Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ceDoum97jR4M8rvdeyozz94QP4o.roa
File: ceDoum97jR4M8rvdeyozz94QP4o.roa (raw, json)
Hash identifier: vtyl/bp88BLUDVecwSTviGA2H4mgJz0AgkK7cJ12140=
Subject key identifier: 71:E0:E8:BA:6F:7B:8D:1E:0C:F2:BB:DD:7B:2A:33:CF:DE:10:3F:8A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0199F17BB0633A8744BE3A65CD49E3C25763
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ceDoum97jR4M8rvdeyozz94QP4o.roa
Signing time: Fri 17 Oct 2025 09:23:59 +0000
ROA not before: Fri 17 Oct 2025 09:23:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 45.90.16.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.225.1.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
194.5.64.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Oct 2025 11:08:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:7b:b0:63:3a:87:44:be:3a:65:cd:49:e3:c2:57:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 17 09:23:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71e0e8ba6f7b8d1e0cf2bbdd7b2a33cfde103f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d4:c7:67:b3:1d:86:a5:b9:53:f0:ce:01:25:
d4:34:39:a1:0e:9f:63:90:fe:41:f6:27:73:5c:00:
4c:33:9b:0c:65:f7:ba:d1:c9:b6:40:7a:70:b6:e1:
0b:c4:8d:7a:81:ad:f2:7c:fb:b2:37:fa:ca:ac:32:
11:24:a7:67:c1:95:01:52:cc:4f:a1:7d:79:2f:32:
63:93:36:bf:5c:1f:4f:48:ff:68:b8:63:53:72:8d:
cc:3f:43:57:ce:bf:54:ec:a9:8e:be:b7:e3:f9:c9:
c2:5c:56:d8:b8:ec:cb:ef:63:b1:5b:33:ff:9e:07:
97:68:f2:5a:92:98:17:08:05:8e:64:b6:ac:00:fe:
1c:21:0a:aa:a3:e4:de:48:e4:f6:d1:56:b0:93:d0:
9c:95:05:46:50:a0:40:8d:62:b6:d0:f5:2b:08:cd:
68:6b:a7:32:54:e3:39:fd:ad:d9:fd:0c:96:fe:9f:
98:c6:d3:d6:67:d1:2b:79:31:52:f0:8a:14:e8:2d:
02:83:5d:0b:0a:1c:97:7c:01:be:8c:ab:d6:36:6c:
fa:6c:15:86:3c:e4:23:b4:61:17:b5:96:cd:be:91:
35:34:4a:ad:b0:60:da:71:82:55:94:6f:9d:2c:6a:
21:73:66:58:c8:29:50:4a:90:61:30:81:0f:79:99:
11:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E0:E8:BA:6F:7B:8D:1E:0C:F2:BB:DD:7B:2A:33:CF:DE:10:3F:8A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ceDoum97jR4M8rvdeyozz94QP4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/24
185.199.158.0/24
185.209.74.0/24
185.210.235.0/24
185.214.108.0/24
185.218.20.0/24
185.225.1.0/24
185.234.22.0/24
185.246.112.0/24
194.5.64.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:62:98:8a:df:af:75:72:6e:0e:6f:a0:4d:53:9d:2f:f9:40:
e1:2b:38:2e:cc:6c:95:53:be:e4:8b:b5:7a:05:8c:14:96:d4:
76:e9:21:f4:e1:7f:c1:28:5e:17:56:0b:5e:d8:19:2e:ad:34:
c5:2b:6f:bf:f2:c0:4a:58:74:7a:a3:11:51:79:d5:7a:24:81:
a1:0c:fd:96:84:f2:8e:94:49:af:17:ae:3f:f2:fc:ac:f2:43:
51:0c:90:90:57:f6:36:0c:78:88:d4:23:ba:a8:09:80:6a:b1:
d6:fc:44:58:df:d5:4a:b9:5f:8b:e2:ed:26:71:cc:3d:87:77:
9c:d5:54:40:53:8c:d2:50:c0:24:82:02:9f:c1:b0:99:b3:fa:
e4:e0:fd:91:9a:c3:af:4c:10:07:68:c9:c9:d6:bd:f2:a2:f1:
0b:b0:c9:b3:10:20:ef:c6:44:64:76:b9:1e:bd:e6:86:b2:84:
9a:23:a1:c7:68:e3:17:f3:dd:96:c3:90:ce:0c:82:77:11:54:
92:2c:72:19:19:77:42:23:85:87:90:05:b3:95:22:fa:1d:83:
e4:72:73:40:4f:7b:41:45:bf:b2:09:9c:0a:70:b1:0d:55:ce:
aa:30:dd:f0:0e:42:d8:8a:01:b4:89:fc:2b:e8:3c:c0:b2:b7:
6b:43:73:37
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZnxe7BjOodEvjplzUnjwldjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUxMDE3MDkyMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWUwZThiYTZmN2I4ZDFlMGNmMmJiZGQ3YjJhMzNjZmRlMTAzZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtTHZ7MdhqW5U/DOASXUNDmhDp9j
kP5B9idzXABMM5sMZfe60cm2QHpwtuELxI16ga3yfPuyN/rKrDIRJKdnwZUBUsxP
oX15LzJjkza/XB9PSP9ouGNTco3MP0NXzr9U7KmOvrfj+cnCXFbYuOzL72OxWzP/
ngeXaPJakpgXCAWOZLasAP4cIQqqo+TeSOT20Vawk9CclQVGUKBAjWK20PUrCM1o
a6cyVOM5/a3Z/QyW/p+YxtPWZ9EreTFS8IoU6C0Cg10LChyXfAG+jKvWNmz6bBWG
POQjtGEXtZbNvpE1NEqtsGDacYJVlG+dLGohc2ZYyClQSpBhMIEPeZkRUQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFHHg6Lpve40eDPK73XsqM8/eED+KMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvY2VEb3VtOTdqUjRNOHJ2ZGV5b3p6OTRRUDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALVoQAwQA
uceeAwQAudFKAwQAudLrAwQAudZsAwQAudoUAwQAueEBAwQAueoWAwQAufZwAwQA
wgVAAwQAwnxFMA0GCSqGSIb3DQEBCwUAA4IBAQBqYpiK3691cm4Ob6BNU50v+UDh
KzguzGyVU77ki7V6BYwUltR26SH04X/BKF4XVgte2BkurTTFK2+/8sBKWHR6oxFR
edV6JIGhDP2WhPKOlEmvF64/8vys8kNRDJCQV/Y2DHiI1CO6qAmAarHW/ERY39VK
uV+L4u0mccw9h3ec1VRAU4zSUMAkggKfwbCZs/rk4P2RmsOvTBAHaMnJ1r3yovEL
sMmzECDvxkRkdrkeveaGsoSaI6HHaOMX892Ww5DODIJ3EVSSLHIZGXdCI4WHkAWz
lSL6HYPkcnNAT3tBRb+yCZwKcLENVc6qMN3wDkLYigG0ifwr6DzAsrdrQ3M3
-----END CERTIFICATE-----
Generated at Tue Oct 21 06:43:59 2025 by rpki-client