Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Gd2os6MdnnsNEBd5Q5YCCk586T0.roa
File: Gd2os6MdnnsNEBd5Q5YCCk586T0.roa (raw, json)
Hash identifier: hc7MQm222nBD3z6KlRF55c1xdkl0LeU56Exc0On5W98=
Subject key identifier: 19:DD:A8:B3:A3:1D:9E:7B:0D:10:17:79:43:96:02:0A:4E:7C:E9:3D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01950343B1AA5804FC5EC6C2671132EFED10
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Gd2os6MdnnsNEBd5Q5YCCk586T0.roa
Signing time: Fri 14 Feb 2025 07:02:02 +0000
ROA not before: Fri 14 Feb 2025 07:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.83.134.0/24 maxlen: 24
5.83.145.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Feb 2025 18:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:43:b1:aa:58:04:fc:5e:c6:c2:67:11:32:ef:ed:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 14 07:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19dda8b3a31d9e7b0d1017794396020a4e7ce93d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:64:72:8c:09:6e:f7:06:d3:f7:d9:1f:f7:05:
1d:bb:b5:ff:2a:4a:b4:dd:66:bb:61:4e:af:23:6b:
c7:a4:87:02:f9:1f:ee:26:c6:1a:f5:9e:d5:c1:43:
f2:73:71:95:d2:5d:79:c3:de:8e:bf:48:b8:94:f5:
50:f0:a8:92:eb:b0:6d:e4:5e:20:96:82:ff:71:71:
70:a3:fd:9b:0c:69:46:7b:7d:fe:12:c8:23:45:7a:
26:61:ee:dc:48:8b:41:df:8c:20:ee:d0:03:71:df:
fc:4c:62:fc:7f:ae:73:60:a2:d7:6d:72:80:d1:57:
1d:fa:95:9c:d9:aa:03:8b:e6:c6:5f:c9:97:6b:70:
d8:80:0e:65:0d:6a:c9:3a:e2:69:99:f9:62:43:4c:
79:53:68:89:4f:64:77:b1:88:61:4a:21:ac:ed:f3:
8d:39:96:b9:4a:f9:76:19:79:52:1c:ef:fa:44:4f:
6e:0c:7b:f0:4d:ca:b2:cb:14:2e:2c:5d:30:cb:0d:
e8:d3:cd:10:d1:57:b1:a3:76:c9:11:f7:50:0d:a2:
c5:50:38:12:4a:83:57:e3:ce:2a:8c:b5:21:ed:a2:
33:90:7a:de:b1:a2:c5:4d:cc:72:fd:3f:94:95:75:
92:3c:39:19:bd:2b:05:f9:dc:3d:5c:65:66:d1:e4:
fe:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:DD:A8:B3:A3:1D:9E:7B:0D:10:17:79:43:96:02:0A:4E:7C:E9:3D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Gd2os6MdnnsNEBd5Q5YCCk586T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.83.145.0/24
5.231.25.0-5.231.26.255
89.106.71.0/24
Signature Algorithm: sha256WithRSAEncryption
e6:a4:dc:ec:55:9e:82:20:ee:dd:55:3f:a9:62:b5:55:3b:3a:
bb:d8:8f:47:32:ae:df:6d:30:5f:80:d8:86:fb:27:93:5d:4c:
67:b1:60:83:1f:9f:0c:d9:60:79:61:3c:c5:81:78:38:07:7c:
89:93:0d:25:53:33:fb:93:39:e2:15:24:50:af:31:83:18:87:
53:31:22:fa:ae:b4:80:9c:52:fa:c5:06:1d:c6:73:63:b6:d6:
95:ba:81:ed:19:bc:9a:fb:54:a6:28:1b:71:86:f6:3b:bd:1a:
00:9c:06:3e:32:8a:81:7d:fd:c6:ad:3e:a9:98:97:cb:50:e9:
66:aa:f1:3b:9b:08:ba:8a:cd:ff:7c:b1:8c:a0:20:b0:86:a6:
b8:b3:eb:4a:4e:6e:72:1d:1f:00:4d:64:e2:96:5e:00:e2:0a:
53:fd:0b:1d:d2:1e:28:58:56:e4:fe:b9:72:82:5b:a9:47:03:
6e:4b:b1:cc:75:10:3e:8a:b7:5c:19:92:34:cc:fb:8e:eb:90:
63:7e:2c:bf:9c:52:5a:5f:e6:ed:db:bf:7a:be:c3:1f:8d:b0:
77:a0:4d:47:b1:d2:29:8b:28:61:67:e0:77:66:b2:47:54:41:
42:3d:69:6a:3d:1d:d2:5b:95:7f:c1:9f:d3:de:fa:71:5d:c7:
ac:fc:23:47
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZUDQ7GqWAT8XsbCZxEy7+0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjE0MDcwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWRkYThiM2EzMWQ5ZTdiMGQxMDE3Nzk0Mzk2MDIwYTRlN2NlOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWRyjAlu9wbT99kf9wUdu7X/Kkq0
3Wa7YU6vI2vHpIcC+R/uJsYa9Z7VwUPyc3GV0l15w96Ov0i4lPVQ8KiS67Bt5F4g
loL/cXFwo/2bDGlGe33+EsgjRXomYe7cSItB34wg7tADcd/8TGL8f65zYKLXbXKA
0Vcd+pWc2aoDi+bGX8mXa3DYgA5lDWrJOuJpmfliQ0x5U2iJT2R3sYhhSiGs7fON
OZa5Svl2GXlSHO/6RE9uDHvwTcqyyxQuLF0wyw3o080Q0Vexo3bJEfdQDaLFUDgS
SoNX484qjLUh7aIzkHresaLFTcxy/T+UlXWSPDkZvSsF+dw9XGVm0eT+0QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBndqLOjHZ57DRAXeUOWAgpOfOk9MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvR2Qyb3M2TWRubnNORUJkNVE1WUNDazU4NlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABVOGAwQA
BVORMAwDBAAF5xkDBAAF5xoDBABZakcwDQYJKoZIhvcNAQELBQADggEBAOak3OxV
noIg7t1VP6litVU7OrvYj0cyrt9tMF+A2Ib7J5NdTGexYIMfnwzZYHlhPMWBeDgH
fImTDSVTM/uTOeIVJFCvMYMYh1MxIvqutICcUvrFBh3Gc2O21pW6ge0ZvJr7VKYo
G3GG9ju9GgCcBj4yioF9/catPqmYl8tQ6Waq8TubCLqKzf98sYygILCGpriz60pO
bnIdHwBNZOKWXgDiClP9Cx3SHihYVuT+uXKCW6lHA25Lscx1ED6Kt1wZkjTM+47r
kGN+LL+cUlpf5u3bv3q+wx+NsHegTUex0imLKGFn4HdmskdUQUI9aWo9HdJblX/B
n9Pe+nFdx6z8I0c=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:30:29 2025 by rpki-client