Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Z5HzHQw8oy_LzpAlIwaLnmz2XGE.roa
File: Z5HzHQw8oy_LzpAlIwaLnmz2XGE.roa (raw, json)
Hash identifier: 9xO5AlX0x+XC67zj+ZCA9lMyNKd3BdXFg0K6mOpxDPg=
Subject key identifier: 67:91:F3:1D:0C:3C:A3:2F:CB:CE:90:25:23:06:8B:9E:6C:F6:5C:61
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195CAA1676E78DD9E299439A948B61F9F8A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Z5HzHQw8oy_LzpAlIwaLnmz2XGE.roa
Signing time: Tue 25 Mar 2025 00:08:50 +0000
ROA not before: Tue 25 Mar 2025 00:08:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Mar 2025 05:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ca:a1:67:6e:78:dd:9e:29:94:39:a9:48:b6:1f:9f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 25 00:08:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6791f31d0c3ca32fcbce902523068b9e6cf65c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:63:2e:12:31:ae:7a:f2:94:c9:ce:c7:b6:4d:
02:1d:89:4d:5a:cd:50:9e:f8:48:b7:c8:84:56:b8:
d5:6b:d2:34:67:8c:38:c8:69:8f:11:57:0c:20:3e:
9e:d2:b6:c9:35:80:32:5c:2d:e4:65:fe:5c:73:50:
5c:bc:9a:31:4d:3e:fb:93:17:56:7c:95:b3:fc:5e:
ba:9f:5e:03:e0:26:79:fa:b4:37:4a:68:af:f4:0a:
19:82:b4:91:40:5a:22:1f:80:55:8d:3b:1f:5a:ed:
71:67:42:ed:4b:34:32:89:4e:c4:b8:96:74:92:7b:
7b:f4:18:99:5f:0b:0e:f2:6c:cf:eb:c4:51:b5:44:
8b:35:cf:62:cb:49:e5:02:d1:12:7d:13:a1:9b:ed:
d2:31:ee:d0:20:a8:12:27:38:97:71:1b:7a:ac:fd:
af:3e:29:b6:1d:65:0d:4f:52:8d:1e:5b:a3:73:28:
17:01:fa:22:54:b3:57:6c:0b:7a:f8:79:73:e1:2a:
00:3b:1c:e5:82:6a:f5:cf:f5:35:9a:74:02:b6:e8:
aa:4f:e0:52:72:66:6b:cd:6e:1d:46:f6:f6:ea:f8:
68:0a:fa:07:f5:e2:3e:7b:44:02:3f:07:fe:aa:9c:
ba:ba:11:fa:8e:34:97:84:08:10:eb:88:67:a1:fc:
60:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:91:F3:1D:0C:3C:A3:2F:CB:CE:90:25:23:06:8B:9E:6C:F6:5C:61
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Z5HzHQw8oy_LzpAlIwaLnmz2XGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
94.103.163.0/24
94.249.195.0/24
94.249.215.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
86:3a:6f:e2:b6:1b:97:02:2b:61:9b:c8:c4:f7:03:19:5d:de:
e4:b2:c6:2f:35:d4:ce:a4:07:7d:d7:84:3d:18:6f:12:dc:4c:
ae:23:e2:7e:b8:ba:38:10:77:cc:37:8a:84:00:fd:52:7e:2d:
6e:d6:78:65:94:de:56:04:4a:8a:5e:86:67:2a:c0:81:f9:03:
0b:d7:c7:32:c5:5a:06:4c:54:5e:ed:37:4f:32:85:ba:d3:3c:
4f:9f:80:2d:7f:62:8f:cb:e5:1f:c9:07:d3:b6:88:f5:30:80:
64:27:22:a4:cd:79:aa:14:6c:3f:57:59:f3:6c:00:d4:2d:f0:
56:f7:87:c3:9e:32:b6:dd:7b:89:74:19:c3:59:29:1b:35:09:
94:5b:19:29:82:44:ef:2f:70:76:55:4d:f2:87:b2:ef:c8:45:
f2:86:09:21:a0:49:59:0f:bd:d3:81:2f:33:50:f4:ae:3b:c1:
9f:18:ec:f5:83:55:f2:fd:34:1b:d7:5a:f4:49:67:33:77:39:
0d:24:5c:ea:cc:fb:8a:d7:14:9c:16:1e:05:32:c2:cb:e2:24:
d4:69:ad:45:34:26:2c:ee:f9:b7:94:32:16:32:8b:66:e3:37:
11:cd:6b:a0:06:15:95:12:12:ce:2d:a0:05:e2:ee:53:27:75:
7e:7b:72:2c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZXKoWdueN2eKZQ5qUi2H5+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzI1MDAwODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzkxZjMxZDBjM2NhMzJmY2JjZTkwMjUyMzA2OGI5ZTZjZjY1YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32MuEjGuevKUyc7Htk0CHYlNWs1Q
nvhIt8iEVrjVa9I0Z4w4yGmPEVcMID6e0rbJNYAyXC3kZf5cc1BcvJoxTT77kxdW
fJWz/F66n14D4CZ5+rQ3Smiv9AoZgrSRQFoiH4BVjTsfWu1xZ0LtSzQyiU7EuJZ0
knt79BiZXwsO8mzP68RRtUSLNc9iy0nlAtESfROhm+3SMe7QIKgSJziXcRt6rP2v
Pim2HWUNT1KNHlujcygXAfoiVLNXbAt6+Hlz4SoAOxzlgmr1z/U1mnQCtuiqT+BS
cmZrzW4dRvb26vhoCvoH9eI+e0QCPwf+qpy6uhH6jjSXhAgQ64hnofxgkwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGeR8x0MPKMvy86QJSMGi55s9lxhMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWjVIekhRdzhveV9MenBBbEl3YUxubXoyWEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABVOBAwQA
Ba+KAwQATVo2AwQAV++DAwQAXmejAwQAXvnDAwQAXvnXAwQAX9cgAwQAX9ciAwQA
shKQAwQAuQ2cAwQA2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQCGOm/ithuXAithm8jE
9wMZXd7kssYvNdTOpAd914Q9GG8S3EyuI+J+uLo4EHfMN4qEAP1Sfi1u1nhllN5W
BEqKXoZnKsCB+QML18cyxVoGTFRe7TdPMoW60zxPn4Atf2KPy+UfyQfTtoj1MIBk
JyKkzXmqFGw/V1nzbADULfBW94fDnjK23XuJdBnDWSkbNQmUWxkpgkTvL3B2VU3y
h7LvyEXyhgkhoElZD73TgS8zUPSuO8GfGOz1g1Xy/TQb11r0SWczdzkNJFzqzPuK
1xScFh4FMsLL4iTUaa1FNCYs7vm3lDIWMotm4zcRzWugBhWVEhLOLaAF4u5TJ3V+
e3Is
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:25:14 2025 by rpki-client