Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PeuNiklBbjkMo5h7Fa19fAQ72gY.roa
File: PeuNiklBbjkMo5h7Fa19fAQ72gY.roa (raw, json)
Hash identifier: dBIUyxcdRGN0u23uQz4Sb7nVWFm+AfPx2msboN+AT1Q=
Subject key identifier: 3D:EB:8D:8A:49:41:6E:39:0C:A3:98:7B:15:AD:7D:7C:04:3B:DA:06
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01968C19E96D241710B1722206D5A25CC4DA
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PeuNiklBbjkMo5h7Fa19fAQ72gY.roa
Signing time: Thu 01 May 2025 13:47:10 +0000
ROA not before: Thu 01 May 2025 13:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47263
IP address blocks: 5.231.47.0/24 maxlen: 24
77.90.37.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
94.103.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 00:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:19:e9:6d:24:17:10:b1:72:22:06:d5:a2:5c:c4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 1 13:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3deb8d8a49416e390ca3987b15ad7d7c043bda06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bc:7d:2a:84:5f:70:1a:08:aa:eb:4d:4e:aa:
ab:42:0c:fa:28:93:2e:59:53:51:0e:55:d8:e2:e6:
20:45:a0:06:32:a0:c4:d3:51:d7:69:a9:2a:d1:5f:
2e:92:c5:c7:af:26:ff:3b:3e:6c:10:02:49:be:a0:
8c:80:8b:cb:8b:c1:29:90:3a:45:d2:fb:c5:16:7b:
cf:62:c3:0d:4e:ed:ca:f1:d9:1e:8d:7f:b1:d8:10:
48:1c:44:0e:13:4a:37:40:ed:89:c6:90:94:1d:c0:
ec:9d:c4:aa:df:56:ac:fa:96:9c:0d:b6:23:f1:1b:
1f:fb:7e:00:0c:5d:03:3a:b8:40:98:61:f8:1a:7b:
0a:d7:a8:eb:2e:16:bd:44:f4:75:72:cb:ce:5c:82:
9b:2c:f3:27:52:43:cb:10:b0:02:9a:ae:89:dd:bd:
7f:13:53:43:54:ed:0b:07:a6:05:b9:57:e1:78:10:
0c:fe:b3:c7:3e:d6:db:98:15:09:88:92:85:00:67:
99:36:24:74:bb:8c:0d:08:4e:25:92:b8:50:34:3b:
8c:f7:c1:57:ee:d6:69:63:83:82:18:24:72:e9:82:
2f:da:63:69:02:6e:ad:ae:ed:38:eb:58:3f:4b:97:
d3:e9:62:4c:cd:72:08:f1:f2:eb:ae:22:de:08:aa:
50:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:EB:8D:8A:49:41:6E:39:0C:A3:98:7B:15:AD:7D:7C:04:3B:DA:06
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PeuNiklBbjkMo5h7Fa19fAQ72gY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.47.0/24
77.90.37.0/24
89.144.60.0/24
94.103.164.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:5d:3d:b9:f7:a3:55:60:8a:83:cd:93:c9:52:70:14:9c:8b:
38:e1:66:1e:f5:21:d1:ef:a4:22:9b:30:11:d3:80:e7:e1:ce:
5b:3d:8a:26:0c:fe:e7:2b:73:61:b9:2b:04:83:03:b3:39:4c:
2a:7f:aa:1f:ed:b9:93:5e:90:a7:62:19:d2:48:2f:69:1d:11:
34:ef:13:4c:bf:59:2d:54:0a:64:7f:a9:4c:73:c2:e2:e3:f6:
3b:da:2f:18:b0:fa:14:87:8b:be:86:fb:81:a0:ae:d7:e8:39:
b7:eb:32:d7:0e:4b:6a:44:82:f6:cf:8f:cb:3b:c9:1f:06:6a:
49:ae:55:da:9c:36:5b:89:ee:bd:cb:9a:dc:3f:a0:e1:6c:43:
03:7d:ac:a2:29:20:ad:26:a9:46:75:97:5f:94:9e:ce:cb:b7:
43:e1:ea:c3:80:ed:c9:19:01:44:75:c9:c8:eb:6c:95:11:6c:
18:0c:5a:ca:be:26:ba:52:5a:a8:a4:c6:ba:35:74:7f:9a:91:
6e:ae:d3:f6:23:71:5e:89:6f:3f:9a:92:ef:1d:6a:e0:27:f1:
02:a3:cd:12:1e:6f:98:2a:c6:9b:55:d5:52:9e:38:ee:f7:06:
95:38:42:35:46:91:cb:cf:d9:24:3d:cc:fd:db:e4:99:3b:1c:
a5:df:7a:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaMGeltJBcQsXIiBtWiXMTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTAxMTM0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGViOGQ4YTQ5NDE2ZTM5MGNhMzk4N2IxNWFkN2Q3YzA0M2JkYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrx9KoRfcBoIqutNTqqrQgz6KJMu
WVNRDlXY4uYgRaAGMqDE01HXaakq0V8uksXHryb/Oz5sEAJJvqCMgIvLi8EpkDpF
0vvFFnvPYsMNTu3K8dkejX+x2BBIHEQOE0o3QO2JxpCUHcDsncSq31as+pacDbYj
8Rsf+34ADF0DOrhAmGH4GnsK16jrLha9RPR1csvOXIKbLPMnUkPLELACmq6J3b1/
E1NDVO0LB6YFuVfheBAM/rPHPtbbmBUJiJKFAGeZNiR0u4wNCE4lkrhQNDuM98FX
7tZpY4OCGCRy6YIv2mNpAm6tru0461g/S5fT6WJMzXII8fLrriLeCKpQiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD3rjYpJQW45DKOYexWtfXwEO9oGMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUGV1TmlrbEJiamtNbzVoN0ZhMTlmQVE3MmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABecvAwQA
TVolAwQAWZA8AwQAXmekMA0GCSqGSIb3DQEBCwUAA4IBAQDMXT2596NVYIqDzZPJ
UnAUnIs44WYe9SHR76QimzAR04Dn4c5bPYomDP7nK3NhuSsEgwOzOUwqf6of7bmT
XpCnYhnSSC9pHRE07xNMv1ktVApkf6lMc8Li4/Y72i8YsPoUh4u+hvuBoK7X6Dm3
6zLXDktqRIL2z4/LO8kfBmpJrlXanDZbie69y5rcP6DhbEMDfayiKSCtJqlGdZdf
lJ7Oy7dD4erDgO3JGQFEdcnI62yVEWwYDFrKvia6UlqopMa6NXR/mpFurtP2I3Fe
iW8/mpLvHWrgJ/ECo80SHm+YKsabVdVSnjju9waVOEI1RpHLz9kkPcz92+SZOxyl
33ob
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:16:43 2025 by rpki-client