Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BQpN-01BOKSqFsO5DVh8ynJWNAo.roa
File: BQpN-01BOKSqFsO5DVh8ynJWNAo.roa (raw, json)
Hash identifier: ZFF7Nf6GTHAeZh5SzgvgCtFCEKB8yF/xxzJoxqDFOs0=
Subject key identifier: 05:0A:4D:FB:4D:41:38:A4:AA:16:C3:B9:0D:58:7C:CA:72:56:34:0A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196042314C58E95F1DF4F308066218C8515
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BQpN-01BOKSqFsO5DVh8ynJWNAo.roa
Signing time: Sat 05 Apr 2025 04:08:50 +0000
ROA not before: Sat 05 Apr 2025 04:08:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.83.138.0/24 maxlen: 24
5.175.238.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.79.0/24 maxlen: 24
85.93.5.0/24 maxlen: 24
85.93.31.0/24 maxlen: 24
89.144.5.0/24 maxlen: 24
89.144.11.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.18.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Apr 2025 04:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:04:23:14:c5:8e:95:f1:df:4f:30:80:66:21:8c:85:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 5 04:08:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=050a4dfb4d4138a4aa16c3b90d587cca7256340a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3a:f2:7d:fb:76:b8:37:a1:36:01:1e:64:88:
79:2c:22:b0:1b:28:eb:92:ec:1f:9d:1f:ef:08:c5:
d6:37:85:8a:d2:4e:0c:40:04:e1:79:46:60:e4:a2:
30:14:70:d4:77:1e:50:63:7d:29:e6:f4:1c:f4:17:
64:ad:22:46:c0:31:b0:1e:3a:92:f6:ff:ab:46:3c:
ff:91:c3:ca:94:08:d8:83:a7:17:72:a8:f3:d9:a9:
c4:2c:bf:0d:51:af:70:9d:dd:99:e9:b3:1a:bf:13:
86:af:b9:39:2d:d2:c7:f8:08:95:8f:2f:98:a7:36:
83:e2:c5:bc:e3:a2:bc:20:9b:c2:b1:1e:8d:62:00:
2d:c8:17:97:71:fd:e8:47:48:8f:70:1b:5a:5b:8d:
13:60:17:a5:68:ec:7e:08:66:95:02:af:61:5c:ed:
fe:37:8b:c5:f5:53:ad:9c:d8:b5:d7:2b:64:a7:ae:
ed:56:98:6f:6e:1d:82:a5:35:d2:70:d8:d7:f4:ac:
bd:dc:5a:19:db:f4:a8:ad:1a:fa:55:c1:0d:44:93:
8a:1f:26:72:df:9e:af:64:a4:d6:c5:c9:a0:4c:73:
4e:11:6b:0e:12:21:22:10:30:1f:2f:f0:d7:09:16:
95:90:72:d6:8a:9d:10:96:d6:56:84:85:95:82:5e:
43:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0A:4D:FB:4D:41:38:A4:AA:16:C3:B9:0D:58:7C:CA:72:56:34:0A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BQpN-01BOKSqFsO5DVh8ynJWNAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.175.238.0/24
5.231.61.0/24
5.231.79.0/24
85.93.5.0/24
85.93.31.0/24
89.144.5.0/24
89.144.11.0/24
89.144.17.0-89.144.18.255
94.249.168.0/23
94.249.237.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:07:55:04:c8:57:17:31:5e:56:41:5f:3c:7f:41:e4:1d:9d:
e8:5a:1e:f5:f2:14:2d:27:ef:10:b1:fd:34:23:64:40:3f:8b:
61:03:87:e9:31:eb:a1:36:03:17:64:8c:66:0b:91:58:48:b8:
41:da:9e:06:20:1c:3a:2f:30:2d:c5:49:80:36:70:db:2d:32:
78:bf:0d:f1:79:e8:09:12:57:5c:98:05:83:90:5f:bf:ee:33:
58:8a:3f:12:a4:03:31:27:d9:d5:69:76:2d:38:45:61:5b:1f:
cb:ff:1c:97:7b:25:5c:a7:d1:58:a5:16:81:d3:00:34:a5:70:
d5:5e:4c:90:e6:90:97:af:a3:1c:ba:1f:2e:d5:d0:c5:22:2a:
43:d4:23:a3:d8:9f:7e:2a:64:4d:cf:06:87:6d:58:33:4e:25:
14:4e:c6:63:15:ba:16:c0:13:63:6e:2c:87:02:19:5e:9a:73:
8a:02:b5:b2:ce:3e:4b:79:f0:41:68:85:91:6e:b2:02:21:a7:
6d:86:23:6d:56:a9:0b:4d:78:43:2e:fe:22:be:b7:8a:ff:ae:
66:bc:c5:d3:df:89:76:eb:53:e5:2c:b6:5f:ac:2c:9f:b7:26:
a2:4e:d0:a1:9c:f4:75:3b:e6:3c:0d:8b:d1:d4:fa:b7:f8:a7:
74:cd:31:ed
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZYEIxTFjpXx308wgGYhjIUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA1MDQwODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTBhNGRmYjRkNDEzOGE0YWExNmMzYjkwZDU4N2NjYTcyNTYzNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujryfft2uDehNgEeZIh5LCKwGyjr
kuwfnR/vCMXWN4WK0k4MQATheUZg5KIwFHDUdx5QY30p5vQc9BdkrSJGwDGwHjqS
9v+rRjz/kcPKlAjYg6cXcqjz2anELL8NUa9wnd2Z6bMavxOGr7k5LdLH+AiVjy+Y
pzaD4sW846K8IJvCsR6NYgAtyBeXcf3oR0iPcBtaW40TYBelaOx+CGaVAq9hXO3+
N4vF9VOtnNi11ytkp67tVphvbh2CpTXScNjX9Ky93FoZ2/SorRr6VcENRJOKHyZy
356vZKTWxcmgTHNOEWsOEiEiEDAfL/DXCRaVkHLWip0QltZWhIWVgl5DrwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFAUKTftNQTikqhbDuQ1YfMpyVjQKMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQlFwTi0wMUJPS1NxRnNPNURWaDh5bkpXTkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQABVOKAwQA
Ba/uAwQABec9AwQABedPAwQAVV0FAwQAVV0fAwQAWZAFAwQAWZALMAwDBABZkBED
BABZkBIDBAFe+agDBABe+e0wDQYJKoZIhvcNAQELBQADggEBAI4HVQTIVxcxXlZB
Xzx/QeQdnehaHvXyFC0n7xCx/TQjZEA/i2EDh+kx66E2AxdkjGYLkVhIuEHangYg
HDovMC3FSYA2cNstMni/DfF56AkSV1yYBYOQX7/uM1iKPxKkAzEn2dVpdi04RWFb
H8v/HJd7JVyn0VilFoHTADSlcNVeTJDmkJevoxy6Hy7V0MUiKkPUI6PYn34qZE3P
BodtWDNOJRROxmMVuhbAE2NuLIcCGV6ac4oCtbLOPkt58EFohZFusgIhp22GI21W
qQtNeEMu/iK+t4r/rma8xdPfiXbrU+Ustl+sLJ+3JqJO0KGc9HU75jwNi9HU+rf4
p3TNMe0=
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:55:57 2025 by rpki-client