Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SoroXVpiPUmW8SSH-EfuTDCGcFg.roa
File: SoroXVpiPUmW8SSH-EfuTDCGcFg.roa (raw, json)
Hash identifier: LMMHb65/7zBkreItuATmbZqBw+Cu8G28aBvrQFOHV2M=
Subject key identifier: 4A:8A:E8:5D:5A:62:3D:49:96:F1:24:87:F8:47:EE:4C:30:86:70:58
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196EE0C60EC3F32796579136E1103737534
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SoroXVpiPUmW8SSH-EfuTDCGcFg.roa
Signing time: Tue 20 May 2025 14:15:10 +0000
ROA not before: Tue 20 May 2025 14:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 5.83.139.0/24 maxlen: 24
5.231.94.0/24 maxlen: 24
5.231.204.0/24 maxlen: 24
77.90.7.0/24 maxlen: 24
83.243.86.0/24 maxlen: 24
85.118.167.0/24 maxlen: 24
87.239.129.0/24 maxlen: 24
89.106.72.0/24 maxlen: 24
89.106.73.0/24 maxlen: 24
89.106.89.0/24 maxlen: 24
89.106.91.0/24 maxlen: 24
89.144.3.0/24 maxlen: 24
94.249.232.0/24 maxlen: 24
95.215.33.0/24 maxlen: 24
178.18.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 04:12:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ee:0c:60:ec:3f:32:79:65:79:13:6e:11:03:73:75:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 20 14:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a8ae85d5a623d4996f12487f847ee4c30867058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e0:e2:b7:79:fb:d5:d4:82:01:ea:ea:19:69:
aa:07:20:a6:a6:0a:a3:0a:c0:4a:16:5d:ec:b1:c0:
83:ee:1d:e6:f8:d8:af:4f:0c:ba:50:73:8d:f4:10:
e5:22:99:b1:57:5a:26:34:56:a2:f7:b4:88:2b:bd:
52:1b:67:1d:4e:2a:9f:63:a5:6e:9b:b9:e4:19:0a:
66:53:82:70:41:72:16:46:f9:bc:b7:3f:db:59:64:
78:b3:3f:78:a3:23:c7:02:e0:c5:93:25:d1:2c:12:
25:9a:ca:95:fc:64:b4:8c:32:eb:6f:05:ea:dd:7f:
35:ff:1b:2a:c9:c0:5f:ef:90:30:87:9c:fa:1c:5f:
23:55:52:e2:f4:96:f9:12:e2:2d:30:73:72:41:00:
d3:36:21:f8:15:0d:f3:e9:0a:db:5f:85:e7:19:3f:
d7:cf:a8:7f:88:69:d5:5f:71:b3:5f:c9:15:c6:e7:
90:f8:de:bd:9f:92:49:6c:9b:f7:27:96:43:67:f8:
74:b5:f1:7e:fc:06:07:9e:5d:5f:fb:26:3c:25:0a:
e8:88:90:c1:47:84:e5:36:5a:5a:f7:08:f2:7e:75:
22:b8:32:5b:fe:bb:80:c8:e6:d1:d4:98:21:95:5e:
36:93:33:cf:9f:02:b4:56:f7:c0:7b:6a:0f:e4:61:
42:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8A:E8:5D:5A:62:3D:49:96:F1:24:87:F8:47:EE:4C:30:86:70:58
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SoroXVpiPUmW8SSH-EfuTDCGcFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.139.0/24
5.231.94.0/24
5.231.204.0/24
77.90.7.0/24
