
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/3Xu1NeoW-AJo0pVDYHad1qzjWjc.roa
File: 3Xu1NeoW-AJo0pVDYHad1qzjWjc.roa (raw, json)
Hash identifier: BO1o9p3OQ5TflM3PSzr565uFdJ3cKcrSxjKsYwJ4pA0=
Subject key identifier: DD:7B:B5:35:EA:16:F8:02:68:D2:95:43:60:76:9D:D6:AC:E3:5A:37
Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial: 01941F8C6B4A4CF7A018C7056DE6629F7F78
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/3Xu1NeoW-AJo0pVDYHad1qzjWjc.roa
Signing time: Wed 01 Jan 2025 01:48:03 +0000
ROA not before: Wed 01 Jan 2025 01:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202207
IP address blocks: 5.56.160.0/21 maxlen: 24
5.56.160.0/24 maxlen: 24
5.56.161.0/24 maxlen: 24
5.56.162.0/24 maxlen: 24
5.56.163.0/24 maxlen: 24
5.56.164.0/24 maxlen: 24
5.56.165.0/24 maxlen: 24
5.56.166.0/24 maxlen: 24
5.56.167.0/24 maxlen: 24
5.181.44.0/22 maxlen: 24
5.181.44.0/24 maxlen: 24
5.181.45.0/24 maxlen: 24
5.181.46.0/24 maxlen: 24
5.181.47.0/24 maxlen: 24
185.5.124.0/22 maxlen: 24
185.5.124.0/24 maxlen: 24
185.5.125.0/24 maxlen: 24
185.5.126.0/24 maxlen: 24
185.5.127.0/24 maxlen: 24
2a03:1c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Jan 2025 11:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6b:4a:4c:f7:a0:18:c7:05:6d:e6:62:9f:7f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Validity
Not Before: Jan 1 01:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd7bb535ea16f80268d2954360769dd6ace35a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2f:7d:74:f3:97:2a:f4:70:36:df:f6:08:a4:
95:32:27:83:c9:80:77:2d:c1:13:3e:33:7a:fd:1b:
0a:e2:f6:bc:31:55:4d:a0:4e:a9:e7:e4:f9:4e:91:
e6:e0:bb:ff:74:79:5d:dd:fe:1f:75:5b:09:fd:f0:
aa:80:23:ef:b8:62:42:5c:ff:c4:91:bc:f5:65:57:
f3:b2:35:ed:56:f0:cd:98:81:3b:9a:68:f7:87:6b:
8a:61:45:b9:c2:94:65:8f:71:ec:2c:58:d4:6c:c2:
81:31:85:00:11:27:d8:04:f9:61:00:74:24:2e:75:
4d:6d:6b:d6:5b:9a:fd:aa:d6:85:b8:13:0f:96:76:
83:c7:22:91:35:46:be:3b:f3:e3:24:11:52:50:f7:
7f:8b:9b:db:7c:71:7f:94:0f:ad:14:cf:08:0f:e1:
2f:d0:6d:15:36:1e:73:4f:fe:83:4b:9e:77:f8:ed:
b6:d2:b4:87:36:7f:82:33:2f:92:08:17:30:95:19:
82:1a:76:0f:3c:8d:fa:de:6b:06:a1:86:44:37:2d:
37:b6:ac:c6:1a:a8:bd:ee:4d:9d:79:d9:81:cc:81:
6d:17:57:8b:3c:bc:14:89:85:5e:fa:c7:94:39:e2:
66:12:41:e1:7c:7a:c0:6a:f2:56:9a:31:3b:32:9a:
f4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7B:B5:35:EA:16:F8:02:68:D2:95:43:60:76:9D:D6:AC:E3:5A:37
