Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/S3hvJ6o3ATOMR02GI8T50wv2eig.roa
File: S3hvJ6o3ATOMR02GI8T50wv2eig.roa (raw, json)
Hash identifier: 2aEyDwvTxU/cdiqxX5mnc43ykJFvAP8Ryl3as7adm3Q=
Subject key identifier: 4B:78:6F:27:AA:37:01:33:8C:47:4D:86:23:C4:F9:D3:0B:F6:7A:28
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0195C21BB24A1463C0B0BDEBF049F97C3A6C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/S3hvJ6o3ATOMR02GI8T50wv2eig.roa
Signing time: Sun 23 Mar 2025 08:25:49 +0000
ROA not before: Sun 23 Mar 2025 08:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.182.115.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.56.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Mar 2025 21:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c2:1b:b2:4a:14:63:c0:b0:bd:eb:f0:49:f9:7c:3a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 23 08:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b786f27aa3701338c474d8623c4f9d30bf67a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0f:86:11:c7:81:a0:ca:75:4e:08:37:d2:3c:
71:26:73:0f:dc:5d:24:34:b5:82:83:7b:b9:4c:b3:
5a:ad:fb:88:45:97:23:b9:54:ae:a9:04:8c:98:5f:
44:bc:b8:d2:d8:c4:36:38:27:16:45:51:a2:02:43:
b1:b7:92:10:68:67:04:0e:ae:5f:c9:c2:45:56:df:
ee:56:40:e5:f1:4d:f3:f0:7a:3a:43:97:06:d1:36:
55:1e:e7:6e:9a:7a:13:d1:7d:07:04:a7:8e:28:98:
5e:58:89:ae:73:bb:71:a0:49:6f:76:e3:66:f7:94:
b4:0e:cf:e4:af:4a:7d:78:ee:4a:a4:1c:3f:83:ab:
b7:f6:fe:30:ed:be:37:07:b3:37:31:51:a5:c2:3c:
02:73:fc:0e:cc:a4:df:02:4d:9f:fe:53:63:37:cb:
13:f9:40:b4:c9:ec:b1:f5:5b:5a:68:c2:61:c7:6d:
d5:e6:93:50:8c:1c:54:44:f1:66:97:da:60:7a:b6:
6e:6e:80:f4:46:ea:21:1e:f5:fd:72:f9:e7:31:98:
02:a6:a0:38:7d:70:e8:2a:02:49:9c:ec:94:2f:5f:
68:a1:9e:dc:27:d2:58:90:86:0e:70:cb:92:fd:7f:
06:49:4f:e5:0f:b9:6f:08:1d:8e:36:ec:ea:aa:d8:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:78:6F:27:AA:37:01:33:8C:47:4D:86:23:C4:F9:D3:0B:F6:7A:28
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/S3hvJ6o3ATOMR02GI8T50wv2eig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.115.0/24
77.242.150.0/24
83.137.153.0/24
88.151.56.0/23
88.209.224.0/24
88.209.232.0/22
88.209.246.0/24
Signature Algorithm: sha256WithRSAEncryption
23:be:22:a2:b4:93:9f:30:0d:b0:e6:8a:b6:c4:47:d4:7b:0f:
b2:ff:03:f0:95:44:4d:99:6c:4f:56:3b:f3:2d:cd:7a:91:5c:
37:f8:d3:bf:8a:df:e9:2b:1d:b1:92:98:8c:b9:5b:39:fb:7e:
2c:da:1c:11:d0:72:dd:4c:a2:28:76:08:1a:6a:55:39:fb:8b:
e5:75:72:6f:17:66:21:e2:22:a9:b7:21:3b:c9:2a:fa:7b:74:
fa:4c:15:ea:ec:74:11:39:74:96:1a:49:de:a0:d8:5c:db:d8:
65:3e:22:0d:50:aa:af:1c:f4:5c:b0:ae:9d:84:12:7d:6b:54:
9c:81:19:8e:6c:6b:4e:b6:51:82:d3:1a:22:e3:8d:e3:63:8e:
38:e5:af:50:3b:03:76:eb:b4:78:bd:ba:dc:1a:72:d1:9c:b8:
bd:ec:cc:11:cc:62:3e:49:1d:bc:7a:88:d6:b8:0b:1e:eb:51:
d8:b1:35:1d:c0:45:67:30:0a:25:58:7d:4c:59:ca:7e:69:b6:
ba:cf:12:5b:59:66:36:9e:7f:67:f8:12:62:0e:f0:5a:dc:80:
af:19:aa:7d:6b:d5:3d:b1:5e:30:6e:39:b3:3a:5a:39:37:fe:
57:08:91:44:fe:16:f2:78:11:a5:45:08:b9:98:bd:ff:cc:d3:
a0:df:0c:db
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZXCG7JKFGPAsL3r8En5fDpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzIzMDgyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc4NmYyN2FhMzcwMTMzOGM0NzRkODYyM2M0ZjlkMzBiZjY3YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA+GEceBoMp1Tgg30jxxJnMP3F0k
NLWCg3u5TLNarfuIRZcjuVSuqQSMmF9EvLjS2MQ2OCcWRVGiAkOxt5IQaGcEDq5f
ycJFVt/uVkDl8U3z8Ho6Q5cG0TZVHudumnoT0X0HBKeOKJheWImuc7txoElvduNm
95S0Ds/kr0p9eO5KpBw/g6u39v4w7b43B7M3MVGlwjwCc/wOzKTfAk2f/lNjN8sT
+UC0yeyx9VtaaMJhx23V5pNQjBxURPFml9pgerZuboD0RuohHvX9cvnnMZgCpqA4
fXDoKgJJnOyUL19ooZ7cJ9JYkIYOcMuS/X8GSU/lD7lvCB2ONuzqqthYSwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEt4byeqNwEzjEdNhiPE+dML9nooMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUzNodko2bzNBVE9NUjAyR0k4VDUwd3YyZWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABbZzAwQA
TfKWAwQAU4mZAwQBWJc4AwQAWNHgAwQCWNHoAwQAWNH2MA0GCSqGSIb3DQEBCwUA
A4IBAQAjviKitJOfMA2w5oq2xEfUew+y/wPwlURNmWxPVjvzLc16kVw3+NO/it/p
Kx2xkpiMuVs5+34s2hwR0HLdTKIodggaalU5+4vldXJvF2Yh4iKptyE7ySr6e3T6
TBXq7HQROXSWGkneoNhc29hlPiINUKqvHPRcsK6dhBJ9a1ScgRmObGtOtlGC0xoi
443jY4445a9QOwN267R4vbrcGnLRnLi97MwRzGI+SR28eojWuAse61HYsTUdwEVn
MAolWH1MWcp+aba6zxJbWWY2nn9n+BJiDvBa3ICvGap9a9U9sV4wbjmzOlo5N/5X
CJFE/hbyeBGlRQi5mL3/zNOg3wzb
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:10:37 2025 by rpki-client