Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/iWXiqViXqRIfRymrYt9hYJSg7sU.roa
File: iWXiqViXqRIfRymrYt9hYJSg7sU.roa (raw, json)
Hash identifier: n0U41Rs4aCx1/KZNk2gW6ckt7nFaH3G+yXT1VEhwUuE=
Subject key identifier: 89:65:E2:A9:58:97:A9:12:1F:47:29:AB:62:DF:61:60:94:A0:EE:C5
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01970BD358A627DEE9C20213958A1824BFFD
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/iWXiqViXqRIfRymrYt9hYJSg7sU.roa
Signing time: Mon 26 May 2025 09:01:29 +0000
ROA not before: Mon 26 May 2025 09:01:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
89.106.88.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.249.150.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 04:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0b:d3:58:a6:27:de:e9:c2:02:13:95:8a:18:24:bf:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 26 09:01:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8965e2a95897a9121f4729ab62df616094a0eec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7b:73:2d:39:cd:b5:d8:8b:b4:4c:a8:34:c5:
d5:c2:cb:c2:9b:16:fe:00:89:5d:64:16:f4:5d:79:
b9:7a:a9:8a:c9:bf:e8:90:f9:d0:a5:ed:51:3a:e7:
d7:46:d1:c3:3d:f3:56:4b:7f:0d:6b:52:9e:27:5d:
53:62:5f:2d:ff:ef:61:f6:f8:a1:65:81:62:92:d9:
d5:0f:7b:8d:fc:ed:c0:58:c8:fd:4e:7a:19:dd:c7:
be:db:30:78:62:c2:cb:c9:77:09:40:a5:44:f8:90:
02:19:a8:71:72:6d:52:56:09:dc:4c:e8:2e:3b:11:
e8:10:db:c3:4c:30:76:c6:e3:6f:a9:8a:7c:45:3a:
4d:1b:a9:eb:82:75:b0:c9:ec:27:0e:4f:9e:e8:49:
30:a7:09:10:9e:f4:7b:5f:fa:e6:f2:8f:87:00:ce:
f3:76:04:7f:f6:0a:75:d9:5d:27:0a:d8:af:93:82:
30:3e:e9:5d:09:a6:fc:e0:3e:27:98:61:23:02:30:
3b:4b:51:32:49:2c:84:6b:8a:ec:c1:ba:8c:f3:f5:
cf:89:5c:07:2e:e1:c8:50:d1:76:26:21:e5:97:b0:
12:5c:eb:ac:b1:2f:01:02:ef:43:21:b1:65:9b:16:
cb:f3:a4:e7:3a:92:cc:21:54:6f:1e:9a:0f:2c:4b:
83:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:65:E2:A9:58:97:A9:12:1F:47:29:AB:62:DF:61:60:94:A0:EE:C5
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/iWXiqViXqRIfRymrYt9hYJSg7sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.237.0/24
5.175.239.0/24
5.231.25.0-5.231.26.255
89.106.69.0/24
89.106.71.0/24
89.106.88.0/24
94.103.167.0/24
94.249.150.0/24
185.13.156.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:d5:b6:5a:86:28:50:61:30:05:92:f2:fc:bf:f5:4d:db:75:
dc:fc:f5:f9:04:43:a3:8f:75:ca:16:ba:2d:9a:1d:af:88:fe:
3d:85:8d:a9:04:94:f2:59:9c:2f:35:49:81:8d:7e:c5:b1:ac:
94:d5:be:64:1f:cf:0f:04:04:46:be:13:d7:d2:13:87:9b:ff:
20:d0:a1:60:1e:ad:a2:b3:42:d9:d7:c0:c7:98:2e:ce:fb:a9:
37:e4:2d:25:cb:ad:35:e4:40:2b:42:7f:79:22:7e:69:e5:54:
55:8f:81:9a:cf:69:e7:96:7f:57:21:6c:b2:26:07:6a:03:6c:
56:55:a8:7f:ac:4b:39:0d:60:ea:a8:53:07:83:fc:8e:3e:cd:
be:42:a6:c5:58:fc:ed:bb:25:78:8b:36:e7:a8:76:ab:98:0b:
d1:18:ea:97:19:f4:7f:03:06:12:9f:5f:45:67:e7:bc:e6:f8:
37:be:61:22:a1:e0:db:60:c8:8d:b2:1a:4a:c5:65:5b:04:ca:
bc:fa:6b:53:2d:26:54:5c:38:3b:19:b5:dd:57:aa:69:e9:42:
9b:d3:75:df:41:20:a2:56:58:23:58:03:94:d7:10:f2:bd:95:
a6:d3:b4:51:99:47:c3:0d:c9:fe:3b:cf:14:6c:de:ed:2a:7d:
50:91:23:d9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZcL01imJ97pwgITlYoYJL/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTI2MDkwMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY1ZTJhOTU4OTdhOTEyMWY0NzI5YWI2MmRmNjE2MDk0YTBlZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3tzLTnNtdiLtEyoNMXVwsvCmxb+
AIldZBb0XXm5eqmKyb/okPnQpe1ROufXRtHDPfNWS38Na1KeJ11TYl8t/+9h9vih
ZYFiktnVD3uN/O3AWMj9TnoZ3ce+2zB4YsLLyXcJQKVE+JACGahxcm1SVgncTOgu
OxHoENvDTDB2xuNvqYp8RTpNG6nrgnWwyewnDk+e6EkwpwkQnvR7X/rm8o+HAM7z
dgR/9gp12V0nCtivk4IwPuldCab84D4nmGEjAjA7S1EySSyEa4rswbqM8/XPiVwH
LuHIUNF2JiHll7ASXOussS8BAu9DIbFlmxbL86TnOpLMIVRvHpoPLEuDpQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFIll4qlYl6kSH0cpq2LfYWCUoO7FMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaVdYaXFWaVhxUklmUnltcll0OWhZSlNnN3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQABa/tAwQA
Ba/vMAwDBAAF5xkDBAAF5xoDBABZakUDBABZakcDBABZalgDBABeZ6cDBABe+ZYD
BAC5DZwwDQYJKoZIhvcNAQELBQADggEBAMPVtlqGKFBhMAWS8vy/9U3bddz89fkE
Q6OPdcoWui2aHa+I/j2FjakElPJZnC81SYGNfsWxrJTVvmQfzw8EBEa+E9fSE4eb
/yDQoWAeraKzQtnXwMeYLs77qTfkLSXLrTXkQCtCf3kifmnlVFWPgZrPaeeWf1ch
bLImB2oDbFZVqH+sSzkNYOqoUweD/I4+zb5CpsVY/O27JXiLNueodquYC9EY6pcZ
9H8DBhKfX0Vn57zm+De+YSKh4NtgyI2yGkrFZVsEyrz6a1MtJlRcODsZtd1Xqmnp
QpvTdd9BIKJWWCNYA5TXEPK9labTtFGZR8MNyf47zxRs3u0qfVCRI9k=
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:14:20 2025 by rpki-client