Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/iXrT2PywCgP5VW6hdCHXk8NO8f0.roa
File: iXrT2PywCgP5VW6hdCHXk8NO8f0.roa (raw, json)
Hash identifier: lnH99I4y+WN2zGDFmWQmN+hSAX+WOxZ3sXHIdqhT8VI=
Subject key identifier: 89:7A:D3:D8:FC:B0:0A:03:F9:55:6E:A1:74:21:D7:93:C3:4E:F1:FD
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01968939D40481F164822AB7AC67A9FE48EA
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/iXrT2PywCgP5VW6hdCHXk8NO8f0.roa
Signing time: Thu 01 May 2025 00:23:10 +0000
ROA not before: Thu 01 May 2025 00:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47263
IP address blocks: 5.231.47.0/24 maxlen: 24
77.90.37.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
94.103.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 13:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:89:39:d4:04:81:f1:64:82:2a:b7:ac:67:a9:fe:48:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 1 00:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=897ad3d8fcb00a03f9556ea17421d793c34ef1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:96:c8:1a:16:2f:50:52:54:dc:d7:0a:27:
35:f1:ab:f2:4b:bc:aa:73:d2:03:de:89:b5:04:58:
c6:ef:d9:3e:62:51:e3:83:54:4c:56:5e:0f:12:aa:
7a:27:9f:63:1d:76:db:ac:be:25:fa:38:11:9e:07:
bd:14:8b:bf:ab:a9:45:e1:9a:92:08:3d:e8:5e:6d:
ad:a0:4d:ad:eb:61:0e:e4:3e:31:02:50:14:ce:72:
6f:7d:d7:6d:ee:02:87:91:cc:5f:f8:77:7b:85:eb:
21:d4:f8:d2:77:4b:b3:fa:c0:a3:25:15:78:89:ca:
f3:4a:4c:2a:e3:9d:ed:a1:be:dc:1d:7f:05:ff:ae:
4a:67:7d:3c:e0:76:80:d1:c6:67:f7:d7:f5:6b:2e:
79:ea:39:64:5a:2e:39:c2:e0:60:5d:03:f2:3c:3d:
f1:ef:2f:2e:5e:1f:4d:8f:a0:f9:6f:48:04:6b:9d:
77:70:49:11:11:b6:90:d6:2a:ff:da:95:f2:55:4b:
59:8d:e1:49:f4:54:34:a9:55:61:8d:81:f8:4b:40:
63:05:28:04:60:3c:16:9e:41:10:29:75:12:71:36:
26:50:fc:85:e1:8d:7b:a2:4a:57:8e:0c:a9:ac:9e:
1f:bd:08:d1:5e:a2:03:d0:b2:f6:da:e4:2e:1c:80:
f3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:7A:D3:D8:FC:B0:0A:03:F9:55:6E:A1:74:21:D7:93:C3:4E:F1:FD
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/iXrT2PywCgP5VW6hdCHXk8NO8f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.47.0/24
77.90.37.0/24
89.144.60.0/24
94.103.164.0/24
Signature Algorithm: sha256WithRSAEncryption
42:3d:bb:8f:fe:9f:12:04:5f:98:e0:33:91:03:da:b0:33:70:
ea:40:10:9a:bb:66:b3:c2:c8:fa:bc:e4:5a:bb:52:56:8f:59:
c7:53:3e:a2:c2:ed:ea:f8:97:56:a3:38:51:e1:a9:96:23:4d:
f6:b9:2a:30:97:84:c6:c7:66:c3:b0:4d:e2:a7:16:b8:ee:be:
e3:82:94:ed:2b:c4:bf:51:2f:46:1f:be:b1:e9:a8:eb:50:6b:
72:1c:bc:12:e7:6b:0a:2a:2b:92:5c:37:9e:7a:a6:da:08:e9:
e6:31:63:d0:43:3f:03:41:06:b5:0a:ea:6e:00:9f:d2:f2:1f:
76:5c:17:f2:ac:b1:2d:8d:7f:84:23:04:50:7a:aa:8c:a7:98:
9e:a4:13:05:01:3f:80:f8:fa:d3:ef:16:57:a8:79:bb:81:51:
7d:e4:a8:97:fa:cd:5b:3d:d9:33:13:59:80:cd:ae:4b:f6:48:
86:14:0d:53:12:88:e0:c1:a4:9c:42:17:ff:9a:94:4b:c0:1b:
87:a8:12:bf:f9:b2:8d:94:6d:bb:5a:8a:de:55:6e:2c:7f:66:
e7:14:ee:ae:b4:b4:8f:32:ba:64:88:d1:a5:3f:26:72:58:95:
24:a4:09:06:79:c8:90:1a:7f:87:42:89:ea:97:f1:a4:96:7e:
d8:29:1e:0d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaJOdQEgfFkgiq3rGep/kjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTAxMDAyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTdhZDNkOGZjYjAwYTAzZjk1NTZlYTE3NDIxZDc5M2MzNGVmMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6qWyBoWL1BSVNzXCic18avyS7yq
c9ID3om1BFjG79k+YlHjg1RMVl4PEqp6J59jHXbbrL4l+jgRnge9FIu/q6lF4ZqS
CD3oXm2toE2t62EO5D4xAlAUznJvfddt7gKHkcxf+Hd7hesh1PjSd0uz+sCjJRV4
icrzSkwq453tob7cHX8F/65KZ3084HaA0cZn99f1ay556jlkWi45wuBgXQPyPD3x
7y8uXh9Nj6D5b0gEa513cEkREbaQ1ir/2pXyVUtZjeFJ9FQ0qVVhjYH4S0BjBSgE
YDwWnkEQKXUScTYmUPyF4Y17okpXjgyprJ4fvQjRXqID0LL22uQuHIDzrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIl609j8sAoD+VVuoXQh15PDTvH9MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaVhyVDJQeXdDZ1A1Vlc2aGRDSFhrOE5POGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABecvAwQA
TVolAwQAWZA8AwQAXmekMA0GCSqGSIb3DQEBCwUAA4IBAQBCPbuP/p8SBF+Y4DOR
A9qwM3DqQBCau2azwsj6vORau1JWj1nHUz6iwu3q+JdWozhR4amWI032uSowl4TG
x2bDsE3ipxa47r7jgpTtK8S/US9GH76x6ajrUGtyHLwS52sKKiuSXDeeeqbaCOnm
MWPQQz8DQQa1CupuAJ/S8h92XBfyrLEtjX+EIwRQeqqMp5iepBMFAT+A+PrT7xZX
qHm7gVF95KiX+s1bPdkzE1mAza5L9kiGFA1TEojgwaScQhf/mpRLwBuHqBK/+bKN
lG27WoreVW4sf2bnFO6utLSPMrpkiNGlPyZyWJUkpAkGeciQGn+HQonql/Gkln7Y
KR4N
-----END CERTIFICATE-----
Generated at Sun Jun 15 16:02:07 2025 by rpki-client