Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/M_jE8C4vXw5mrbHZejglcg3U2xU.roa
File: M_jE8C4vXw5mrbHZejglcg3U2xU.roa (raw, json)
Hash identifier: wG7Vt2D2eOtdjd/L2ZnHn+Wz33fq/DZYTEo/AC+tQl4=
Subject key identifier: 33:F8:C4:F0:2E:2F:5F:0E:66:AD:B1:D9:7A:38:25:72:0D:D4:DB:15
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019649273D96B51D7220884DCB29BDB1DAED
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/M_jE8C4vXw5mrbHZejglcg3U2xU.roa
Signing time: Fri 18 Apr 2025 13:47:10 +0000
ROA not before: Fri 18 Apr 2025 13:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
85.93.23.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 16:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:49:27:3d:96:b5:1d:72:20:88:4d:cb:29:bd:b1:da:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 18 13:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33f8c4f02e2f5f0e66adb1d97a3825720dd4db15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:42:7d:b1:6a:65:29:cf:ba:13:79:da:29:16:
4d:eb:31:04:56:89:42:2d:63:be:e5:20:26:60:06:
c5:eb:2a:66:64:49:db:99:6d:e0:76:50:c8:e0:2d:
1a:d2:cc:e2:10:c7:1b:bf:79:91:a3:45:4a:44:89:
93:6f:69:1a:0c:b0:50:1d:7d:45:f4:8b:4e:4f:45:
13:b8:ee:99:4b:fc:0c:44:d8:b9:22:a2:88:ec:60:
6c:c4:65:f3:9a:89:99:2d:06:99:ad:00:27:0e:44:
c3:b4:5e:d8:2d:27:56:ab:73:38:ee:a4:00:f7:01:
9b:8d:c4:a5:20:84:f7:18:a4:48:35:5e:09:3c:87:
b2:93:b7:28:85:2e:a6:e6:58:90:24:b6:0a:90:19:
de:2a:8f:3a:09:df:ef:53:38:fd:94:0a:bd:59:84:
dd:90:9f:9b:73:b0:a8:20:40:85:a7:01:b6:7e:24:
cf:90:93:6f:c5:8c:a1:de:7e:5a:52:87:3c:40:c0:
fa:9e:43:da:a3:fb:5e:9b:e0:1c:a2:be:96:b7:d1:
43:f9:5b:15:33:67:82:d0:45:ff:ad:6b:f0:8a:03:
d9:36:d8:69:df:d6:e1:ca:29:a4:75:f9:05:90:68:
57:de:84:54:3e:48:23:45:05:f5:62:c2:5a:1b:03:
82:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F8:C4:F0:2E:2F:5F:0E:66:AD:B1:D9:7A:38:25:72:0D:D4:DB:15
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/M_jE8C4vXw5mrbHZejglcg3U2xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.237.0/24
5.175.239.0/24
5.231.25.0-5.231.26.255
85.93.23.0/24
89.106.69.0/24
89.106.71.0/24
94.103.167.0/24
Signature Algorithm: sha256WithRSAEncryption
83:52:27:46:1e:cb:62:f9:ac:2a:2c:1e:5f:fb:0b:2a:e2:ac:
70:d2:2e:8f:58:ce:80:9b:59:05:5e:ab:26:05:c1:46:2d:a6:
22:5e:d8:8e:cd:10:cd:92:b2:fc:6d:ec:5e:5e:51:5a:98:06:
d4:7b:ab:00:b1:c3:e9:b4:62:7e:55:56:88:6b:dc:9d:bf:cd:
a6:3f:09:56:fb:6d:c6:12:99:26:d9:1d:6c:c2:e8:36:f8:64:
21:4a:59:57:33:7a:fb:9d:04:d1:75:77:5c:10:00:29:42:0a:
c2:1f:9f:b6:93:c4:5b:54:81:2b:bd:ed:02:aa:e3:fc:8e:49:
cd:1a:6b:07:78:d5:85:ec:c4:be:d5:89:cf:1f:06:9a:76:ce:
dd:47:91:a2:37:4f:58:85:99:32:18:6c:33:c5:e9:c9:5d:18:
a0:ef:26:65:7d:aa:94:dc:96:68:01:ae:34:d8:55:1a:5b:bf:
b1:cb:56:d4:c4:9e:8b:67:52:2f:14:b3:ee:6e:57:34:8c:68:
8a:ea:1e:f5:1b:ea:b3:a9:2a:c8:e9:0c:48:79:b4:7b:b5:6f:
04:2c:1c:51:ac:34:17:22:d2:ed:b5:58:14:60:54:fa:7a:9a:
e6:64:17:12:0a:2c:e3:ff:ae:2d:b6:73:51:9b:eb:d0:16:91:
73:d8:42:0c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZZJJz2WtR1yIIhNyym9sdrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDE4MTM0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Y4YzRmMDJlMmY1ZjBlNjZhZGIxZDk3YTM4MjU3MjBkZDRkYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEJ9sWplKc+6E3naKRZN6zEEVolC
LWO+5SAmYAbF6ypmZEnbmW3gdlDI4C0a0sziEMcbv3mRo0VKRImTb2kaDLBQHX1F
9ItOT0UTuO6ZS/wMRNi5IqKI7GBsxGXzmomZLQaZrQAnDkTDtF7YLSdWq3M47qQA
9wGbjcSlIIT3GKRINV4JPIeyk7cohS6m5liQJLYKkBneKo86Cd/vUzj9lAq9WYTd
kJ+bc7CoIECFpwG2fiTPkJNvxYyh3n5aUoc8QMD6nkPao/tem+Acor6Wt9FD+VsV
M2eC0EX/rWvwigPZNthp39bhyimkdfkFkGhX3oRUPkgjRQX1YsJaGwOCgwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDP4xPAuL18OZq2x2Xo4JXIN1NsVMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTV9qRThDNHZYdzVtcmJIWmVqZ2xjZzNVMnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABa/tAwQA
Ba/vMAwDBAAF5xkDBAAF5xoDBABVXRcDBABZakUDBABZakcDBABeZ6cwDQYJKoZI
hvcNAQELBQADggEBAINSJ0Yey2L5rCosHl/7CyrirHDSLo9YzoCbWQVeqyYFwUYt
piJe2I7NEM2Ssvxt7F5eUVqYBtR7qwCxw+m0Yn5VVohr3J2/zaY/CVb7bcYSmSbZ
HWzC6Db4ZCFKWVczevudBNF1d1wQAClCCsIfn7aTxFtUgSu97QKq4/yOSc0aawd4
1YXsxL7Vic8fBpp2zt1HkaI3T1iFmTIYbDPF6cldGKDvJmV9qpTclmgBrjTYVRpb
v7HLVtTEnotnUi8Us+5uVzSMaIrqHvUb6rOpKsjpDEh5tHu1bwQsHFGsNBci0u21
WBRgVPp6muZkFxIKLOP/ri22c1Gb69AWkXPYQgw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:09:44 2025 by rpki-client