Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NHhLWehU6f7IL6KSxEV8xkAfzYo.roa
File: NHhLWehU6f7IL6KSxEV8xkAfzYo.roa (raw, json)
Hash identifier: YJMR8p+UxARazjMDdwdQTSGe28IlDMDEoSjmcyNRZIg=
Subject key identifier: 34:78:4B:59:E8:54:E9:FE:C8:2F:A2:92:C4:45:7C:C6:40:1F:CD:8A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019765BB8803367FC0F2BBC369E25A1A5588
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NHhLWehU6f7IL6KSxEV8xkAfzYo.roa
Signing time: Thu 12 Jun 2025 20:01:18 +0000
ROA not before: Thu 12 Jun 2025 20:01:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.83.138.0/24 maxlen: 24
5.175.200.0/24 maxlen: 24
5.175.201.0/24 maxlen: 24
5.175.204.0/24 maxlen: 24
5.175.205.0/24 maxlen: 24
5.175.209.0/24 maxlen: 24
5.175.210.0/24 maxlen: 24
5.175.211.0/24 maxlen: 24
5.175.212.0/24 maxlen: 24
5.175.213.0/24 maxlen: 24
5.175.214.0/24 maxlen: 24
5.175.238.0/24 maxlen: 24
5.230.164.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.71.0/24 maxlen: 24
5.231.72.0/24 maxlen: 24
5.231.73.0/24 maxlen: 24
5.231.74.0/24 maxlen: 24
5.231.75.0/24 maxlen: 24
5.231.79.0/24 maxlen: 24
5.231.92.0/24 maxlen: 24
85.93.5.0/24 maxlen: 24
85.93.21.0/24 maxlen: 24
85.93.31.0/24 maxlen: 24
89.106.70.0/24 maxlen: 24
89.144.5.0/24 maxlen: 24
89.144.34.0/24 maxlen: 24
89.144.39.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.229.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
94.249.244.0/24 maxlen: 24
94.249.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Jun 2025 04:08:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:bb:88:03:36:7f:c0:f2:bb:c3:69:e2:5a:1a:55:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 12 20:01:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34784b59e854e9fec82fa292c4457cc6401fcd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:48:d3:11:cf:e2:0d:c1:e5:b4:17:12:5e:2f:
8a:ee:8c:83:fe:7e:fe:f0:95:32:13:dd:36:23:d6:
7c:cc:a3:94:1e:9b:6c:78:4d:02:cb:20:33:91:c0:
46:15:0b:e1:e0:b7:e6:1d:62:7a:c5:f6:75:f8:9d:
98:95:37:e4:99:43:90:60:b8:da:5d:b7:b9:8c:8b:
97:97:40:61:c0:3f:4c:40:57:85:ea:78:0f:5e:04:
32:93:4d:cd:b1:7b:ee:de:c8:e2:c6:e5:f3:bd:6f:
2e:18:10:7a:b6:80:1c:a2:87:22:de:99:cc:3b:c9:
24:8b:70:a0:78:60:55:99:20:59:91:9e:af:cd:57:
51:e1:a5:2f:cd:6c:00:0c:75:a0:06:cf:97:13:65:
5b:17:64:4f:3c:97:b8:7e:8f:d9:43:60:73:b0:00:
fb:a5:44:fd:c9:12:2e:a5:06:1c:e6:ce:91:a1:05:
0b:fd:30:dc:71:39:15:32:3b:62:68:fd:22:89:77:
47:38:ba:05:44:1b:d6:60:79:26:d5:84:92:d5:61:
84:ad:74:f4:ba:4f:86:8f:d5:95:c6:ab:74:e5:a4:
2b:81:8b:4f:a2:5c:00:d1:71:94:f6:48:5d:dd:45:
22:57:ae:d5:fb:c1:1e:ac:a8:2b:74:2d:bd:65:8e:
37:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:78:4B:59:E8:54:E9:FE:C8:2F:A2:92:C4:45:7C:C6:40:1F:CD:8A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NHhLWehU6f7IL6KSxEV8xkAfzYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.175.200.0/23
