Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4r0Ai82p3dfg0tw1YPRgAW2kSX4.roa
File: 4r0Ai82p3dfg0tw1YPRgAW2kSX4.roa (raw, json)
Hash identifier: mFrUUMyDyC0Ke0Yhybm7GbvrSSgxEzgTgOYcgzdJu70=
Subject key identifier: E2:BD:00:8B:CD:A9:DD:D7:E0:D2:DC:35:60:F4:60:01:6D:A4:49:7E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196DE2C5948DA32377E786141D7A618FBDF
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4r0Ai82p3dfg0tw1YPRgAW2kSX4.roa
Signing time: Sat 17 May 2025 12:16:10 +0000
ROA not before: Sat 17 May 2025 12:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.236.0/24 maxlen: 24
5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
89.106.88.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.249.150.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 04:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:de:2c:59:48:da:32:37:7e:78:61:41:d7:a6:18:fb:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 17 12:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2bd008bcda9ddd7e0d2dc3560f460016da4497e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:03:ab:ad:dc:23:7e:be:7a:af:c6:7e:eb:2e:
89:0d:d3:c5:04:fa:35:7f:2e:89:5d:d0:36:03:87:
a8:5e:90:17:7e:47:a8:5f:67:1f:8f:dc:a4:c3:b0:
55:41:62:55:29:c9:39:34:e5:ff:55:fc:ab:f2:12:
b0:40:b8:29:f0:c0:0c:5e:25:36:96:46:1e:40:40:
b8:97:da:4b:70:08:65:47:e6:70:df:e4:d6:1d:d2:
84:6d:f1:49:1e:72:73:69:cf:21:55:37:d8:5e:3f:
14:09:ed:75:13:a9:89:b9:20:49:46:81:b1:37:dc:
bf:ea:09:f0:68:44:16:09:3b:49:56:13:39:df:e6:
f4:b2:0c:8e:9f:28:26:0c:8c:77:dd:b5:ae:52:57:
7e:02:d5:87:62:1f:a4:b2:d4:e2:58:90:af:d5:6a:
b7:aa:fc:91:bb:72:19:61:68:81:3c:28:d9:14:62:
4c:26:43:cb:71:47:97:01:b8:97:b6:c8:5f:23:50:
5b:6a:a1:f9:f9:8b:ca:46:25:0c:41:80:27:76:4e:
b8:c4:f9:16:85:59:37:2e:0c:d8:ee:65:b5:02:2b:
42:b6:32:cf:ac:31:07:f7:c9:99:93:55:fb:25:87:
3f:e0:33:c9:dc:7d:3b:dc:7e:df:07:70:5b:14:5a:
04:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BD:00:8B:CD:A9:DD:D7:E0:D2:DC:35:60:F4:60:01:6D:A4:49:7E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4r0Ai82p3dfg0tw1YPRgAW2kSX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.236.0/23
5.175.239.0/24
5.231.25.0/24
5.231.82.0/24
5.231.96.0/24
77.90.39.0/24
89.106.88.0/24
94.103.167.0/24
94.249.150.0/24
185.13.156.0/24
Signature Algorithm: sha256WithRSAEncryption
70:53:ab:f6:3d:d4:76:b1:25:cf:18:d6:5e:24:d7:62:91:ef:
62:f3:d3:1c:b9:ca:27:59:30:7d:f1:b1:36:13:f1:66:b4:7f:
03:42:c9:df:5e:da:25:a1:55:f6:60:e1:4b:e6:68:11:57:51:
a1:5a:32:67:7b:ce:6b:0a:28:78:f9:65:bb:b3:bd:ae:df:f5:
37:d8:00:b5:2d:b3:32:05:f6:40:7a:49:a0:d0:94:7a:c8:ce:
0a:2c:fc:de:ff:bd:30:ec:9f:3a:01:13:4d:eb:49:26:ca:c3:
be:aa:cc:b7:e0:32:fd:9a:c6:19:88:a2:8d:81:65:02:65:31:
bb:17:20:ed:b3:53:23:6b:3e:8b:bd:30:89:52:9a:bb:db:e4:
88:18:b9:29:fb:b5:00:f1:77:7d:9d:a3:81:fb:e3:4c:ed:5d:
b6:28:06:a0:66:70:36:e4:9d:6f:28:75:40:46:0c:37:22:cc:
9e:f2:e8:0e:11:35:0b:03:af:da:8e:60:5f:e5:19:43:85:28:
2f:84:3f:4e:40:89:c1:13:ff:41:c6:52:16:81:36:6c:4f:a9:
7e:e0:93:90:5f:85:b9:8e:6d:83:20:b8:65:f6:f2:93:33:62:
0e:e8:08:d0:ab:97:83:ae:af:48:34:59:48:7e:40:31:21:6e:
ae:c5:ed:2f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZbeLFlI2jI3fnhhQdemGPvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTE3MTIxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmJkMDA4YmNkYTlkZGQ3ZTBkMmRjMzU2MGY0NjAwMTZkYTQ0OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQOrrdwjfr56r8Z+6y6JDdPFBPo1
fy6JXdA2A4eoXpAXfkeoX2cfj9ykw7BVQWJVKck5NOX/Vfyr8hKwQLgp8MAMXiU2
lkYeQEC4l9pLcAhlR+Zw3+TWHdKEbfFJHnJzac8hVTfYXj8UCe11E6mJuSBJRoGx
N9y/6gnwaEQWCTtJVhM53+b0sgyOnygmDIx33bWuUld+AtWHYh+kstTiWJCv1Wq3
qvyRu3IZYWiBPCjZFGJMJkPLcUeXAbiXtshfI1BbaqH5+YvKRiUMQYAndk64xPkW
hVk3LgzY7mW1AitCtjLPrDEH98mZk1X7JYc/4DPJ3H073H7fB3BbFFoEnQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOK9AIvNqd3X4NLcNWD0YAFtpEl+MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNHIwQWk4MnAzZGZnMHR3MVlQUmdBVzJrU1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABVOWAwQB
Ba/sAwQABa/vAwQABecZAwQABedSAwQABedgAwQATVonAwQAWWpYAwQAXmenAwQA
XvmWAwQAuQ2cMA0GCSqGSIb3DQEBCwUAA4IBAQBwU6v2PdR2sSXPGNZeJNdike9i
89McuconWTB98bE2E/FmtH8DQsnfXtoloVX2YOFL5mgRV1GhWjJne85rCih4+WW7
s72u3/U32AC1LbMyBfZAekmg0JR6yM4KLPze/70w7J86ARNN60kmysO+qsy34DL9
msYZiKKNgWUCZTG7FyDts1Mjaz6LvTCJUpq72+SIGLkp+7UA8Xd9naOB++NM7V22
KAagZnA25J1vKHVARgw3Isye8ugOETULA6/ajmBf5RlDhSgvhD9OQInBE/9BxlIW
gTZsT6l+4JOQX4W5jm2DILhl9vKTM2IO6AjQq5eDrq9INFlIfkAxIW6uxe0v
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:08:31 2025 by rpki-client