Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BmlSGbEPFeornVdKAYs8474w44E.roa
File: BmlSGbEPFeornVdKAYs8474w44E.roa (raw, json)
Hash identifier: uhF253eJlnZ1zof+6uqx3i6yWxauf2sxrjc8FnaSh40=
Subject key identifier: 06:69:52:19:B1:0F:15:EA:2B:9D:57:4A:01:8B:3C:E3:BE:30:E3:81
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019639DD5C5A733A26D77BF190EB7E273276
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BmlSGbEPFeornVdKAYs8474w44E.roa
Signing time: Tue 15 Apr 2025 14:32:10 +0000
ROA not before: Tue 15 Apr 2025 14:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.175.237.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
85.93.23.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Apr 2025 13:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:dd:5c:5a:73:3a:26:d7:7b:f1:90:eb:7e:27:32:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 15 14:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06695219b10f15ea2b9d574a018b3ce3be30e381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:60:8b:9d:3d:e6:f0:4d:df:2d:57:e0:05:1c:
fc:41:20:93:9b:50:c3:c7:28:f1:df:40:18:de:1e:
99:08:51:96:3c:89:f6:49:d5:b6:64:7f:4d:24:67:
86:62:a2:a1:74:ae:cd:91:ac:16:eb:8c:29:e2:d5:
7d:38:23:1f:c7:d8:c7:cc:85:aa:59:5e:01:7f:f3:
cb:dd:8f:f3:1f:3b:62:31:4b:22:e3:92:4d:12:4a:
5f:98:a5:e7:c5:9c:85:a8:af:07:a1:5c:ec:ab:0b:
6d:bb:fc:0f:7d:10:d7:38:a9:fa:2c:0b:a2:42:4d:
7a:f0:ba:0f:78:e1:2c:58:88:f8:70:77:44:cc:e5:
a7:b2:61:7b:0e:b2:bc:20:49:13:07:80:9e:5d:b0:
ed:98:06:07:30:07:f1:a5:0d:bf:4e:ad:0f:94:5a:
b0:7e:1f:98:bf:bf:36:bb:f9:93:05:3a:6c:23:59:
75:82:33:8b:50:d7:6c:af:71:11:6e:6a:51:fe:0a:
fe:7f:c1:ce:75:f7:91:79:e0:58:a3:93:42:84:88:
32:ce:5e:dc:b6:07:4b:5d:f5:c6:0c:cf:4b:10:47:
e3:2d:bd:a1:77:0d:36:12:c2:0b:7d:20:25:1d:c1:
65:36:66:b8:15:08:9e:ce:8a:32:aa:3e:55:e5:a2:
81:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:69:52:19:B1:0F:15:EA:2B:9D:57:4A:01:8B:3C:E3:BE:30:E3:81
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BmlSGbEPFeornVdKAYs8474w44E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.237.0/24
5.231.25.0-5.231.26.255
85.93.23.0/24
89.106.69.0/24
89.106.71.0/24
94.103.167.0/24
Signature Algorithm: sha256WithRSAEncryption
28:96:ee:13:31:cb:3e:e0:dd:aa:f7:8d:5b:68:06:6b:52:89:
23:2e:60:22:d1:8f:ab:3f:2b:08:a4:9c:94:77:9b:b3:34:26:
64:b0:9b:d1:4e:7b:29:83:ff:f0:d6:ad:9a:b1:b9:d4:7c:a1:
8a:f7:1d:a0:c4:2e:7e:cd:50:87:c3:f3:97:b8:cb:3b:39:29:
24:e4:2c:7f:28:60:64:aa:4f:3c:f4:64:e4:f2:c5:26:2a:f0:
6f:69:5e:b4:00:00:0a:d8:69:3c:57:b5:25:a1:c3:bd:a8:7b:
1e:28:9b:9b:1a:27:6d:e3:7c:e3:ed:2a:8f:ac:08:b9:9b:31:
68:4d:3f:0e:fb:ed:87:99:30:88:5a:3a:a4:11:c9:33:de:5d:
45:8d:63:3b:3a:b9:69:49:3b:29:1e:0d:3f:19:31:a2:9a:65:
10:32:84:48:ed:7e:bb:c8:51:08:ce:62:c0:f8:51:3a:91:71:
7b:1e:61:8d:9a:b3:fa:27:fd:02:e7:56:cd:65:cc:43:34:47:
9d:f0:5c:89:d8:3e:85:82:9d:29:46:a0:51:2f:ad:5b:23:08:
d0:c9:a3:95:57:63:37:d3:2f:cf:d8:8d:87:32:fb:64:b4:06:
a3:b8:53:e2:f4:db:e2:75:83:0a:1f:b9:7e:87:b6:54:d8:c2:
23:92:41:b9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZY53Vxaczom13vxkOt+JzJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDE1MTQzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjY5NTIxOWIxMGYxNWVhMmI5ZDU3NGEwMThiM2NlM2JlMzBlMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WCLnT3m8E3fLVfgBRz8QSCTm1DD
xyjx30AY3h6ZCFGWPIn2SdW2ZH9NJGeGYqKhdK7NkawW64wp4tV9OCMfx9jHzIWq
WV4Bf/PL3Y/zHztiMUsi45JNEkpfmKXnxZyFqK8HoVzsqwttu/wPfRDXOKn6LAui
Qk168LoPeOEsWIj4cHdEzOWnsmF7DrK8IEkTB4CeXbDtmAYHMAfxpQ2/Tq0PlFqw
fh+Yv782u/mTBTpsI1l1gjOLUNdsr3ERbmpR/gr+f8HOdfeReeBYo5NChIgyzl7c
tgdLXfXGDM9LEEfjLb2hdw02EsILfSAlHcFlNma4FQiezooyqj5V5aKBQwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAZpUhmxDxXqK51XSgGLPOO+MOOBMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQm1sU0diRVBGZW9yblZkS0FZczg0NzR3NDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABa/tMAwD
BAAF5xkDBAAF5xoDBABVXRcDBABZakUDBABZakcDBABeZ6cwDQYJKoZIhvcNAQEL
BQADggEBACiW7hMxyz7g3ar3jVtoBmtSiSMuYCLRj6s/KwiknJR3m7M0JmSwm9FO
eymD//DWrZqxudR8oYr3HaDELn7NUIfD85e4yzs5KSTkLH8oYGSqTzz0ZOTyxSYq
8G9pXrQAAArYaTxXtSWhw72oex4om5saJ23jfOPtKo+sCLmbMWhNPw777YeZMIha
OqQRyTPeXUWNYzs6uWlJOykeDT8ZMaKaZRAyhEjtfrvIUQjOYsD4UTqRcXseYY2a
s/on/QLnVs1lzEM0R53wXInYPoWCnSlGoFEvrVsjCNDJo5VXYzfTL8/YjYcy+2S0
BqO4U+L02+J1gwofuX6HtlTYwiOSQbk=
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:52:07 2025 by rpki-client