83.243.86.0/24
85.118.167.0/24
87.239.129.0/24
89.106.72.0/23
89.106.89.0/24
89.106.91.0/24
89.144.3.0/24
94.249.232.0/24
95.215.33.0/24
178.18.151.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:00:59:d7:a5:da:7e:e9:95:36:a1:e0:6f:65:b1:a4:40:ea:
39:26:ce:26:24:78:a2:9f:ce:37:91:05:bb:b0:46:b5:31:6e:
af:03:27:df:15:f7:fe:7a:4d:d9:fe:78:89:05:9e:b0:ef:92:
d4:90:c1:6c:c6:02:ef:e0:e7:52:6d:a0:20:92:af:27:53:3b:
ae:4d:e0:3a:eb:b6:99:b3:de:7f:96:33:3c:1e:ef:98:30:07:
71:ee:33:66:e8:dd:96:42:c2:96:5f:3c:e5:8a:2b:3b:90:d6:
b5:9d:2d:9d:f0:e4:80:0c:3f:f2:a6:f2:e9:66:09:74:49:ec:
55:9d:8c:1c:6a:4c:3e:f0:e5:f6:d8:04:64:15:90:07:0b:a6:
d0:d1:ab:39:56:97:eb:45:17:49:3d:90:1f:ce:2f:71:37:6f:
1b:d2:72:06:7b:a2:12:5f:aa:d7:3a:9f:f9:fc:02:27:01:7e:
b0:fd:b5:65:6f:dd:e1:d2:3b:72:39:b7:0c:fc:2f:84:a0:a5:
8b:6a:1f:cf:d1:9f:69:6d:8e:7e:81:bc:ad:c7:58:02:41:ae:
f3:de:fa:80:f9:34:11:89:c4:2d:db:9a:03:a5:54:dc:e0:d0:
eb:eb:a0:5c:0f:b2:0a:50:9e:34:1d:a2:d4:50:09:84:ca:df:
eb:40:d8:a7
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZbuDGDsPzJ5ZXkTbhEDc3U0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTIwMTQxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YThhZTg1ZDVhNjIzZDQ5OTZmMTI0ODdmODQ3ZWU0YzMwODY3MDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uDit3n71dSCAerqGWmqByCmpgqj
CsBKFl3sscCD7h3m+NivTwy6UHON9BDlIpmxV1omNFai97SIK71SG2cdTiqfY6Vu
m7nkGQpmU4JwQXIWRvm8tz/bWWR4sz94oyPHAuDFkyXRLBIlmsqV/GS0jDLrbwXq
3X81/xsqycBf75Awh5z6HF8jVVLi9Jb5EuItMHNyQQDTNiH4FQ3z6QrbX4XnGT/X
z6h/iGnVX3GzX8kVxueQ+N69n5JJbJv3J5ZDZ/h0tfF+/AYHnl1f+yY8JQroiJDB
R4TlNlpa9wjyfnUiuDJb/ruAyObR1JghlV42kzPPnwK0VvfAe2oP5GFCgQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEqK6F1aYj1JlvEkh/hH7kwwhnBYMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvU29yb1hWcGlQVW1XOFNTSC1FZnVURENHY0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQABVOLAwQA
BedeAwQABefMAwQATVoHAwQAU/NWAwQAVXanAwQAV++BAwQBWWpIAwQAWWpZAwQA
WWpbAwQAWZADAwQAXvnoAwQAX9chAwQAshKXMA0GCSqGSIb3DQEBCwUAA4IBAQC8
AFnXpdp+6ZU2oeBvZbGkQOo5Js4mJHiin843kQW7sEa1MW6vAyffFff+ek3Z/niJ
BZ6w75LUkMFsxgLv4OdSbaAgkq8nUzuuTeA667aZs95/ljM8Hu+YMAdx7jNm6N2W
QsKWXzzliis7kNa1nS2d8OSADD/ypvLpZgl0SexVnYwcakw+8OX22ARkFZAHC6bQ
0as5VpfrRRdJPZAfzi9xN28b0nIGe6ISX6rXOp/5/AInAX6w/bVlb93h0jtyObcM
/C+EoKWLah/P0Z9pbY5+gbytx1gCQa7z3vqA+TQRicQt25oDpVTc4NDr66BcD7IK
UJ40HaLUUAmEyt/rQNin
-----END CERTIFICATE-----
Generated at Sun Jun 15 15:47:38 2025 by rpki-client