Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/XE5i7jDvvPRcxneuALOAz69rKmw.roa
File: XE5i7jDvvPRcxneuALOAz69rKmw.roa (raw, json)
Hash identifier: xzoTv34gPTCyDiBaeRCsxYSjafYIlSagxEKZoFA5SrU=
Subject key identifier: 5C:4E:62:EE:30:EF:BC:F4:5C:C6:77:AE:00:B3:80:CF:AF:6B:2A:6C
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 019514DB2B61F9EE5474510D1A32D73B3740
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/XE5i7jDvvPRcxneuALOAz69rKmw.roa
Signing time: Mon 17 Feb 2025 17:01:02 +0000
ROA not before: Mon 17 Feb 2025 17:01:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51115
IP address blocks: 81.161.98.0/23 maxlen: 24
178.248.232.0/21 maxlen: 24
185.65.148.0/22 maxlen: 24
185.94.108.0/22 maxlen: 24
195.43.92.0/24 maxlen: 24
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Feb 2025 20:41:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:14:db:2b:61:f9:ee:54:74:51:0d:1a:32:d7:3b:37:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Feb 17 17:01:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c4e62ee30efbcf45cc677ae00b380cfaf6b2a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:b3:01:47:5f:ba:e1:35:eb:9e:ea:05:9a:
18:38:c0:df:f1:7a:ff:f7:2e:16:bd:bf:58:76:ab:
3f:55:e4:47:44:d9:d3:78:85:44:13:54:9c:8c:d3:
fa:13:36:f6:8b:33:54:21:ae:ac:64:42:6f:4e:2b:
45:e2:37:b8:db:d2:01:10:a6:58:74:5a:16:e0:c9:
33:4d:d7:20:b6:2a:48:07:c0:41:9c:10:59:fe:13:
52:9b:cf:f0:ab:14:57:06:f5:1d:9a:ea:e0:4c:19:
b6:69:1f:5b:8b:7f:32:5c:1d:e5:26:dc:99:f3:df:
12:8b:b9:6b:c3:d3:be:61:54:31:25:41:22:50:e3:
dc:90:73:8e:aa:cb:24:b0:fb:9c:d8:c8:84:23:cb:
73:b9:98:7a:7b:5d:eb:73:c1:db:66:af:13:10:54:
7e:fa:bc:87:94:ae:93:9f:31:1d:8a:a8:05:5f:4e:
60:79:cc:9c:29:bf:94:73:3a:f1:d1:b2:77:cc:d5:
74:96:38:81:e7:e0:c3:21:2e:0b:ce:de:6a:75:4b:
93:77:91:85:16:6f:82:99:7e:5e:5e:6c:09:7d:15:
34:ca:bc:d1:10:64:8c:6a:08:28:63:3f:e2:0d:c4:
a6:ec:6d:28:3b:98:9e:bd:a6:88:98:1e:ff:39:14:
a5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4E:62:EE:30:EF:BC:F4:5C:C6:77:AE:00:B3:80:CF:AF:6B:2A:6C
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/XE5i7jDvvPRcxneuALOAz69rKmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.98.0/23
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
195.43.92.0/24
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
29:3b:b4:ef:f2:e9:a6:c9:ca:d7:90:a4:bb:e3:cc:3f:98:27:
17:68:e9:fd:8b:a8:59:c2:b5:08:7c:57:38:92:2f:6b:67:2b:
9a:c2:dc:d7:ac:30:37:21:01:0a:11:d8:d8:a1:2d:5a:af:3c:
41:9c:0b:f7:cb:db:e8:64:f8:ff:ed:13:a1:4f:68:08:80:97:
4c:96:ab:24:5b:78:ac:3a:7b:5e:7f:6b:46:22:88:3e:69:c0:
8b:b8:00:b0:b3:68:f6:a8:8e:14:e9:5c:c1:3d:7a:cc:d4:28:
ae:96:e9:fd:20:81:1b:d4:b1:dd:19:23:0d:9e:25:12:5d:96:
c6:bf:a4:f0:e6:c0:77:8c:3c:10:3d:7d:4a:64:c4:fb:73:d3:
9d:6b:04:42:44:bf:4d:ac:63:b0:0a:9d:ab:a5:58:42:9d:45:
e6:d9:b4:dd:a7:2c:b6:25:f7:4b:88:23:4c:53:85:cb:fe:3f:
58:33:d7:b0:5b:c8:07:c7:59:fd:89:09:31:6a:42:8b:dc:99:
2a:41:29:10:ad:58:bf:87:60:6a:fb:be:65:3e:f8:07:52:0e:
da:d2:63:78:e1:d1:75:89:4b:17:b3:cc:8b:2f:b8:1c:ce:80:
94:51:a8:65:f2:d6:28:5c:a1:b5:4c:c2:4e:33:db:56:d1:a9:
02:75:03:a3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZUU2yth+e5UdFENGjLXOzdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjUwMjE3MTcwMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRlNjJlZTMwZWZiY2Y0NWNjNjc3YWUwMGIzODBjZmFmNmIyYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfqzAUdfuuE1657qBZoYOMDf8Xr/
9y4Wvb9Ydqs/VeRHRNnTeIVEE1ScjNP6Ezb2izNUIa6sZEJvTitF4je429IBEKZY
dFoW4MkzTdcgtipIB8BBnBBZ/hNSm8/wqxRXBvUdmurgTBm2aR9bi38yXB3lJtyZ
898Si7lrw9O+YVQxJUEiUOPckHOOqssksPuc2MiEI8tzuZh6e13rc8HbZq8TEFR+
+ryHlK6TnzEdiqgFX05gecycKb+Uczrx0bJ3zNV0ljiB5+DDIS4Lzt5qdUuTd5GF
Fm+CmX5eXmwJfRU0yrzREGSMaggoYz/iDcSm7G0oO5ievaaImB7/ORSl4QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFxOYu4w77z0XMZ3rgCzgM+vaypsMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvWEU1aTdqRHZ2UFJjeG5ldUFMT0F6NjlyS213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBUaFiAwQD
svjoAwQCuUGUAwQCuV5sAwQAwytcMA0EAgACMAcDBQAqA3DAMA0GCSqGSIb3DQEB
CwUAA4IBAQApO7Tv8ummycrXkKS748w/mCcXaOn9i6hZwrUIfFc4ki9rZyuawtzX
rDA3IQEKEdjYoS1arzxBnAv3y9voZPj/7ROhT2gIgJdMlqskW3isOntef2tGIog+
acCLuACws2j2qI4U6VzBPXrM1Ciulun9IIEb1LHdGSMNniUSXZbGv6Tw5sB3jDwQ
PX1KZMT7c9OdawRCRL9NrGOwCp2rpVhCnUXm2bTdpyy2JfdLiCNMU4XL/j9YM9ew
W8gHx1n9iQkxakKL3JkqQSkQrVi/h2Bq+75lPvgHUg7a0mN44dF1iUsXs8yLL7gc
zoCUUahl8tYoXKG1TMJOM9tW0akCdQOj
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:58:47 2025 by rpki-client