Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/39_OmpnybISpbFef1Xh3X-7BFg8.roa
File: 39_OmpnybISpbFef1Xh3X-7BFg8.roa (raw, json)
Hash identifier: kMfw/FQ1rq3raLGW07TWtxjMphtdGH2IzS8rKLP/sLA=
Subject key identifier: DF:DF:CE:9A:99:F2:6C:84:A9:6C:57:9F:D5:78:77:5F:EE:C1:16:0F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01964D2FF56B228484C0AB66A099948DC5EC
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/39_OmpnybISpbFef1Xh3X-7BFg8.roa
Signing time: Sat 19 Apr 2025 08:35:10 +0000
ROA not before: Sat 19 Apr 2025 08:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 04:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4d:2f:f5:6b:22:84:84:c0:ab:66:a0:99:94:8d:c5:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 19 08:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfdfce9a99f26c84a96c579fd578775feec1160f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:85:7b:fe:df:59:c7:58:6f:67:3f:81:47:3b:
12:80:f5:70:67:60:e8:1e:c7:a4:89:db:f3:5d:ed:
54:75:5e:79:e9:a5:51:75:a9:1f:ba:1c:0e:2b:01:
a9:84:95:2d:db:fb:9d:cb:00:a8:36:ce:a7:d3:62:
b0:eb:01:72:95:97:af:9c:5e:f7:98:43:3f:68:0d:
08:e1:00:9c:67:9e:de:a5:5a:f2:9a:ea:de:e4:b1:
42:b9:6d:1e:6c:00:f7:41:15:e3:75:2d:ca:22:be:
c8:6a:30:bb:38:a2:bf:bd:ef:25:49:a9:ff:ed:81:
d0:e2:8b:2d:29:73:e2:41:a9:cb:5d:ee:cd:c5:42:
29:95:d1:7d:2d:66:58:b5:14:ca:b6:5f:30:1a:f2:
9c:cb:db:d6:3b:0b:dd:30:61:8e:29:90:8a:0c:08:
ac:02:e7:a1:c7:33:d7:ea:f7:cd:51:c7:bd:e5:64:
c8:81:1e:63:8c:29:46:70:03:cc:87:41:0c:88:b7:
3c:34:fd:0c:32:63:e9:11:aa:0b:ef:f7:fe:1a:20:
6e:c3:ee:d1:63:c4:92:d1:8b:6d:17:08:17:2d:98:
d2:17:78:2c:ed:e5:21:fa:0f:f2:2b:ab:3c:d0:0b:
8e:bd:cf:e2:19:4f:46:f4:25:33:ce:9c:92:43:3f:
c7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DF:CE:9A:99:F2:6C:84:A9:6C:57:9F:D5:78:77:5F:EE:C1:16:0F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/39_OmpnybISpbFef1Xh3X-7BFg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
94.249.195.0/24
94.249.215.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:0f:87:0e:fd:5d:f4:c5:16:96:5a:15:e6:9d:f8:00:a2:8a:
b9:d0:4d:05:c7:7c:9f:26:e6:89:d6:83:7c:b3:28:a1:60:cf:
7a:38:2a:1d:25:36:5f:15:20:5c:02:b0:1a:46:bb:7d:08:e4:
5d:72:db:7d:4e:e8:2d:dc:35:81:97:76:c7:ab:15:a3:15:b9:
2f:f3:80:c4:ed:f2:0f:38:b2:9f:c7:13:a8:f0:07:4e:db:12:
60:50:4d:1b:b7:7b:44:fe:b3:96:dc:4f:89:ff:cf:73:48:f7:
95:07:84:28:68:49:4c:b6:9c:73:6a:9c:56:ab:1e:a7:84:79:
dc:0f:fe:01:c7:52:71:9e:84:2c:ed:6b:25:d9:52:b6:b0:a1:
fb:9d:32:bc:e0:5a:18:6f:9f:0b:10:34:b8:3b:d7:0c:29:1d:
9b:44:21:2b:55:e6:65:86:cc:e5:44:87:41:d8:63:4f:7b:ea:
21:94:e0:10:f3:40:98:53:4a:d2:80:3d:af:ab:7a:52:a3:70:
0f:94:17:aa:f8:22:5c:14:b2:aa:fb:eb:b6:97:60:b8:bc:4d:
0d:fe:ff:c9:3c:63:2b:94:6f:fa:c5:3f:ca:48:82:ab:ad:c6:
af:ed:c8:44:c4:c7:a3:09:27:3f:35:d5:3c:d4:25:7c:b1:f0:
f2:23:c5:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZZNL/VrIoSEwKtmoJmUjcXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDE5MDgzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRmY2U5YTk5ZjI2Yzg0YTk2YzU3OWZkNTc4Nzc1ZmVlYzExNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYV7/t9Zx1hvZz+BRzsSgPVwZ2Do
HsekidvzXe1UdV556aVRdakfuhwOKwGphJUt2/udywCoNs6n02Kw6wFylZevnF73
mEM/aA0I4QCcZ57epVrymure5LFCuW0ebAD3QRXjdS3KIr7IajC7OKK/ve8lSan/
7YHQ4ostKXPiQanLXe7NxUIpldF9LWZYtRTKtl8wGvKcy9vWOwvdMGGOKZCKDAis
AuehxzPX6vfNUce95WTIgR5jjClGcAPMh0EMiLc8NP0MMmPpEaoL7/f+GiBuw+7R
Y8SS0YttFwgXLZjSF3gs7eUh+g/yK6s80AuOvc/iGU9G9CUzzpySQz/H8wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFN/fzpqZ8myEqWxXn9V4d1/uwRYPMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMzlfT21wbnliSVNwYkZlZjFYaDNYLTdCRmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABVOBAwQA
Ba+KAwQATVo2AwQAV++DAwQAXvnDAwQAXvnXAwQAX9cgAwQAX9ciAwQAshKQAwQA
2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQAcD4cO/V30xRaWWhXmnfgAooq50E0Fx3yf
JuaJ1oN8syihYM96OCodJTZfFSBcArAaRrt9CORdctt9Tugt3DWBl3bHqxWjFbkv
84DE7fIPOLKfxxOo8AdO2xJgUE0bt3tE/rOW3E+J/89zSPeVB4QoaElMtpxzapxW
qx6nhHncD/4Bx1JxnoQs7Wsl2VK2sKH7nTK84FoYb58LEDS4O9cMKR2bRCErVeZl
hszlRIdB2GNPe+ohlOAQ80CYU0rSgD2vq3pSo3APlBeq+CJcFLKq++u2l2C4vE0N
/v/JPGMrlG/6xT/KSIKrrcav7chExMejCSc/NdU81CV8sfDyI8XH
-----END CERTIFICATE-----
Generated at Thu Jun 19 00:49:55 2025 by rpki-client