Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cDX_Ojs3Fcc_ivCCVqGZun4APzY.roa
File: cDX_Ojs3Fcc_ivCCVqGZun4APzY.roa (raw, json)
Hash identifier: GNvoUl3BZgPak4uL91mjEn/S0piodzwCjHtKmWhSw/Q=
Subject key identifier: 70:35:FF:3A:3B:37:15:C7:3F:8A:F0:82:56:A1:99:BA:7E:00:3F:36
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01968C03F061585B39351A157350BE0F13E7
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cDX_Ojs3Fcc_ivCCVqGZun4APzY.roa
Signing time: Thu 01 May 2025 13:23:10 +0000
ROA not before: Thu 01 May 2025 13:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47263
IP address blocks: 5.231.47.0/24 maxlen: 24
77.90.37.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 13:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:03:f0:61:58:5b:39:35:1a:15:73:50:be:0f:13:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 1 13:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7035ff3a3b3715c73f8af08256a199ba7e003f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:04:2c:5d:6a:a5:70:42:6d:2a:ac:05:63:b0:
34:50:64:a2:00:f8:d2:cf:0f:3d:49:85:9a:8e:01:
f4:1e:5c:bd:8e:bc:21:5c:06:94:d4:c1:f9:6b:74:
fb:e6:40:e3:d9:4b:cf:0f:f2:41:3f:7c:ac:19:09:
57:88:e4:28:99:62:f7:9b:ef:67:bd:2a:d4:c0:60:
5d:ed:a1:d4:e6:52:e3:de:8a:28:0f:14:a9:b4:71:
14:c8:41:81:bf:32:3a:0a:c3:cf:a5:18:e3:69:04:
ca:e6:3b:0a:e9:cb:c1:49:11:0f:6c:31:0c:96:23:
4b:e9:33:78:53:ce:c3:51:b2:23:8b:01:e6:6d:64:
84:b5:74:4c:8f:8e:84:ce:a8:1f:ad:c6:60:21:03:
93:b9:b3:3f:7c:2e:14:eb:67:3b:e6:a9:ae:8c:e0:
cd:55:0f:c4:16:b6:bf:a7:c6:bb:91:46:60:3c:bd:
b4:1f:7e:f7:a3:a1:2f:c4:78:48:04:45:2d:a7:9b:
bc:01:25:04:c0:a6:27:e8:36:51:ca:33:ad:c8:f2:
bf:6d:e9:29:55:22:40:a7:24:85:df:cc:21:10:72:
68:57:70:f4:a9:f3:f3:71:ff:d1:93:41:8e:0f:eb:
a6:dd:18:69:c0:8e:f4:ad:7d:ac:f5:e3:f8:a4:ba:
50:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:35:FF:3A:3B:37:15:C7:3F:8A:F0:82:56:A1:99:BA:7E:00:3F:36
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cDX_Ojs3Fcc_ivCCVqGZun4APzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.47.0/24
77.90.37.0/24
89.144.60.0/24
Signature Algorithm: sha256WithRSAEncryption
47:16:ed:ee:b5:e6:64:c0:2b:8a:48:a6:0d:7e:5c:3e:18:a3:
05:2f:2b:8b:e9:cb:a9:d0:93:66:6e:65:60:09:07:7c:3d:c8:
8e:3a:ef:f9:74:36:4e:e3:ff:c5:a7:cb:61:e4:12:4c:76:41:
54:5f:c5:7d:e6:1a:03:ac:51:db:f0:7d:01:53:56:f5:1d:fc:
ab:b1:ae:f9:e6:de:a5:01:42:e5:3a:82:0d:b8:e6:65:0f:87:
a9:d1:c3:17:ac:12:86:c3:38:72:37:4f:0e:d3:04:83:5f:90:
38:07:7c:c4:53:46:fb:10:fb:9f:7e:9f:96:92:d6:f2:89:23:
92:48:9c:94:46:48:10:b8:af:0a:8b:e1:99:dd:74:37:6a:ee:
f8:a5:7c:ca:22:5c:a7:d6:25:d5:ae:a1:29:f3:78:02:d4:64:
95:cf:a9:8b:7d:82:fc:8d:97:b2:e5:55:1a:a1:eb:e0:ff:af:
40:66:03:3a:5d:97:79:cd:00:10:0b:3c:8a:04:08:2a:98:96:
dd:3c:3d:34:4f:ef:bf:fc:2e:57:1b:93:17:e8:06:d8:2c:5c:
36:46:de:ab:c5:1f:40:a1:1f:6d:7d:75:6c:f8:49:6d:1c:ef:
89:b5:1c:c4:90:53:d0:22:dd:72:28:b2:71:a7:e8:e5:c9:64:
c7:e2:b9:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaMA/BhWFs5NRoVc1C+DxPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTAxMTMyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDM1ZmYzYTNiMzcxNWM3M2Y4YWYwODI1NmExOTliYTdlMDAzZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngQsXWqlcEJtKqwFY7A0UGSiAPjS
zw89SYWajgH0Hly9jrwhXAaU1MH5a3T75kDj2UvPD/JBP3ysGQlXiOQomWL3m+9n
vSrUwGBd7aHU5lLj3oooDxSptHEUyEGBvzI6CsPPpRjjaQTK5jsK6cvBSREPbDEM
liNL6TN4U87DUbIjiwHmbWSEtXRMj46EzqgfrcZgIQOTubM/fC4U62c75qmujODN
VQ/EFra/p8a7kUZgPL20H373o6EvxHhIBEUtp5u8ASUEwKYn6DZRyjOtyPK/bekp
VSJApySF38whEHJoV3D0qfPzcf/Rk0GOD+um3RhpwI70rX2s9eP4pLpQzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHA1/zo7NxXHP4rwglahmbp+AD82MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvY0RYX09qczNGY2NfaXZDQ1ZxR1p1bjRBUHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABecvAwQA
TVolAwQAWZA8MA0GCSqGSIb3DQEBCwUAA4IBAQBHFu3uteZkwCuKSKYNflw+GKMF
LyuL6cup0JNmbmVgCQd8PciOOu/5dDZO4//Fp8th5BJMdkFUX8V95hoDrFHb8H0B
U1b1Hfyrsa755t6lAULlOoINuOZlD4ep0cMXrBKGwzhyN08O0wSDX5A4B3zEU0b7
EPuffp+WktbyiSOSSJyURkgQuK8Ki+GZ3XQ3au74pXzKIlyn1iXVrqEp83gC1GSV
z6mLfYL8jZey5VUaoevg/69AZgM6XZd5zQAQCzyKBAgqmJbdPD00T++//C5XG5MX
6AbYLFw2Rt6rxR9AoR9tfXVs+EltHO+JtRzEkFPQIt1yKLJxp+jlyWTH4rlp
-----END CERTIFICATE-----
Generated at Sun Jun 15 15:57:16 2025 by rpki-client