Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/K8uXWmtRMkQY4SWVIRn1bFQk6jE.roa
File: K8uXWmtRMkQY4SWVIRn1bFQk6jE.roa (raw, json)
Hash identifier: tCXVewdqc/73wgdSbuokojnnVMLAmY2W7Ar+GKmBUnc=
Subject key identifier: 2B:CB:97:5A:6B:51:32:44:18:E1:25:95:21:19:F5:6C:54:24:EA:31
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197301F6DC3B5EA0A679BF264276F024E30
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/K8uXWmtRMkQY4SWVIRn1bFQk6jE.roa
Signing time: Mon 02 Jun 2025 10:10:55 +0000
ROA not before: Mon 02 Jun 2025 10:10:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 5.83.139.0/24 maxlen: 24
77.90.7.0/24 maxlen: 24
83.243.86.0/24 maxlen: 24
85.118.167.0/24 maxlen: 24
89.106.89.0/24 maxlen: 24
89.144.3.0/24 maxlen: 24
94.249.232.0/24 maxlen: 24
95.215.33.0/24 maxlen: 24
178.18.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 04:10:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:30:1f:6d:c3:b5:ea:0a:67:9b:f2:64:27:6f:02:4e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 2 10:10:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bcb975a6b51324418e125952119f56c5424ea31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ff:0b:9d:7a:10:02:80:ee:4d:a3:4a:5f:8e:
6b:9d:19:0f:26:70:22:21:93:02:13:48:d9:71:20:
f0:53:60:21:49:22:86:ad:4b:4d:99:44:a0:fa:38:
a1:27:8c:6d:5b:44:3a:ee:a5:43:28:a8:9c:89:09:
ad:75:86:30:ac:c4:58:46:c7:84:6b:2a:b2:a6:24:
79:28:0d:6b:64:1b:f4:6b:36:40:29:b5:fd:98:e3:
47:dc:01:ac:d8:31:c4:23:81:a6:c1:3c:93:86:8f:
35:b6:38:0c:22:11:43:34:12:2c:e5:03:5b:18:20:
dc:df:49:79:52:7d:b3:2d:cd:ed:be:2c:86:46:a6:
14:a9:d8:3a:1c:d0:eb:f3:f7:5f:de:56:ce:07:bd:
1b:12:0d:18:80:e4:8c:db:50:37:06:72:8b:a4:2c:
cb:8e:8b:ef:d6:c9:8a:ab:b9:13:7e:94:8d:6a:74:
d1:64:a1:ec:ec:4d:af:f1:f6:b4:f3:b0:05:0e:7b:
73:3f:8e:bc:05:ce:cf:4f:b3:6d:02:aa:48:d6:53:
45:d0:07:a2:82:ed:51:76:33:67:b6:51:d7:05:7e:
50:b1:54:c4:1a:53:55:d9:0c:d9:02:17:75:ff:f4:
e1:7e:77:10:00:07:b1:83:c6:4e:e3:9c:79:db:1a:
43:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CB:97:5A:6B:51:32:44:18:E1:25:95:21:19:F5:6C:54:24:EA:31
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/K8uXWmtRMkQY4SWVIRn1bFQk6jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.139.0/24
77.90.7.0/24
83.243.86.0/24
85.118.167.0/24
89.106.89.0/24
89.144.3.0/24
94.249.232.0/24
95.215.33.0/24
178.18.151.0/24
Signature Algorithm: sha256WithRSAEncryption
50:1a:32:46:0d:3d:00:fb:62:fd:04:de:5e:62:8f:48:14:93:
e8:60:e3:a7:db:63:b1:9b:b4:02:1b:7e:b9:cc:fe:6f:5e:7c:
1a:b6:57:39:86:c2:50:81:8f:ec:2e:51:37:83:27:a5:b3:d4:
14:7e:68:66:a0:c2:4e:12:25:29:48:a6:c8:c7:2d:a4:af:fc:
ec:5c:17:2d:38:75:78:94:7c:75:97:f5:78:c2:1f:af:a6:90:
7a:03:84:49:2b:1e:5e:43:92:b4:98:01:70:b1:c5:55:f7:d2:
2f:7c:15:19:2e:b3:3e:cb:78:08:5b:0d:40:d5:2c:21:5e:13:
a3:3a:cc:94:ae:2e:57:2c:f9:b3:ed:93:b0:99:5a:28:21:7c:
79:09:ed:ba:b2:f9:66:c1:14:43:bc:81:9e:84:7b:9e:87:da:
f0:8b:43:56:3e:6f:9f:94:4e:a2:e9:a6:05:67:49:b3:e4:f5:
89:e5:38:a2:e0:59:b4:31:22:a2:fd:fe:12:a0:e9:d7:34:1f:
5d:37:e1:ad:f0:24:25:ff:53:d5:a0:bc:25:f8:42:bb:86:55:
22:09:a3:35:d5:26:f7:35:46:c0:40:40:03:54:35:2a:db:7b:
15:c7:4b:33:0d:bb:e6:96:f8:e5:89:7c:9d:b2:14:6b:86:b7:
39:ec:66:02
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZcwH23DteoKZ5vyZCdvAk4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjAyMTAxMDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmNiOTc1YTZiNTEzMjQ0MThlMTI1OTUyMTE5ZjU2YzU0MjRlYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP8LnXoQAoDuTaNKX45rnRkPJnAi
IZMCE0jZcSDwU2AhSSKGrUtNmUSg+jihJ4xtW0Q67qVDKKiciQmtdYYwrMRYRseE
ayqypiR5KA1rZBv0azZAKbX9mONH3AGs2DHEI4GmwTyTho81tjgMIhFDNBIs5QNb
GCDc30l5Un2zLc3tviyGRqYUqdg6HNDr8/df3lbOB70bEg0YgOSM21A3BnKLpCzL
jovv1smKq7kTfpSNanTRZKHs7E2v8fa087AFDntzP468Bc7PT7NtAqpI1lNF0Aei
gu1RdjNntlHXBX5QsVTEGlNV2QzZAhd1//ThfncQAAexg8ZO45x52xpD6wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCvLl1prUTJEGOEllSEZ9WxUJOoxMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSzh1WFdtdFJNa1FZNFNXVklSbjFiRlFrNmpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABVOLAwQA
TVoHAwQAU/NWAwQAVXanAwQAWWpZAwQAWZADAwQAXvnoAwQAX9chAwQAshKXMA0G
CSqGSIb3DQEBCwUAA4IBAQBQGjJGDT0A+2L9BN5eYo9IFJPoYOOn22Oxm7QCG365
zP5vXnwatlc5hsJQgY/sLlE3gyels9QUfmhmoMJOEiUpSKbIxy2kr/zsXBctOHV4
lHx1l/V4wh+vppB6A4RJKx5eQ5K0mAFwscVV99IvfBUZLrM+y3gIWw1A1SwhXhOj
OsyUri5XLPmz7ZOwmVooIXx5Ce26svlmwRRDvIGehHueh9rwi0NWPm+flE6i6aYF
Z0mz5PWJ5Tii4Fm0MSKi/f4SoOnXNB9dN+Gt8CQl/1PVoLwl+EK7hlUiCaM11Sb3
NUbAQEADVDUq23sVx0szDbvmlvjliXydshRrhrc57GYC
-----END CERTIFICATE-----
Generated at Sun Jun 15 17:43:18 2025 by rpki-client