5.175.204.0/23
5.175.209.0-5.175.214.255
5.175.238.0/24
5.230.164.0/24
5.231.61.0/24
5.231.71.0-5.231.75.255
5.231.79.0/24
5.231.92.0/24
85.93.5.0/24
85.93.21.0/24
85.93.31.0/24
89.106.70.0/24
89.144.5.0/24
89.144.34.0/24
89.144.39.0/24
94.249.168.0/23
94.249.229.0/24
94.249.237.0/24
94.249.244.0/24
94.249.246.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b3:17:0a:78:41:4f:97:f6:23:97:e8:fc:47:a5:63:87:b8:
9d:13:00:06:67:71:ce:46:2f:35:28:74:13:fd:66:dd:7d:df:
47:8e:bb:ac:0a:52:ae:8c:22:08:78:46:97:c8:32:04:16:23:
25:a8:ed:ed:27:c8:cd:9d:84:90:4e:6c:00:04:9d:ab:b8:a0:
f8:98:70:0c:42:9b:d5:0b:a9:a7:62:5b:1c:1e:31:28:50:4c:
ee:dd:ee:27:45:f5:02:ad:23:be:3b:2a:41:08:bd:fc:1f:c6:
53:71:8f:1a:80:a7:ba:d0:af:29:b0:1b:16:2b:90:dc:83:cc:
c6:37:18:57:63:8f:cc:f0:52:2e:94:c7:53:8f:4d:b9:df:51:
3a:35:8f:00:fe:81:e2:0e:9a:0c:0f:a7:bb:a5:f3:9f:29:57:
c9:15:73:31:78:7e:93:42:09:13:66:3f:b8:66:df:61:7a:bc:
02:66:95:a2:ff:25:03:0b:78:44:55:6c:5c:72:e7:68:5b:1b:
8f:ce:66:45:6e:5b:e0:c7:16:1e:d2:2d:d4:2e:77:9f:d1:77:
06:bb:d8:55:0a:33:85:df:19:17:15:d2:4e:2b:c4:fd:d9:ba:
c4:55:eb:6e:5e:dd:5b:d0:7e:ff:a7:bd:8c:bb:28:68:0b:a5:
da:55:8c:8f
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZdlu4gDNn/A8rvDaeJaGlWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjEyMjAwMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDc4NGI1OWU4NTRlOWZlYzgyZmEyOTJjNDQ1N2NjNjQwMWZjZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUjTEc/iDcHltBcSXi+K7oyD/n7+
8JUyE902I9Z8zKOUHptseE0CyyAzkcBGFQvh4LfmHWJ6xfZ1+J2YlTfkmUOQYLja
Xbe5jIuXl0BhwD9MQFeF6ngPXgQyk03NsXvu3sjixuXzvW8uGBB6toAcooci3pnM
O8kki3CgeGBVmSBZkZ6vzVdR4aUvzWwADHWgBs+XE2VbF2RPPJe4fo/ZQ2BzsAD7
pUT9yRIupQYc5s6RoQUL/TDccTkVMjtiaP0iiXdHOLoFRBvWYHkm1YSS1WGErXT0
uk+Gj9WVxqt05aQrgYtPolwA0XGU9khd3UUiV67V+8EerKgrdC29ZY431wIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFDR4S1noVOn+yC+iksRFfMZAH82KMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTkhoTFdlaFU2ZjdJTDZLU3hFVjh4a0FmellvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAF
U4oDBAEFr8gDBAEFr8wwDAMEAAWv0QMEAAWv1gMEAAWv7gMEAAXmpAMEAAXnPTAM
AwQABedHAwQCBedIAwQABedPAwQABedcAwQAVV0FAwQAVV0VAwQAVV0fAwQAWWpG
AwQAWZAFAwQAWZAiAwQAWZAnAwQBXvmoAwQAXvnlAwQAXvntAwQAXvn0AwQAXvn2
MA0GCSqGSIb3DQEBCwUAA4IBAQBwsxcKeEFPl/Yjl+j8R6Vjh7idEwAGZ3HORi81
KHQT/Wbdfd9HjrusClKujCIIeEaXyDIEFiMlqO3tJ8jNnYSQTmwABJ2ruKD4mHAM
QpvVC6mnYlscHjEoUEzu3e4nRfUCrSO+OypBCL38H8ZTcY8agKe60K8psBsWK5Dc
g8zGNxhXY4/M8FIulMdTj02531E6NY8A/oHiDpoMD6e7pfOfKVfJFXMxeH6TQgkT
Zj+4Zt9herwCZpWi/yUDC3hEVWxccudoWxuPzmZFblvgxxYe0i3ULnef0XcGu9hV
CjOF3xkXFdJOK8T92brEVetuXt1b0H7/p72MuyhoC6XaVYyP
-----END CERTIFICATE-----
Generated at Mon Jun 16 07:48:37 2025 by rpki-client