Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/qaj8dW9iDUS-TbB-31kgfVvtgq0.roa
File: qaj8dW9iDUS-TbB-31kgfVvtgq0.roa (raw, json)
Hash identifier: D9s2T78lGzQvF6gVSlb8wUKC9SQ4rmGaAnxWF6xJcHw=
Subject key identifier: A9:A8:FC:75:6F:62:0D:44:BE:4D:B0:7E:DF:59:20:7D:5B:ED:82:AD
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0197631A9C68F9E11709278185381D4816B3
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/qaj8dW9iDUS-TbB-31kgfVvtgq0.roa
Signing time: Thu 12 Jun 2025 07:46:17 +0000
ROA not before: Thu 12 Jun 2025 07:46:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48635
IP address blocks: 2.57.57.0/24 maxlen: 24
5.157.80.0/21 maxlen: 24
31.25.96.0/21 maxlen: 24
31.25.98.0/24 maxlen: 24
31.186.168.0/21 maxlen: 24
62.221.248.0/21 maxlen: 24
62.221.250.0/24 maxlen: 24
79.99.128.0/21 maxlen: 24
92.63.168.0/21 maxlen: 24
92.63.168.0/24 maxlen: 24
93.180.64.0/21 maxlen: 24
93.187.220.0/22 maxlen: 24
109.72.80.0/20 maxlen: 24
109.106.160.0/20 maxlen: 24
109.106.176.0/21 maxlen: 24
185.27.172.0/22 maxlen: 24
185.37.68.0/22 maxlen: 24
185.56.144.0/22 maxlen: 24
185.66.248.0/22 maxlen: 24
185.87.184.0/22 maxlen: 24
185.94.228.0/22 maxlen: 24
185.94.228.0/24 maxlen: 24
185.94.230.0/23 maxlen: 23
185.95.28.0/22 maxlen: 24
185.95.31.0/24 maxlen: 24
185.103.156.0/22 maxlen: 24
185.103.240.0/22 maxlen: 24
185.103.242.0/23 maxlen: 23
185.107.212.0/22 maxlen: 24
185.107.224.0/23 maxlen: 24
185.109.216.0/22 maxlen: 24
185.159.240.0/22 maxlen: 24
185.175.200.0/22 maxlen: 24
185.182.56.0/22 maxlen: 24
185.187.12.0/22 maxlen: 24
185.223.32.0/22 maxlen: 24
185.224.88.0/22 maxlen: 24
185.233.28.0/22 maxlen: 24
195.238.74.0/23 maxlen: 24
2a00:f10::/29 maxlen: 48
2a01:b940::/29 maxlen: 48
2a01:b942::/32 maxlen: 48
2a01:b944::/32 maxlen: 48
2a02:40c1::/32 maxlen: 48
2a03:3060::/29 maxlen: 48
2a04:6bc0::/36 maxlen: 48
2a05:1500::/29 maxlen: 48
2a05:1500:500::/40 maxlen: 40
2a05:1500:600::/40 maxlen: 40
2a0b:7280::/29 maxlen: 48
2a0b:8f80::/29 maxlen: 48
2a0b:8f80::/48 maxlen: 48
2a0c:84c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Jul 2025 10:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:1a:9c:68:f9:e1:17:09:27:81:85:38:1d:48:16:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jun 12 07:46:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9a8fc756f620d44be4db07edf59207d5bed82ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:57:d1:3c:5a:85:96:d6:0c:57:15:87:73:c4:
75:96:1f:13:d9:eb:2c:81:19:f5:22:da:1c:37:a3:
a3:75:55:e1:cd:03:3c:1a:11:06:2c:b1:c0:1f:87:
b4:be:a1:59:eb:5e:a5:10:f0:3d:e2:16:10:c5:18:
d0:83:34:65:06:dd:2a:11:37:38:00:e3:68:aa:56:
7d:04:07:f0:ac:b2:ea:7b:11:9b:89:10:33:7c:b6:
48:fc:0e:da:3f:27:4b:1e:1b:98:33:43:7c:70:38:
a9:39:98:b6:a8:10:39:d1:cf:49:07:b1:62:40:db:
e9:96:ac:fa:85:0f:e4:99:38:1a:ed:96:99:ff:dc:
d1:94:f1:67:5f:3f:9d:8a:5b:6b:f4:d4:1d:43:50:
22:4a:49:72:18:bf:66:8e:e8:1c:5c:11:fc:ad:80:
21:e1:3d:bd:8e:69:f6:7d:a9:b9:13:ca:cb:41:c6:
39:c2:e6:37:ac:98:1c:f4:62:7e:52:56:91:26:c6:
ab:b8:d2:39:2a:e4:d1:7f:64:e2:72:cb:d3:df:1a:
5b:3f:a6:d0:32:03:af:0d:b6:58:9f:3f:28:58:85:
a6:71:a3:e5:85:15:b8:60:21:d7:84:f5:5b:2d:2a:
46:aa:48:39:e3:05:0f:0c:17:e6:8c:96:3e:5b:0b:
94:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A8:FC:75:6F:62:0D:44:BE:4D:B0:7E:DF:59:20:7D:5B:ED:82:AD
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/qaj8dW9iDUS-TbB-31kgfVvtgq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.57.0/24
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
62.221.248.0/21
79.99.128.0/21
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.72.80.0/20
109.106.160.0-109.106.183.255
185.27.172.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/23
185.109.216.0/22
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.233.28.0/22
195.238.74.0/23
IPv6:
2a00:f10::/29
2a01:b940::/29
2a02:40c1::/32
2a03:3060::/29
2a04:6bc0::/36
2a05:1500::/29
2a0b:7280::/29
2a0b:8f80::/29
2a0c:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
77:1d:99:d3:2f:bb:d4:ed:43:25:11:67:8c:3f:11:c8:37:44:
73:94:0b:cb:0f:85:60:89:64:24:c1:bd:30:d2:b2:6f:52:8f:
06:35:a8:08:3d:5a:b5:15:07:39:3a:3a:fc:5c:3f:f8:3d:8f:
7c:d1:96:21:06:1f:e0:93:24:be:bf:78:47:bd:f3:dd:5f:74:
f0:68:36:09:8e:1e:bb:52:99:1f:7f:82:47:96:77:9c:e4:33:
65:ba:ed:7f:c4:07:6f:dd:9b:9d:e7:b6:a2:65:4d:db:1e:a4:
1d:d6:e9:fc:af:ec:f1:1e:72:a0:b2:7f:bb:a1:b3:2f:cf:bb:
35:2a:74:87:d8:37:e3:d5:1e:78:91:f7:d0:a5:51:33:9d:8d:
f3:18:bf:fe:da:bf:5a:03:58:f4:9f:62:1c:e7:e3:a7:f5:5a:
89:47:5f:b6:7b:1f:d8:3f:16:e0:d7:5a:b2:4e:b5:c9:95:2d:
ce:d6:62:44:a6:36:05:3f:e6:07:04:c7:7b:96:a7:cd:de:0e:
41:62:f8:a3:e0:2d:85:82:12:7c:72:4a:a0:98:2e:7a:73:1b:
2b:c1:ee:da:c4:9e:b8:36:f9:47:66:86:da:d7:3c:dc:d9:e1:
cb:dc:20:3d:85:db:e3:92:4a:c4:1c:40:bb:8d:7c:1b:20:b7:
86:bd:0d:52
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZdjGpxo+eEXCSeBhTgdSBazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwNjEyMDc0NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE4ZmM3NTZmNjIwZDQ0YmU0ZGIwN2VkZjU5MjA3ZDViZWQ4MmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFfRPFqFltYMVxWHc8R1lh8T2ess
gRn1ItocN6OjdVXhzQM8GhEGLLHAH4e0vqFZ616lEPA94hYQxRjQgzRlBt0qETc4
AONoqlZ9BAfwrLLqexGbiRAzfLZI/A7aPydLHhuYM0N8cDipOZi2qBA50c9JB7Fi
QNvplqz6hQ/kmTga7ZaZ/9zRlPFnXz+diltr9NQdQ1AiSklyGL9mjugcXBH8rYAh
4T29jmn2fam5E8rLQcY5wuY3rJgc9GJ+UlaRJsaruNI5KuTRf2TicsvT3xpbP6bQ
MgOvDbZYnz8oWIWmcaPlhRW4YCHXhPVbLSpGqkg54wUPDBfmjJY+WwuUNQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFKmo/HVvYg1Evk2wft9ZIH1b7YKtMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvcWFqOGRXOWlEVVMtVGJCLTMxa2dmVnZ0Z3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCByQQCAAEwgcID
BAACOTkDBAMFnVADBAMfGWADBAMfuqgDBAM+3fgDBANPY4ADBANcP6gDBANdtEAD
BAJdu9wDBARtSFAwDAMEBW1qoAMEA21qsAMEArkbrAMEArklRAMEArk4kAMEArlC
+AMEArlXuAMEArle5AMEArlfHAMEArlnnAMEArln8AMEArlr1AMEAblr4AMEArlt
2AMEArmf8AMEArmvyAMEArm2OAMEArm7DAMEArnfIAMEArngWAMEArnpHAMEAcPu
SjBGBAIAAjBAAwUDKgAPEAMFAyoBuUADBQAqAkDBAwUDKgMwYAMGBCoEa8AAAwUD
KgUVAAMFAyoLcoADBQMqC4+AAwUDKgyEwDANBgkqhkiG9w0BAQsFAAOCAQEAdx2Z
0y+71O1DJRFnjD8RyDdEc5QLyw+FYIlkJMG9MNKyb1KPBjWoCD1atRUHOTo6/Fw/
+D2PfNGWIQYf4JMkvr94R73z3V908Gg2CY4eu1KZH3+CR5Z3nOQzZbrtf8QHb92b
nee2omVN2x6kHdbp/K/s8R5yoLJ/u6GzL8+7NSp0h9g349UeeJH30KVRM52N8xi/
/tq/WgNY9J9iHOfjp/VaiUdftnsf2D8W4Ndask61yZUtztZiRKY2BT/mBwTHe5an
zd4OQWL4o+AthYISfHJKoJguenMbK8Hu2sSeuDb5R2aG2tc83Nnhy9wgPYXb45JK
xBxAu418GyC3hr0NUg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 02:01:29 2025 by rpki-client