Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tPFLI5wk2YlfyHd34oYXtrTzX7k.roa
File: tPFLI5wk2YlfyHd34oYXtrTzX7k.roa (raw, json)
Hash identifier: IMdZNi3b08KjB0/snEJL4yhzaIQ2YzGYSbrB+eWyHbE=
Subject key identifier: B4:F1:4B:23:9C:24:D9:89:5F:C8:77:77:E2:86:17:B6:B4:F3:5F:B9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019585F1BC7976A85D468B6D348A337A4220
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tPFLI5wk2YlfyHd34oYXtrTzX7k.roa
Signing time: Tue 11 Mar 2025 16:02:46 +0000
ROA not before: Tue 11 Mar 2025 16:02:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 05:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:85:f1:bc:79:76:a8:5d:46:8b:6d:34:8a:33:7a:42:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 11 16:02:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4f14b239c24d9895fc87777e28617b6b4f35fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b5:17:9e:eb:ed:0a:16:b7:08:36:d9:ce:62:
ca:96:ba:a2:54:8e:93:07:f4:68:5f:98:73:da:8b:
df:e6:31:57:0f:3c:26:08:b5:8d:00:ea:d6:10:7c:
4b:b7:06:ee:98:67:f2:8a:c2:fe:2a:c4:30:74:3b:
75:18:f0:12:54:f0:d2:c8:5b:5e:4f:85:08:74:66:
c9:82:db:a4:e6:03:45:87:b3:a5:94:35:d6:f0:b8:
66:b1:5a:ba:bb:f0:7c:3e:fa:0e:eb:70:34:23:b0:
96:cb:3d:1d:22:80:c7:d0:c0:b4:fa:d9:cd:56:12:
fd:35:9d:d8:0c:6f:40:b6:9f:74:f9:29:56:38:ee:
99:fe:f1:95:d0:7f:d9:b3:d5:d0:2d:26:08:b8:4c:
e3:78:e1:38:95:98:55:81:c7:1a:80:9f:26:fb:85:
dd:05:a4:21:70:94:c9:3f:4b:d0:60:e3:4d:ae:51:
30:e5:c0:15:bb:c4:6e:11:4d:bf:24:0b:ec:3e:1d:
77:00:d1:46:3d:03:cd:f2:17:1a:81:03:ad:f8:08:
f6:dd:bb:b7:74:1e:28:d6:70:6e:12:75:9b:35:9a:
d1:d7:c5:86:56:9b:5f:cc:2b:60:08:85:b5:5e:53:
ab:6a:7e:fa:46:79:0f:9c:4b:40:c3:c2:ee:72:17:
cf:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F1:4B:23:9C:24:D9:89:5F:C8:77:77:E2:86:17:B6:B4:F3:5F:B9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tPFLI5wk2YlfyHd34oYXtrTzX7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
94.103.163.0/24
94.249.195.0/24
94.249.215.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
18:39:87:dd:34:c4:4e:91:72:3a:c1:e5:5f:b4:e7:10:d3:17:
ca:42:18:6d:3c:79:d3:52:9c:3a:bf:6a:e8:4e:34:e3:f0:a2:
58:b7:21:b4:d5:95:3d:3c:a3:52:d7:a2:17:b9:b5:ad:8b:25:
1b:44:b9:d5:8f:9a:27:f4:48:be:55:f7:86:58:b2:67:d4:5b:
b7:3a:d6:a5:45:4b:55:3b:81:da:28:03:5e:9b:40:12:a4:ed:
13:b4:e1:b8:1c:b3:c2:42:d6:ce:91:30:ac:cf:77:fe:c7:4c:
08:8d:23:ad:d3:fb:b2:85:a3:39:07:ba:6f:7b:0c:60:46:13:
3a:f4:90:0f:a4:f0:d3:36:43:68:02:19:55:b0:33:ec:92:5b:
61:c2:78:89:37:33:4e:d2:36:9d:86:5d:2f:98:3c:aa:33:c9:
ca:08:b8:ce:2b:96:b7:28:d1:85:db:c4:5b:94:b3:02:97:a8:
82:5d:1f:14:4e:b2:e7:4d:7b:45:2c:8f:7f:63:59:87:07:57:
f8:ab:3f:3b:80:fb:50:78:fb:d9:63:9c:42:06:70:59:6e:43:
d2:25:e9:a1:58:62:08:67:84:72:30:70:65:e7:3e:fe:54:51:
73:e8:2b:bd:2c:89:b9:05:c8:b1:7e:96:b6:13:85:80:17:6d:
07:a9:87:30
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZWF8bx5dqhdRottNIozekIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzExMTYwMjQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGYxNGIyMzljMjRkOTg5NWZjODc3NzdlMjg2MTdiNmI0ZjM1ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbUXnuvtCha3CDbZzmLKlrqiVI6T
B/RoX5hz2ovf5jFXDzwmCLWNAOrWEHxLtwbumGfyisL+KsQwdDt1GPASVPDSyFte
T4UIdGbJgtuk5gNFh7OllDXW8LhmsVq6u/B8PvoO63A0I7CWyz0dIoDH0MC0+tnN
VhL9NZ3YDG9Atp90+SlWOO6Z/vGV0H/Zs9XQLSYIuEzjeOE4lZhVgccagJ8m+4Xd
BaQhcJTJP0vQYONNrlEw5cAVu8RuEU2/JAvsPh13ANFGPQPN8hcagQOt+Aj23bu3
dB4o1nBuEnWbNZrR18WGVptfzCtgCIW1XlOran76RnkPnEtAw8LuchfP7wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLTxSyOcJNmJX8h3d+KGF7a081+5MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdFBGTEk1d2syWWxmeUhkMzRvWVh0clR6WDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABVOBAwQA
Ba+KAwQATVo2AwQAV++DAwQAXmejAwQAXvnDAwQAXvnXAwQAX9cgAwQAX9ciAwQA
shKQAwQAuQ2cAwQA2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQAYOYfdNMROkXI6weVf
tOcQ0xfKQhhtPHnTUpw6v2roTjTj8KJYtyG01ZU9PKNS16IXubWtiyUbRLnVj5on
9Ei+VfeGWLJn1Fu3OtalRUtVO4HaKANem0ASpO0TtOG4HLPCQtbOkTCsz3f+x0wI
jSOt0/uyhaM5B7pvewxgRhM69JAPpPDTNkNoAhlVsDPsklthwniJNzNO0jadhl0v
mDyqM8nKCLjOK5a3KNGF28RblLMCl6iCXR8UTrLnTXtFLI9/Y1mHB1f4qz87gPtQ
ePvZY5xCBnBZbkPSJemhWGIIZ4RyMHBl5z7+VFFz6Cu9LIm5Bcixfpa2E4WAF20H
qYcw
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:46:15 2025 by rpki-client