Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/3N5AEokagd1K8ogbt5dJZAl0FJY.roa
File: 3N5AEokagd1K8ogbt5dJZAl0FJY.roa (raw, json)
Hash identifier: 6Nu5NAO+yx2jLv2ZaKQdFcewkmxKbXeIXCwltoqQMRg=
Subject key identifier: DC:DE:40:12:89:1A:81:DD:4A:F2:88:1B:B7:97:49:64:09:74:14:96
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 0196F2E2D5316D3CAFBFC9766CCA49A827D4
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/3N5AEokagd1K8ogbt5dJZAl0FJY.roa
Signing time: Wed 21 May 2025 12:47:53 +0000
ROA not before: Wed 21 May 2025 12:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8648
IP address blocks: 81.173.82.0/24 maxlen: 24
81.173.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 09:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:e2:d5:31:6d:3c:af:bf:c9:76:6c:ca:49:a8:27:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: May 21 12:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcde4012891a81dd4af2881bb797496409741496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:67:22:ed:fe:f2:f1:e7:21:bd:96:62:7a:fd:
21:ab:10:79:32:25:81:4b:3b:1f:b2:39:5f:2e:01:
fc:2c:72:a2:e4:30:b4:4c:70:7e:da:99:f7:6e:78:
e8:0b:c6:f7:61:ac:98:3f:66:18:a2:12:93:a3:ee:
73:8d:88:63:09:c8:cf:b7:53:5b:cc:ff:fb:a1:9f:
a3:da:39:9d:b7:46:2c:2f:52:71:9e:2b:2d:73:6c:
7d:02:dc:13:87:5e:4d:7a:5b:c1:a3:b9:7a:15:f1:
f5:ca:ef:1c:fe:c1:98:36:93:da:c2:20:67:be:f0:
db:e0:99:55:4a:91:26:25:ee:51:2a:2a:2a:a5:5f:
2f:d4:9f:75:73:e1:c8:f6:21:ee:87:af:1b:97:9f:
c5:3c:e1:1a:23:8e:01:ee:e1:cd:9a:c5:bc:c5:d8:
ec:1a:d7:0c:48:1d:7a:28:b3:04:e4:f6:ee:dd:6c:
d7:3b:55:af:5e:02:f8:ec:56:9d:62:10:ee:70:4f:
44:96:10:36:1b:62:b3:a4:05:3a:50:b8:cf:e9:0d:
4a:33:79:a5:77:06:a9:8f:5d:a9:d2:35:bb:c8:ae:
24:37:ba:8d:79:75:f7:c0:9a:e2:29:eb:c6:83:da:
35:0a:b3:ea:64:d0:50:41:01:08:b2:41:e6:b4:3b:
0f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DE:40:12:89:1A:81:DD:4A:F2:88:1B:B7:97:49:64:09:74:14:96
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/3N5AEokagd1K8ogbt5dJZAl0FJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.82.0/24
81.173.88.0/21
Signature Algorithm: sha256WithRSAEncryption
68:33:e5:ab:34:26:4c:a0:73:7f:0e:56:e6:b6:c5:3c:8f:7d:
bc:e2:ea:01:c1:f6:9a:e4:b4:36:7f:f7:b8:90:c6:c1:54:84:
8f:70:03:65:d1:00:87:08:0e:f5:95:63:e0:89:c7:80:54:cf:
0b:d1:95:70:10:84:b4:9a:07:9e:c3:59:76:56:13:b8:39:3d:
e4:86:7b:85:db:45:06:a6:14:39:30:04:e9:bd:7d:c5:9d:75:
4a:14:fc:0b:38:b2:cb:43:fe:30:43:00:ac:40:86:5c:f5:19:
1a:ee:9f:24:94:2b:3a:b1:35:3b:e7:19:6e:20:4d:a7:18:81:
ed:4f:6a:01:04:36:0d:18:16:2b:85:d3:4a:3b:c5:cd:ef:1f:
eb:f1:4b:24:8f:d8:c9:1c:55:3b:38:5d:f8:d0:b3:ff:8e:37:
ac:86:ee:63:4e:f3:ff:75:39:0c:af:7c:20:6c:1b:b9:7e:0c:
78:0b:54:db:2d:7b:81:0c:59:bf:cd:f2:c4:5c:aa:0d:df:90:
8a:c8:2b:a1:a6:de:3a:98:ae:48:0c:1e:00:55:8e:ba:6b:8b:
a9:0c:81:af:93:80:d6:e0:43:b4:ed:ac:2d:04:dd:6b:45:2e:
bd:a9:6e:df:d9:9d:08:06:bc:f1:fe:43:07:bf:24:77:63:e8:
94:40:8c:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZby4tUxbTyvv8l2bMpJqCfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjUwNTIxMTI0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2RlNDAxMjg5MWE4MWRkNGFmMjg4MWJiNzk3NDk2NDA5NzQxNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmci7f7y8echvZZiev0hqxB5MiWB
SzsfsjlfLgH8LHKi5DC0THB+2pn3bnjoC8b3YayYP2YYohKTo+5zjYhjCcjPt1Nb
zP/7oZ+j2jmdt0YsL1Jxnistc2x9AtwTh15NelvBo7l6FfH1yu8c/sGYNpPawiBn
vvDb4JlVSpEmJe5RKioqpV8v1J91c+HI9iHuh68bl5/FPOEaI44B7uHNmsW8xdjs
GtcMSB16KLME5Pbu3WzXO1WvXgL47FadYhDucE9ElhA2G2KzpAU6ULjP6Q1KM3ml
dwapj12p0jW7yK4kN7qNeXX3wJriKevGg9o1CrPqZNBQQQEIskHmtDsPlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNzeQBKJGoHdSvKIG7eXSWQJdBSWMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvM041QUVva2FnZDFLOG9nYnQ1ZEpaQWwwRkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUa1SAwQD
Ua1YMA0GCSqGSIb3DQEBCwUAA4IBAQBoM+WrNCZMoHN/DlbmtsU8j3284uoBwfaa
5LQ2f/e4kMbBVISPcANl0QCHCA71lWPgiceAVM8L0ZVwEIS0mgeew1l2VhO4OT3k
hnuF20UGphQ5MATpvX3FnXVKFPwLOLLLQ/4wQwCsQIZc9Rka7p8klCs6sTU75xlu
IE2nGIHtT2oBBDYNGBYrhdNKO8XN7x/r8Uskj9jJHFU7OF340LP/jjeshu5jTvP/
dTkMr3wgbBu5fgx4C1TbLXuBDFm/zfLEXKoN35CKyCuhpt46mK5IDB4AVY66a4up
DIGvk4DW4EO07awtBN1rRS69qW7f2Z0IBrzx/kMHvyR3Y+iUQIx1
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:26:07 2025 by rpki-client