Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/bDtj2GN8cNtTilH-FH9ksrnqnYc.roa
File: bDtj2GN8cNtTilH-FH9ksrnqnYc.roa (raw, json)
Hash identifier: jEV33cnkbdSMXw1/gSVVP5VwAPpGgiHZmxsKlY04K6g=
Subject key identifier: 6C:3B:63:D8:63:7C:70:DB:53:8A:51:FE:14:7F:64:B2:B9:EA:9D:87
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01970FEB1A3CE84FE97E6B3F01F0C8BD34E6
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/bDtj2GN8cNtTilH-FH9ksrnqnYc.roa
Signing time: Tue 27 May 2025 04:05:55 +0000
ROA not before: Tue 27 May 2025 04:05:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200993
IP address blocks: 5.175.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jun 2025 04:08:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0f:eb:1a:3c:e8:4f:e9:7e:6b:3f:01:f0:c8:bd:34:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 27 04:05:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c3b63d8637c70db538a51fe147f64b2b9ea9d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:85:6f:39:f6:16:af:b4:4a:86:d0:7c:4c:5f:
e9:50:ce:3a:2c:35:75:ca:63:91:c8:e5:bb:69:98:
a1:71:45:d1:05:31:fa:0c:02:3f:8f:1b:ef:8f:01:
9c:24:f8:96:80:19:9a:e1:4e:9f:ea:2e:e1:9e:16:
b3:d9:4d:26:18:2f:40:c4:2f:70:f0:35:d8:52:d6:
d0:5c:5f:46:df:e0:65:f6:f7:8c:7a:77:d5:3b:ba:
8e:e0:a5:1f:93:7d:d6:b5:aa:c1:e9:1f:47:0b:f2:
17:d1:e7:bd:b8:04:4c:1d:fb:e3:e6:b0:54:9f:1c:
33:22:90:15:9d:f4:21:56:ea:14:17:8d:91:47:b7:
63:11:cf:5c:b7:90:4f:35:3c:f6:cd:f3:b4:cc:f5:
ac:7f:cb:87:7e:48:ef:51:a2:5b:ca:b6:26:00:22:
0f:76:98:71:b1:91:7a:ca:da:8c:22:30:35:f2:9c:
5f:7d:af:d1:7e:67:62:bc:b3:5f:1a:a1:e5:6f:a9:
22:68:21:eb:5c:fb:5b:08:6b:b5:d4:ef:35:0f:54:
30:2c:1d:30:fc:6c:29:e2:00:9e:4c:4a:2f:15:02:
6d:f9:e6:c3:cf:ef:6e:a8:e3:7b:0c:d4:2c:f7:b2:
89:8d:a5:31:54:40:71:5c:3c:90:e7:87:ab:5d:a7:
60:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3B:63:D8:63:7C:70:DB:53:8A:51:FE:14:7F:64:B2:B9:EA:9D:87
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/bDtj2GN8cNtTilH-FH9ksrnqnYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.134.0/24
Signature Algorithm: sha256WithRSAEncryption
85:7f:d4:40:ff:2c:47:16:7f:49:a8:a2:d6:c1:2e:a4:e8:4f:
c5:01:df:8a:f1:ed:79:7b:9f:70:fc:35:24:de:da:65:07:28:
5e:a4:b4:1b:2a:ef:36:47:4d:a3:98:b4:bc:7e:0c:89:44:aa:
cb:d0:89:3a:f3:f8:1b:e6:4e:71:58:c9:20:7b:a1:72:37:a9:
f9:8a:ec:2b:e5:ef:7c:dd:05:88:b3:26:6b:c1:68:4b:5c:53:
b5:ac:2a:31:f8:b4:16:d0:1f:1f:99:29:af:b4:bc:cf:4f:56:
0f:31:0a:d9:13:a3:9e:b2:5f:04:c1:b4:7c:1c:b3:03:94:a4:
e9:a8:98:96:76:f8:7f:25:b2:10:c5:0d:96:81:ec:a0:d8:ad:
cc:e9:47:dc:87:a2:e8:0c:a1:21:24:60:47:d1:47:cd:ba:db:
bd:70:43:07:42:89:b7:fb:81:8e:2b:ea:54:1a:ed:32:da:2d:
99:95:41:46:8c:0d:15:0d:5b:09:be:b2:cc:8c:e0:91:9c:a6:
47:8b:33:0c:93:cc:f4:2b:73:4e:a0:86:38:d9:40:7d:e7:b2:
f1:81:a3:e1:c0:71:4f:e6:bf:96:1e:52:fb:ec:ad:ab:2e:65:
06:97:40:8a:98:10:b9:52:35:2c:a4:37:3f:91:4f:53:bc:ae:
ca:3d:b6:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcP6xo86E/pfms/AfDIvTTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTI3MDQwNTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNiNjNkODYzN2M3MGRiNTM4YTUxZmUxNDdmNjRiMmI5ZWE5ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIVvOfYWr7RKhtB8TF/pUM46LDV1
ymORyOW7aZihcUXRBTH6DAI/jxvvjwGcJPiWgBma4U6f6i7hnhaz2U0mGC9AxC9w
8DXYUtbQXF9G3+Bl9veMenfVO7qO4KUfk33WtarB6R9HC/IX0ee9uARMHfvj5rBU
nxwzIpAVnfQhVuoUF42RR7djEc9ct5BPNTz2zfO0zPWsf8uHfkjvUaJbyrYmACIP
dphxsZF6ytqMIjA18pxffa/RfmdivLNfGqHlb6kiaCHrXPtbCGu11O81D1QwLB0w
/Gwp4gCeTEovFQJt+ebDz+9uqON7DNQs97KJjaUxVEBxXDyQ54erXadgZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGw7Y9hjfHDbU4pR/hR/ZLK56p2HMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvYkR0ajJHTjhjTnRUaWxILUZIOWtzcm5xblljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABa+GMA0G
CSqGSIb3DQEBCwUAA4IBAQCFf9RA/yxHFn9JqKLWwS6k6E/FAd+K8e15e59w/DUk
3tplByhepLQbKu82R02jmLS8fgyJRKrL0Ik68/gb5k5xWMkge6FyN6n5iuwr5e98
3QWIsyZrwWhLXFO1rCox+LQW0B8fmSmvtLzPT1YPMQrZE6Oesl8EwbR8HLMDlKTp
qJiWdvh/JbIQxQ2Wgeyg2K3M6Ufch6LoDKEhJGBH0UfNutu9cEMHQom3+4GOK+pU
Gu0y2i2ZlUFGjA0VDVsJvrLMjOCRnKZHizMMk8z0K3NOoIY42UB957LxgaPhwHFP
5r+WHlL77K2rLmUGl0CKmBC5UjUspDc/kU9TvK7KPbYu
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:38:59 2025 by rpki-client