Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rDaRA7syYUtGD-qdLCtV-zgmRro.roa
File: rDaRA7syYUtGD-qdLCtV-zgmRro.roa (raw, json)
Hash identifier: 7IRKyqlRMDgCnqINNZDRMGttxixGb13XaUk67ELHr5c=
Subject key identifier: AC:36:91:03:BB:32:61:4B:46:0F:EA:9D:2C:2B:55:FB:38:26:46:BA
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01955D43334FD3A7035B8836FFC568E1832E
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rDaRA7syYUtGD-qdLCtV-zgmRro.roa
Signing time: Mon 03 Mar 2025 18:27:19 +0000
ROA not before: Mon 03 Mar 2025 18:27:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.83.134.0/24 maxlen: 24
5.83.145.0/24 maxlen: 24
5.175.143.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.130.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 19:15:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:43:33:4f:d3:a7:03:5b:88:36:ff:c5:68:e1:83:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 3 18:27:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac369103bb32614b460fea9d2c2b55fb382646ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3b:60:ed:ad:37:00:21:14:a2:16:ac:c6:7a:
ba:04:94:0d:c1:5d:fe:f4:6c:50:5b:0e:e2:28:95:
2f:19:72:64:25:fc:a0:02:4d:02:5f:54:27:c3:e4:
58:f3:2d:35:ba:3e:2e:60:3d:9d:2f:19:df:6d:20:
54:86:84:2e:3c:1f:e3:27:f8:e7:79:7b:b1:87:f0:
4e:66:14:ac:83:24:df:a6:35:13:29:d3:28:fa:ff:
17:e0:bb:fd:69:8a:db:dd:b8:15:bb:52:e8:df:82:
6d:db:15:2d:5b:d2:fe:f7:2a:94:46:0e:60:b3:a8:
27:48:40:a6:b7:4a:62:72:79:d4:67:6c:c5:76:66:
bc:ee:a2:79:3a:3c:f2:9f:34:0c:ec:21:6c:69:b0:
b9:37:29:3b:12:26:bb:3e:f5:4b:2c:58:05:07:85:
9a:74:0b:d5:21:75:a6:cf:e9:68:b6:46:f5:9b:fa:
d5:5d:a4:08:2c:e9:7c:c4:3e:a2:04:2c:ec:61:18:
56:0e:e8:1d:42:a2:4c:49:47:98:81:4a:d5:62:75:
5e:cc:a4:34:e6:c8:48:03:2c:ed:60:b8:aa:7c:85:
95:a5:07:8f:e8:0c:c1:c9:cf:a8:75:cb:0c:74:24:
ca:b3:ae:aa:90:32:db:95:90:92:e2:1b:ff:47:72:
82:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:36:91:03:BB:32:61:4B:46:0F:EA:9D:2C:2B:55:FB:38:26:46:BA
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rDaRA7syYUtGD-qdLCtV-zgmRro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.83.145.0/24
5.175.143.0/24
5.231.25.0-5.231.26.255
85.118.162.0/24
87.239.130.0/24
89.106.71.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:52:7c:8e:27:e2:35:9d:c4:ae:7e:f7:2d:ca:88:28:03:3c:
45:3d:11:4c:18:24:02:f6:84:5a:3b:78:53:7c:ed:03:33:f1:
a3:92:d2:dd:c9:35:1c:2c:dc:2e:a3:91:3a:da:32:71:11:24:
4d:42:ed:3c:94:1c:bc:e2:e7:45:09:34:d9:31:0d:87:a3:14:
e5:f8:48:bd:32:bd:07:d5:82:ff:be:b8:d9:ef:29:7e:a7:c2:
54:f1:75:0b:f0:92:62:20:47:e5:a7:f5:3a:85:e9:85:d8:08:
c1:de:dd:f2:8c:09:6f:57:a6:ae:57:54:2f:e8:96:9e:90:02:
72:4a:2a:8a:21:2d:d8:9a:1c:34:a3:1d:76:08:5e:90:e9:73:
86:90:c7:89:9e:7f:d9:c3:fd:07:69:20:cb:a5:37:35:2a:04:
06:36:0c:69:a6:17:2f:bc:6e:b5:b1:8a:37:ec:88:52:bf:e5:
02:73:5d:85:a7:d2:c4:a7:df:46:72:29:49:a2:de:ba:8b:d5:
91:87:d0:22:65:2b:9e:b1:7a:83:a8:7c:ff:6b:cd:6f:50:b1:
88:51:e6:2b:06:1e:3a:05:d0:48:61:c6:42:5d:cc:75:ca:55:
e3:73:ee:83:86:01:54:e8:bc:ca:fd:0f:bc:8f:80:d4:72:d9:
ba:d6:c6:bb
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZVdQzNP06cDW4g2/8Vo4YMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzAzMTgyNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzM2OTEwM2JiMzI2MTRiNDYwZmVhOWQyYzJiNTVmYjM4MjY0NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Dtg7a03ACEUohasxnq6BJQNwV3+
9GxQWw7iKJUvGXJkJfygAk0CX1Qnw+RY8y01uj4uYD2dLxnfbSBUhoQuPB/jJ/jn
eXuxh/BOZhSsgyTfpjUTKdMo+v8X4Lv9aYrb3bgVu1Lo34Jt2xUtW9L+9yqURg5g
s6gnSECmt0picnnUZ2zFdma87qJ5OjzynzQM7CFsabC5Nyk7Eia7PvVLLFgFB4Wa
dAvVIXWmz+lotkb1m/rVXaQILOl8xD6iBCzsYRhWDugdQqJMSUeYgUrVYnVezKQ0
5shIAyztYLiqfIWVpQeP6AzByc+odcsMdCTKs66qkDLblZCS4hv/R3KC8wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKw2kQO7MmFLRg/qnSwrVfs4Jka6MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvckRhUkE3c3lZVXRHRC1xZExDdFYtemdtUnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABVOGAwQA
BVORAwQABa+PMAwDBAAF5xkDBAAF5xoDBABVdqIDBABX74IDBABZakcwDQYJKoZI
hvcNAQELBQADggEBAB1SfI4n4jWdxK5+9y3KiCgDPEU9EUwYJAL2hFo7eFN87QMz
8aOS0t3JNRws3C6jkTraMnERJE1C7TyUHLzi50UJNNkxDYejFOX4SL0yvQfVgv++
uNnvKX6nwlTxdQvwkmIgR+Wn9TqF6YXYCMHe3fKMCW9Xpq5XVC/olp6QAnJKKooh
LdiaHDSjHXYIXpDpc4aQx4mef9nD/QdpIMulNzUqBAY2DGmmFy+8brWxijfsiFK/
5QJzXYWn0sSn30ZyKUmi3rqL1ZGH0CJlK56xeoOofP9rzW9QsYhR5isGHjoF0Ehh
xkJdzHXKVeNz7oOGAVTovMr9D7yPgNRy2brWxrs=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:54:09 2025 by rpki-client