Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PM9fPKD36954DVMi65tHvoGO3E0.roa
File: PM9fPKD36954DVMi65tHvoGO3E0.roa (raw, json)
Hash identifier: H45PPwrcKRsVUA/RrH9sMA+MR3j3bOG8DlRoYTCRv7s=
Subject key identifier: 3C:CF:5F:3C:A0:F7:EB:DE:78:0D:53:22:EB:9B:47:BE:81:8E:DC:4D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01961397FE1038273B0DEAEAADE421F0F0BA
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PM9fPKD36954DVMi65tHvoGO3E0.roa
Signing time: Tue 08 Apr 2025 04:10:50 +0000
ROA not before: Tue 08 Apr 2025 04:10:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 5.83.139.0/24 maxlen: 24
5.175.220.0/24 maxlen: 24
77.90.7.0/24 maxlen: 24
89.144.3.0/24 maxlen: 24
95.215.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 02:16:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:13:97:fe:10:38:27:3b:0d:ea:ea:ad:e4:21:f0:f0:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 8 04:10:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ccf5f3ca0f7ebde780d5322eb9b47be818edc4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:86:2b:9f:86:dd:3f:07:11:08:32:5b:16:ee:
12:84:6f:16:33:30:6c:82:6a:67:f8:ad:93:cc:85:
f1:08:1f:e6:03:da:da:ff:1b:c5:e6:1f:96:a3:4b:
05:73:a6:89:5a:8b:ac:27:3d:53:f7:b0:5e:a3:b1:
34:be:28:72:f2:a8:81:d8:be:f2:e1:d4:5e:3d:8e:
f5:a8:eb:03:06:5d:8f:e9:0e:6f:9c:08:2d:65:91:
e7:c0:8e:60:2b:e7:f7:75:c9:2a:49:b1:bd:5b:de:
a3:82:95:b7:a0:15:65:dd:82:ea:8a:ac:5a:30:b9:
aa:6a:89:10:e3:61:61:18:06:90:b4:60:1d:50:d9:
56:85:ca:22:66:56:d4:2f:b6:cc:f8:16:f9:09:00:
fc:96:cc:bc:fe:65:92:57:7e:15:5d:6f:d1:f6:71:
46:2c:c3:8f:27:aa:6f:9a:1d:d6:76:11:08:f6:d0:
c4:32:b0:f0:13:03:4e:aa:9d:92:78:91:00:23:57:
64:a4:7e:a9:b0:d2:c6:36:b8:d0:a8:c2:9a:37:54:
03:72:72:35:35:99:ac:d5:1d:96:63:b6:40:3a:34:
2d:9c:24:38:0e:ee:e5:b4:af:19:e9:68:a7:c6:8f:
d5:ef:73:16:55:40:c1:be:13:1c:9b:98:ad:c8:35:
18:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CF:5F:3C:A0:F7:EB:DE:78:0D:53:22:EB:9B:47:BE:81:8E:DC:4D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PM9fPKD36954DVMi65tHvoGO3E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.139.0/24
5.175.220.0/24
77.90.7.0/24
89.144.3.0/24
95.215.33.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:c2:b2:f8:01:1e:05:44:5f:97:3f:ec:69:c8:08:bd:31:6a:
49:4d:09:bd:a4:d7:57:44:0f:77:8f:b7:2e:5f:52:43:98:0e:
83:64:ad:5c:85:ae:88:5c:41:20:b6:a9:85:d1:32:c0:73:88:
11:da:ff:49:7b:56:bc:ee:0b:b0:0d:a8:41:92:6c:56:a8:46:
f2:37:fa:f9:47:be:86:6c:6a:2a:7b:f5:92:09:8b:ca:07:d6:
9d:e6:6f:d0:6e:73:e2:d7:51:41:bb:de:e9:74:4e:2c:5a:76:
c1:f2:d0:7d:73:d0:8e:00:79:d7:95:af:df:c8:8d:9e:06:2d:
86:d0:e9:c0:f9:6e:42:d5:3e:bd:e1:cf:ac:5d:12:72:33:c7:
1f:07:ad:5d:f2:d8:3e:43:8e:20:f5:74:db:8e:37:4b:88:d4:
c3:81:1d:b1:c1:1c:23:fa:67:90:e6:33:ed:ce:89:53:9c:56:
d6:aa:e7:f6:b8:7b:40:93:20:b9:99:5b:54:53:25:9f:42:11:
5c:ae:c2:f1:35:ed:32:f0:ef:b6:20:6f:54:7f:52:67:93:34:
46:f8:cb:1f:ae:c1:7c:cb:ea:c4:83:ba:75:e0:d7:ba:8f:da:
37:7e:5b:31:66:9e:f2:0c:57:11:3c:9f:ff:ab:5a:4b:68:34:
4c:1a:79:4a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYTl/4QOCc7DerqreQh8PC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA4MDQxMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NmNWYzY2EwZjdlYmRlNzgwZDUzMjJlYjliNDdiZTgxOGVkYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4Yrn4bdPwcRCDJbFu4ShG8WMzBs
gmpn+K2TzIXxCB/mA9ra/xvF5h+Wo0sFc6aJWousJz1T97Beo7E0vihy8qiB2L7y
4dRePY71qOsDBl2P6Q5vnAgtZZHnwI5gK+f3dckqSbG9W96jgpW3oBVl3YLqiqxa
MLmqaokQ42FhGAaQtGAdUNlWhcoiZlbUL7bM+Bb5CQD8lsy8/mWSV34VXW/R9nFG
LMOPJ6pvmh3WdhEI9tDEMrDwEwNOqp2SeJEAI1dkpH6psNLGNrjQqMKaN1QDcnI1
NZms1R2WY7ZAOjQtnCQ4Du7ltK8Z6Winxo/V73MWVUDBvhMcm5ityDUYvwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDzPXzyg9+veeA1TIuubR76BjtxNMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUE05ZlBLRDM2OTU0RFZNaTY1dEh2b0dPM0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABVOLAwQA
Ba/cAwQATVoHAwQAWZADAwQAX9chMA0GCSqGSIb3DQEBCwUAA4IBAQDUwrL4AR4F
RF+XP+xpyAi9MWpJTQm9pNdXRA93j7cuX1JDmA6DZK1cha6IXEEgtqmF0TLAc4gR
2v9Je1a87guwDahBkmxWqEbyN/r5R76GbGoqe/WSCYvKB9ad5m/QbnPi11FBu97p
dE4sWnbB8tB9c9COAHnXla/fyI2eBi2G0OnA+W5C1T694c+sXRJyM8cfB61d8tg+
Q44g9XTbjjdLiNTDgR2xwRwj+meQ5jPtzolTnFbWquf2uHtAkyC5mVtUUyWfQhFc
rsLxNe0y8O+2IG9Uf1JnkzRG+MsfrsF8y+rEg7p14Ne6j9o3flsxZp7yDFcRPJ//
q1pLaDRMGnlK
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:41:01 2025 by rpki-client