Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/5Tpg5ewkfVuPONh_tf6YZhLiYq4.roa
File: 5Tpg5ewkfVuPONh_tf6YZhLiYq4.roa (raw, json)
Hash identifier: YLQXmn9EmOPBGBdnTmikCXRdL1J9U8Ix0dVAEifQ+FI=
Subject key identifier: E5:3A:60:E5:EC:24:7D:5B:8F:38:D8:7F:B5:FE:98:66:12:E2:62:AE
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0195F1CB5714C9589FE653215E6C75007EF9
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/5Tpg5ewkfVuPONh_tf6YZhLiYq4.roa
Signing time: Tue 01 Apr 2025 14:39:49 +0000
ROA not before: Tue 01 Apr 2025 14:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50952
IP address blocks: 95.161.252.0/24 maxlen: 24
178.18.224.0/22 maxlen: 22
178.18.235.0/24 maxlen: 24
2a03:5f80:9::/48 maxlen: 48
2a03:5f80:b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Apr 2025 14:58:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:cb:57:14:c9:58:9f:e6:53:21:5e:6c:75:00:7e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Apr 1 14:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e53a60e5ec247d5b8f38d87fb5fe986612e262ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:57:ad:56:30:ab:89:2b:a2:f3:a1:c4:05:85:
13:8b:ca:f8:65:9b:59:aa:43:78:97:7a:98:41:23:
8e:44:6d:e3:06:8c:28:43:34:51:99:90:cf:b9:6f:
44:c4:f5:72:6b:0e:fc:2c:12:05:e7:a2:2e:b5:bc:
9b:17:53:83:96:bb:71:9d:6b:d8:ad:ca:dc:3f:00:
34:7c:1f:10:5d:0b:3d:4c:74:1a:b0:17:bd:03:24:
a4:52:02:70:ab:48:bc:53:17:cd:63:9f:88:0f:ce:
51:84:5c:40:c4:f6:11:60:d2:29:b6:28:97:38:22:
b9:6c:0e:ce:52:bd:78:2a:18:d4:e5:b9:f4:90:34:
b6:f7:a5:30:34:9e:eb:4a:39:2d:45:8c:43:82:26:
70:00:1a:37:9a:07:f8:e2:fd:e9:6b:79:39:c1:9f:
32:0e:f3:0a:19:e6:9d:64:24:c8:fe:5d:8d:9b:7e:
d3:13:c1:e4:69:3b:67:3c:98:8a:d2:88:99:ac:f2:
53:be:ae:56:80:4a:d9:c8:81:4d:10:7a:1c:4e:2f:
42:44:68:93:52:09:df:7e:bf:70:2d:fe:ec:ed:b3:
9d:31:55:58:5c:53:46:a5:de:ea:e8:e3:d5:3d:f3:
a1:a6:ef:21:2c:28:c5:af:28:bb:73:69:1c:d8:97:
5d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3A:60:E5:EC:24:7D:5B:8F:38:D8:7F:B5:FE:98:66:12:E2:62:AE
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/5Tpg5ewkfVuPONh_tf6YZhLiYq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.252.0/24
178.18.224.0/22
178.18.235.0/24
IPv6:
2a03:5f80:9::/48
2a03:5f80:b::/48
Signature Algorithm: sha256WithRSAEncryption
13:cf:c5:d8:e3:6b:9f:e1:22:eb:b9:be:3d:69:17:73:ad:71:
5b:a8:5d:27:95:dd:1d:64:f9:cf:d3:70:da:51:d2:60:71:87:
64:95:68:9a:b2:b9:df:44:79:49:35:ed:6c:79:b3:7b:98:b7:
cd:f8:71:ec:5d:79:4e:36:be:8b:ab:11:64:fc:05:96:90:ed:
4b:3c:f4:45:c4:65:25:d8:45:c6:75:5b:71:6e:c2:fa:89:c6:
4c:83:ee:ec:7d:68:54:4f:03:e0:36:39:c4:29:a4:10:f4:a0:
70:af:dc:fe:fa:8a:60:27:2c:a4:43:3c:34:3c:a0:18:04:04:
f0:07:53:be:5c:ff:27:94:c5:7e:6b:9c:aa:fa:f2:6e:40:64:
8a:e6:77:fe:65:de:3f:92:ea:c8:55:70:6c:1d:51:79:da:db:
7a:27:7d:52:93:bc:96:c0:65:4f:c4:2e:fc:01:97:46:7e:d0:
71:32:9b:9e:f8:a9:f2:00:7b:0b:db:b5:c0:75:cb:b8:87:f3:
46:a3:26:d2:77:a6:f1:f8:66:09:da:1c:6a:ee:ed:ca:d6:78:
90:c3:5c:00:2c:e3:39:e2:ff:b7:1c:09:6f:f6:75:0a:20:6f:
fe:be:bf:bc:74:0d:18:db:88:f9:7c:ed:55:bf:90:04:98:0b:
ad:e8:70:c9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZXxy1cUyVif5lMhXmx1AH75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwNDAxMTQzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTNhNjBlNWVjMjQ3ZDViOGYzOGQ4N2ZiNWZlOTg2NjEyZTI2MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VetVjCriSui86HEBYUTi8r4ZZtZ
qkN4l3qYQSOORG3jBowoQzRRmZDPuW9ExPVyaw78LBIF56IutbybF1ODlrtxnWvY
rcrcPwA0fB8QXQs9THQasBe9AySkUgJwq0i8UxfNY5+ID85RhFxAxPYRYNIptiiX
OCK5bA7OUr14KhjU5bn0kDS296UwNJ7rSjktRYxDgiZwABo3mgf44v3pa3k5wZ8y
DvMKGeadZCTI/l2Nm37TE8HkaTtnPJiK0oiZrPJTvq5WgErZyIFNEHocTi9CRGiT
Ugnffr9wLf7s7bOdMVVYXFNGpd7q6OPVPfOhpu8hLCjFryi7c2kc2JddaQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOU6YOXsJH1bjzjYf7X+mGYS4mKuMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvNVRwZzVld2tmVnVQT05oX3RmNllaaExpWXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAX6H8AwQC
shLgAwQAshLrMBgEAgACMBIDBwAqA1+AAAkDBwAqA1+AAAswDQYJKoZIhvcNAQEL
BQADggEBABPPxdjja5/hIuu5vj1pF3OtcVuoXSeV3R1k+c/TcNpR0mBxh2SVaJqy
ud9EeUk17Wx5s3uYt834cexdeU42vourEWT8BZaQ7Us89EXEZSXYRcZ1W3FuwvqJ
xkyD7ux9aFRPA+A2OcQppBD0oHCv3P76imAnLKRDPDQ8oBgEBPAHU75c/yeUxX5r
nKr68m5AZIrmd/5l3j+S6shVcGwdUXna23onfVKTvJbAZU/ELvwBl0Z+0HEym574
qfIAewvbtcB1y7iH80ajJtJ3pvH4ZgnaHGru7crWeJDDXAAs4zni/7ccCW/2dQog
b/6+v7x0DRjbiPl87VW/kASYC63ocMk=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:54 2025 by rpki-client