8a:c4:13:a7:64:
04:07:a9:50:b9:4c:84:de:bb:36:cb:dc:11:27:0d:b5:51:77:
9c:d1:48:31:71:48:a3:f8:a9:f9:1d:0d:ef:48:a4:0f:c6:af:
95:e4:30:c7:62:17:3d:29:51:c5:91:ca:4d:31:8a:64:c9:19:
3a:00:68:da:40:9b:dd:ff:6e:e1:4c:43:1b:58:f5:6a:c1:7e:
20:bd:e2:77:e6:1b:8c:69:b3:4d:ae:a8:11:b8:2e:bf:ac:c1:
c4:d0:c0:0e:96:29:57:d8:d7:6b:d4:b0:0d:af:2f:aa:23:1e:
6f:d6:38:30:b9:93:1b:af:de:de:6d:dc:99:3e:57:f5:04:77:
0b:00:41:78
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAZdUENGWvJWQ86ClwQ9P1t+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwNjA5MDk0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzk5YmNhODM0ZjE1ZjcwNWMwMWIwZmU2NmI0OWE3MGEwZTlhZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx52jGwAsTENDtzc5Y0d6fuv1kSg/
uMjlBFmgMqTIa2xJVwwOBZwSm1z9VE04ZxQMh+Qz9kGhEhm41ZCqC0VKHWxGyr7R
0+2UWogEuYfmGt++9HTOW3s4yeusTTSle1zoYTdLKg9KNn0EgmqG4y3cExXaEHyw
SMHiK2gSOSI3gRtJnY+IvWZKZ9IJYFQZVeRaWKLYLLupkq5g75AoZG6aO5Q0xkWp
a8saNKKmp9aBwzeijjn6teprfxSxUzaSjJBKk9xyo5+BpkjB7sFEkkE9//GxVIud
zLbRsqK7TXwZx4N19OvGl5RkSiBrQpi5lczLXunc0fglUbZcDtvJgdpkkQIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFDOZvKg08V9wXAGw/ma0mnCg6a6CMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvTTVtOHFEVHhYM0JjQWJELVpyU2FjS0Rwcm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgdsEAgABMIHUAwMC
ApgDAwAFKAMDAT4qAwMAPjkwCgMDAD5RAwMCPlADBAU+ZGADBAU+ZaADAwE+rgMD
AFCuAwMAUOADAwFRPAMDAFG4AwMBUcoDAwFSngMEBlLVgAMEBlOtgAMDA1R4AwQH
VdsAAwMAVfsDAwBZjAMDAF8nAwQCuYCAAwQFwmoAAwQGwoyAAwQFwpXAAwQF1BXg
AwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/AAwQF1GGgAwQG1LfAAwMA1SUDBAfVyQAD
BAbV4wADBAbV50ADBAbV/kAwDQQCAAIwBwMFBioCqAAwDQYJKoZIhvcNAQELBQAD
ggEBAH8qy4uvAVz4eAhvLe92kCyUJ4Nx5Vlx/imX+MXC+GI4JiFsyw4W7a/H5zrF
tvVJvDDTgHHNZeDzyvY2YKopa9qgHmdLjqp8rPoS4XNbck0o09EkffLvJjSqw1e3
3wF3K5jip0jPhchnubvQEt52tKhFMaiItij4wjSKxBOnZAQHqVC5TITeuzbL3BEn
DbVRd5zRSDFxSKP4qfkdDe9IpA/Gr5XkMMdiFz0pUcWRyk0ximTJGToAaNpAm93/
buFMQxtY9WrBfiC94nfmG4xps02uqBG4Lr+swcTQwA6WKVfY12vUsA2vL6ojHm/W
ODC5kxuv3t5t3Jk+V/UEdwsAQXg=
-----END CERTIFICATE-----
Generated at Thu Jun 19 01:21:44 2025 by rpki-client