Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ObQt3Tn10aL3n68x4kGj5oUf71M.roa
File: ObQt3Tn10aL3n68x4kGj5oUf71M.roa (raw, json)
Hash identifier: mWPno3ByJsq0mTxsskd+HUUgm96u2vkYysP/pcpRpZ8=
Subject key identifier: 39:B4:2D:DD:39:F5:D1:A2:F7:9F:AF:31:E2:41:A3:E6:85:1F:EF:53
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194EF93AF4D940E242AC3343994A57ED50D
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ObQt3Tn10aL3n68x4kGj5oUf71M.roa
Signing time: Mon 10 Feb 2025 11:17:00 +0000
ROA not before: Mon 10 Feb 2025 11:17:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 5.231.232.0/24 maxlen: 24
5.231.233.0/24 maxlen: 24
77.90.3.0/24 maxlen: 24
77.90.28.0/24 maxlen: 24
89.106.92.0/24 maxlen: 24
89.106.93.0/24 maxlen: 24
89.106.94.0/24 maxlen: 24
89.106.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 13:32:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:93:af:4d:94:0e:24:2a:c3:34:39:94:a5:7e:d5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 10 11:17:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39b42ddd39f5d1a2f79faf31e241a3e6851fef53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ab:6c:62:d9:61:31:61:e8:25:b0:dd:99:ae:
98:e1:a4:b3:5c:ce:49:02:e7:7c:8b:0a:69:84:92:
53:23:a3:bc:39:17:f9:b9:c7:88:9c:89:24:7b:6c:
64:cb:e3:f9:d3:0c:1e:44:ee:a0:b2:cc:80:d3:9d:
98:26:59:af:c9:c7:62:7b:71:d3:7d:e3:6e:57:58:
3f:39:ee:0f:3e:67:a4:2f:5e:15:9d:c2:dd:21:bc:
db:1e:56:39:b0:2f:0a:72:05:2c:bb:a9:13:e9:b5:
2a:32:cd:23:09:eb:fa:cc:ca:2b:eb:32:6b:6c:da:
3e:9c:40:45:a2:83:65:39:f2:ad:31:35:ec:e0:01:
ce:86:b4:2c:10:62:2b:e0:e1:d5:aa:1a:34:8d:71:
77:5c:79:d5:8f:20:b8:62:b4:db:a9:73:37:30:5a:
bb:b9:09:66:ef:56:4b:dc:a2:e7:e5:c2:cd:2b:0b:
9b:52:2f:f2:e9:4b:d4:38:98:2e:32:5c:64:7d:86:
0d:51:7a:fe:84:c8:e3:c4:3e:c4:ae:8e:63:7e:88:
69:6d:6c:73:b0:87:bb:70:75:58:a0:52:4f:8d:57:
06:d5:49:1c:d8:8a:67:e7:cb:7e:a0:f5:6b:3d:a0:
4e:1d:9b:33:93:7e:66:de:3c:6b:24:24:b1:ca:53:
5d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B4:2D:DD:39:F5:D1:A2:F7:9F:AF:31:E2:41:A3:E6:85:1F:EF:53
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ObQt3Tn10aL3n68x4kGj5oUf71M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.232.0/23
77.90.3.0/24
77.90.28.0/24
89.106.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:de:e3:71:fa:c8:7e:ec:9d:1d:1d:c0:58:1f:78:85:ca:d9:
dd:22:47:ca:89:3f:2a:cc:b6:2d:6d:b6:bc:8c:f8:4f:5f:c0:
d0:22:9a:a2:65:a5:8a:c0:2e:8d:c7:4c:4a:00:cf:d2:64:20:
23:7d:b3:80:bf:d3:28:8d:24:32:43:87:b4:e1:e2:d6:24:28:
d8:e4:69:04:ed:85:85:10:b0:76:39:d5:d2:23:d6:17:9e:9d:
b0:25:88:f4:10:24:97:df:f3:d2:b1:4e:0a:fb:53:ae:ef:28:
5e:76:d8:6f:47:48:61:87:81:84:43:f8:5e:82:80:e5:c6:17:
6f:84:b3:f1:92:17:12:00:0f:42:1c:3f:fd:3b:7d:85:f5:7b:
d3:16:5b:5a:ba:7d:65:f3:20:17:d7:e4:55:21:b5:04:49:2f:
8b:78:dd:a9:36:da:d6:14:b1:c5:05:b6:15:cd:56:91:50:5d:
bf:2b:9a:51:ea:d7:05:68:e9:d2:51:4d:07:ff:e9:9a:9b:7c:
bf:72:c6:f0:6a:69:f9:82:24:b2:59:d7:26:bd:33:57:6c:cb:
4e:39:3c:7d:6c:aa:eb:b4:d1:d2:92:4b:e2:07:16:06:6f:37:
39:5b:33:ed:ea:57:35:b8:35:09:e2:6d:a5:88:cb:00:55:e0:
ff:36:84:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZTvk69NlA4kKsM0OZSlftUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjEwMTExNzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWI0MmRkZDM5ZjVkMWEyZjc5ZmFmMzFlMjQxYTNlNjg1MWZlZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4atsYtlhMWHoJbDdma6Y4aSzXM5J
Aud8iwpphJJTI6O8ORf5uceInIkke2xky+P50wweRO6gssyA052YJlmvycdie3HT
feNuV1g/Oe4PPmekL14VncLdIbzbHlY5sC8KcgUsu6kT6bUqMs0jCev6zMor6zJr
bNo+nEBFooNlOfKtMTXs4AHOhrQsEGIr4OHVqho0jXF3XHnVjyC4YrTbqXM3MFq7
uQlm71ZL3KLn5cLNKwubUi/y6UvUOJguMlxkfYYNUXr+hMjjxD7Ero5jfohpbWxz
sIe7cHVYoFJPjVcG1Ukc2Ipn58t+oPVrPaBOHZszk35m3jxrJCSxylNd3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDm0Ld059dGi95+vMeJBo+aFH+9TMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvT2JRdDNUbjEwYUwzbjY4eDRrR2o1b1VmNzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBefoAwQA
TVoDAwQATVocAwQCWWpcMA0GCSqGSIb3DQEBCwUAA4IBAQBr3uNx+sh+7J0dHcBY
H3iFytndIkfKiT8qzLYtbba8jPhPX8DQIpqiZaWKwC6Nx0xKAM/SZCAjfbOAv9Mo
jSQyQ4e04eLWJCjY5GkE7YWFELB2OdXSI9YXnp2wJYj0ECSX3/PSsU4K+1Ou7yhe
dthvR0hhh4GEQ/hegoDlxhdvhLPxkhcSAA9CHD/9O32F9XvTFltaun1l8yAX1+RV
IbUESS+LeN2pNtrWFLHFBbYVzVaRUF2/K5pR6tcFaOnSUU0H/+mam3y/csbwamn5
giSyWdcmvTNXbMtOOTx9bKrrtNHSkkviBxYGbzc5WzPt6lc1uDUJ4m2liMsAVeD/
NoQE
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:29 2025 by rpki-client