Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/aes5xfjCekrB7ldSp8vN8YoiMk4.roa
File: aes5xfjCekrB7ldSp8vN8YoiMk4.roa (raw, json)
Hash identifier: hpyWql9+vR0QgHo6jSDHsuQDqhkR42nV1ZpKiW0WcV4=
Subject key identifier: 69:EB:39:C5:F8:C2:7A:4A:C1:EE:57:52:A7:CB:CD:F1:8A:22:32:4E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195A2896D23FEC56534A8276F169B6622BE
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/aes5xfjCekrB7ldSp8vN8YoiMk4.roa
Signing time: Mon 17 Mar 2025 05:17:50 +0000
ROA not before: Mon 17 Mar 2025 05:17:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 18:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a2:89:6d:23:fe:c5:65:34:a8:27:6f:16:9b:66:22:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 17 05:17:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69eb39c5f8c27a4ac1ee5752a7cbcdf18a22324e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:13:89:25:ec:7f:05:b7:60:20:a3:7f:e3:76:
9c:5c:2d:fb:c3:f3:00:8a:fe:f0:41:ae:c2:33:8a:
88:0d:a7:41:63:6f:b8:c3:2e:14:90:5d:7b:b0:8f:
f0:1e:e5:d1:8c:a4:8c:98:9a:6e:ba:ff:74:fe:78:
a3:0e:1e:7e:29:6e:2b:0f:af:cf:61:77:68:ee:24:
7d:8f:d2:a8:24:1a:41:a8:d4:8a:e5:22:51:47:6b:
ef:7b:04:3f:81:57:49:86:0c:b0:f2:7a:eb:66:b9:
6c:02:b1:ea:f3:b1:35:22:17:ea:b3:4f:52:1b:94:
39:3b:02:1e:6c:f2:9a:fe:5b:da:76:e5:55:f4:15:
d9:ae:dc:a1:1d:69:bf:08:5a:20:60:10:55:09:12:
90:4f:20:21:86:1c:fc:8e:49:d6:38:ba:66:24:64:
b9:c6:cb:6c:f4:f5:1f:6f:e6:3b:1f:51:5c:2b:cb:
46:21:70:ea:01:05:60:3c:ef:ac:89:b8:43:45:7a:
cb:4f:98:b1:05:7b:a8:56:2d:da:0f:cd:04:0c:d8:
52:f6:88:18:3d:30:8e:52:de:a7:c4:3a:c1:48:96:
f8:42:ae:e6:e6:80:fe:e1:5f:e2:f0:96:6d:08:03:
59:57:02:7f:31:b1:56:cc:62:31:4c:43:b2:f8:67:
63:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EB:39:C5:F8:C2:7A:4A:C1:EE:57:52:A7:CB:CD:F1:8A:22:32:4E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/aes5xfjCekrB7ldSp8vN8YoiMk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
87.239.131.0/24
94.103.163.0/24
94.249.195.0/24
94.249.215.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
48:6b:23:96:26:99:c5:be:3b:09:67:ac:1a:54:ab:02:44:0a:
de:18:cf:45:b0:cd:6e:e7:f4:3c:c7:e3:9f:b5:eb:fe:d8:dc:
6d:cc:bb:bb:a3:d2:dc:41:25:3b:d3:75:ed:e6:69:ac:bf:fc:
21:8a:65:aa:f9:c9:44:57:bf:dd:3d:ca:83:98:11:6f:2b:4f:
5e:8e:52:7a:1e:d5:36:26:b6:23:b7:9d:37:52:23:a5:9b:4e:
8a:e5:b4:c7:9c:54:ac:3a:06:46:02:f1:a2:2c:c2:e3:15:55:
f4:47:1a:c3:d1:da:f6:21:fc:db:5b:b8:e9:09:7e:a8:46:09:
bf:e3:03:00:af:84:64:c9:84:b1:27:36:69:00:89:d2:81:81:
fd:d5:e1:c0:30:8b:e6:6b:cc:91:6b:ed:7c:f3:9d:79:aa:a0:
1b:b1:c3:88:18:1f:69:c7:0e:70:3a:ec:36:cc:f6:7d:33:1a:
11:99:4c:13:da:c8:5d:6d:59:32:0c:48:a6:23:3e:44:47:ae:
ad:e6:60:89:0e:e8:e8:64:5a:f6:95:13:69:a3:6d:27:1e:b6:
36:86:d7:59:11:41:26:d9:f4:5a:99:f6:e4:1b:63:7e:16:34:
4c:54:f5:96:15:cb:29:c9:27:1d:a7:03:d6:aa:b1:92:af:32:
2d:5e:d2:f4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZWiiW0j/sVlNKgnbxabZiK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzE3MDUxNzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWViMzljNWY4YzI3YTRhYzFlZTU3NTJhN2NiY2RmMThhMjIzMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuROJJex/BbdgIKN/43acXC37w/MA
iv7wQa7CM4qIDadBY2+4wy4UkF17sI/wHuXRjKSMmJpuuv90/nijDh5+KW4rD6/P
YXdo7iR9j9KoJBpBqNSK5SJRR2vvewQ/gVdJhgyw8nrrZrlsArHq87E1Ihfqs09S
G5Q5OwIebPKa/lvaduVV9BXZrtyhHWm/CFogYBBVCRKQTyAhhhz8jknWOLpmJGS5
xsts9PUfb+Y7H1FcK8tGIXDqAQVgPO+sibhDRXrLT5ixBXuoVi3aD80EDNhS9ogY
PTCOUt6nxDrBSJb4Qq7m5oD+4V/i8JZtCANZVwJ/MbFWzGIxTEOy+GdjlQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGnrOcX4wnpKwe5XUqfLzfGKIjJOMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvYWVzNXhmakNla3JCN2xkU3A4dk44WW9pTWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABVOBAwQA
Ba+KAwQAV++DAwQAXmejAwQAXvnDAwQAXvnXAwQAX9cgAwQAX9ciAwQAshKQAwQA
uQ2cAwQA2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQBIayOWJpnFvjsJZ6waVKsCRAre
GM9FsM1u5/Q8x+Oftev+2NxtzLu7o9LcQSU703Xt5mmsv/whimWq+clEV7/dPcqD
mBFvK09ejlJ6HtU2JrYjt503UiOlm06K5bTHnFSsOgZGAvGiLMLjFVX0RxrD0dr2
IfzbW7jpCX6oRgm/4wMAr4RkyYSxJzZpAInSgYH91eHAMIvma8yRa+188515qqAb
scOIGB9pxw5wOuw2zPZ9MxoRmUwT2shdbVkyDEimIz5ER66t5mCJDujoZFr2lRNp
o20nHrY2htdZEUEm2fRamfbkG2N+FjRMVPWWFcspyScdpwPWqrGSrzItXtL0
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:15:54 2025 by rpki-client