Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SNOekHcKUuSgQ7jGMbsRnTXCyKg.roa
File: SNOekHcKUuSgQ7jGMbsRnTXCyKg.roa (raw, json)
Hash identifier: 9CVdYsaygyrlzYKopdQ3drsklz3U4fA21D6OlDFeTv8=
Subject key identifier: 48:D3:9E:90:77:0A:52:E4:A0:43:B8:C6:31:BB:11:9D:35:C2:C8:A8
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01974896E5A2E7B780FA46866D7F464A0FAB
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SNOekHcKUuSgQ7jGMbsRnTXCyKg.roa
Signing time: Sat 07 Jun 2025 04:12:18 +0000
ROA not before: Sat 07 Jun 2025 04:12:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44103
IP address blocks: 5.83.149.0/24 maxlen: 24
89.144.40.0/24 maxlen: 24
178.18.152.0/22 maxlen: 32
178.18.152.0/24 maxlen: 32
178.18.153.0/24 maxlen: 32
178.18.154.0/24 maxlen: 32
178.18.155.0/24 maxlen: 32
Validation: Failed, certificate revoked on Sat 07 Jun 2025 07:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:96:e5:a2:e7:b7:80:fa:46:86:6d:7f:46:4a:0f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 7 04:12:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48d39e90770a52e4a043b8c631bb119d35c2c8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:da:95:a7:25:91:3e:94:60:c8:65:36:f0:6b:
84:ae:ce:a8:2c:6f:ef:9f:c2:f0:50:b8:7a:69:62:
d3:a5:4f:98:21:cd:79:06:f9:c9:34:38:b6:cc:40:
26:8a:33:d8:f1:d1:ef:3a:71:d6:d4:07:c0:9c:90:
6a:48:1f:33:96:4c:46:9d:b6:b6:82:ba:ab:54:af:
1a:b5:9e:30:67:fe:d6:41:d1:ea:b8:b7:26:93:f5:
a0:23:73:25:eb:86:bc:82:9d:1c:8e:19:70:e9:d3:
47:bb:10:16:75:a2:50:96:e2:5e:35:b0:e3:49:1b:
be:c6:bc:60:c4:10:40:67:af:cc:aa:60:65:0f:66:
31:ee:7e:75:b4:61:7a:4e:8d:81:71:70:16:de:58:
e8:c0:2f:46:22:07:2c:3b:e9:45:61:27:33:5b:82:
6d:87:81:c1:79:07:28:2d:75:33:b5:f2:75:4f:97:
b1:66:ab:d9:c2:87:07:c9:ad:1d:a8:58:e2:d2:c6:
5e:b5:86:9f:bd:86:04:cd:32:db:d1:ed:2d:3f:b7:
b5:6d:52:c6:cf:39:9a:20:75:18:ba:cf:63:b5:63:
d1:a0:6d:bd:e8:a5:92:89:5c:75:0f:27:b4:9a:db:
04:ab:70:0b:4c:bd:7d:89:ad:a4:2d:8f:55:86:74:
80:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D3:9E:90:77:0A:52:E4:A0:43:B8:C6:31:BB:11:9D:35:C2:C8:A8
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SNOekHcKUuSgQ7jGMbsRnTXCyKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.149.0/24
89.144.40.0/24
178.18.152.0/22
Signature Algorithm: sha256WithRSAEncryption
cc:df:be:32:00:a0:79:80:61:40:3b:ff:62:b4:b5:f8:56:76:
ef:b3:c9:26:91:25:70:c3:09:f1:a2:d2:32:41:b4:ca:eb:ba:
d9:be:7a:92:c4:ec:e2:37:af:dd:16:5b:c8:cd:cf:0b:8f:65:
9a:e0:2e:98:24:79:c0:e8:e0:40:c3:00:64:3b:c8:5b:a2:d5:
aa:e0:0e:cd:44:5a:fe:84:42:0c:83:0d:45:d4:1f:30:b7:96:
7a:31:b8:63:84:34:e1:8c:bb:12:59:f4:7c:51:86:42:8a:9f:
78:b6:71:c3:d6:66:d4:8a:c5:e9:61:f2:38:36:7d:89:40:89:
1c:b7:95:b5:db:75:04:06:27:90:74:ba:db:34:fd:7c:32:87:
97:da:73:b1:e2:db:ee:44:d5:9d:be:a4:88:96:91:d0:97:4f:
4a:69:52:2e:26:9d:39:a8:ff:da:09:ee:99:3b:ac:57:a6:39:
79:a8:0a:94:e9:30:e6:f0:f8:4b:c7:ce:02:da:64:2d:3e:4d:
ba:63:b0:ce:96:9e:27:61:ce:9d:7a:04:1b:aa:4f:40:31:31:
6b:57:ef:6c:2c:0d:66:eb:04:38:d5:bd:c4:24:6d:13:08:de:
3b:90:14:64:c8:48:07:db:b8:f4:18:6d:bc:47:79:10:78:a8:
34:a1:23:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdIluWi57eA+kaGbX9GSg+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjA3MDQxMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQzOWU5MDc3MGE1MmU0YTA0M2I4YzYzMWJiMTE5ZDM1YzJjOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dqVpyWRPpRgyGU28GuErs6oLG/v
n8LwULh6aWLTpU+YIc15BvnJNDi2zEAmijPY8dHvOnHW1AfAnJBqSB8zlkxGnba2
grqrVK8atZ4wZ/7WQdHquLcmk/WgI3Ml64a8gp0cjhlw6dNHuxAWdaJQluJeNbDj
SRu+xrxgxBBAZ6/MqmBlD2Yx7n51tGF6To2BcXAW3ljowC9GIgcsO+lFYSczW4Jt
h4HBeQcoLXUztfJ1T5exZqvZwocHya0dqFji0sZetYafvYYEzTLb0e0tP7e1bVLG
zzmaIHUYus9jtWPRoG296KWSiVx1Dye0mtsEq3ALTL19ia2kLY9VhnSAEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEjTnpB3ClLkoEO4xjG7EZ01wsioMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvU05PZWtIY0tVdVNnUTdqR01ic1JuVFhDeUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABVOVAwQA
WZAoAwQCshKYMA0GCSqGSIb3DQEBCwUAA4IBAQDM374yAKB5gGFAO/9itLX4Vnbv
s8kmkSVwwwnxotIyQbTK67rZvnqSxOziN6/dFlvIzc8Lj2Wa4C6YJHnA6OBAwwBk
O8hbotWq4A7NRFr+hEIMgw1F1B8wt5Z6MbhjhDThjLsSWfR8UYZCip94tnHD1mbU
isXpYfI4Nn2JQIkct5W123UEBieQdLrbNP18MoeX2nOx4tvuRNWdvqSIlpHQl09K
aVIuJp05qP/aCe6ZO6xXpjl5qAqU6TDm8PhLx84C2mQtPk26Y7DOlp4nYc6degQb
qk9AMTFrV+9sLA1m6wQ41b3EJG0TCN47kBRkyEgH27j0GG28R3kQeKg0oSOA
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:38:03 2025 by rpki-client