Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xzDf501SG5bWNTcVCO4JNEK-b8g.roa
File: xzDf501SG5bWNTcVCO4JNEK-b8g.roa (raw, json)
Hash identifier: sr4iOJRc6CcBX4QWxVXDjMuNGMqxpdDztdh0yx86Nc4=
Subject key identifier: C7:30:DF:E7:4D:52:1B:96:D6:35:37:15:08:EE:09:34:42:BE:6F:C8
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195F4AF16188B28CB5B2D58E934DFBC4D38
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xzDf501SG5bWNTcVCO4JNEK-b8g.roa
Signing time: Wed 02 Apr 2025 04:07:49 +0000
ROA not before: Wed 02 Apr 2025 04:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 19:40:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f4:af:16:18:8b:28:cb:5b:2d:58:e9:34:df:bc:4d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 2 04:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c730dfe74d521b96d635371508ee093442be6fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:76:2b:95:69:75:91:a7:8e:6e:a9:55:33:6c:
44:4f:f7:d6:61:ab:56:e6:19:8e:e3:4d:35:6d:2d:
7d:60:e6:67:fe:98:e8:c2:47:e8:72:23:c5:6b:4b:
49:e2:8e:29:19:32:f3:9c:f5:6d:19:80:04:48:01:
5d:50:ee:6a:b8:ec:a8:ed:6d:f3:76:d4:54:ff:62:
a6:55:81:5c:8b:e3:ee:c3:f7:e2:b2:f8:32:f5:16:
a8:cc:45:ab:11:ed:06:36:37:d3:71:6c:e5:67:c4:
d2:88:6e:a0:8d:bd:35:fe:9a:14:36:81:86:1b:ad:
6d:4a:a9:6b:1b:83:ea:db:84:61:7f:9b:a3:39:50:
12:96:6d:3d:94:62:83:46:58:dd:6b:3e:4a:4b:5f:
8a:b7:64:42:9d:0d:33:02:19:47:43:a4:37:78:aa:
2d:8e:57:bd:b4:8e:8d:ef:09:24:eb:41:2e:22:2c:
87:ca:d3:58:8a:8f:14:b5:c1:fe:04:5a:7c:b2:3c:
7c:fd:98:2a:bf:1d:64:b4:63:87:d3:00:8a:48:de:
3d:10:1a:b1:10:e5:b3:19:1e:9b:cc:0c:b2:7b:f5:
46:a1:f8:11:dc:3e:14:64:c5:14:7a:6d:c2:c7:ef:
71:ac:e7:b4:ce:75:6f:06:4e:a7:43:91:1e:f2:69:
a2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:30:DF:E7:4D:52:1B:96:D6:35:37:15:08:EE:09:34:42:BE:6F:C8
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xzDf501SG5bWNTcVCO4JNEK-b8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
94.249.195.0/24
94.249.215.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
Signature Algorithm: sha256WithRSAEncryption
97:a0:aa:6e:9b:20:5e:e6:ee:0a:54:5c:37:ec:95:35:fc:21:
44:8b:b4:78:d2:02:02:46:56:c0:ad:69:d2:bc:4d:58:06:68:
5b:0c:ca:8e:af:57:82:4a:4c:f7:79:96:d1:14:4f:65:88:65:
a2:a4:d7:db:9c:fc:b8:17:6e:22:d1:7e:1f:33:1f:0b:c2:86:
a3:68:7d:c0:0b:4c:ee:75:5b:1f:e3:bd:a2:60:9f:19:49:d2:
4d:f8:89:1f:3a:a3:99:c4:51:a7:d8:26:d4:fb:da:86:43:66:
03:8f:12:70:f7:33:08:15:1f:75:0b:bc:80:90:55:60:3c:d3:
d3:f8:a3:0d:6b:bb:29:67:9b:e2:a8:c7:70:37:0a:f3:81:95:
9e:d7:3f:83:27:86:94:47:99:8e:f6:06:92:e4:20:00:2a:94:
ce:09:b1:b8:50:60:53:ab:e2:9b:67:68:e0:4c:46:43:25:f8:
a5:fe:11:d4:36:e9:17:d9:f9:74:4f:20:43:d2:80:36:e7:24:
8a:01:01:a4:9f:73:09:c6:97:3e:5b:38:fd:be:8b:d2:ce:d0:
73:10:4e:c4:5d:f4:ec:2b:a7:7d:d7:e8:b0:8f:4a:2c:e5:c5:
9d:b4:1c:84:76:6a:b3:69:33:9d:63:9f:1d:b1:7d:45:9d:19:
5b:82:38:76
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZX0rxYYiyjLWy1Y6TTfvE04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDAyMDQwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzMwZGZlNzRkNTIxYjk2ZDYzNTM3MTUwOGVlMDkzNDQyYmU2ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnYrlWl1kaeObqlVM2xET/fWYatW
5hmO4001bS19YOZn/pjowkfociPFa0tJ4o4pGTLznPVtGYAESAFdUO5quOyo7W3z
dtRU/2KmVYFci+Puw/fisvgy9RaozEWrEe0GNjfTcWzlZ8TSiG6gjb01/poUNoGG
G61tSqlrG4Pq24Rhf5ujOVASlm09lGKDRljdaz5KS1+Kt2RCnQ0zAhlHQ6Q3eKot
jle9tI6N7wkk60EuIiyHytNYio8UtcH+BFp8sjx8/Zgqvx1ktGOH0wCKSN49EBqx
EOWzGR6bzAyye/VGofgR3D4UZMUUem3Cx+9xrOe0znVvBk6nQ5Ee8mmikQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMcw3+dNUhuW1jU3FQjuCTRCvm/IMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveHpEZjUwMVNHNWJXTlRjVkNPNEpORUstYjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABVOBAwQA
Ba+KAwQATVo2AwQAV++DAwQAXvnDAwQAXvnXAwQAX9cgAwQAX9ciAwQAshKQAwQA
uQ2cMA0GCSqGSIb3DQEBCwUAA4IBAQCXoKpumyBe5u4KVFw37JU1/CFEi7R40gIC
RlbArWnSvE1YBmhbDMqOr1eCSkz3eZbRFE9liGWipNfbnPy4F24i0X4fMx8Lwoaj
aH3AC0zudVsf472iYJ8ZSdJN+IkfOqOZxFGn2CbU+9qGQ2YDjxJw9zMIFR91C7yA
kFVgPNPT+KMNa7spZ5viqMdwNwrzgZWe1z+DJ4aUR5mO9gaS5CAAKpTOCbG4UGBT
q+KbZ2jgTEZDJfil/hHUNukX2fl0TyBD0oA25ySKAQGkn3MJxpc+Wzj9vovSztBz
EE7EXfTsK6d91+iwj0os5cWdtByEdmqzaTOdY58dsX1FnRlbgjh2
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:10:28 2025 by rpki-client