Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/l6-PD9HcCpjzNNsh2YLpldybhf8.roa
File: l6-PD9HcCpjzNNsh2YLpldybhf8.roa (raw, json)
Hash identifier: h+KJG4uCLzHaHPNy4HAUdZ3/RNK56Gvggg1f3IUneAA=
Subject key identifier: 97:AF:8F:0F:D1:DC:0A:98:F3:34:DB:21:D9:82:E9:95:DC:9B:85:FF
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019D1F3F0E2E1481315E8618A592847C2A91
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/l6-PD9HcCpjzNNsh2YLpldybhf8.roa
Signing time: Tue 24 Mar 2026 09:48:39 +0000
ROA not before: Tue 24 Mar 2026 09:48:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.254.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Mar 2026 05:23:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:3f:0e:2e:14:81:31:5e:86:18:a5:92:84:7c:2a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 24 09:48:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=97af8f0fd1dc0a98f334db21d982e995dc9b85ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b5:d5:53:4c:31:66:64:f3:dd:64:71:aa:9e:
66:4e:6a:df:5d:0d:fa:47:20:f4:c3:41:bb:67:9c:
bf:e4:af:f5:36:d4:9f:60:52:e8:fe:10:4a:6e:7b:
d4:a4:50:56:26:59:ca:2d:cb:e2:54:f1:d1:cb:08:
49:09:25:25:03:2f:1d:6f:e5:b2:84:70:b9:ed:5e:
bf:76:90:6a:e3:d2:e4:75:67:72:69:8c:ab:7a:72:
3d:cc:85:d8:47:0c:b2:08:c2:3c:32:f1:b5:cf:61:
8d:ea:c3:5c:1a:52:cd:8c:10:62:22:e3:f2:00:13:
ea:86:68:7d:9a:60:37:a6:1d:c6:7c:a1:4a:b4:25:
1e:18:be:0b:1b:4f:53:55:47:5e:f5:ae:6d:42:95:
03:86:97:5f:5d:21:fe:9f:5a:c2:d6:be:3b:a9:3c:
2e:0a:26:18:02:08:d7:a9:f4:98:c2:b9:97:0c:e2:
d2:17:86:12:75:b7:9e:cb:a8:e3:32:9e:ff:20:6f:
d5:fc:8e:24:78:14:51:49:c5:42:cb:1c:0d:92:52:
a9:e0:8e:f5:0d:b8:8b:c1:c7:fc:7f:89:e8:79:da:
ed:17:43:81:34:99:87:50:0f:2c:ad:51:de:14:60:
6d:52:c1:8e:4a:23:5d:dd:e6:5f:94:cc:eb:1a:87:
6a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AF:8F:0F:D1:DC:0A:98:F3:34:DB:21:D9:82:E9:95:DC:9B:85:FF
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/l6-PD9HcCpjzNNsh2YLpldybhf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.233.0-45.141.234.255
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.159.255
91.92.34.0/24
91.92.40.0/24
91.92.42.0/24
91.92.44.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.207.0-93.152.208.255
93.152.210.0/23
93.152.214.0-93.152.218.255
93.152.221.0-93.152.223.255
93.152.226.0/23
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/22
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
43:40:3e:00:10:e8:6c:51:51:21:82:c7:52:09:18:5d:4e:0f:
b5:c8:ad:9e:86:f6:7c:4c:f4:7a:1f:bd:65:6c:b8:a6:9b:b2:
45:05:a8:fd:14:b7:da:e2:10:4f:aa:47:90:b0:ad:8b:92:4b:
80:72:15:4f:67:f7:14:45:c1:6d:f4:99:7a:0c:5d:83:85:12:
3f:83:a6:d4:05:09:57:fd:85:e2:f7:49:a8:f9:73:a6:70:98:
23:33:55:e6:7c:6f:46:6e:4c:ca:08:f0:21:bc:3b:3f:ab:56:
18:ca:21:14:83:05:ff:f8:94:fe:76:6d:69:69:76:15:40:17:
33:e7:71:79:0e:9b:1d:6e:b6:c3:a8:dc:6a:c2:ba:9c:00:93:
be:84:24:ad:08:6d:7c:3e:76:33:4a:51:1d:ca:01:95:5c:a6:
c5:f3:cb:7e:cd:6d:ec:db:7a:7a:23:21:a3:2e:32:72:94:47:
42:fb:5a:32:ce:72:92:00:dc:e9:5f:02:92:45:d8:33:30:41:
1a:fa:e4:4b:8d:90:ad:22:ae:93:a4:e5:68:70:28:f5:c4:75:
4c:7d:a0:10:23:8e:d2:4f:1c:f3:be:f6:9b:8c:c8:bb:79:0e:
d5:bf:bd:6c:47:53:29:e8:59:74:e0:9d:f9:d9:01:ef:01:97:
87:2d:89:4f
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZ0fPw4uFIExXoYYpZKEfCqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwMzI0MDk0ODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FmOGYwZmQxZGMwYTk4ZjMzNGRiMjFkOTgyZTk5NWRjOWI4NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrXVU0wxZmTz3WRxqp5mTmrfXQ36
RyD0w0G7Z5y/5K/1NtSfYFLo/hBKbnvUpFBWJlnKLcviVPHRywhJCSUlAy8db+Wy
hHC57V6/dpBq49LkdWdyaYyrenI9zIXYRwyyCMI8MvG1z2GN6sNcGlLNjBBiIuPy
ABPqhmh9mmA3ph3GfKFKtCUeGL4LG09TVUde9a5tQpUDhpdfXSH+n1rC1r47qTwu
CiYYAgjXqfSYwrmXDOLSF4YSdbeey6jjMp7/IG/V/I4keBRRScVCyxwNklKp4I71
DbiLwcf8f4noedrtF0OBNJmHUA8srVHeFGBtUsGOSiNd3eZflMzrGodqSQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFJevjw/R3AqY8zTbIdmC6ZXcm4X/MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvbDYtUEQ5SGNDcGp6Tk5zaDJZTHBsZHliaGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4wDAME
AC2N6QMEAC2N6gMEAU6fgAMEAE6fgwMEAk6fiDAMAwQATp+VAwQATp+WAwQCTp+Y
MAwDBABOn50DBAVOn4ADBABbXCIDBABbXCgDBABbXCowDAMEAltcLAMEAFtcLjAM
AwQAW1wxAwQBW1w0MAwDBABdmM8DBABdmNADBAFdmNIwDAMEAV2Y1gMEAF2Y2jAM
AwQAXZjdAwQFXZjAAwQBXZjiAwQAXZjmAwQBXhocAwQCXhpMMAwDBABeGlkDBABe
GloDBABevsMDBAK5YPwDBADUZmkDBADUZmswDQYJKoZIhvcNAQELBQADggEBAENA
PgAQ6GxRUSGCx1IJGF1OD7XIrZ6G9nxM9HofvWVsuKabskUFqP0Ut9riEE+qR5Cw
rYuSS4ByFU9n9xRFwW30mXoMXYOFEj+DptQFCVf9heL3Saj5c6ZwmCMzVeZ8b0Zu
TMoI8CG8Oz+rVhjKIRSDBf/4lP52bWlpdhVAFzPncXkOmx1utsOo3GrCupwAk76E
JK0IbXw+djNKUR3KAZVcpsXzy37NbezbenojIaMuMnKUR0L7WjLOcpIA3OlfApJF
2DMwQRr65EuNkK0irpOk5WhwKPXEdUx9oBAjjtJPHPO+9puMyLt5DtW/vWxHUyno
WXTgnfnZAe8Bl4ctiU8=
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:48:59 2026 by rpki-client