Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ukj7eajSx4ktyld6HC4pV17U0Js.roa
File: ukj7eajSx4ktyld6HC4pV17U0Js.roa (raw, json)
Hash identifier: Zl9l/++8I8KjHQfEbAYQ6X4F6muh0PmltqrCeiNNyQs=
Subject key identifier: BA:48:FB:79:A8:D2:C7:89:2D:CA:57:7A:1C:2E:29:57:5E:D4:D0:9B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01973EB9DF606FBA8D31E149D70EAE862F37
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ukj7eajSx4ktyld6HC4pV17U0Js.roa
Signing time: Thu 05 Jun 2025 06:14:17 +0000
ROA not before: Thu 05 Jun 2025 06:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44103
IP address blocks: 5.83.149.0/24 maxlen: 24
77.90.23.0/24 maxlen: 24
89.144.40.0/24 maxlen: 24
178.18.152.0/22 maxlen: 32
178.18.152.0/24 maxlen: 32
178.18.153.0/24 maxlen: 32
178.18.154.0/24 maxlen: 32
178.18.155.0/24 maxlen: 32
Validation: Failed, certificate revoked on Sat 07 Jun 2025 04:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:b9:df:60:6f:ba:8d:31:e1:49:d7:0e:ae:86:2f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 5 06:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba48fb79a8d2c7892dca577a1c2e29575ed4d09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cf:e8:25:bc:e0:a6:d3:9f:88:d1:cf:10:13:
37:1f:45:37:82:43:75:33:67:4b:ab:dd:23:c3:c7:
13:c5:ff:8e:39:e3:c3:b4:ec:9f:10:98:b4:3b:f9:
c3:bc:7f:86:2d:b0:e9:5c:2e:be:6b:e1:0c:ce:aa:
07:05:6a:b5:f9:2c:13:e4:8e:79:74:cd:d8:b9:19:
bb:41:be:e8:3c:25:ce:e3:5f:a3:6c:92:c6:73:73:
2e:5c:21:83:4e:00:48:95:6e:a3:4f:01:46:87:2d:
33:ca:73:4f:13:6a:e3:f6:69:7e:1f:d2:44:77:75:
27:5f:9b:d9:da:d7:4f:0b:98:ae:be:ca:47:0b:6a:
88:c2:85:fb:24:a8:93:15:2b:f2:08:fc:9a:81:fb:
77:de:c1:09:31:19:82:e1:99:8d:6d:6a:c3:06:aa:
03:0a:cd:76:69:18:36:01:00:5d:1e:55:9d:36:3d:
4d:3d:66:94:56:9f:57:73:a0:d6:13:de:73:0c:7f:
5b:fb:0a:eb:82:7e:20:b2:68:28:17:21:a5:ba:91:
62:9a:1a:7a:6c:22:96:b7:9e:7d:81:68:48:93:7d:
75:67:68:91:2e:f4:28:97:9d:d2:1a:70:9a:25:0d:
c6:f5:91:5a:c9:9d:01:0c:62:c2:3d:88:f2:08:1c:
e3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:48:FB:79:A8:D2:C7:89:2D:CA:57:7A:1C:2E:29:57:5E:D4:D0:9B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ukj7eajSx4ktyld6HC4pV17U0Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.149.0/24
77.90.23.0/24
89.144.40.0/24
178.18.152.0/22
Signature Algorithm: sha256WithRSAEncryption
e7:da:40:b9:a2:af:9d:6c:58:bd:3b:6a:d3:10:25:65:7d:45:
a7:1c:b6:21:7b:f5:0f:2f:6f:7f:26:cf:6f:9e:d1:b8:65:ea:
ad:eb:9d:f2:72:03:9b:1f:62:ad:f8:b8:dc:04:91:73:0f:12:
f3:73:3c:ac:6f:cd:40:6c:a1:fc:de:a1:ac:3e:1a:ff:4c:79:
4b:2b:9b:03:3c:5d:5d:5f:6e:33:16:b1:8d:48:8a:b5:f5:69:
f7:f3:80:06:36:1b:54:a8:d2:9a:6f:c7:95:dd:4e:57:c8:b2:
3f:09:d4:d2:e9:c7:99:3c:28:49:13:58:de:30:64:33:53:d5:
c1:2e:59:47:f8:b2:0d:9d:66:2f:a2:b9:50:b9:76:31:d5:fd:
bf:70:20:af:da:80:67:1b:86:3d:8c:05:d5:34:5f:c4:71:cb:
61:2f:7f:9b:e1:18:ce:4b:47:80:96:86:78:50:05:2b:17:a6:
bf:2c:f5:c5:85:88:b3:da:8b:6d:e9:e3:1d:05:84:3a:79:bd:
c1:51:49:03:40:86:cf:5d:b4:85:28:c7:51:ac:61:d2:48:c8:
17:24:bf:a6:35:ed:47:f8:ba:2a:f2:28:00:8a:1b:13:41:4b:
e8:b0:d6:74:78:7f:27:6b:7b:e2:fa:c2:d7:4f:55:8e:df:5f:
52:3f:8a:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZc+ud9gb7qNMeFJ1w6uhi83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjA1MDYxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQ4ZmI3OWE4ZDJjNzg5MmRjYTU3N2ExYzJlMjk1NzVlZDRkMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM/oJbzgptOfiNHPEBM3H0U3gkN1
M2dLq90jw8cTxf+OOePDtOyfEJi0O/nDvH+GLbDpXC6+a+EMzqoHBWq1+SwT5I55
dM3YuRm7Qb7oPCXO41+jbJLGc3MuXCGDTgBIlW6jTwFGhy0zynNPE2rj9ml+H9JE
d3UnX5vZ2tdPC5iuvspHC2qIwoX7JKiTFSvyCPyagft33sEJMRmC4ZmNbWrDBqoD
Cs12aRg2AQBdHlWdNj1NPWaUVp9Xc6DWE95zDH9b+wrrgn4gsmgoFyGlupFimhp6
bCKWt559gWhIk311Z2iRLvQol53SGnCaJQ3G9ZFayZ0BDGLCPYjyCBzjRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLpI+3mo0seJLcpXehwuKVde1NCbMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdWtqN2VhalN4NGt0eWxkNkhDNHBWMTdVMEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABVOVAwQA
TVoXAwQAWZAoAwQCshKYMA0GCSqGSIb3DQEBCwUAA4IBAQDn2kC5oq+dbFi9O2rT
ECVlfUWnHLYhe/UPL29/Js9vntG4Zeqt653ycgObH2Kt+LjcBJFzDxLzczysb81A
bKH83qGsPhr/THlLK5sDPF1dX24zFrGNSIq19Wn384AGNhtUqNKab8eV3U5XyLI/
CdTS6ceZPChJE1jeMGQzU9XBLllH+LINnWYvorlQuXYx1f2/cCCv2oBnG4Y9jAXV
NF/EccthL3+b4RjOS0eAloZ4UAUrF6a/LPXFhYiz2ott6eMdBYQ6eb3BUUkDQIbP
XbSFKMdRrGHSSMgXJL+mNe1H+Loq8igAihsTQUvosNZ0eH8na3vi+sLXT1WO319S
P4ox
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:55:11 2025 by rpki-client