Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YNXdjWnzqYujEGR3DlPFN2Jxek4.roa
File: YNXdjWnzqYujEGR3DlPFN2Jxek4.roa (raw, json)
Hash identifier: 9jymfD7vU++5nD0403ZTyOnocDfAOCCJ2YkCyNaFsxA=
Subject key identifier: 60:D5:DD:8D:69:F3:A9:8B:A3:10:64:77:0E:53:C5:37:62:71:7A:4E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01950FFA6671A3798B5EF5440A5C9D936AB1
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YNXdjWnzqYujEGR3DlPFN2Jxek4.roa
Signing time: Sun 16 Feb 2025 18:17:03 +0000
ROA not before: Sun 16 Feb 2025 18:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.83.134.0/24 maxlen: 24
5.83.145.0/24 maxlen: 24
5.175.143.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 15:19:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0f:fa:66:71:a3:79:8b:5e:f5:44:0a:5c:9d:93:6a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 16 18:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60d5dd8d69f3a98ba31064770e53c53762717a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d8:8b:f1:f7:ab:5c:f2:be:31:a1:bd:85:4b:
13:be:a2:15:bd:63:10:9c:c6:69:21:f1:6a:4a:1e:
c2:d2:d7:f9:a3:9d:14:53:d9:d2:21:dc:87:16:72:
9e:c5:89:b7:ac:45:9f:7f:da:06:01:dc:5a:0b:3b:
57:68:96:26:8f:14:6f:b6:c5:20:38:6a:6c:ab:08:
56:b4:01:e3:7d:73:79:ec:f5:69:9a:9e:df:71:39:
33:3d:17:69:35:2a:05:12:6c:65:26:28:b0:bf:ca:
92:d2:d5:e1:39:a3:4a:de:c0:32:36:c0:8c:bc:0d:
66:77:0b:e1:01:77:d4:64:35:39:9b:c6:29:e1:3d:
a8:34:c1:74:5e:20:26:88:03:cd:26:0f:6a:a2:2a:
6c:db:87:48:7a:1a:d9:9f:f5:dd:fc:1d:e7:7d:11:
ef:7b:c9:f6:2e:f7:14:8b:d9:49:f4:a2:9c:f7:15:
49:ed:82:fa:90:b0:d2:62:a1:59:0a:33:b2:dd:c8:
ce:f3:66:b8:9d:51:4e:c1:1f:c4:e4:40:fa:ce:80:
4d:ae:b5:d4:e8:fa:a6:00:50:e2:8d:e0:0e:dd:a1:
67:af:59:52:b0:b3:3a:e1:61:ce:1c:e2:57:a9:78:
18:2d:97:77:da:c2:20:68:a5:75:d7:1a:62:50:fb:
5d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D5:DD:8D:69:F3:A9:8B:A3:10:64:77:0E:53:C5:37:62:71:7A:4E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YNXdjWnzqYujEGR3DlPFN2Jxek4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.83.145.0/24
5.175.143.0/24
5.231.25.0-5.231.26.255
89.106.71.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:b5:3f:50:15:10:ab:51:fc:2f:2d:48:f0:ba:e7:ae:7e:2c:
fc:4c:cc:0b:b9:89:cc:59:0a:f3:3e:bd:76:c7:a5:b6:08:39:
02:d4:2e:2e:c8:d0:4f:eb:d0:a9:80:bd:c9:b2:70:66:1e:3e:
4b:8c:07:48:69:0c:e0:30:ac:d2:4b:6a:ae:c9:a3:e0:b7:a6:
2c:1b:e7:f6:cd:6e:e9:19:aa:a4:e9:20:12:61:c3:b6:cd:9e:
b8:47:b1:9b:db:04:69:8b:f7:d9:d3:d6:e8:14:1a:47:ab:94:
3a:1b:7f:29:a8:a0:26:ae:28:f1:93:24:4c:76:c2:2a:58:e7:
8b:81:a0:72:67:7b:f7:bb:e9:32:83:65:b8:3b:e4:0e:48:bb:
94:c8:cf:87:ee:34:b8:2d:02:c5:ca:59:26:3b:83:cb:aa:ae:
3c:c7:22:15:3b:76:c7:3b:a7:46:0a:64:a7:11:74:ef:94:b0:
11:ac:32:e3:fe:e7:df:6b:df:12:d6:2a:73:10:d8:0f:00:ae:
4b:15:9d:31:64:47:89:94:a4:b2:3a:72:98:4e:7c:45:ed:ae:
94:cd:fd:d6:d4:e4:d7:b9:9d:6b:87:4b:c7:2f:62:91:d2:7c:
04:0c:c3:9c:3d:b9:25:5c:8e:77:e4:17:fe:82:16:58:63:7b:
3a:fc:de:b2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZUP+mZxo3mLXvVEClydk2qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjE2MTgxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQ1ZGQ4ZDY5ZjNhOThiYTMxMDY0NzcwZTUzYzUzNzYyNzE3YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdiL8ferXPK+MaG9hUsTvqIVvWMQ
nMZpIfFqSh7C0tf5o50UU9nSIdyHFnKexYm3rEWff9oGAdxaCztXaJYmjxRvtsUg
OGpsqwhWtAHjfXN57PVpmp7fcTkzPRdpNSoFEmxlJiiwv8qS0tXhOaNK3sAyNsCM
vA1mdwvhAXfUZDU5m8Yp4T2oNMF0XiAmiAPNJg9qoips24dIehrZn/Xd/B3nfRHv
e8n2LvcUi9lJ9KKc9xVJ7YL6kLDSYqFZCjOy3cjO82a4nVFOwR/E5ED6zoBNrrXU
6PqmAFDijeAO3aFnr1lSsLM64WHOHOJXqXgYLZd32sIgaKV11xpiUPtd/QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGDV3Y1p86mLoxBkdw5TxTdicXpOMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWU5YZGpXbnpxWXVqRUdSM0RsUEZOMkp4ZWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABVOGAwQA
BVORAwQABa+PMAwDBAAF5xkDBAAF5xoDBABZakcwDQYJKoZIhvcNAQELBQADggEB
ALK1P1AVEKtR/C8tSPC6565+LPxMzAu5icxZCvM+vXbHpbYIOQLULi7I0E/r0KmA
vcmycGYePkuMB0hpDOAwrNJLaq7Jo+C3piwb5/bNbukZqqTpIBJhw7bNnrhHsZvb
BGmL99nT1ugUGkerlDobfymooCauKPGTJEx2wipY54uBoHJne/e76TKDZbg75A5I
u5TIz4fuNLgtAsXKWSY7g8uqrjzHIhU7dsc7p0YKZKcRdO+UsBGsMuP+599r3xLW
KnMQ2A8ArksVnTFkR4mUpLI6cphOfEXtrpTN/dbU5Ne5nWuHS8cvYpHSfAQMw5w9
uSVcjnfkF/6CFlhjezr83rI=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:41 2025 by rpki-client