Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Be2RwLp-0gyAwF3-hx4BbvKNols.roa
File: Be2RwLp-0gyAwF3-hx4BbvKNols.roa (raw, json)
Hash identifier: iUmZ0u7T7Uc/gvDFr1D8o+GdFaP2wVaAC0ihDBVECkg=
Subject key identifier: 05:ED:91:C0:BA:7E:D2:0C:80:C0:5D:FE:87:1E:01:6E:F2:8D:A2:5B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01962294B15981A966E9BE9346F6C6B04183
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Be2RwLp-0gyAwF3-hx4BbvKNols.roa
Signing time: Fri 11 Apr 2025 02:01:32 +0000
ROA not before: Fri 11 Apr 2025 02:01:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.83.138.0/24 maxlen: 24
5.175.238.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.79.0/24 maxlen: 24
5.231.92.0/24 maxlen: 24
85.93.5.0/24 maxlen: 24
85.93.31.0/24 maxlen: 24
89.144.5.0/24 maxlen: 24
89.144.11.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Apr 2025 00:46:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:22:94:b1:59:81:a9:66:e9:be:93:46:f6:c6:b0:41:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 11 02:01:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05ed91c0ba7ed20c80c05dfe871e016ef28da25b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2f:be:21:2c:e0:bb:25:fa:f9:6d:24:00:e8:
a9:29:5d:49:68:35:70:03:86:02:4b:82:d6:57:c1:
7f:f1:25:85:71:74:72:f7:53:16:e8:83:b9:0c:26:
4b:20:72:04:75:55:ff:83:98:f0:17:8f:e6:dc:8c:
9e:df:6b:24:f7:56:05:61:0e:ed:45:9e:e4:fb:94:
36:ef:9e:c1:fd:05:63:cf:26:43:e7:7a:1b:d5:cc:
09:cd:b8:6e:b3:4e:1b:b3:38:cb:75:2c:0a:95:42:
8c:31:4a:5c:bd:91:0a:99:67:56:e2:35:bb:eb:fa:
f5:d5:c9:4c:e0:67:00:f5:5b:42:09:d8:bf:0d:d1:
79:5a:f7:cc:71:39:7d:a5:d8:b5:04:b9:6e:b9:64:
21:56:c1:ec:ea:01:58:57:d0:27:0d:c3:a3:02:a1:
d4:f8:1a:ae:34:35:d9:3e:11:3c:8d:7c:0c:70:17:
0c:c7:2f:8d:91:72:fd:21:4c:d4:cf:77:40:a6:f3:
17:f0:74:cd:83:84:0d:b9:8c:f1:9c:67:63:b4:71:
96:0f:d7:65:2d:6d:b0:e6:37:af:64:2f:24:7b:d0:
5d:94:68:bc:96:13:2c:4a:38:2a:f3:9e:7c:67:44:
a6:61:8f:2e:0b:c3:6b:18:52:03:9b:76:52:5f:a6:
98:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:ED:91:C0:BA:7E:D2:0C:80:C0:5D:FE:87:1E:01:6E:F2:8D:A2:5B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Be2RwLp-0gyAwF3-hx4BbvKNols.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.175.238.0/24
5.231.61.0/24
5.231.79.0/24
5.231.92.0/24
85.93.5.0/24
85.93.31.0/24
89.144.5.0/24
89.144.11.0/24
94.249.168.0/23
94.249.237.0/24
Signature Algorithm: sha256WithRSAEncryption
73:de:8f:37:34:5c:bf:ef:14:98:5e:ca:2a:91:7e:50:ce:f9:
37:52:1d:36:ff:21:3a:d5:94:f1:95:3c:e2:22:bc:9a:fc:e7:
80:bb:20:2c:e2:c9:74:1e:54:55:78:6e:ae:dc:a7:9d:69:dd:
a6:e8:db:57:83:56:da:5e:bc:7a:02:23:92:89:e0:f3:85:f6:
35:8c:3f:d7:5c:d0:71:23:c6:9b:92:36:e0:f7:0e:3e:8a:f9:
b4:e9:f9:1f:0c:cf:cc:51:a5:91:43:25:3f:4b:17:53:f6:06:
9f:4b:2e:e0:47:70:94:4e:0f:26:a8:9e:92:ac:08:54:4f:8e:
ce:17:0b:a6:e5:00:3d:0e:9f:ce:bf:d8:18:97:7c:c8:a1:40:
b7:5c:ae:7a:2a:3e:29:57:09:a5:d5:40:51:e3:04:70:59:0a:
a0:ac:97:9e:ad:d1:03:2e:1b:98:05:e4:24:89:35:22:11:c8:
67:ed:f7:0e:fb:3d:14:e2:c1:72:4e:1d:2d:fc:62:57:b4:52:
f7:19:7d:40:68:57:7f:f0:b0:ea:a7:b9:a2:64:c4:cb:4b:c6:
f5:3d:34:b6:9b:20:9a:ef:df:ab:f4:92:ad:15:c9:71:63:32:
26:70:d6:d5:9e:13:ef:fd:0c:02:f6:a3:6b:93:05:04:45:83:
29:03:e1:87
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZYilLFZgalm6b6TRvbGsEGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDExMDIwMTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWVkOTFjMGJhN2VkMjBjODBjMDVkZmU4NzFlMDE2ZWYyOGRhMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui++ISzguyX6+W0kAOipKV1JaDVw
A4YCS4LWV8F/8SWFcXRy91MW6IO5DCZLIHIEdVX/g5jwF4/m3Iye32sk91YFYQ7t
RZ7k+5Q2757B/QVjzyZD53ob1cwJzbhus04bszjLdSwKlUKMMUpcvZEKmWdW4jW7
6/r11clM4GcA9VtCCdi/DdF5WvfMcTl9pdi1BLluuWQhVsHs6gFYV9AnDcOjAqHU
+BquNDXZPhE8jXwMcBcMxy+NkXL9IUzUz3dApvMX8HTNg4QNuYzxnGdjtHGWD9dl
LW2w5jevZC8ke9BdlGi8lhMsSjgq8558Z0SmYY8uC8NrGFIDm3ZSX6aY5wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAXtkcC6ftIMgMBd/oceAW7yjaJbMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQmUyUndMcC0wZ3lBd0YzLWh4NEJidktOb2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABVOKAwQA
Ba/uAwQABec9AwQABedPAwQABedcAwQAVV0FAwQAVV0fAwQAWZAFAwQAWZALAwQB
XvmoAwQAXvntMA0GCSqGSIb3DQEBCwUAA4IBAQBz3o83NFy/7xSYXsoqkX5Qzvk3
Uh02/yE61ZTxlTziIrya/OeAuyAs4sl0HlRVeG6u3Kedad2m6NtXg1baXrx6AiOS
ieDzhfY1jD/XXNBxI8abkjbg9w4+ivm06fkfDM/MUaWRQyU/SxdT9gafSy7gR3CU
Tg8mqJ6SrAhUT47OFwum5QA9Dp/Ov9gYl3zIoUC3XK56Kj4pVwml1UBR4wRwWQqg
rJeerdEDLhuYBeQkiTUiEchn7fcO+z0U4sFyTh0t/GJXtFL3GX1AaFd/8LDqp7mi
ZMTLS8b1PTS2myCa79+r9JKtFclxYzImcNbVnhPv/QwC9qNrkwUERYMpA+GH
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:35:13 2025 by rpki-client