Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AjikQxKlvyKa4gMC1TZusuY6Ko0.roa
File: AjikQxKlvyKa4gMC1TZusuY6Ko0.roa (raw, json)
Hash identifier: 6eYlvvMS6VYuKHZAx8+yQFpYuKuXaeOKuuZRdmVwEcg=
Subject key identifier: 02:38:A4:43:12:A5:BF:22:9A:E2:03:02:D5:36:6E:B2:E6:3A:2A:8D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196FF1D08E8FB7052D00415D67E3F3B43CC
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AjikQxKlvyKa4gMC1TZusuY6Ko0.roa
Signing time: Fri 23 May 2025 21:46:54 +0000
ROA not before: Fri 23 May 2025 21:46:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.83.138.0/24 maxlen: 24
5.175.200.0/24 maxlen: 24
5.175.201.0/24 maxlen: 24
5.175.204.0/24 maxlen: 24
5.175.205.0/24 maxlen: 24
5.175.209.0/24 maxlen: 24
5.175.210.0/24 maxlen: 24
5.175.211.0/24 maxlen: 24
5.175.212.0/24 maxlen: 24
5.175.213.0/24 maxlen: 24
5.175.214.0/24 maxlen: 24
5.175.238.0/24 maxlen: 24
5.230.164.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.71.0/24 maxlen: 24
5.231.72.0/24 maxlen: 24
5.231.73.0/24 maxlen: 24
5.231.74.0/24 maxlen: 24
5.231.75.0/24 maxlen: 24
5.231.79.0/24 maxlen: 24
5.231.92.0/24 maxlen: 24
5.231.113.0/24 maxlen: 24
5.231.240.0/24 maxlen: 24
5.231.241.0/24 maxlen: 24
5.231.242.0/24 maxlen: 24
5.231.243.0/24 maxlen: 24
5.231.244.0/24 maxlen: 24
5.231.245.0/24 maxlen: 24
5.231.246.0/24 maxlen: 24
5.231.247.0/24 maxlen: 24
5.231.248.0/24 maxlen: 24
85.93.5.0/24 maxlen: 24
85.93.21.0/24 maxlen: 24
85.93.31.0/24 maxlen: 24
89.106.70.0/24 maxlen: 24
89.106.90.0/24 maxlen: 24
89.144.5.0/24 maxlen: 24
89.144.34.0/24 maxlen: 24
89.144.39.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.180.0/24 maxlen: 24
94.249.181.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 May 2025 04:09:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ff:1d:08:e8:fb:70:52:d0:04:15:d6:7e:3f:3b:43:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 23 21:46:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0238a44312a5bf229ae20302d5366eb2e63a2a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a9:8f:c0:b3:3a:b2:05:83:c2:ce:63:36:c9:
b8:f8:1e:0b:89:f4:d8:02:50:1a:ce:37:18:a8:bc:
ce:7b:5e:23:9f:cd:1a:e6:43:44:a1:2a:9d:04:27:
0b:7a:e8:c9:95:c3:95:fe:16:6e:8b:e6:4c:78:27:
93:c7:a1:ad:05:6d:f7:88:84:1e:f3:ec:be:24:a6:
71:93:87:fe:94:5b:fb:69:2a:5b:48:38:2c:73:eb:
4d:49:26:35:83:77:42:93:8e:8d:60:b9:17:16:b6:
d5:94:22:bb:5e:c5:98:1f:69:28:7c:6a:96:29:78:
c7:56:3a:16:21:7d:c5:76:c4:5e:a3:a0:5d:f0:fa:
f9:3d:98:00:0c:6e:90:96:63:ce:f1:0d:1d:94:e9:
a3:45:fa:cc:0e:61:5c:aa:a4:d1:0e:c6:7f:8b:24:
14:64:13:d4:8e:37:0f:d3:ab:d0:73:1e:74:f5:94:
e3:8c:96:92:dc:f3:d3:ab:7d:79:e6:8d:5d:3b:7d:
bb:35:9e:55:d5:46:34:44:fa:63:ec:96:64:7d:20:
03:17:fe:39:e3:43:78:21:68:1b:4b:90:26:31:9e:
49:23:75:1a:5b:cc:de:ce:35:ef:1e:17:eb:65:10:
9f:36:8b:45:93:0f:7f:b1:e8:a0:58:02:58:bf:3d:
