Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ER1BTHOJSY71nzRpX-IA_HzNf94.roa
File: ER1BTHOJSY71nzRpX-IA_HzNf94.roa (raw, json)
Hash identifier: x+li0Ypoy0G/4sS9Q3yCfYzwkg3jxwun2ApVu63sFNs=
Subject key identifier: 11:1D:41:4C:73:89:49:8E:F5:9F:34:69:5F:E2:00:FC:7C:CD:7F:DE
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01976254DC58D1C4084B4FF1DBC55B0BDF52
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ER1BTHOJSY71nzRpX-IA_HzNf94.roa
Signing time: Thu 12 Jun 2025 04:10:17 +0000
ROA not before: Thu 12 Jun 2025 04:10:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 5.175.194.0/24 maxlen: 24
5.231.106.0/24 maxlen: 24
5.231.107.0/24 maxlen: 24
5.231.108.0/24 maxlen: 24
5.231.109.0/24 maxlen: 24
5.231.110.0/24 maxlen: 24
5.231.116.0/24 maxlen: 24
5.231.117.0/24 maxlen: 24
5.231.118.0/24 maxlen: 24
5.231.119.0/24 maxlen: 24
5.231.120.0/24 maxlen: 24
5.231.121.0/24 maxlen: 24
5.231.122.0/24 maxlen: 24
5.231.123.0/24 maxlen: 24
89.144.53.0/24 maxlen: 24
89.144.54.0/24 maxlen: 24
89.144.55.0/24 maxlen: 24
94.103.166.0/24 maxlen: 24
94.249.197.0/24 maxlen: 24
94.249.198.0/24 maxlen: 24
94.249.199.0/24 maxlen: 24
94.249.200.0/24 maxlen: 24
94.249.201.0/24 maxlen: 24
94.249.202.0/24 maxlen: 24
94.249.203.0/24 maxlen: 24
94.249.204.0/24 maxlen: 24
94.249.205.0/24 maxlen: 24
94.249.206.0/24 maxlen: 24
94.249.225.0/24 maxlen: 24
94.249.226.0/24 maxlen: 24
94.249.227.0/24 maxlen: 24
94.249.228.0/24 maxlen: 24
94.249.229.0/24 maxlen: 24
94.249.230.0/24 maxlen: 24
94.249.243.0/24 maxlen: 24
94.249.244.0/24 maxlen: 24
94.249.245.0/24 maxlen: 24
94.249.246.0/24 maxlen: 24
94.249.247.0/24 maxlen: 24
94.249.248.0/24 maxlen: 24
94.249.249.0/24 maxlen: 24
94.249.250.0/24 maxlen: 24
94.249.251.0/24 maxlen: 24
94.249.252.0/24 maxlen: 24
178.18.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 20:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:62:54:dc:58:d1:c4:08:4b:4f:f1:db:c5:5b:0b:df:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 12 04:10:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=111d414c7389498ef59f34695fe200fc7ccd7fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:10:9a:53:65:7b:e7:4c:e2:b1:6c:4d:7f:
65:62:ab:58:0e:03:98:ea:e8:f3:a5:09:ff:8c:f7:
db:a8:f5:cb:67:a7:fa:e8:e4:6e:bb:00:9d:d6:bd:
3e:8d:a6:c8:82:48:9f:03:1f:12:d1:0e:1d:40:98:
3e:88:5c:76:6f:5b:64:c2:1d:d9:01:0e:2b:df:a3:
28:df:85:6d:03:4e:14:b3:6d:9b:3a:ff:9b:14:bf:
c4:e6:5e:0c:46:e5:d9:50:43:79:8c:d3:04:ea:eb:
b1:eb:9e:eb:40:31:40:b0:c5:19:96:19:fc:71:bf:
2d:be:92:3b:c1:00:e2:55:1b:ab:03:d8:20:84:b8:
de:21:1b:1e:ff:56:e9:a1:5d:31:cd:d4:61:34:12:
e3:45:8d:7d:58:4a:55:fa:d7:7c:f7:1c:3c:6a:64:
96:90:da:a0:2b:52:55:ac:3d:c7:86:43:74:cf:1f:
42:9a:84:58:84:e1:50:1c:fa:82:3c:d7:49:7c:8c:
12:ba:f7:29:34:44:09:da:1b:9c:c5:68:d6:e7:0f:
d0:a4:17:1a:b2:8f:1b:17:6f:3f:24:88:85:b5:49:
