Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2ix_sGq6grIJ_yVyowhdibh2mDk.roa
File: 2ix_sGq6grIJ_yVyowhdibh2mDk.roa (raw, json)
Hash identifier: ndoxpUpSrUGYaB7NsT6MPVY1hxHfQ20Tr2w9fI3cGOg=
Subject key identifier: DA:2C:7F:B0:6A:BA:82:B2:09:FF:25:72:A3:08:5D:89:B8:76:98:39
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195C68AF54BAF504859E063A6BC7B3A1497
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2ix_sGq6grIJ_yVyowhdibh2mDk.roa
Signing time: Mon 24 Mar 2025 05:05:50 +0000
ROA not before: Mon 24 Mar 2025 05:05:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 00:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c6:8a:f5:4b:af:50:48:59:e0:63:a6:bc:7b:3a:14:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 24 05:05:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da2c7fb06aba82b209ff2572a3085d89b8769839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:74:dd:cc:83:8b:33:a2:23:00:f4:e5:90:fd:
da:e1:b2:0e:b3:8a:6f:6c:8e:2f:58:0c:92:40:29:
cd:59:ac:32:84:d7:5a:94:dc:49:d7:b1:c7:81:9b:
a9:77:fe:14:1d:ae:0a:5f:e5:74:6b:f6:1c:e3:d2:
3c:52:09:9a:06:72:04:64:90:b9:cf:36:75:48:23:
05:16:28:fa:8c:9b:4a:f9:23:7d:d5:9f:bb:de:63:
61:3c:42:2d:f4:db:97:8a:72:0d:f2:04:ec:76:c6:
d7:06:f9:60:ea:04:d6:da:1e:e4:71:f9:27:a2:b7:
72:7d:3e:57:48:39:1c:92:b0:50:42:46:f9:a1:60:
ed:90:eb:3a:23:19:25:ca:76:e5:89:aa:52:17:ca:
eb:05:23:84:f8:d9:50:5c:21:a4:f5:76:ea:b8:4f:
09:1a:cd:15:8b:95:68:7f:de:e5:59:e0:9a:ed:1a:
6c:8b:5e:04:d0:ec:f3:96:bd:26:39:f3:d0:cf:56:
42:27:a7:11:2e:d1:c6:90:a4:6f:97:f9:81:98:9a:
02:b0:d3:f2:97:24:b3:33:27:ca:f4:d9:4c:82:18:
cc:36:f6:e2:48:fd:1b:e4:5f:50:dc:44:a8:96:67:
e3:57:b4:f0:0c:8d:32:b3:7d:4a:e2:50:61:d3:8c:
74:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2C:7F:B0:6A:BA:82:B2:09:FF:25:72:A3:08:5D:89:B8:76:98:39
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2ix_sGq6grIJ_yVyowhdibh2mDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.138.0/24
77.90.54.0/24
94.103.163.0/24
94.249.195.0/24
94.249.215.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:86:be:20:b7:45:a2:18:d9:22:84:58:4d:67:3c:13:11:40:
8b:28:e5:93:90:fe:25:08:dd:5f:e9:2d:82:8f:a4:07:1c:45:
e3:26:75:30:cd:ac:4b:0b:46:04:1b:f7:86:8f:ff:2e:21:73:
72:50:24:40:2b:05:e6:8f:5f:85:8e:56:03:b6:50:3b:32:7c:
e6:ff:44:ee:91:3c:5f:f7:3e:66:73:9f:92:c2:76:ed:c2:f3:
95:fb:65:4b:a6:23:9b:68:86:42:f3:49:1c:94:e2:76:b0:cd:
a3:d9:2f:e3:80:8a:f7:e1:99:70:78:de:f5:b1:d0:5e:97:84:
13:aa:76:6c:ef:9b:e3:f8:72:77:78:07:5b:73:21:8a:5e:5b:
a9:97:5f:27:cc:91:79:6a:e5:28:43:12:12:d6:cd:d1:3a:a1:
57:a5:bb:49:90:38:1c:f1:84:fa:10:13:57:9b:ac:f5:91:7f:
35:ea:a7:59:62:99:06:7d:93:05:31:c2:65:70:28:a9:c4:36:
8f:bb:ce:55:0f:08:33:10:15:a0:2a:0b:ad:59:88:9e:4d:28:
4a:42:52:41:20:73:82:a4:27:b1:8e:82:e8:f2:fc:41:3f:c5:
98:f0:e0:4b:ab:66:3c:ae:b0:7e:c0:ae:17:f0:4d:ff:a6:ed:
32:64:c1:54
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZXGivVLr1BIWeBjprx7OhSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzI0MDUwNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTJjN2ZiMDZhYmE4MmIyMDlmZjI1NzJhMzA4NWQ4OWI4NzY5ODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXTdzIOLM6IjAPTlkP3a4bIOs4pv
bI4vWAySQCnNWawyhNdalNxJ17HHgZupd/4UHa4KX+V0a/Yc49I8UgmaBnIEZJC5
zzZ1SCMFFij6jJtK+SN91Z+73mNhPEIt9NuXinIN8gTsdsbXBvlg6gTW2h7kcfkn
ordyfT5XSDkckrBQQkb5oWDtkOs6IxklynbliapSF8rrBSOE+NlQXCGk9XbquE8J
Gs0Vi5Vof97lWeCa7Rpsi14E0Ozzlr0mOfPQz1ZCJ6cRLtHGkKRvl/mBmJoCsNPy
lySzMyfK9NlMghjMNvbiSP0b5F9Q3ESolmfjV7TwDI0ys31K4lBh04x02QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNosf7BquoKyCf8lcqMIXYm4dpg5MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMml4X3NHcTZncklKX3lWeW93aGRpYmgybURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABa+KAwQA
TVo2AwQAXmejAwQAXvnDAwQAXvnXAwQAX9cgAwQAX9ciAwQAshKQAwQAuQ2cAwQA
2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQB7hr4gt0WiGNkihFhNZzwTEUCLKOWTkP4l
CN1f6S2Cj6QHHEXjJnUwzaxLC0YEG/eGj/8uIXNyUCRAKwXmj1+FjlYDtlA7Mnzm
/0TukTxf9z5mc5+SwnbtwvOV+2VLpiObaIZC80kclOJ2sM2j2S/jgIr34ZlweN71
sdBel4QTqnZs75vj+HJ3eAdbcyGKXlupl18nzJF5auUoQxIS1s3ROqFXpbtJkDgc
8YT6EBNXm6z1kX816qdZYpkGfZMFMcJlcCipxDaPu85VDwgzEBWgKgutWYieTShK
QlJBIHOCpCexjoLo8vxBP8WY8OBLq2Y8rrB+wK4X8E3/pu0yZMFU
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:28:07 2025 by rpki-client