Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/F2bST1VIAqfsVB_1WBrGyHQeVt8.roa
File: F2bST1VIAqfsVB_1WBrGyHQeVt8.roa (raw, json)
Hash identifier: ZwRY3jXxS/GatDRCYCrMp1EZdgRYco/4EN/nOL7Y92c=
Subject key identifier: 17:66:D2:4F:55:48:02:A7:EC:54:1F:F5:58:1A:C6:C8:74:1E:56:DF
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196CD0750A92E68B1B99AE006CE5FB453F0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/F2bST1VIAqfsVB_1WBrGyHQeVt8.roa
Signing time: Wed 14 May 2025 04:22:10 +0000
ROA not before: Wed 14 May 2025 04:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 May 2025 13:15:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cd:07:50:a9:2e:68:b1:b9:9a:e0:06:ce:5f:b4:53:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 14 04:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1766d24f554802a7ec541ff5581ac6c8741e56df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:8d:49:23:ce:7b:cf:70:c2:f9:18:45:9f:
df:84:82:0c:39:73:cb:97:80:97:d3:64:96:94:e5:
a2:ee:50:19:ee:52:a3:3b:ea:33:5a:12:e9:f2:81:
2a:36:e1:f7:d5:ee:3d:da:3b:ef:d0:7e:ef:4e:d6:
b4:e6:ac:a2:90:1e:08:ef:3f:62:0e:e3:b8:eb:2e:
58:ff:cb:b1:17:8b:88:0a:86:e4:75:99:e1:d9:07:
4d:f5:e2:e3:38:6d:a0:3d:36:2e:44:81:b7:61:99:
ac:61:14:ce:3d:49:22:76:49:e3:23:23:e1:3c:d0:
56:a2:0e:62:35:a8:c1:ec:a4:6f:f1:4c:11:17:06:
cd:43:44:46:ef:6d:06:44:5b:da:c2:03:ff:c5:1c:
62:66:06:62:41:cb:76:16:8d:ca:1a:91:99:c5:54:
d5:71:4e:dc:bd:b6:d2:a1:1e:ab:d6:27:01:f3:da:
9e:31:c2:ef:41:15:99:90:09:ff:37:84:c5:26:9d:
8a:b6:2d:57:d6:70:f9:8e:b7:5f:96:a9:d6:66:ec:
92:e7:9f:7f:aa:1c:3f:ce:97:2a:de:fa:51:4b:e7:
aa:80:5d:51:98:a3:a3:5e:e8:72:f5:ce:e8:fb:f1:
78:f0:8c:ab:4e:e0:0b:22:d6:53:a2:a6:0e:b6:5d:
a3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:66:D2:4F:55:48:02:A7:EC:54:1F:F5:58:1A:C6:C8:74:1E:56:DF
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/F2bST1VIAqfsVB_1WBrGyHQeVt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
77.90.54.0/24
87.239.131.0/24
94.249.195.0/24
95.215.34.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:56:79:e6:93:ff:de:d7:ad:fb:bf:fc:af:7a:69:57:a6:c3:
6b:26:93:56:41:76:d8:ce:f2:ee:b9:a7:19:cc:d2:b6:d4:20:
c8:92:cd:47:d8:1d:91:19:22:28:c1:c3:20:23:27:ca:6c:df:
cb:a7:c9:b3:38:0f:2e:0b:2e:4a:11:c1:f8:ce:66:c3:89:5e:
a9:cf:17:66:ad:bb:d3:d7:e1:47:cb:7c:43:6c:0d:4d:86:08:
5d:26:3d:2b:f2:9f:a7:7b:de:c9:5c:d0:ab:0f:c0:e8:35:a9:
cb:1e:43:32:b0:cc:41:5f:81:bf:0a:41:58:4b:e9:70:5f:f6:
e9:71:37:ca:41:28:10:d1:90:d4:90:63:d3:5b:06:a1:dc:a7:
f2:48:4d:93:96:f3:ca:1f:62:72:20:1b:73:67:6f:8a:b6:0f:
20:9e:a8:a4:a2:b9:9d:32:a7:1e:f3:e9:04:e8:ff:51:d5:c8:
d9:cd:27:88:09:1b:e3:45:e0:96:c4:06:d8:f9:b4:2e:b6:bc:
37:3b:2e:72:09:79:bc:90:76:45:45:e7:c5:6f:fa:0c:44:9d:
f0:75:aa:3a:fb:a5:ed:04:70:c6:04:bf:a2:7e:a9:af:e3:a9:
0c:95:7f:f4:9b:45:c3:ed:21:a0:ff:e5:bc:18:3c:81:91:cc:
1b:47:89:8f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbNB1CpLmixuZrgBs5ftFPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTE0MDQyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzY2ZDI0ZjU1NDgwMmE3ZWM1NDFmZjU1ODFhYzZjODc0MWU1NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEGNSSPOe89wwvkYRZ/fhIIMOXPL
l4CX02SWlOWi7lAZ7lKjO+ozWhLp8oEqNuH31e492jvv0H7vTta05qyikB4I7z9i
DuO46y5Y/8uxF4uICobkdZnh2QdN9eLjOG2gPTYuRIG3YZmsYRTOPUkidknjIyPh
PNBWog5iNajB7KRv8UwRFwbNQ0RG720GRFvawgP/xRxiZgZiQct2Fo3KGpGZxVTV
cU7cvbbSoR6r1icB89qeMcLvQRWZkAn/N4TFJp2Kti1X1nD5jrdflqnWZuyS559/
qhw/zpcq3vpRS+eqgF1RmKOjXuhy9c7o+/F48IyrTuALItZToqYOtl2jSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBdm0k9VSAKn7FQf9Vgaxsh0HlbfMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRjJiU1QxVklBcWZzVkJfMVdCckd5SFFlVnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOBAwQA
TVo2AwQAV++DAwQAXvnDAwQAX9ciAwQA2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQDH
Vnnmk//e1637v/yvemlXpsNrJpNWQXbYzvLuuacZzNK21CDIks1H2B2RGSIowcMg
IyfKbN/Lp8mzOA8uCy5KEcH4zmbDiV6pzxdmrbvT1+FHy3xDbA1NhghdJj0r8p+n
e97JXNCrD8DoNanLHkMysMxBX4G/CkFYS+lwX/bpcTfKQSgQ0ZDUkGPTWwah3Kfy
SE2TlvPKH2JyIBtzZ2+Ktg8gnqikormdMqce8+kE6P9R1cjZzSeICRvjReCWxAbY
+bQutrw3Oy5yCXm8kHZFRefFb/oMRJ3wdao6+6XtBHDGBL+ifqmv46kMlX/0m0XD
7SGg/+W8GDyBkcwbR4mP
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:48:28 2025 by rpki-client