Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8wxdERbeelbZ5Kfkm4XsUCHz3LA.roa
File: 8wxdERbeelbZ5Kfkm4XsUCHz3LA.roa (raw, json)
Hash identifier: qAsDBTUWIlrxNS+tn3VFKMOS/tysqe8beo/MhL8aGoc=
Subject key identifier: F3:0C:5D:11:16:DE:7A:56:D9:E4:A7:E4:9B:85:EC:50:21:F3:DC:B0
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01975D2CABF20A68118C391ABBCB17FA9A56
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8wxdERbeelbZ5Kfkm4XsUCHz3LA.roa
Signing time: Wed 11 Jun 2025 04:08:17 +0000
ROA not before: Wed 11 Jun 2025 04:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.249.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jun 2025 21:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:2c:ab:f2:0a:68:11:8c:39:1a:bb:cb:17:fa:9a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 11 04:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f30c5d1116de7a56d9e4a7e49b85ec5021f3dcb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:09:35:ce:a0:5b:0f:c1:59:42:2c:fa:51:2a:
96:fe:31:aa:63:5c:c6:bd:b7:7d:91:2f:a0:3f:e7:
c5:c9:45:8e:65:d8:74:83:2e:49:0c:62:97:4f:80:
5b:d1:b0:a2:a8:d7:5f:b3:9f:9b:0b:ad:e2:bf:b0:
5b:4e:1d:59:ae:07:01:b7:46:3f:82:b8:81:84:80:
18:ee:5b:ad:b8:32:3b:30:8a:84:8e:7d:4a:a3:8d:
22:d7:71:5a:41:4e:b5:66:6b:11:a9:da:65:96:a6:
ec:d4:94:7d:15:55:ef:a7:40:19:ce:a4:78:30:e6:
9b:ca:96:a9:b2:92:d3:d9:d9:aa:73:f4:b8:41:d7:
29:12:91:3b:4e:69:89:aa:ae:7f:3c:1e:e7:0e:7c:
3c:44:98:a7:2e:e4:97:e8:2a:2e:e1:e5:85:29:62:
83:3c:04:b9:6e:ce:a1:ef:9e:87:9d:65:42:42:23:
d1:c9:9a:5b:d5:1a:fc:63:19:89:c7:d4:a7:7a:06:
20:09:83:98:f0:4b:48:34:30:1b:ae:6e:bc:23:86:
ec:47:5f:28:ba:85:2e:ed:dd:f7:16:40:92:31:a5:
80:3c:55:2d:cb:b2:a2:82:37:27:50:43:26:54:e1:
44:f3:38:b0:a5:80:2e:e5:b0:47:93:28:4d:b1:6b:
1e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0C:5D:11:16:DE:7A:56:D9:E4:A7:E4:9B:85:EC:50:21:F3:DC:B0
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8wxdERbeelbZ5Kfkm4XsUCHz3LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.239.0/24
5.231.25.0/24
5.231.82.0/24
5.231.96.0/24
77.90.39.0/24
94.103.167.0/24
94.249.150.0/24
Signature Algorithm: sha256WithRSAEncryption
40:5b:b3:96:73:c9:82:7f:f0:de:71:9d:70:ec:de:17:fd:5a:
7e:db:f1:2d:22:31:e0:f6:d7:7f:58:c2:3d:b2:33:15:47:59:
42:ee:e0:a7:8a:ee:21:b1:68:57:3d:39:c6:c9:84:6e:37:93:
84:62:21:24:bb:a2:37:29:be:86:a5:ee:57:01:89:7b:64:16:
34:ff:d3:84:56:a8:0b:17:fa:15:12:b2:74:1c:70:2b:e6:b7:
9b:dc:54:d7:d6:f3:b3:95:e9:62:c3:e1:a4:79:8a:56:04:4c:
2b:20:74:d4:1f:90:e5:2c:fb:ec:25:2f:49:f8:66:f1:04:fc:
6c:99:3f:19:09:d3:10:c3:66:6a:73:8a:8b:67:44:7f:c4:d7:
6e:60:c5:14:99:b3:08:44:cb:55:03:df:51:ff:d6:fd:f0:ca:
d3:6c:f0:48:64:69:c2:bb:bc:5c:dc:9f:22:e1:6c:ae:ff:a9:
d4:44:cd:63:b4:70:f8:8b:d0:f4:9b:82:1f:c1:15:34:c2:92:
45:51:61:d9:a5:9b:0b:ae:ab:55:be:de:ea:b1:be:8c:81:e2:
78:68:fd:47:12:e2:a4:a9:d3:46:2e:7c:a2:73:f3:79:7c:53:
7d:29:d4:04:69:5c:aa:f7:3c:a7:fa:8e:87:7e:f2:a0:58:03:
8a:f5:ab:b1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZddLKvyCmgRjDkau8sX+ppWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjExMDQwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzBjNWQxMTE2ZGU3YTU2ZDllNGE3ZTQ5Yjg1ZWM1MDIxZjNkY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywk1zqBbD8FZQiz6USqW/jGqY1zG
vbd9kS+gP+fFyUWOZdh0gy5JDGKXT4Bb0bCiqNdfs5+bC63iv7BbTh1ZrgcBt0Y/
griBhIAY7lutuDI7MIqEjn1Ko40i13FaQU61ZmsRqdpllqbs1JR9FVXvp0AZzqR4
MOabypapspLT2dmqc/S4QdcpEpE7TmmJqq5/PB7nDnw8RJinLuSX6Cou4eWFKWKD
PAS5bs6h756HnWVCQiPRyZpb1Rr8YxmJx9SnegYgCYOY8EtINDAbrm68I4bsR18o
uoUu7d33FkCSMaWAPFUty7KigjcnUEMmVOFE8ziwpYAu5bBHkyhNsWseJQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPMMXREW3npW2eSn5JuF7FAh89ywMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvOHd4ZEVSYmVlbGJaNUtma200WHNVQ0h6M0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABVOWAwQA
Ba/vAwQABecZAwQABedSAwQABedgAwQATVonAwQAXmenAwQAXvmWMA0GCSqGSIb3
DQEBCwUAA4IBAQBAW7OWc8mCf/DecZ1w7N4X/Vp+2/EtIjHg9td/WMI9sjMVR1lC
7uCniu4hsWhXPTnGyYRuN5OEYiEku6I3Kb6Gpe5XAYl7ZBY0/9OEVqgLF/oVErJ0
HHAr5reb3FTX1vOzleliw+GkeYpWBEwrIHTUH5DlLPvsJS9J+GbxBPxsmT8ZCdMQ
w2Zqc4qLZ0R/xNduYMUUmbMIRMtVA99R/9b98MrTbPBIZGnCu7xc3J8i4Wyu/6nU
RM1jtHD4i9D0m4IfwRU0wpJFUWHZpZsLrqtVvt7qsb6MgeJ4aP1HEuKkqdNGLnyi
c/N5fFN9KdQEaVyq9zyn+o6HfvKgWAOK9aux
-----END CERTIFICATE-----
Generated at Tue Jun 17 04:40:23 2025 by rpki-client