Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/_jpQ0HyFo0DYiMYWIgx5S_1xPhE.roa
File: _jpQ0HyFo0DYiMYWIgx5S_1xPhE.roa (raw, json)
Hash identifier: R9S2NkQ5yC1V7zLvTeVFlXVWrM+2u+P1HeZfhOoPSec=
Subject key identifier: FE:3A:50:D0:7C:85:A3:40:D8:88:C6:16:22:0C:79:4B:FD:71:3E:11
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01958E05F52A8C3D80BB3AF44F51DA4C284C
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/_jpQ0HyFo0DYiMYWIgx5S_1xPhE.roa
Signing time: Thu 13 Mar 2025 05:41:49 +0000
ROA not before: Thu 13 Mar 2025 05:41:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 5.83.152.0/24 maxlen: 24
5.231.29.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
77.90.12.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.33.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Mar 2025 12:58:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:05:f5:2a:8c:3d:80:bb:3a:f4:4f:51:da:4c:28:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 13 05:41:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe3a50d07c85a340d888c616220c794bfd713e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f9:a6:f0:1d:c2:e9:d7:0b:dc:c2:56:ba:42:
1b:ad:64:b2:d7:86:5a:2f:dd:d4:46:56:95:64:0d:
97:49:54:94:bc:35:3d:c7:dc:cc:30:b4:c5:95:e6:
7a:f9:d8:a3:59:6a:b0:22:f0:7e:4d:4a:09:06:7c:
7d:9b:23:7f:b2:e7:09:7b:0b:a6:b8:fa:f1:ac:4f:
62:c7:10:41:03:29:d6:2a:b7:ab:d0:1c:2b:3f:bf:
b4:69:3d:01:be:e8:6e:76:f4:99:5b:fb:75:3b:48:
ec:45:6d:ec:b2:03:d1:db:f7:6c:4f:cd:48:4a:f1:
8d:d3:91:0b:89:93:17:3b:6e:38:41:84:6e:be:0a:
71:91:58:a5:06:8d:79:fc:2f:06:a0:92:5e:25:b7:
5f:04:f1:c5:7e:16:4e:b7:42:e9:b4:9b:83:ca:26:
97:69:96:3e:79:4a:d4:b6:3c:fe:1a:ac:18:55:0f:
f2:84:91:78:b2:f1:6e:4b:d5:91:8a:55:47:44:3f:
b2:4e:12:ce:55:4f:cd:fa:c9:23:3c:b1:c3:ee:07:
55:1c:8d:1f:c8:db:87:d8:5a:4a:39:b7:27:25:1d:
0e:f8:ca:2f:3f:57:6a:db:c7:b2:02:92:c3:45:69:
01:66:55:23:dd:62:f3:8c:0d:b4:25:db:97:c5:58:
76:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:3A:50:D0:7C:85:A3:40:D8:88:C6:16:22:0C:79:4B:FD:71:3E:11
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/_jpQ0HyFo0DYiMYWIgx5S_1xPhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.152.0/24
5.231.29.0/24
5.231.70.0/24
77.90.12.0/24
77.90.22.0/24
77.90.33.0/24
77.90.42.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:74:ae:29:52:b3:dc:0a:45:c8:b3:f2:2d:21:c5:4b:71:bb:
7a:d1:04:bb:fd:42:01:45:c5:98:ed:90:c2:7e:4a:c0:60:9a:
9a:57:ee:cc:72:d7:ca:d6:16:d9:a8:ce:dc:cf:11:68:8d:ee:
b7:98:c1:ec:20:7f:9e:98:8e:c7:08:0c:28:2f:43:68:f8:06:
fc:18:19:c9:f3:d6:ca:66:0c:78:5d:9a:d4:ab:dc:35:f2:4b:
ed:60:67:82:c7:01:83:1d:ee:26:3c:77:60:dc:aa:4e:a8:85:
d8:11:62:66:51:5b:44:e8:67:a0:93:54:b0:d8:c4:01:13:16:
ba:1c:b2:bf:c0:05:ad:1d:41:3b:d6:6d:4c:49:2a:36:8c:15:
bd:06:93:57:16:b8:90:63:4f:1f:0d:03:e6:37:6a:e7:6e:71:
47:d6:70:2a:29:ff:57:88:3e:7c:27:f0:1e:91:1d:60:14:ae:
b2:07:b9:f8:71:1d:63:5c:69:df:35:f0:79:80:16:a0:44:dd:
17:97:46:01:cb:99:aa:cb:64:7d:ca:1b:8c:eb:65:30:48:c8:
c9:2b:18:48:5e:2c:ad:ea:86:13:0d:29:b1:05:18:97:0b:b3:
a2:64:3c:1e:cb:5e:fc:03:f0:9b:f3:7b:17:1f:07:19:29:4c:
4d:74:4c:e9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZWOBfUqjD2Auzr0T1HaTChMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzEzMDU0MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTNhNTBkMDdjODVhMzQwZDg4OGM2MTYyMjBjNzk0YmZkNzEzZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPmm8B3C6dcL3MJWukIbrWSy14Za
L93URlaVZA2XSVSUvDU9x9zMMLTFleZ6+dijWWqwIvB+TUoJBnx9myN/sucJewum
uPrxrE9ixxBBAynWKrer0BwrP7+0aT0BvuhudvSZW/t1O0jsRW3ssgPR2/dsT81I
SvGN05ELiZMXO244QYRuvgpxkVilBo15/C8GoJJeJbdfBPHFfhZOt0LptJuDyiaX
aZY+eUrUtjz+GqwYVQ/yhJF4svFuS9WRilVHRD+yThLOVU/N+skjPLHD7gdVHI0f
yNuH2FpKObcnJR0O+MovP1dq28eyApLDRWkBZlUj3WLzjA20JduXxVh2XwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFP46UNB8haNA2IjGFiIMeUv9cT4RMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvX2pwUTBIeUZvMERZaU1ZV0lneDVTXzF4UGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABVOYAwQA
BecdAwQABedGAwQATVoMAwQATVoWAwQATVohAwQATVoqMA0GCSqGSIb3DQEBCwUA
A4IBAQDKdK4pUrPcCkXIs/ItIcVLcbt60QS7/UIBRcWY7ZDCfkrAYJqaV+7MctfK
1hbZqM7czxFoje63mMHsIH+emI7HCAwoL0No+Ab8GBnJ89bKZgx4XZrUq9w18kvt
YGeCxwGDHe4mPHdg3KpOqIXYEWJmUVtE6Gegk1Sw2MQBExa6HLK/wAWtHUE71m1M
SSo2jBW9BpNXFriQY08fDQPmN2rnbnFH1nAqKf9XiD58J/AekR1gFK6yB7n4cR1j
XGnfNfB5gBagRN0Xl0YBy5mqy2R9yhuM62UwSMjJKxhIXiyt6oYTDSmxBRiXC7Oi
ZDwey178A/Cb83sXHwcZKUxNdEzp
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:17 2025 by rpki-client