Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/oD5E9D-bk7F4X2-PxDjOHPxSicY.roa
File: oD5E9D-bk7F4X2-PxDjOHPxSicY.roa (raw, json)
Hash identifier: CI13mS+JMlxua9APIs1sGC3931+fTk+/1htzWt1UeFU=
Subject key identifier: A0:3E:44:F4:3F:9B:93:B1:78:5F:6F:8F:C4:38:CE:1C:FC:52:89:C6
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 01963D9CD7413D3A208044604BC33D42B81E
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/oD5E9D-bk7F4X2-PxDjOHPxSicY.roa
Signing time: Wed 16 Apr 2025 08:00:10 +0000
ROA not before: Wed 16 Apr 2025 08:00:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 85.234.64.0/24 maxlen: 24
85.234.86.0/24 maxlen: 24
93.119.168.0/24 maxlen: 24
93.119.169.0/24 maxlen: 24
109.61.121.0/24 maxlen: 24
2a03:90c0:680::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 17 Apr 2025 19:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:9c:d7:41:3d:3a:20:80:44:60:4b:c3:3d:42:b8:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Apr 16 08:00:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a03e44f43f9b93b1785f6f8fc438ce1cfc5289c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:79:4c:b5:52:51:35:0e:a9:ce:43:fe:2d:e4:
5c:55:f3:d7:16:c0:9e:bf:e5:e3:44:ca:67:64:36:
f2:8b:47:f5:e5:90:1f:08:af:de:9d:30:b0:a7:b5:
d2:e8:c4:e8:3e:96:5c:25:4f:f4:3b:84:37:93:1f:
65:1e:a9:1d:06:f9:0c:f0:a9:6a:f9:4f:a6:b4:03:
97:2e:1e:80:ab:b9:28:dc:0a:7a:96:13:6f:79:59:
4a:2e:33:91:60:1a:8a:81:c8:a8:d3:ef:5d:8c:c1:
65:47:3a:dd:57:15:a7:ea:78:94:4d:92:82:cb:58:
31:09:47:1c:d1:cc:19:8c:df:e3:f7:4c:0c:0d:03:
05:09:bc:ce:35:4a:f1:d9:eb:31:11:aa:45:71:bf:
85:47:1e:10:8d:e5:2e:93:1f:0b:20:44:27:23:9a:
06:e0:9f:38:4b:1e:bd:82:f0:b8:5f:4c:c6:2a:55:
9a:b7:b2:82:d1:42:cc:2b:7a:3f:ca:d5:57:96:d7:
7d:f8:4d:09:de:9e:66:4f:bd:26:57:f5:a6:77:9f:
c6:28:58:b8:7b:0e:be:ba:6a:79:f9:f7:60:dd:ed:
c4:fe:16:35:6e:ab:bf:d9:91:70:7e:f6:50:ff:22:
92:c7:39:af:ec:f1:58:c3:f4:54:8d:72:8d:ec:cb:
1e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3E:44:F4:3F:9B:93:B1:78:5F:6F:8F:C4:38:CE:1C:FC:52:89:C6
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/oD5E9D-bk7F4X2-PxDjOHPxSicY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.64.0/24
85.234.86.0/24
93.119.168.0/23
109.61.121.0/24
IPv6:
2a03:90c0:680::/44
Signature Algorithm: sha256WithRSAEncryption
5a:ae:25:87:0e:66:0e:22:e4:ab:3c:8e:f9:16:2b:e0:6c:05:
ca:3e:2e:7a:64:fa:ae:5e:8c:de:a6:54:cb:9e:34:e2:2b:15:
dc:d6:f2:e2:4a:d9:38:a2:4e:86:cc:e9:72:a1:d3:7c:83:be:
9f:f9:89:6e:ac:da:44:e6:0b:f5:e4:f5:7d:c8:44:a1:31:a6:
39:e9:c3:8a:88:24:47:4c:62:fa:6b:24:07:6e:8c:c5:69:fd:
4e:aa:2a:5e:df:f9:33:17:c0:1c:0c:99:3d:a3:73:a4:73:ef:
86:b7:85:45:3d:e2:53:fc:96:8d:27:4b:61:c1:e2:2e:77:27:
f6:80:27:9c:bb:74:bd:84:b3:a4:28:67:0b:1d:c0:1d:93:9a:
89:ba:1f:6b:37:0c:a9:5e:56:1f:81:79:24:c0:3c:77:67:bb:
f4:c1:71:28:d1:fd:48:db:2a:ba:69:a8:57:1e:96:2a:5b:fc:
fb:8c:24:6d:fd:53:07:33:16:da:ca:3f:23:fa:f6:25:44:d5:
df:1f:c6:a6:66:23:11:95:68:ca:35:a8:c8:21:6e:92:fa:ed:
6d:88:19:57:a3:ec:96:6a:0e:89:e4:a7:d1:c2:4a:f7:18:0e:
d7:f4:91:f7:84:b9:8c:f9:93:be:99:c8:79:8c:ec:35:d9:a7:
da:e7:ac:e4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZY9nNdBPToggERgS8M9QrgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwNDE2MDgwMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNlNDRmNDNmOWI5M2IxNzg1ZjZmOGZjNDM4Y2UxY2ZjNTI4OWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnlMtVJRNQ6pzkP+LeRcVfPXFsCe
v+XjRMpnZDbyi0f15ZAfCK/enTCwp7XS6MToPpZcJU/0O4Q3kx9lHqkdBvkM8Klq
+U+mtAOXLh6Aq7ko3Ap6lhNveVlKLjORYBqKgcio0+9djMFlRzrdVxWn6niUTZKC
y1gxCUcc0cwZjN/j90wMDQMFCbzONUrx2esxEapFcb+FRx4QjeUukx8LIEQnI5oG
4J84Sx69gvC4X0zGKlWat7KC0ULMK3o/ytVXltd9+E0J3p5mT70mV/Wmd5/GKFi4
ew6+ump5+fdg3e3E/hY1bqu/2ZFwfvZQ/yKSxzmv7PFYw/RUjXKN7MseDwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKA+RPQ/m5OxeF9vj8Q4zhz8UonGMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvb0Q1RTlELWJrN0Y0WDItUHhEak9IUHhTaWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAVepAAwQA
VepWAwQBXXeoAwQAbT15MA8EAgACMAkDBwQqA5DABoAwDQYJKoZIhvcNAQELBQAD
ggEBAFquJYcOZg4i5Ks8jvkWK+BsBco+Lnpk+q5ejN6mVMueNOIrFdzW8uJK2Tii
TobM6XKh03yDvp/5iW6s2kTmC/Xk9X3IRKExpjnpw4qIJEdMYvprJAdujMVp/U6q
Kl7f+TMXwBwMmT2jc6Rz74a3hUU94lP8lo0nS2HB4i53J/aAJ5y7dL2Es6QoZwsd
wB2Tmom6H2s3DKleVh+BeSTAPHdnu/TBcSjR/UjbKrppqFcelipb/PuMJG39Uwcz
FtrKPyP69iVE1d8fxqZmIxGVaMo1qMghbpL67W2IGVej7JZqDonkp9HCSvcYDtf0
kfeEuYz5k76ZyHmM7DXZp9rnrOQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:22 2025 by rpki-client