X509v3 Authority Key Identifier:
keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/3Xu1NeoW-AJo0pVDYHad1qzjWjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.160.0/21
5.181.44.0/22
185.5.124.0/22
IPv6:
2a03:1c0::/32
Signature Algorithm: sha256WithRSAEncryption
20:0f:e3:c7:e5:da:45:68:2c:6e:47:e2:58:da:54:7c:aa:17:
6e:06:1a:19:e7:7a:8c:d2:2b:74:92:c8:b5:9e:2a:91:79:3b:
43:e5:93:61:2b:ed:ba:34:7a:76:9b:79:c6:38:e8:63:57:d3:
d5:c9:68:1f:ea:2c:36:79:84:b3:fd:0f:b6:12:2d:fe:80:fb:
44:0f:8c:31:6d:a2:db:7e:b5:9a:34:85:33:2d:d4:5f:a3:b9:
8e:ba:27:77:6b:ea:b4:46:ef:20:65:f7:9a:d7:cd:22:62:47:
72:32:b2:49:e1:7c:db:89:1c:b1:2a:68:b6:29:13:11:78:10:
9a:f6:13:db:98:0f:9f:c3:7a:3f:4a:2d:9c:72:bb:f1:9b:00:
3e:72:6d:b3:92:19:4b:5c:e0:d0:1f:50:8b:ca:3e:d5:bb:93:
ef:65:95:21:4e:5d:ba:43:88:1c:64:d1:1b:00:e5:58:4d:ac:
28:0c:1f:26:ad:f3:d4:a9:c2:65:f7:dc:ce:d0:ec:5b:92:7e:
ac:5c:d6:b2:40:06:3a:68:19:0f:38:8d:6d:51:6e:86:57:2f:
1a:aa:35:c9:73:04:d5:ad:ce:ed:86:d0:8d:d1:c1:29:4a:05:
2e:38:f8:d5:2b:fb:27:03:ca:07:c4:5a:2f:db:d7:0f:dd:23:
32:4d:fe:d1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjGtKTPegGMcFbeZin394MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjUwMTAxMDE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdiYjUzNWVhMTZmODAyNjhkMjk1NDM2MDc2OWRkNmFjZTM1YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC99dPOXKvRwNt/2CKSVMieDyYB3
LcETPjN6/RsK4va8MVVNoE6p5+T5TpHm4Lv/dHld3f4fdVsJ/fCqgCPvuGJCXP/E
kbz1ZVfzsjXtVvDNmIE7mmj3h2uKYUW5wpRlj3HsLFjUbMKBMYUAESfYBPlhAHQk
LnVNbWvWW5r9qtaFuBMPlnaDxyKRNUa+O/PjJBFSUPd/i5vbfHF/lA+tFM8ID+Ev
0G0VNh5zT/6DS553+O220rSHNn+CMy+SCBcwlRmCGnYPPI363msGoYZENy03tqzG
Gqi97k2dedmBzIFtF1eLPLwUiYVe+seUOeJmEkHhfHrAavJWmjE7Mpr0kQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN17tTXqFvgCaNKVQ2B2ndas41o3MB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvM1h1MU5lb1ctQUpvMHBWRFlIYWQxcXpqV2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBTigAwQC
BbUsAwQCuQV8MA0EAgACMAcDBQAqAwHAMA0GCSqGSIb3DQEBCwUAA4IBAQAgD+PH
5dpFaCxuR+JY2lR8qhduBhoZ53qM0it0ksi1niqReTtD5ZNhK+26NHp2m3nGOOhj
V9PVyWgf6iw2eYSz/Q+2Ei3+gPtED4wxbaLbfrWaNIUzLdRfo7mOuid3a+q0Ru8g
Zfea180iYkdyMrJJ4XzbiRyxKmi2KRMReBCa9hPbmA+fw3o/Si2ccrvxmwA+cm2z
khlLXODQH1CLyj7Vu5PvZZUhTl26Q4gcZNEbAOVYTawoDB8mrfPUqcJl99zO0Oxb
kn6sXNayQAY6aBkPOI1tUW6GVy8aqjXJcwTVrc7thtCN0cEpSgUuOPjVK/snA8oH
xFov29cP3SMyTf7R
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:00:16 2025 by rpki-client