Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/9FUW_y1o69zkUlUB0iuWbNF8nnE.roa
File: 9FUW_y1o69zkUlUB0iuWbNF8nnE.roa (raw, json)
Hash identifier: iuaBpphxy0j1GUspY1geUXN5iDeWa+c2F1xTY1LWCb4=
Subject key identifier: F4:55:16:FF:2D:68:EB:DC:E4:52:55:01:D2:2B:96:6C:D1:7C:9E:71
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01957E74370E5AB3C17C0F74FA5831A03219
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/9FUW_y1o69zkUlUB0iuWbNF8nnE.roa
Signing time: Mon 10 Mar 2025 05:08:20 +0000
ROA not before: Mon 10 Mar 2025 05:08:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 00:27:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7e:74:37:0e:5a:b3:c1:7c:0f:74:fa:58:31:a0:32:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 10 05:08:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f45516ff2d68ebdce4525501d22b966cd17c9e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ea:30:2b:5b:51:e8:50:ce:9c:15:8e:b4:6f:
67:ed:19:4a:3a:b9:af:46:69:42:c4:5b:65:2b:bd:
5f:37:4c:23:94:9e:d1:d1:6b:e9:09:1f:05:fc:c0:
b0:ab:91:7b:7d:ed:dd:44:d4:bd:c9:8b:e9:09:7f:
92:14:9c:7d:f5:68:18:25:28:cd:da:31:cb:66:93:
5d:a2:68:d0:9b:78:46:b2:17:fe:d7:44:5c:bb:f3:
2a:ee:93:ff:de:a3:46:86:d4:d5:2d:d8:59:7f:7f:
00:3a:a1:84:75:82:c7:fd:fb:04:d5:1c:2f:00:bb:
62:88:db:a7:16:07:63:83:a3:13:a7:85:d3:38:54:
ab:aa:e9:d0:8e:62:b7:ea:09:2e:36:16:21:04:37:
ec:8c:9e:16:25:a0:fe:b4:f6:7f:41:e2:4a:b1:72:
ec:8f:e9:62:95:35:13:95:b8:4b:80:3d:43:71:57:
f1:e7:39:52:0e:85:6c:9d:d3:5d:d2:aa:da:86:6d:
a4:49:5a:27:42:f8:71:55:16:de:bd:cb:3e:34:d8:
07:53:89:fc:5e:a3:d8:d9:11:1d:9b:d8:fe:7f:3d:
57:3a:88:84:39:80:1f:47:d6:4e:01:8d:ff:fd:ff:
ce:89:20:de:b2:89:3e:b3:0b:af:9b:00:f6:b0:10:
95:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:55:16:FF:2D:68:EB:DC:E4:52:55:01:D2:2B:96:6C:D1:7C:9E:71
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/9FUW_y1o69zkUlUB0iuWbNF8nnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
94.103.163.0/24
94.249.215.0/24
95.215.32.0/24
95.215.34.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
03:58:ae:f3:63:27:14:e6:0d:d8:f6:a1:c8:e6:9d:4c:c2:fc:
2b:71:67:a1:e1:ae:08:c6:6f:77:ff:54:b3:3f:7e:26:3c:9d:
c6:6b:34:de:0a:a8:70:c7:c6:bb:f7:1e:2b:ae:89:95:5e:df:
22:32:93:5e:72:3b:f3:04:54:1b:4b:e4:1d:3c:b1:d8:96:cd:
15:44:b3:18:cf:85:d7:74:de:d4:4b:1f:a0:25:51:bb:9c:68:
9e:30:66:7c:4a:03:f3:2f:dd:b0:58:21:0d:f5:76:ca:0c:3f:
3f:27:40:65:38:c9:76:0b:17:bc:56:c5:1b:d4:48:6c:76:27:
22:fa:4f:89:90:aa:50:ec:0d:08:cd:d6:c1:66:60:1d:88:53:
1f:01:9f:67:c8:5a:8f:19:0e:ae:46:ac:e8:ca:f1:e2:4b:95:
86:5a:c5:da:8f:d6:d0:0a:b3:a0:aa:57:79:8f:44:2e:ef:fb:
2a:c6:68:8c:00:80:4c:30:5d:ff:55:cc:8c:22:61:7e:f8:18:
fb:16:f3:0b:e4:b6:ec:08:65:68:d8:a1:f5:59:7c:9a:03:8e:
1b:d1:a3:a4:f7:4b:03:a0:3e:13:4b:e0:b5:e0:b9:24:e1:b6:
07:b6:23:42:ba:50:13:6a:8a:42:0f:1c:79:4c:eb:6a:66:a5:
c2:c0:81:f2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZV+dDcOWrPBfA90+lgxoDIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzEwMDUwODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU1MTZmZjJkNjhlYmRjZTQ1MjU1MDFkMjJiOTY2Y2QxN2M5ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuowK1tR6FDOnBWOtG9n7RlKOrmv
RmlCxFtlK71fN0wjlJ7R0WvpCR8F/MCwq5F7fe3dRNS9yYvpCX+SFJx99WgYJSjN
2jHLZpNdomjQm3hGshf+10Rcu/Mq7pP/3qNGhtTVLdhZf38AOqGEdYLH/fsE1Rwv
ALtiiNunFgdjg6MTp4XTOFSrqunQjmK36gkuNhYhBDfsjJ4WJaD+tPZ/QeJKsXLs
j+lilTUTlbhLgD1DcVfx5zlSDoVsndNd0qrahm2kSVonQvhxVRbevcs+NNgHU4n8
XqPY2REdm9j+fz1XOoiEOYAfR9ZOAY3//f/OiSDesok+swuvmwD2sBCVXQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPRVFv8taOvc5FJVAdIrlmzRfJ5xMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvOUZVV195MW82OXprVWxVQjBpdVdiTkY4bm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABVOBAwQA
Ba+KAwQATVo2AwQAV++DAwQAXmejAwQAXvnXAwQAX9cgAwQAX9ciAwQA2UWmMA0G
CSqGSIb3DQEBCwUAA4IBAQADWK7zYycU5g3Y9qHI5p1MwvwrcWeh4a4Ixm93/1Sz
P34mPJ3GazTeCqhwx8a79x4rromVXt8iMpNecjvzBFQbS+QdPLHYls0VRLMYz4XX
dN7USx+gJVG7nGieMGZ8SgPzL92wWCEN9XbKDD8/J0BlOMl2Cxe8VsUb1Ehsdici
+k+JkKpQ7A0IzdbBZmAdiFMfAZ9nyFqPGQ6uRqzoyvHiS5WGWsXaj9bQCrOgqld5
j0Qu7/sqxmiMAIBMMF3/VcyMImF++Bj7FvML5LbsCGVo2KH1WXyaA44b0aOk90sD
oD4TS+C14Lkk4bYHtiNCulATaopCDxx5TOtqZqXCwIHy
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:18 2025 by rpki-client