98:7a:5a:d9:52:c9:5e:1a:f9:b7:31:b1:e1:b0:62:
29:0c:56:a8:8d:c3:bd:17:e2:23:ca:d5:e7:ab:55:
47:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1D:41:4C:73:89:49:8E:F5:9F:34:69:5F:E2:00:FC:7C:CD:7F:DE
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ER1BTHOJSY71nzRpX-IA_HzNf94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.194.0/24
5.231.106.0-5.231.110.255
5.231.116.0-5.231.123.255
89.144.53.0-89.144.55.255
94.103.166.0/24
94.249.197.0-94.249.206.255
94.249.225.0-94.249.230.255
94.249.243.0-94.249.252.255
178.18.149.0/24
Signature Algorithm: sha256WithRSAEncryption
67:26:cc:07:ab:39:1d:72:4e:82:f5:f2:fa:ab:27:b8:6f:27:
ba:df:41:74:9a:fb:7d:26:db:ed:31:ca:7e:f7:e8:db:14:cc:
e2:be:6e:51:46:b2:cd:ab:18:2b:b0:45:15:b2:7c:b6:24:ac:
10:3c:46:24:e6:32:ec:a3:fc:fc:01:b0:2b:7d:56:92:16:ec:
25:04:8a:88:0d:22:9f:a9:89:6d:17:34:5c:72:0f:f4:c7:78:
ab:a8:16:ca:c7:b2:29:3d:b1:aa:ab:00:6b:78:a4:2b:d9:53:
df:45:c5:1a:1d:c9:d7:50:98:16:98:69:27:dc:07:3a:3f:cf:
92:b9:a9:7a:9e:0b:93:67:a2:08:6d:93:c2:e1:bd:d6:63:75:
1a:b9:52:19:1b:88:b7:99:58:d6:a4:a3:77:ae:80:84:43:7b:
58:a3:6a:ba:6c:0a:39:e9:7b:6e:8f:92:56:36:c9:5a:b0:a3:
18:5c:5a:af:e0:44:53:c1:d9:a0:c5:d7:87:f5:4f:02:04:68:
eb:c3:31:7d:80:84:16:7a:a4:e5:b6:c8:43:da:c2:de:7b:65:
07:af:53:9b:19:52:38:62:f4:06:20:57:5c:98:56:43:11:c5:
2a:2f:6b:dd:32:cb:d7:7a:34:7f:5f:8a:49:83:da:d9:ac:bc:
f3:7c:95:ea
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZdiVNxY0cQIS0/x28VbC99SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjEyMDQxMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTFkNDE0YzczODk0OThlZjU5ZjM0Njk1ZmUyMDBmYzdjY2Q3ZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL4QmlNle+dM4rFsTX9lYqtYDgOY
6ujzpQn/jPfbqPXLZ6f66ORuuwCd1r0+jabIgkifAx8S0Q4dQJg+iFx2b1tkwh3Z
AQ4r36Mo34VtA04Us22bOv+bFL/E5l4MRuXZUEN5jNME6uux657rQDFAsMUZlhn8
cb8tvpI7wQDiVRurA9gghLjeIRse/1bpoV0xzdRhNBLjRY19WEpV+td89xw8amSW
kNqgK1JVrD3HhkN0zx9CmoRYhOFQHPqCPNdJfIwSuvcpNEQJ2hucxWjW5w/QpBca
so8bF28/JIiFtUmYelrZUsleGvm3MbHhsGIpDFaojcO9F+IjytXnq1VH3wIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFBEdQUxziUmO9Z80aV/iAPx8zX/eMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRVIxQlRIT0pTWTcxbnpScFgtSUFfSHpOZjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABa/CMAwD
BAEF52oDBAAF524wDAMEAgXndAMEAgXneDAMAwQAWZA1AwQDWZAwAwQAXmemMAwD
BABe+cUDBABe+c4wDAMEAF754QMEAF755jAMAwQAXvnzAwQAXvn8AwQAshKVMA0G
CSqGSIb3DQEBCwUAA4IBAQBnJswHqzkdck6C9fL6qye4bye630F0mvt9JtvtMcp+
9+jbFMzivm5RRrLNqxgrsEUVsny2JKwQPEYk5jLso/z8AbArfVaSFuwlBIqIDSKf
qYltFzRccg/0x3irqBbKx7IpPbGqqwBreKQr2VPfRcUaHcnXUJgWmGkn3Ac6P8+S
ual6nguTZ6IIbZPC4b3WY3UauVIZG4i3mVjWpKN3roCEQ3tYo2q6bAo56Xtuj5JW
NslasKMYXFqv4ERTwdmgxdeH9U8CBGjrwzF9gIQWeqTltshD2sLee2UHr1ObGVI4
YvQGIFdcmFZDEcUqL2vdMsvXejR/X4pJg9rZrLzzfJXq
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:27:21 2025 by rpki-client