b8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:38:A4:43:12:A5:BF:22:9A:E2:03:02:D5:36:6E:B2:E6:3A:2A:8D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AjikQxKlvyKa4gMC1TZusuY6Ko0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.175.200.0/23
5.175.204.0/23
5.175.209.0-5.175.214.255
5.175.238.0/24
5.230.164.0/24
5.231.61.0/24
5.231.71.0-5.231.75.255
5.231.79.0/24
5.231.92.0/24
5.231.113.0/24
5.231.240.0-5.231.248.255
85.93.5.0/24
85.93.21.0/24
85.93.31.0/24
89.106.70.0/24
89.106.90.0/24
89.144.5.0/24
89.144.34.0/24
89.144.39.0/24
94.249.168.0/23
94.249.180.0/23
94.249.237.0/24
Signature Algorithm: sha256WithRSAEncryption
90:0d:1c:d2:0c:3b:b6:5b:bc:eb:47:93:22:b0:b4:f9:02:21:
72:ef:77:f0:81:4d:f0:37:63:6c:15:2e:8d:2e:86:ab:55:df:
39:b9:a1:0d:9a:48:b7:55:62:6b:db:af:ae:0d:0e:bd:89:38:
71:5f:29:5f:1d:82:58:f6:bc:31:45:29:a1:54:9d:e2:26:1e:
8d:b6:6c:e5:b6:0e:78:3f:ad:91:8f:36:ae:fa:49:9d:c4:42:
61:06:76:f8:e7:75:ea:d9:f7:be:28:9c:69:c8:c2:ac:e4:ab:
52:d6:29:16:c9:29:22:02:02:b5:5b:5d:5d:bf:92:82:08:9f:
2d:55:e0:a2:14:b5:ff:a4:d4:37:e3:ba:c9:e1:70:5c:88:e5:
37:b8:68:17:a5:43:93:a0:54:83:12:d2:70:0c:b6:9c:49:c3:
b9:15:c5:9a:f3:48:78:83:b3:0f:1c:54:3e:dc:c4:c9:52:9c:
78:5a:ca:ce:07:12:79:2d:f1:39:f3:3c:62:20:bc:fc:3a:50:
4b:f6:b6:93:a2:3d:5d:70:bf:bf:5b:6b:64:90:6c:38:68:c2:
7f:aa:b3:20:54:2d:d2:14:83:c1:81:d0:11:f3:f7:12:0e:78:
7a:b1:6d:54:98:f1:06:32:86:9f:71:16:47:1b:a4:37:9e:8f:
aa:21:9a:18
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZb/HQjo+3BS0AQV1n4/O0PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTIzMjE0NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjM4YTQ0MzEyYTViZjIyOWFlMjAzMDJkNTM2NmViMmU2M2EyYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsamPwLM6sgWDws5jNsm4+B4LifTY
AlAazjcYqLzOe14jn80a5kNEoSqdBCcLeujJlcOV/hZui+ZMeCeTx6GtBW33iIQe
8+y+JKZxk4f+lFv7aSpbSDgsc+tNSSY1g3dCk46NYLkXFrbVlCK7XsWYH2kofGqW
KXjHVjoWIX3FdsReo6Bd8Pr5PZgADG6QlmPO8Q0dlOmjRfrMDmFcqqTRDsZ/iyQU
ZBPUjjcP06vQcx509ZTjjJaS3PPTq3155o1dO327NZ5V1UY0RPpj7JZkfSADF/45
40N4IWgbS5AmMZ5JI3UaW8zezjXvHhfrZRCfNotFkw9/seigWAJYvz24IwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFAI4pEMSpb8imuIDAtU2brLmOiqNMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQWppa1F4S2x2eUthNGdNQzFUWnVzdVk2S28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAF
U4oDBAEFr8gDBAEFr8wwDAMEAAWv0QMEAAWv1gMEAAWv7gMEAAXmpAMEAAXnPTAM
AwQABedHAwQCBedIAwQABedPAwQABedcAwQABedxMAwDBAQF5/ADBAAF5/gDBABV
XQUDBABVXRUDBABVXR8DBABZakYDBABZaloDBABZkAUDBABZkCIDBABZkCcDBAFe
+agDBAFe+bQDBABe+e0wDQYJKoZIhvcNAQELBQADggEBAJANHNIMO7ZbvOtHkyKw
tPkCIXLvd/CBTfA3Y2wVLo0uhqtV3zm5oQ2aSLdVYmvbr64NDr2JOHFfKV8dglj2
vDFFKaFUneImHo22bOW2Dng/rZGPNq76SZ3EQmEGdvjnderZ974onGnIwqzkq1LW
KRbJKSICArVbXV2/koIIny1V4KIUtf+k1DfjusnhcFyI5Te4aBelQ5OgVIMS0nAM
tpxJw7kVxZrzSHiDsw8cVD7cxMlSnHhays4HEnkt8TnzPGIgvPw6UEv2tpOiPV1w
v79ba2SQbDhown+qsyBULdIUg8GB0BHz9xIOeHqxbVSY8QYyhp9xFkcbpDeej6oh
mhg=
-----END CERTIFICATE-----
Generated at Sun Jun 15 17:57:07 2025 by rpki-client