Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/5dndEfpMvtFWoqbJyP094iLnJG8.roa
File: 5dndEfpMvtFWoqbJyP094iLnJG8.roa (raw, json)
Hash identifier: M2GuFAlXwOTgdJsjuRd1b65X4UUWWMUoc3vXSmpR7Hs=
Subject key identifier: E5:D9:DD:11:FA:4C:BE:D1:56:A2:A6:C9:C8:FD:3D:E2:22:E7:24:6F
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 0196DEA35EC93CD5D760C95BE2560FC9DA5E
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/5dndEfpMvtFWoqbJyP094iLnJG8.roa
Signing time: Sat 17 May 2025 14:26:10 +0000
ROA not before: Sat 17 May 2025 14:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15782
IP address blocks: 81.88.0.0/20 maxlen: 20
81.186.240.0/20 maxlen: 20
85.235.0.0/20 maxlen: 20
85.235.16.0/20 maxlen: 20
89.236.0.0/18 maxlen: 18
94.245.0.0/18 maxlen: 18
213.185.0.0/19 maxlen: 19
217.72.48.0/20 maxlen: 20
2001:7a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 19 May 2025 07:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:de:a3:5e:c9:3c:d5:d7:60:c9:5b:e2:56:0f:c9:da:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: May 17 14:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5d9dd11fa4cbed156a2a6c9c8fd3de222e7246f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:07:a7:cb:bc:c4:d1:b4:4f:f4:20:e7:b4:a2:
67:85:30:ab:86:67:de:bf:ec:03:e5:ac:07:bc:a4:
e6:1a:bf:38:3f:82:d7:2b:2c:61:47:fb:56:0d:f1:
59:d6:ec:b9:97:e9:7f:3e:02:ce:25:ec:c2:14:62:
37:3e:23:5f:a3:92:ac:c0:dc:a1:15:2f:96:ab:dc:
ab:95:f1:ea:9f:66:7d:5a:6d:35:e0:4d:06:b3:69:
cf:84:be:3b:32:34:ac:1c:63:73:1e:08:9a:57:5d:
96:94:45:a8:24:89:23:f7:57:59:4a:bd:2e:84:f5:
ec:6f:e8:7f:ed:93:f7:f9:e3:a2:a6:fa:0f:75:ca:
c2:82:af:15:85:17:9c:0e:24:6d:87:3a:98:ba:a7:
4f:ca:49:5a:6f:dd:dd:43:6b:99:48:49:52:94:18:
2f:d6:67:e2:df:7c:48:46:4c:d2:6c:d2:05:8c:72:
5b:c1:11:f4:20:60:97:bb:77:8a:4e:7a:a5:ee:ab:
fa:35:50:4a:ad:0e:3f:67:84:26:e2:eb:11:35:bb:
30:1e:2e:02:d0:00:18:ee:d2:fa:fc:8c:a0:9e:91:
93:89:76:d0:e7:43:3c:c5:1a:9a:73:19:4a:8e:a6:
14:81:98:bd:e6:e7:1f:b7:4c:8d:96:20:56:68:73:
a8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D9:DD:11:FA:4C:BE:D1:56:A2:A6:C9:C8:FD:3D:E2:22:E7:24:6F
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/5dndEfpMvtFWoqbJyP094iLnJG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.0.0/20
81.186.240.0/20
85.235.0.0/19
89.236.0.0/18
94.245.0.0/18
213.185.0.0/19
217.72.48.0/20
IPv6:
2001:7a0::/32
Signature Algorithm: sha256WithRSAEncryption
34:8a:25:6c:a8:58:01:92:e7:d0:61:ea:e7:5b:8b:a9:30:10:
b7:20:5f:22:eb:99:9f:cd:cb:19:c1:44:9e:ce:64:c0:b0:e0:
b1:01:ee:4f:2c:9d:c5:23:a0:a4:5e:0e:ab:46:63:b8:85:dd:
6c:0b:c5:eb:4b:1f:e5:7a:99:5e:6f:8a:da:1e:fd:d0:54:7d:
42:1a:67:bb:ac:14:1c:6d:93:1a:58:29:33:61:1b:1d:fe:d6:
05:92:cb:8a:0c:c8:7c:8e:a8:00:58:ad:d9:cc:e1:e8:4f:d1:
71:47:d8:c9:c7:de:35:ce:81:cd:55:ff:d4:74:67:6f:43:62:
8c:be:83:51:fb:68:0b:c7:ce:39:07:3d:48:37:de:8a:56:8e:
be:e2:18:95:75:54:a1:51:53:e6:07:e7:d3:cd:ed:5a:1e:0b:
c8:fa:03:2a:52:da:d4:76:19:0d:77:22:22:8e:e5:cc:d3:ae:
f5:1a:2f:59:fe:25:55:cb:f8:2e:6d:0a:0b:9d:78:3e:b1:e3:
a2:4c:53:14:c5:83:f6:3c:7a:81:47:11:8a:66:79:b6:84:cd:
62:cf:83:38:44:13:8e:14:0e:81:a8:72:03:f7:7e:88:96:0a:
bb:59:51:a4:35:f5:18:d3:3b:0b:b4:91:a8:5d:03:8b:72:51:
7a:dc:e3:8a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZbeo17JPNXXYMlb4lYPydpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjUwNTE3MTQyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQ5ZGQxMWZhNGNiZWQxNTZhMmE2YzljOGZkM2RlMjIyZTcyNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Aeny7zE0bRP9CDntKJnhTCrhmfe
v+wD5awHvKTmGr84P4LXKyxhR/tWDfFZ1uy5l+l/PgLOJezCFGI3PiNfo5KswNyh
FS+Wq9yrlfHqn2Z9Wm014E0Gs2nPhL47MjSsHGNzHgiaV12WlEWoJIkj91dZSr0u
hPXsb+h/7ZP3+eOipvoPdcrCgq8VhRecDiRthzqYuqdPyklab93dQ2uZSElSlBgv
1mfi33xIRkzSbNIFjHJbwRH0IGCXu3eKTnql7qv6NVBKrQ4/Z4Qm4usRNbswHi4C
0AAY7tL6/IygnpGTiXbQ50M8xRqacxlKjqYUgZi95ucft0yNliBWaHOozQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOXZ3RH6TL7RVqKmycj9PeIi5yRvMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvNWRuZEVmcE12dEZXb3FiSnlQMDk0aUxuSkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEUVgAAwQE
UbrwAwQFVesAAwQGWewAAwQGXvUAAwQF1bkAAwQE2UgwMA0EAgACMAcDBQAgAQeg
MA0GCSqGSIb3DQEBCwUAA4IBAQA0iiVsqFgBkufQYernW4upMBC3IF8i65mfzcsZ
wUSezmTAsOCxAe5PLJ3FI6CkXg6rRmO4hd1sC8XrSx/lepleb4raHv3QVH1CGme7
rBQcbZMaWCkzYRsd/tYFksuKDMh8jqgAWK3ZzOHoT9FxR9jJx941zoHNVf/UdGdv
Q2KMvoNR+2gLx845Bz1IN96KVo6+4hiVdVShUVPmB+fTze1aHgvI+gMqUtrUdhkN
dyIijuXM0671Gi9Z/iVVy/gubQoLnXg+seOiTFMUxYP2PHqBRxGKZnm2hM1iz4M4
RBOOFA6BqHID936Ilgq7WVGkNfUY0zsLtJGoXQOLclF63OOK
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:08:48 2025 by rpki-client