Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/iWPCwg-UVwV39wbm59SgqIq2gj8.roa
File: iWPCwg-UVwV39wbm59SgqIq2gj8.roa (raw, json)
Hash identifier: 4LAIlZ2qm1FDafAbJ37DkU+YbUWdtRCkWtjauxEIq30=
Subject key identifier: 89:63:C2:C2:0F:94:57:05:77:F7:06:E6:E7:D4:A0:A8:8A:B6:82:3F
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0197441D92A8205E7EE42AF147492D91EF99
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/iWPCwg-UVwV39wbm59SgqIq2gj8.roa
Signing time: Fri 06 Jun 2025 07:21:18 +0000
ROA not before: Fri 06 Jun 2025 07:21:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
46.61.245.0/24 maxlen: 24
84.42.92.0/22 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
85.174.144.0/20 maxlen: 24
92.50.204.0/23 maxlen: 23
92.50.204.0/24 maxlen: 24
92.50.205.0/24 maxlen: 24
176.119.169.0/24 maxlen: 24
176.119.170.0/24 maxlen: 24
176.119.171.0/24 maxlen: 24
176.119.172.0/24 maxlen: 24
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 24
188.128.76.0/24 maxlen: 24
188.128.77.0/24 maxlen: 24
188.254.122.0/23 maxlen: 24
188.254.122.0/24 maxlen: 24
188.254.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jun 2025 11:11:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:1d:92:a8:20:5e:7e:e4:2a:f1:47:49:2d:91:ef:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 6 07:21:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8963c2c20f94570577f706e6e7d4a0a88ab6823f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8f:34:e3:63:14:6e:2d:d0:31:ba:e0:4e:3a:
1c:8d:11:50:e1:f6:52:02:ed:1b:3b:0f:bc:f0:5e:
cb:40:1d:02:2d:d8:25:86:89:69:42:0d:b1:70:49:
cc:83:c3:65:bd:2a:6c:9c:97:de:79:61:ac:b8:1a:
1f:9f:4b:23:3a:ba:38:97:ae:b0:c0:fa:c0:24:2a:
e9:b8:ab:8c:50:99:1e:27:48:b3:ee:52:67:0b:53:
c2:ec:86:3e:4a:63:48:88:00:3f:40:44:0c:7e:61:
b2:4d:8e:20:62:fa:3e:48:ed:ed:65:0e:68:9e:b0:
8b:62:0c:a1:5e:72:ee:8e:2c:bb:79:b5:02:5a:a9:
a4:0f:64:f9:c6:c5:72:95:51:ed:8a:1f:82:c0:8a:
d3:df:00:4c:e1:83:b1:ca:dd:75:bf:f2:d5:e2:c3:
69:16:52:69:9f:2f:a7:b1:aa:8f:9a:c3:13:4a:ac:
cb:46:88:da:8e:a2:0d:34:7d:42:6e:f7:a1:ad:12:
f2:84:45:7b:ca:9b:da:6e:31:a7:09:72:e0:bd:8c:
fb:3d:48:da:61:80:a3:18:4b:28:1a:4d:de:4e:65:
3a:d5:eb:33:82:f7:64:d7:3b:e7:ab:15:77:f0:67:
71:e9:27:cf:b1:0f:be:dc:b2:9f:46:91:38:ea:83:
9a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:63:C2:C2:0F:94:57:05:77:F7:06:E6:E7:D4:A0:A8:8A:B6:82:3F
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/iWPCwg-UVwV39wbm59SgqIq2gj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.245.0/24
84.42.92.0/22
85.174.144.0/20
92.50.204.0/23
176.119.169.0-176.119.172.255
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:7b:e7:ed:82:9b:2d:46:9d:0a:32:22:84:6c:06:8c:91:2d:
25:ff:a5:ed:19:17:45:f4:43:83:f6:35:18:d9:6e:e4:c3:c0:
e3:d8:a6:87:3b:65:0f:c1:b0:fc:72:99:97:29:b9:7d:81:ea:
ab:0f:17:fc:b8:01:38:f0:6e:b2:1a:0b:b6:b9:5b:21:df:a1:
af:6b:24:75:97:31:9b:61:b9:fd:55:e1:ec:c5:62:8b:b7:af:
41:60:c6:00:75:cd:72:36:f5:51:32:69:36:f1:89:55:8f:f9:
07:19:40:a0:cd:20:83:58:cf:7b:35:7e:5f:e2:29:76:ad:48:
9f:4e:07:f4:92:3f:9e:7a:4e:9b:af:98:4c:97:a8:1c:fc:6a:
f2:86:ef:39:65:3c:bd:33:37:50:b3:54:c3:3f:6e:6b:bf:bf:
5e:05:c6:c3:cd:65:68:09:da:69:cb:34:fd:f5:4a:0a:a2:a7:
37:50:c4:f7:1b:6e:66:36:54:17:a1:0d:45:cf:78:e0:e7:6d:
ff:78:2d:df:5d:90:80:36:28:c5:df:de:d2:b2:90:1b:9f:c4:
21:66:a9:8a:cb:66:7f:47:32:f6:73:6e:56:37:8d:89:bc:ff:
99:48:27:15:c7:ad:fa:48:97:01:be:68:be:94:b4:c0:4d:14:
3b:7c:7a:f1
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZdEHZKoIF5+5CrxR0ktke+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjA2MDcyMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTYzYzJjMjBmOTQ1NzA1NzdmNzA2ZTZlN2Q0YTBhODhhYjY4MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno8042MUbi3QMbrgTjocjRFQ4fZS
Au0bOw+88F7LQB0CLdglholpQg2xcEnMg8NlvSpsnJfeeWGsuBofn0sjOro4l66w
wPrAJCrpuKuMUJkeJ0iz7lJnC1PC7IY+SmNIiAA/QEQMfmGyTY4gYvo+SO3tZQ5o
nrCLYgyhXnLujiy7ebUCWqmkD2T5xsVylVHtih+CwIrT3wBM4YOxyt11v/LV4sNp
FlJpny+nsaqPmsMTSqzLRojajqINNH1CbvehrRLyhEV7ypvabjGnCXLgvYz7PUja
YYCjGEsoGk3eTmU61eszgvdk1zvnqxV38Gdx6SfPsQ++3LKfRpE46oOakQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIljwsIPlFcFd/cG5ufUoKiKtoI/MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvaVdQQ3dnLVVWd1YzOXdibTU5U2dxSXEyZ2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj31AwQCVCpcAwQEVa6QAwQBXDLMMAwDBACwd6kDBACwd6wD
BACw0EoDBAKw03gDBAG8gEwDBAG8/nowDQYJKoZIhvcNAQELBQADggEBAHp75+2C
my1GnQoyIoRsBoyRLSX/pe0ZF0X0Q4P2NRjZbuTDwOPYpoc7ZQ/BsPxymZcpuX2B
6qsPF/y4ATjwbrIaC7a5WyHfoa9rJHWXMZthuf1V4ezFYou3r0FgxgB1zXI29VEy
aTbxiVWP+QcZQKDNIINYz3s1fl/iKXatSJ9OB/SSP556TpuvmEyXqBz8avKG7zll
PL0zN1CzVMM/bmu/v14FxsPNZWgJ2mnLNP31SgqipzdQxPcbbmY2VBehDUXPeODn
bf94Ld9dkIA2KMXf3tKykBufxCFmqYrLZn9HMvZzblY3jYm8/5lIJxXHrfpIlwG+
aL6UtMBNFDt8evE=
-----END CERTIFICATE-----
Generated at Thu Jun 19 04:14:06 2025 by rpki-client