Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5VaEikM9vwf_lC3aKywXQQUz_gw.roa
File: 5VaEikM9vwf_lC3aKywXQQUz_gw.roa (raw, json)
Hash identifier: ssfA91TO19xpydvYv2OnA3/pAMjEDHUFB1M9mQBKAms=
Subject key identifier: E5:56:84:8A:43:3D:BF:07:FF:94:2D:DA:2B:2C:17:41:05:33:FE:0C
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01961C22E97A50DEEE8C487F6AC36F51CD32
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5VaEikM9vwf_lC3aKywXQQUz_gw.roa
Signing time: Wed 09 Apr 2025 19:59:32 +0000
ROA not before: Wed 09 Apr 2025 19:59:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 89.144.34.0/24 maxlen: 24
94.103.172.0/24 maxlen: 24
94.103.173.0/24 maxlen: 24
94.103.174.0/24 maxlen: 24
178.18.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 00:17:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1c:22:e9:7a:50:de:ee:8c:48:7f:6a:c3:6f:51:cd:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 9 19:59:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e556848a433dbf07ff942dda2b2c17410533fe0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:99:04:55:95:0f:65:06:98:72:c1:ab:30:b6:
c2:4d:40:a1:0e:ab:99:79:84:27:63:64:df:06:54:
a1:b1:15:e7:c7:db:ee:7e:ba:2f:6d:a9:e3:d1:c7:
e6:ab:b5:59:79:3c:55:c3:2d:55:3a:67:cd:8f:38:
82:51:8c:6d:e3:8b:80:e9:6e:5c:54:de:28:6a:77:
39:f4:4d:99:14:84:82:0b:6f:7a:c5:87:1d:42:de:
ad:2c:8c:43:f4:46:4e:c2:6a:75:99:49:24:88:a4:
7b:e7:bf:90:2b:9f:34:8b:8b:dc:08:d3:42:35:14:
56:b8:7f:13:e0:83:1d:d6:51:4a:e8:17:93:56:a0:
93:26:01:d5:02:37:43:73:73:2b:30:5c:3f:b0:b0:
3d:90:d0:89:b7:4b:9a:f1:ca:d7:dc:f1:a7:38:f8:
7b:94:ff:d4:9e:0b:e9:5c:ce:f9:89:88:36:20:10:
cf:9d:a0:87:c3:23:dd:6a:07:5c:1d:eb:98:ca:2e:
1f:64:24:fe:05:33:92:0f:59:5b:14:2f:3b:21:ea:
06:99:eb:28:93:16:24:26:85:43:37:17:0c:3a:3e:
24:d6:ae:c9:76:2e:64:93:ad:dd:97:1e:2d:f1:bd:
29:eb:89:84:be:c1:b3:45:13:e7:df:76:06:80:7a:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:56:84:8A:43:3D:BF:07:FF:94:2D:DA:2B:2C:17:41:05:33:FE:0C
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5VaEikM9vwf_lC3aKywXQQUz_gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.34.0/24
94.103.172.0-94.103.174.255
178.18.147.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:f6:e2:bd:a1:87:c3:a5:0e:10:61:bc:d5:64:19:3a:f4:b6:
67:6f:cc:46:62:76:40:c3:f9:c0:d0:9b:b0:b2:32:15:2d:4e:
22:03:ab:20:67:cd:69:de:6f:82:e3:79:7f:22:1f:86:f4:dc:
97:f2:58:65:c3:c3:93:2d:ef:c4:f2:5c:73:de:4b:0a:2d:54:
6d:c7:b9:84:04:5c:cc:f5:55:af:bc:90:a4:8a:75:ee:df:4c:
65:d4:0b:3b:f9:a6:81:46:84:14:bd:fe:c1:b5:39:81:bf:55:
09:cd:3a:2f:0d:e6:bc:f7:40:fe:c4:a5:eb:b8:f1:f0:b5:1d:
0c:3d:81:6f:fe:2a:0f:f0:13:30:2e:c5:03:03:9c:36:55:43:
07:27:ac:ea:6e:a0:f3:29:fd:e2:2b:9b:3b:94:d1:67:da:fa:
24:27:d5:c5:6b:1c:18:1d:af:cd:17:d3:43:29:14:2f:ef:1b:
e3:c5:fb:91:96:40:e6:b7:e2:15:1b:55:be:66:86:41:71:4a:
5e:58:54:79:5b:58:65:2e:00:4a:14:4e:84:52:1f:c7:f5:dd:
07:69:50:32:c1:ed:d9:52:e5:33:ca:b7:92:01:9a:66:36:e3:
99:db:25:73:bc:65:11:fa:14:70:44:67:8a:f0:e6:0e:73:d9:
82:c5:63:1c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZYcIul6UN7ujEh/asNvUc0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA5MTk1OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTU2ODQ4YTQzM2RiZjA3ZmY5NDJkZGEyYjJjMTc0MTA1MzNmZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJkEVZUPZQaYcsGrMLbCTUChDquZ
eYQnY2TfBlShsRXnx9vufrovbanj0cfmq7VZeTxVwy1VOmfNjziCUYxt44uA6W5c
VN4oanc59E2ZFISCC296xYcdQt6tLIxD9EZOwmp1mUkkiKR757+QK580i4vcCNNC
NRRWuH8T4IMd1lFK6BeTVqCTJgHVAjdDc3MrMFw/sLA9kNCJt0ua8crX3PGnOPh7
lP/UngvpXM75iYg2IBDPnaCHwyPdagdcHeuYyi4fZCT+BTOSD1lbFC87IeoGmeso
kxYkJoVDNxcMOj4k1q7Jdi5kk63dlx4t8b0p64mEvsGzRRPn33YGgHrLlQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOVWhIpDPb8H/5Qt2issF0EFM/4MMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNVZhRWlrTTl2d2ZfbEMzYUt5d1hRUVV6X2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWZAiMAwD
BAJeZ6wDBABeZ64DBACyEpMwDQYJKoZIhvcNAQELBQADggEBAOv24r2hh8OlDhBh
vNVkGTr0tmdvzEZidkDD+cDQm7CyMhUtTiIDqyBnzWneb4LjeX8iH4b03JfyWGXD
w5Mt78TyXHPeSwotVG3HuYQEXMz1Va+8kKSKde7fTGXUCzv5poFGhBS9/sG1OYG/
VQnNOi8N5rz3QP7Epeu48fC1HQw9gW/+Kg/wEzAuxQMDnDZVQwcnrOpuoPMp/eIr
mzuU0Wfa+iQn1cVrHBgdr80X00MpFC/vG+PF+5GWQOa34hUbVb5mhkFxSl5YVHlb
WGUuAEoUToRSH8f13QdpUDLB7dlS5TPKt5IBmmY245nbJXO8ZRH6FHBEZ4rw5g5z
2YLFYxw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:54:42 2025 by rpki-client