Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/bcJTtme33dTlbgB9fS9NwN_nb9M.roa
File: bcJTtme33dTlbgB9fS9NwN_nb9M.roa (raw, json)
Hash identifier: 3gPIRszRYC11krVQfdhozTC7sXVN0FS0134uUNeTABY=
Subject key identifier: 6D:C2:53:B6:67:B7:DD:D4:E5:6E:00:7D:7D:2F:4D:C0:DF:E7:6F:D3
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 0197534BFB80EED1E3C1151ACD3618661C8F
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/bcJTtme33dTlbgB9fS9NwN_nb9M.roa
Signing time: Mon 09 Jun 2025 06:06:17 +0000
ROA not before: Mon 09 Jun 2025 06:06:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6739
IP address blocks: 2.152.0.0/14 maxlen: 17
2.152.0.0/16 maxlen: 16
2.154.0.0/15 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.101.160.0/19 maxlen: 19
62.174.0.0/15 maxlen: 19
80.174.0.0/16 maxlen: 17
80.224.0.0/16 maxlen: 16
81.60.0.0/15 maxlen: 18
81.184.0.0/16 maxlen: 16
81.202.0.0/15 maxlen: 15
81.202.0.0/16 maxlen: 16
82.158.0.0/15 maxlen: 16
82.159.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 17
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
213.254.64.0/18 maxlen: 18
2a02:a800::/26 maxlen: 26
Validation: Failed, certificate revoked on Mon 09 Jun 2025 09:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:4b:fb:80:ee:d1:e3:c1:15:1a:cd:36:18:66:1c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 9 06:06:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dc253b667b7ddd4e56e007d7d2f4dc0dfe76fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:34:a1:22:54:61:4f:47:f6:ce:11:98:b3:4f:
42:43:0c:ea:38:eb:8e:b5:53:a0:26:64:11:b7:74:
d6:d1:22:c1:81:5d:34:91:34:57:56:48:0c:18:59:
67:66:bb:1d:e4:50:71:ab:6d:33:3f:9e:40:34:16:
66:cd:2f:47:e6:49:73:84:25:18:54:a7:be:e1:66:
44:c2:53:1e:2e:87:90:3f:83:46:7e:a8:59:c0:3a:
2d:0a:04:24:1c:b8:de:d6:21:de:91:c8:e3:e9:ab:
bf:3e:d0:38:d9:29:18:8a:ea:cb:92:1a:3f:be:b9:
30:99:c5:02:a6:ad:68:57:28:e8:db:f8:b9:3b:6a:
e9:ce:73:b7:05:d6:ed:57:26:d2:3a:7a:a8:9c:6a:
4a:d0:77:80:1e:94:79:ef:9b:e6:e9:40:52:c3:68:
54:c4:22:3f:56:c6:c5:34:39:65:3a:55:18:4b:0f:
0b:55:1b:00:4e:ea:f7:4a:6d:60:42:c6:f0:67:06:
87:bb:37:f0:ef:af:71:21:f8:df:d3:d8:4c:4d:f7:
6e:d2:19:a7:3b:e6:f0:82:67:9f:2f:cd:20:3a:2e:
a6:d5:b4:8c:b8:ec:8e:66:09:2d:8d:7a:8e:31:b8:
bc:0a:7d:ac:d0:d6:3e:e9:a0:b9:0a:b3:42:40:1c:
1b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C2:53:B6:67:B7:DD:D4:E5:6E:00:7D:7D:2F:4D:C0:DF:E7:6F:D3
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/bcJTtme33dTlbgB9fS9NwN_nb9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.174.0.0/15
80.174.0.0/16
