Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/baKvNIHJxssZsBESbzOaiUoSLt0.roa
File: baKvNIHJxssZsBESbzOaiUoSLt0.roa (raw, json)
Hash identifier: aN/WbcCOJAQ22on/BFHSwfw41KLla6NMvi20v4zlzLk=
Subject key identifier: 6D:A2:AF:34:81:C9:C6:CB:19:B0:11:12:6F:33:9A:89:4A:12:2E:DD
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195501BE56E4D9A1D7CA8A252081A0BB580
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/baKvNIHJxssZsBESbzOaiUoSLt0.roa
Signing time: Sat 01 Mar 2025 05:09:20 +0000
ROA not before: Sat 01 Mar 2025 05:09:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Mar 2025 05:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:50:1b:e5:6e:4d:9a:1d:7c:a8:a2:52:08:1a:0b:b5:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 1 05:09:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6da2af3481c9c6cb19b011126f339a894a122edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:d8:58:3e:2f:78:99:ed:08:4d:c7:8a:31:
f1:a9:e5:55:1b:ed:de:c5:40:ee:f5:b4:5a:20:35:
4b:78:05:04:bd:62:05:b3:a3:b5:76:ea:4d:4d:1c:
1c:2e:7b:8b:b4:b3:2d:d2:15:e4:43:3b:47:54:ec:
e4:15:ef:a0:6b:03:c3:49:38:85:f2:21:98:6a:1e:
d1:2b:4a:ae:86:f6:2e:66:c3:ca:c7:fb:a7:13:7f:
70:57:4d:06:06:d8:e5:4d:63:57:16:5f:fa:88:e9:
29:8e:6a:dd:b6:7e:0d:e3:15:34:c9:c4:3e:08:93:
b9:30:9e:ec:a5:26:1e:5f:b5:af:72:f8:7f:3c:2a:
9e:f9:5e:e7:4f:28:d7:55:0c:5d:04:42:60:f7:b3:
6a:fe:0a:d8:1f:06:4d:a3:b2:d7:f3:f0:21:a3:01:
10:cc:58:e9:13:92:87:c0:51:9c:df:4f:b9:6e:85:
e2:ca:ea:72:d4:ea:dc:73:49:bd:4e:22:d0:ec:26:
d6:44:1d:90:d9:2e:02:6c:1a:4b:2c:12:68:5f:e0:
51:d1:de:94:a9:ea:51:0c:9d:1f:4a:37:e6:ca:aa:
cc:a9:27:5b:a1:a3:c4:96:1c:ca:93:c1:46:3f:19:
b5:48:5e:2c:00:bd:70:ba:2f:04:fe:6b:05:49:a8:
b5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A2:AF:34:81:C9:C6:CB:19:B0:11:12:6F:33:9A:89:4A:12:2E:DD
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/baKvNIHJxssZsBESbzOaiUoSLt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
94.249.195.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
99:f2:95:87:c8:21:92:f6:58:29:12:c7:fb:19:23:c0:34:0a:
b8:c9:9b:dc:7a:1a:c2:73:c5:df:a7:93:40:98:f3:42:78:71:
5d:0c:65:9b:69:d4:62:76:4e:25:d0:58:c1:bc:d3:68:39:46:
83:0e:6f:96:8d:9b:79:23:5a:a5:d1:34:39:20:b1:d5:17:eb:
20:6a:24:43:f6:24:ec:be:d3:8a:e1:98:85:a6:31:d8:ed:ec:
27:4c:4d:d1:29:52:01:51:0b:e0:52:2b:09:a8:79:ab:21:e7:
01:8b:f4:68:9c:8e:e1:63:98:26:51:41:68:39:91:3c:f3:e3:
07:03:76:c1:47:80:e7:58:60:b7:17:db:0d:a7:d7:7f:ae:ea:
39:54:8a:63:92:39:2e:05:ce:b9:de:1c:0c:b2:38:a5:89:f4:
ac:65:ee:17:88:08:d9:82:39:d7:8b:38:f8:80:d1:67:c0:f6:
30:64:cb:3d:32:4c:59:f3:8c:db:6f:8a:86:b4:fe:7c:b7:ea:
12:78:04:b3:d8:d0:76:ff:9d:2c:7e:79:db:8a:4a:14:fa:2e:
97:b4:30:f8:9e:e9:a8:ed:b3:c7:83:6d:0f:5e:44:86:0d:08:
86:16:14:79:71:dd:ea:2d:7f:d0:01:e8:f1:d2:89:0b:68:e5:
2e:77:ab:e3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZVQG+VuTZodfKiiUggaC7WAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzAxMDUwOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGEyYWYzNDgxYzljNmNiMTliMDExMTI2ZjMzOWE4OTRhMTIyZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSHYWD4veJntCE3HijHxqeVVG+3e
xUDu9bRaIDVLeAUEvWIFs6O1dupNTRwcLnuLtLMt0hXkQztHVOzkFe+gawPDSTiF
8iGYah7RK0quhvYuZsPKx/unE39wV00GBtjlTWNXFl/6iOkpjmrdtn4N4xU0ycQ+
CJO5MJ7spSYeX7Wvcvh/PCqe+V7nTyjXVQxdBEJg97Nq/grYHwZNo7LX8/AhowEQ
zFjpE5KHwFGc30+5boXiyupy1Orcc0m9TiLQ7CbWRB2Q2S4CbBpLLBJoX+BR0d6U
qepRDJ0fSjfmyqrMqSdboaPElhzKk8FGPxm1SF4sAL1wui8E/msFSai1wQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFG2irzSBycbLGbAREm8zmolKEi7dMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvYmFLdk5JSEp4c3Nac0JFU2J6T2FpVW9TTHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABVOBAwQA
Ba+KAwQATVo2AwQAV++DAwQAXvnDAwQAX9cgAwQAX9ciAwQAshKQAwQAuQ2cAwQA
2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQCZ8pWHyCGS9lgpEsf7GSPANAq4yZvcehrC
c8Xfp5NAmPNCeHFdDGWbadRidk4l0FjBvNNoOUaDDm+WjZt5I1ql0TQ5ILHVF+sg
aiRD9iTsvtOK4ZiFpjHY7ewnTE3RKVIBUQvgUisJqHmrIecBi/RonI7hY5gmUUFo
OZE88+MHA3bBR4DnWGC3F9sNp9d/ruo5VIpjkjkuBc653hwMsjilifSsZe4XiAjZ
gjnXizj4gNFnwPYwZMs9MkxZ84zbb4qGtP58t+oSeASz2NB2/50sfnnbikoU+i6X
tDD4numo7bPHg20PXkSGDQiGFhR5cd3qLX/QAejx0okLaOUud6vj
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:32:09 2025 by rpki-client