Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1da2hKI0XIXn9HKI2jhmB1EUK90.roa
File: 1da2hKI0XIXn9HKI2jhmB1EUK90.roa (raw, json)
Hash identifier: miHGqCcNBbZzOPZGhmCWIymKS4xD5ikor+i5F/hIvXE=
Subject key identifier: D5:D6:B6:84:A2:34:5C:85:E7:F4:72:88:DA:38:66:07:51:14:2B:DD
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01961855B60948730216A17D82F696C1ADF7
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1da2hKI0XIXn9HKI2jhmB1EUK90.roa
Signing time: Wed 09 Apr 2025 02:16:32 +0000
ROA not before: Wed 09 Apr 2025 02:16:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 5.83.139.0/24 maxlen: 24
5.175.220.0/24 maxlen: 24
77.90.7.0/24 maxlen: 24
89.144.3.0/24 maxlen: 24
94.103.168.0/24 maxlen: 24
95.215.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 04:07:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:18:55:b6:09:48:73:02:16:a1:7d:82:f6:96:c1:ad:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 9 02:16:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5d6b684a2345c85e7f47288da38660751142bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:4c:46:9e:72:4f:ab:d1:c7:1b:8c:6e:34:4c:
ed:30:71:64:1f:8d:82:69:ba:d8:a2:08:24:a3:97:
57:53:7c:57:cb:22:e8:95:89:a0:e6:00:31:61:f4:
19:56:bf:79:a9:25:bf:80:95:6b:57:39:b5:3b:b8:
ec:93:ec:c2:85:69:9d:65:6c:ad:86:02:68:fd:09:
bb:b6:72:ea:3b:35:42:96:b1:a3:0d:87:14:4b:71:
42:55:bd:5e:ef:cf:af:5e:f0:70:9e:72:bc:53:dc:
9a:cf:10:be:a0:9e:64:a7:b6:e3:cb:ad:bb:be:5f:
07:58:03:ac:eb:dd:89:85:01:d9:66:5f:25:fb:58:
c8:23:81:71:f4:48:b6:5b:22:4f:8a:dd:f8:9e:d8:
27:d0:5d:d6:f7:58:18:c8:c1:23:6f:ee:17:d0:d4:
a9:f4:9f:fd:33:39:c8:99:1e:35:54:27:9a:cb:73:
6e:4b:2b:cb:f0:ae:d7:38:df:8f:e3:fe:3b:55:3e:
8e:75:b1:70:b8:77:d2:25:2d:13:7b:af:26:fe:7c:
76:f0:ef:73:62:93:91:80:81:a8:ee:06:e2:10:3a:
a3:52:54:2c:a0:a7:fc:cf:fb:b3:36:c4:1c:da:68:
4a:5b:aa:e5:4a:31:92:13:9c:c4:c5:4f:89:7a:b3:
d6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D6:B6:84:A2:34:5C:85:E7:F4:72:88:DA:38:66:07:51:14:2B:DD
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1da2hKI0XIXn9HKI2jhmB1EUK90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.139.0/24
5.175.220.0/24
77.90.7.0/24
89.144.3.0/24
94.103.168.0/24
95.215.33.0/24
Signature Algorithm: sha256WithRSAEncryption
44:e2:9b:34:76:25:c3:53:04:ae:68:5b:5c:16:7d:b0:f0:05:
57:ad:f9:f1:8e:d2:b8:08:13:b9:69:04:71:04:d0:c1:27:46:
30:c0:cd:63:6b:78:53:05:41:4b:91:7e:43:ea:88:26:ca:d8:
6b:4e:d7:39:52:f6:92:49:c4:bb:7a:af:9b:c3:45:b3:b6:42:
e8:1a:6b:7e:0a:9d:50:99:28:13:61:72:ca:68:68:5a:ab:e5:
c5:05:d5:03:73:5b:8f:fe:31:51:3d:bc:68:f0:07:63:be:67:
3b:9d:38:40:f2:ac:89:8e:0c:3d:c1:c5:d4:8d:7d:67:b0:bf:
70:d2:fa:61:40:64:d7:c7:c5:3e:95:b5:9b:bc:3c:48:61:f3:
6d:4c:6d:af:b2:45:7e:93:ed:4a:d1:80:95:aa:0d:38:b7:cb:
e8:7c:5c:cc:d5:4a:a4:b3:00:ac:2b:46:76:da:44:b3:3a:5c:
16:b4:a4:80:40:d9:48:b3:e8:44:c9:56:6f:eb:e4:da:df:b0:
0f:18:3e:17:db:e3:c2:62:2b:23:e7:b4:d7:a4:26:e4:5e:cc:
da:dd:25:a9:64:10:c2:e0:44:fd:1b:d1:3c:6f:c3:9b:54:d9:
49:de:be:cb:6e:3b:07:eb:ef:4c:9c:80:28:1c:aa:89:f3:ae:
df:23:99:d0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZYYVbYJSHMCFqF9gvaWwa33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA5MDIxNjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ2YjY4NGEyMzQ1Yzg1ZTdmNDcyODhkYTM4NjYwNzUxMTQyYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80xGnnJPq9HHG4xuNEztMHFkH42C
abrYoggko5dXU3xXyyLolYmg5gAxYfQZVr95qSW/gJVrVzm1O7jsk+zChWmdZWyt
hgJo/Qm7tnLqOzVClrGjDYcUS3FCVb1e78+vXvBwnnK8U9yazxC+oJ5kp7bjy627
vl8HWAOs692JhQHZZl8l+1jII4Fx9Ei2WyJPit34ntgn0F3W91gYyMEjb+4X0NSp
9J/9MznImR41VCeay3NuSyvL8K7XON+P4/47VT6OdbFwuHfSJS0Te68m/nx28O9z
YpORgIGo7gbiEDqjUlQsoKf8z/uzNsQc2mhKW6rlSjGSE5zExU+JerPWNQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNXWtoSiNFyF5/RyiNo4ZgdRFCvdMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMWRhMmhLSTBYSVhuOUhLSTJqaG1CMUVVSzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOLAwQA
Ba/cAwQATVoHAwQAWZADAwQAXmeoAwQAX9chMA0GCSqGSIb3DQEBCwUAA4IBAQBE
4ps0diXDUwSuaFtcFn2w8AVXrfnxjtK4CBO5aQRxBNDBJ0YwwM1ja3hTBUFLkX5D
6ogmythrTtc5UvaSScS7eq+bw0WztkLoGmt+Cp1QmSgTYXLKaGhaq+XFBdUDc1uP
/jFRPbxo8Adjvmc7nThA8qyJjgw9wcXUjX1nsL9w0vphQGTXx8U+lbWbvDxIYfNt
TG2vskV+k+1K0YCVqg04t8vofFzM1UqkswCsK0Z22kSzOlwWtKSAQNlIs+hEyVZv
6+Ta37APGD4X2+PCYisj57TXpCbkXsza3SWpZBDC4ET9G9E8b8ObVNlJ3r7LbjsH
6+9MnIAoHKqJ867fI5nQ
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:58:09 2025 by rpki-client