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/16
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
1d:12:11:32:65:0d:61:55:09:e8:96:ea:5d:92:68:f6:2d:9a:
f1:d9:42:d3:f5:f5:7b:c4:0f:6e:80:62:b7:29:b9:ba:17:7c:
57:ee:19:63:f5:da:25:e9:95:1c:3b:8e:45:6f:11:1d:0d:84:
94:5a:16:00:dc:aa:1d:45:dd:8d:5e:07:11:2f:00:c3:a4:80:
67:36:95:03:14:80:5f:df:6c:4c:6d:4f:7f:40:3a:01:95:e4:
0e:81:40:61:ad:b6:07:12:19:2f:ce:57:21:cf:fc:76:30:21:
75:81:04:31:ef:d8:d9:ee:25:f4:4d:d6:07:7b:e0:d7:e7:65:
e6:dd:8b:77:d2:77:cb:b8:49:40:0e:55:e3:c8:d3:bf:f3:f2:
c8:7c:69:21:4c:f7:cd:c0:8f:dd:75:2b:16:37:d3:65:db:c5:
b8:8c:13:0e:b9:20:ca:cb:3b:66:2d:84:26:b9:17:ad:84:60:
65:c5:5a:d9:57:80:d9:af:64:8a:e5:68:29:e7:87:a1:f0:72:
83:cf:e5:df:be:82:8e:49:34:f4:85:75:49:a8:86:89:e3:68:
bb:a0:d8:7e:c1:f8:1b:ba:a4:3c:d2:02:89:62:3e:d0:ca:04:
ae:ef:11:cc:88:db:40:e0:3d:c3:ac:cf:31:72:c2:79:b9:bb:
df:3e:6f:5a
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAZdTS/uA7tHjwRUazTYYZhyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwNjA5MDYwNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGMyNTNiNjY3YjdkZGQ0ZTU2ZTAwN2Q3ZDJmNGRjMGRmZTc2ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTShIlRhT0f2zhGYs09CQwzqOOuO
tVOgJmQRt3TW0SLBgV00kTRXVkgMGFlnZrsd5FBxq20zP55ANBZmzS9H5klzhCUY
VKe+4WZEwlMeLoeQP4NGfqhZwDotCgQkHLje1iHekcjj6au/PtA42SkYiurLkho/
vrkwmcUCpq1oVyjo2/i5O2rpznO3BdbtVybSOnqonGpK0HeAHpR575vm6UBSw2hU
xCI/VsbFNDllOlUYSw8LVRsATur3Sm1gQsbwZwaHuzfw769xIfjf09hMTfdu0hmn
O+bwgmefL80gOi6m1bSMuOyOZgktjXqOMbi8Cn2s0NY+6aC5CrNCQBwb2wIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFG3CU7Znt93U5W4AfX0vTcDf52/TMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvYmNKVHRtZTMzZFRsYmdCOWZTOU53Tl9uYjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgdsEAgABMIHUAwMC
ApgDAwAFKAMDAT4qAwMAPjkwCgMDAD5RAwMCPlADBAU+ZGADBAU+ZaADAwE+rgMD
AFCuAwMAUOADAwFRPAMDAFG4AwMBUcoDAwFSngMEBlLVgAMEBlOtgAMDA1R4AwQH
VdsAAwMAVfsDAwBZjAMDAF8nAwQCuYCAAwQFwmoAAwQGwoyAAwQFwpXAAwQF1BXg
AwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/AAwQF1GGgAwQG1LfAAwMA1SUDBAfVyQAD
BAbV4wADBAbV50ADBAbV/kAwDQQCAAIwBwMFBioCqAAwDQYJKoZIhvcNAQELBQAD
ggEBAB0SETJlDWFVCeiW6l2SaPYtmvHZQtP19XvED26AYrcpuboXfFfuGWP12iXp
lRw7jkVvER0NhJRaFgDcqh1F3Y1eBxEvAMOkgGc2lQMUgF/fbExtT39AOgGV5A6B
QGGttgcSGS/OVyHP/HYwIXWBBDHv2NnuJfRN1gd74NfnZebdi3fSd8u4SUAOVePI
07/z8sh8aSFM983Aj911KxY302XbxbiMEw65IMrLO2YthCa5F62EYGXFWtlXgNmv
ZIrlaCnnh6HwcoPP5d++go5JNPSFdUmohonjaLug2H7B+Bu6pDzSAoliPtDKBK7v
EcyI20DgPcOszzFywnm5u98+b1o=
-----END CERTIFICATE-----
Generated at Wed Jun 18 02:53:46 2025 by rpki-client