Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/oD1HbVjFH8Af2JUWJr-J0RacBkI.roa
File: oD1HbVjFH8Af2JUWJr-J0RacBkI.roa (raw, json)
Hash identifier: PrHHf/XiiFKrZKzWoKQnWHvd/dfSQ/ndRIFMbfenHxs=
Subject key identifier: A0:3D:47:6D:58:C5:1F:C0:1F:D8:95:16:26:BF:89:D1:16:9C:06:42
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195DB254DFF915D03F240A147BA58CB5C49
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/oD1HbVjFH8Af2JUWJr-J0RacBkI.roa
Signing time: Fri 28 Mar 2025 05:06:49 +0000
ROA not before: Fri 28 Mar 2025 05:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Mar 2025 00:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:db:25:4d:ff:91:5d:03:f2:40:a1:47:ba:58:cb:5c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 28 05:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a03d476d58c51fc01fd8951626bf89d1169c0642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:33:9c:f4:74:78:5b:9b:c0:f3:5b:c4:9d:92:
b9:1b:f3:11:27:e3:8a:2c:94:3d:93:8f:b2:2e:79:
d7:d4:8f:c8:46:a9:16:e7:59:64:c5:86:c3:0c:9f:
40:31:98:f3:ad:3b:a5:a1:63:16:10:45:f6:2c:dc:
ed:af:b3:d6:83:f1:0b:64:3a:9a:23:37:07:37:39:
7f:a9:ee:02:0f:c5:65:6d:16:62:ef:5a:51:cc:1e:
97:be:10:d2:c5:d2:8f:30:94:86:b6:7a:7e:92:da:
e4:6d:5f:dd:df:cc:4c:f4:e8:6b:60:dc:5a:80:19:
c4:ed:da:d6:e1:72:34:1e:f2:f5:c5:8b:19:54:b1:
f2:09:3e:02:eb:05:bc:0c:16:47:9e:32:ad:5a:f9:
57:82:f7:6d:cc:6d:8f:5e:c0:9c:aa:dc:bf:b9:61:
7e:f2:f3:e7:0a:25:31:1e:22:3c:2a:44:d6:5f:d2:
d5:fb:dd:97:32:59:bd:7c:20:99:4e:20:a1:0b:e8:
d1:03:7f:65:e8:b2:6f:d1:d9:d2:f5:4a:6c:e7:8a:
a0:85:e3:6e:52:e5:69:97:1e:b1:f8:24:ac:65:3c:
b3:df:04:ac:91:e8:9d:cb:1d:93:6a:7b:4c:31:98:
9a:43:7e:6d:4c:25:49:f9:90:d6:63:cd:61:87:19:
12:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3D:47:6D:58:C5:1F:C0:1F:D8:95:16:26:BF:89:D1:16:9C:06:42
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/oD1HbVjFH8Af2JUWJr-J0RacBkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
94.103.163.0/24
94.249.195.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:d7:6c:b5:a6:66:01:1c:d6:b8:06:2c:82:a1:85:de:95:5a:
dc:f5:1f:bd:33:72:fd:2d:9b:07:04:6b:5e:19:98:0f:5d:33:
75:cc:da:ff:f8:4f:5d:02:1c:5b:cc:77:d2:33:d5:9d:97:80:
2d:c7:c6:56:bb:4f:61:7c:2c:9a:16:d6:48:5d:dd:35:12:9d:
70:14:45:0f:64:89:0b:b8:dd:a8:73:03:fd:81:c2:00:a6:8e:
8d:03:ed:82:66:58:25:2c:e9:ee:f5:56:1b:e4:20:51:9c:8d:
2c:79:48:e3:d7:a4:7c:3f:a9:97:f8:7c:2d:51:01:47:13:43:
52:31:dc:55:31:fd:27:70:9e:6a:58:c6:de:9a:bf:6a:d7:e4:
1b:df:a0:50:d7:cf:37:76:e5:cb:93:f1:e6:55:f5:24:ce:69:
4c:11:fa:2e:8e:7e:33:fb:8e:cd:c7:f3:8e:a3:7d:51:cb:64:
16:f8:6c:c1:42:47:54:a8:e0:b0:89:1f:a8:8b:db:77:0b:3a:
3a:87:57:f3:46:62:e7:b1:da:6b:75:c5:a0:49:dc:24:81:7c:
82:f5:f5:8c:8f:ee:a7:08:8d:bd:c8:b5:91:d5:cf:ec:8e:61:
32:6a:1b:8d:a0:84:b4:40:aa:b2:4d:6f:06:a0:2d:4d:d1:21:
54:f5:9b:d3
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZXbJU3/kV0D8kChR7pYy1xJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzI4MDUwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNkNDc2ZDU4YzUxZmMwMWZkODk1MTYyNmJmODlkMTE2OWMwNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jOc9HR4W5vA81vEnZK5G/MRJ+OK
LJQ9k4+yLnnX1I/IRqkW51lkxYbDDJ9AMZjzrTuloWMWEEX2LNztr7PWg/ELZDqa
IzcHNzl/qe4CD8VlbRZi71pRzB6XvhDSxdKPMJSGtnp+ktrkbV/d38xM9OhrYNxa
gBnE7drW4XI0HvL1xYsZVLHyCT4C6wW8DBZHnjKtWvlXgvdtzG2PXsCcqty/uWF+
8vPnCiUxHiI8KkTWX9LV+92XMlm9fCCZTiChC+jRA39l6LJv0dnS9Ups54qgheNu
UuVplx6x+CSsZTyz3wSskeidyx2TantMMZiaQ35tTCVJ+ZDWY81hhxkS8wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKA9R21YxR/AH9iVFia/idEWnAZCMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvb0QxSGJWakZIOEFmMkpVV0pyLUowUmFjQmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABVOBAwQA
Ba+KAwQATVo2AwQAV++DAwQAXmejAwQAXvnDAwQAX9cgAwQAX9ciAwQAshKQAwQA
uQ2cAwQA2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQCs12y1pmYBHNa4BiyCoYXelVrc
9R+9M3L9LZsHBGteGZgPXTN1zNr/+E9dAhxbzHfSM9Wdl4Atx8ZWu09hfCyaFtZI
Xd01Ep1wFEUPZIkLuN2ocwP9gcIApo6NA+2CZlglLOnu9VYb5CBRnI0seUjj16R8
P6mX+HwtUQFHE0NSMdxVMf0ncJ5qWMbemr9q1+Qb36BQ1883duXLk/HmVfUkzmlM
Efoujn4z+47Nx/OOo31Ry2QW+GzBQkdUqOCwiR+oi9t3Czo6h1fzRmLnsdprdcWg
SdwkgXyC9fWMj+6nCI29yLWR1c/sjmEyahuNoIS0QKqyTW8GoC1N0SFU9ZvT
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:53:23 2025 by rpki-client