Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/JdDtiJQ9TbI3IdTg0aOIp23svVQ.roa
File: JdDtiJQ9TbI3IdTg0aOIp23svVQ.roa (raw, json)
Hash identifier: EVeQUCuvtq6OZEKkjFkYT72QqC+FesSZeBLrO7QU7Qs=
Subject key identifier: 25:D0:ED:88:94:3D:4D:B2:37:21:D4:E0:D1:A3:88:A7:6D:EC:BD:54
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019870BFBB234D8022D13861652A3F319BE7
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/JdDtiJQ9TbI3IdTg0aOIp23svVQ.roa
Signing time: Sun 03 Aug 2025 16:24:30 +0000
ROA not before: Sun 03 Aug 2025 16:24:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.231.30.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.233.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Aug 2025 01:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:70:bf:bb:23:4d:80:22:d1:38:61:65:2a:3f:31:9b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 3 16:24:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25d0ed88943d4db23721d4e0d1a388a76decbd54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:79:14:21:51:12:c3:ac:0b:7e:f6:e7:7b:c6:
80:75:4e:e4:d1:ec:b4:57:58:ee:f6:41:d8:94:20:
1a:af:43:2a:4d:73:04:a2:01:f7:c0:66:8d:b7:cd:
21:58:4d:03:bb:f1:45:25:50:74:df:20:cc:2d:fa:
37:34:d4:8f:2f:81:14:34:46:e3:4f:18:15:c7:2b:
e3:6b:f5:6b:7f:01:1d:29:98:0e:85:01:ff:7b:98:
40:08:a2:15:71:f5:6e:32:90:11:23:f3:2e:da:3e:
63:fb:ff:18:cf:8d:8b:05:6a:18:33:66:5d:1d:e7:
56:6b:c7:70:43:26:c5:17:83:a2:8a:e9:3c:82:29:
bd:22:1f:39:84:d5:8a:33:85:47:02:30:18:ac:61:
c5:6b:9f:cd:ff:b8:96:b4:9e:6c:ff:e6:49:a6:c8:
78:3d:2e:aa:92:48:e2:08:c7:94:b2:e4:4f:f3:b4:
00:30:7f:f7:03:28:48:86:fe:fd:00:8e:86:ba:73:
4d:9b:a1:56:f2:78:5a:42:3d:8e:07:32:4d:f0:05:
7c:0c:ef:61:0b:31:17:0c:67:d6:2a:62:b4:74:02:
60:d9:36:b7:ca:cf:1e:eb:5e:84:59:51:78:71:1e:
30:e6:0d:0a:45:46:38:a4:70:9e:f8:5e:ba:be:75:
bf:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D0:ED:88:94:3D:4D:B2:37:21:D4:E0:D1:A3:88:A7:6D:EC:BD:54
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/JdDtiJQ9TbI3IdTg0aOIp23svVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.231.30.0/24
77.90.54.0/24
87.239.131.0/24
94.249.233.0/24
95.215.34.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:5c:55:67:6e:4d:d2:b1:37:e9:b0:93:e1:dc:e3:ad:85:f0:
13:12:69:a0:81:00:e3:ea:6b:ca:01:d4:20:93:e3:1f:a5:ca:
3b:09:ac:bf:cb:f0:55:7a:8f:00:19:8c:f5:41:1d:62:5a:9c:
91:8e:ff:e3:47:02:f9:68:7b:33:f6:74:8d:8b:03:98:e2:08:
11:95:15:d2:cd:55:e6:56:eb:45:a7:65:3c:a2:2a:61:0f:74:
f9:25:59:b5:b2:8e:5c:e7:71:a3:f4:a2:b5:72:ff:7c:49:24:
4b:92:15:7a:e4:ca:c3:ed:be:66:0e:c2:98:1c:f3:a8:85:84:
99:de:a1:71:ca:17:9b:bf:ae:00:43:25:09:8c:0a:ca:3c:77:
7c:22:d6:7e:4a:e0:22:16:dc:51:98:34:41:1e:f7:ba:e6:3a:
5e:08:bf:91:61:20:ba:37:e8:14:65:c6:51:5f:e2:ae:f0:6c:
a6:1d:0b:74:4a:37:e7:df:49:10:54:82:33:5d:21:8b:62:a8:
ec:f8:d6:08:f2:70:7b:16:6c:fb:ec:ba:e3:39:01:08:d3:23:
b3:d4:8b:ee:15:b5:9a:b7:d1:7f:2c:dc:4e:68:45:6b:26:ae:
32:84:60:e5:de:59:83:06:86:bb:0d:f4:2d:71:1e:0c:1b:c9:
26:5b:dc:dc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZhwv7sjTYAi0ThhZSo/MZvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwODAzMTYyNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQwZWQ4ODk0M2Q0ZGIyMzcyMWQ0ZTBkMWEzODhhNzZkZWNiZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XkUIVESw6wLfvbne8aAdU7k0ey0
V1ju9kHYlCAar0MqTXMEogH3wGaNt80hWE0Du/FFJVB03yDMLfo3NNSPL4EUNEbj
TxgVxyvja/VrfwEdKZgOhQH/e5hACKIVcfVuMpARI/Mu2j5j+/8Yz42LBWoYM2Zd
HedWa8dwQybFF4Oiiuk8gim9Ih85hNWKM4VHAjAYrGHFa5/N/7iWtJ5s/+ZJpsh4
PS6qkkjiCMeUsuRP87QAMH/3AyhIhv79AI6GunNNm6FW8nhaQj2OBzJN8AV8DO9h
CzEXDGfWKmK0dAJg2Ta3ys8e616EWVF4cR4w5g0KRUY4pHCe+F66vnW/CQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCXQ7YiUPU2yNyHU4NGjiKdt7L1UMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSmREdGlKUTlUYkkzSWRUZzBhT0lwMjNzdlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABVOBAwQA
BeceAwQATVo2AwQAV++DAwQAXvnpAwQAX9ciAwQA2UWmMA0GCSqGSIb3DQEBCwUA
A4IBAQB/XFVnbk3SsTfpsJPh3OOthfATEmmggQDj6mvKAdQgk+Mfpco7Cay/y/BV
eo8AGYz1QR1iWpyRjv/jRwL5aHsz9nSNiwOY4ggRlRXSzVXmVutFp2U8oiphD3T5
JVm1so5c53Gj9KK1cv98SSRLkhV65MrD7b5mDsKYHPOohYSZ3qFxyhebv64AQyUJ
jArKPHd8ItZ+SuAiFtxRmDRBHve65jpeCL+RYSC6N+gUZcZRX+Ku8GymHQt0Sjfn
30kQVIIzXSGLYqjs+NYI8nB7Fmz77LrjOQEI0yOz1IvuFbWat9F/LNxOaEVrJq4y
hGDl3lmDBoa7DfQtcR4MG8kmW9zc
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:38:46 2025 by rpki-client