Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2hNZwIDVXoygTA6TqDXW2QBDHGQ.roa
File: 2hNZwIDVXoygTA6TqDXW2QBDHGQ.roa (raw, json)
Hash identifier: kWCS0/gYDvdvkB7xa2mMzouDeDWoFAYFO9Dy0HNTPl0=
Subject key identifier: DA:13:59:C0:80:D5:5E:8C:A0:4C:0E:93:A8:35:D6:D9:00:43:1C:64
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01958FD0A3436480A901EFE267E3F4AF8661
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2hNZwIDVXoygTA6TqDXW2QBDHGQ.roa
Signing time: Thu 13 Mar 2025 14:02:49 +0000
ROA not before: Thu 13 Mar 2025 14:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.83.134.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.130.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 05:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:d0:a3:43:64:80:a9:01:ef:e2:67:e3:f4:af:86:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 13 14:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da1359c080d55e8ca04c0e93a835d6d900431c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b3:67:0e:25:c5:98:e8:c8:e2:3a:bc:a8:68:
3c:83:f5:95:c7:07:71:54:0a:f9:af:dd:dc:33:f2:
d3:80:82:45:6a:f7:ee:53:98:74:51:78:4b:bc:fe:
4e:8d:86:6e:2b:f8:e3:81:84:98:7d:c9:2f:8d:ce:
a3:ba:47:d8:c1:ad:ed:d1:8b:be:02:70:19:9a:a1:
e2:ba:1d:59:5e:e3:53:26:ad:e8:b1:3f:62:5e:bb:
55:36:21:fa:5f:e1:e1:5e:c1:16:a1:30:41:63:5a:
b1:86:4a:fc:39:44:c0:e2:e7:23:fd:d0:5a:2b:77:
30:94:a8:8f:f0:f2:2a:d5:68:78:b4:22:2f:13:09:
b1:a5:9b:3c:51:ed:fc:b1:19:77:0e:08:15:b1:f2:
2f:ef:8a:fc:61:a6:fb:ac:94:44:73:15:b9:ab:26:
3d:7c:48:ca:dd:3c:dd:e6:39:6e:07:79:86:a8:a3:
ab:06:59:10:5e:3d:b5:f3:ca:69:ac:5d:9c:82:dc:
e1:4a:f2:ce:ab:f1:67:fb:11:38:84:86:4e:59:7f:
c5:3f:66:0f:bf:f6:c3:8f:15:8f:2f:57:c4:ef:8d:
a6:e8:64:2e:ac:4b:df:1b:23:24:fe:d9:44:cc:70:
83:d3:42:dc:f1:c0:fb:00:fe:10:4c:66:92:49:34:
7e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:13:59:C0:80:D5:5E:8C:A0:4C:0E:93:A8:35:D6:D9:00:43:1C:64
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2hNZwIDVXoygTA6TqDXW2QBDHGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.175.140.0/24
5.231.25.0-5.231.26.255
85.118.162.0/24
87.239.130.0/24
89.106.69.0/24
89.106.71.0/24
Signature Algorithm: sha256WithRSAEncryption
36:50:6f:3a:92:d4:95:e8:38:20:bd:11:2e:92:d4:02:f6:c9:
76:5e:22:db:c3:ba:e1:5d:07:9f:2e:55:4d:a0:c7:b7:ac:d8:
90:3d:7f:9b:21:9b:2e:b8:0f:16:5b:48:63:85:5b:66:bd:25:
93:28:97:7c:2a:87:13:57:4e:2a:a0:cb:1c:f0:fd:9c:4b:3a:
2c:18:fc:e5:65:27:6b:3a:24:16:c9:4e:25:73:19:62:0b:5e:
7c:23:aa:f7:dd:a4:12:51:ee:9d:08:f8:d8:ea:b8:49:4a:33:
87:3b:b3:99:2a:35:16:bb:22:31:81:99:6d:f9:32:ac:3a:52:
55:6d:ad:79:d0:7b:1b:c0:35:c3:66:61:38:b7:83:1c:f8:e5:
d0:15:6e:70:f9:8e:7f:2f:2a:18:d7:86:5c:e7:91:b5:5b:bf:
45:0c:25:25:10:2f:51:81:b7:ea:31:00:07:ce:44:94:67:21:
bc:68:10:2a:17:0d:92:b1:a3:0e:d7:ec:d2:f7:77:f4:2d:a7:
cf:ee:ba:9e:cb:f8:53:3a:aa:14:e4:ab:76:f0:26:87:bf:c0:
43:7d:c2:fa:70:c1:fd:71:50:62:5d:1c:71:e2:12:df:bd:82:
0c:28:ec:8f:bf:c0:4c:4f:6f:72:0f:de:46:d6:a6:fb:26:10:
9e:4f:02:f2
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZWP0KNDZICpAe/iZ+P0r4ZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzEzMTQwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTEzNTljMDgwZDU1ZThjYTA0YzBlOTNhODM1ZDZkOTAwNDMxYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7NnDiXFmOjI4jq8qGg8g/WVxwdx
VAr5r93cM/LTgIJFavfuU5h0UXhLvP5OjYZuK/jjgYSYfckvjc6jukfYwa3t0Yu+
AnAZmqHiuh1ZXuNTJq3osT9iXrtVNiH6X+HhXsEWoTBBY1qxhkr8OUTA4ucj/dBa
K3cwlKiP8PIq1Wh4tCIvEwmxpZs8Ue38sRl3DggVsfIv74r8Yab7rJREcxW5qyY9
fEjK3Tzd5jluB3mGqKOrBlkQXj2188pprF2cgtzhSvLOq/Fn+xE4hIZOWX/FP2YP
v/bDjxWPL1fE742m6GQurEvfGyMk/tlEzHCD00Lc8cD7AP4QTGaSSTR+QQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNoTWcCA1V6MoEwOk6g11tkAQxxkMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMmhOWndJRFZYb3lnVEE2VHFEWFcyUUJESEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABVOGAwQA
Ba+MMAwDBAAF5xkDBAAF5xoDBABVdqIDBABX74IDBABZakUDBABZakcwDQYJKoZI
hvcNAQELBQADggEBADZQbzqS1JXoOCC9ES6S1AL2yXZeItvDuuFdB58uVU2gx7es
2JA9f5shmy64DxZbSGOFW2a9JZMol3wqhxNXTiqgyxzw/ZxLOiwY/OVlJ2s6JBbJ
TiVzGWILXnwjqvfdpBJR7p0I+NjquElKM4c7s5kqNRa7IjGBmW35Mqw6UlVtrXnQ
exvANcNmYTi3gxz45dAVbnD5jn8vKhjXhlznkbVbv0UMJSUQL1GBt+oxAAfORJRn
IbxoECoXDZKxow7X7NL3d/Qtp8/uup7L+FM6qhTkq3bwJoe/wEN9wvpwwf1xUGJd
HHHiEt+9ggwo7I+/wExPb3IP3kbWpvsmEJ5PAvI=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:25 2025 by rpki-client