Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/j0DAonZKawI3Re1DnT8vTAn12Mk.roa
File: j0DAonZKawI3Re1DnT8vTAn12Mk.roa (raw, json)
Hash identifier: fsnW26laq6FgYbCMeDcD8RTJHBUAQU8pNJLKu5cmLjA=
Subject key identifier: 8F:40:C0:A2:76:4A:6B:02:37:45:ED:43:9D:3F:2F:4C:09:F5:D8:C9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01960946B31BFEA53603E699ABE4926D75AD
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/j0DAonZKawI3Re1DnT8vTAn12Mk.roa
Signing time: Sun 06 Apr 2025 04:05:50 +0000
ROA not before: Sun 06 Apr 2025 04:05:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.83.150.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
89.106.70.0/24 maxlen: 24
89.144.7.0/24 maxlen: 24
89.144.8.0/24 maxlen: 24
89.144.14.0/24 maxlen: 24
89.144.16.0/24 maxlen: 24
89.144.25.0/24 maxlen: 24
89.144.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 18:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:09:46:b3:1b:fe:a5:36:03:e6:99:ab:e4:92:6d:75:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 6 04:05:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f40c0a2764a6b023745ed439d3f2f4c09f5d8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:da:c2:40:9b:1a:e5:61:05:6e:2a:43:47:33:
60:33:2b:74:46:43:05:9b:b9:40:11:61:2b:28:1e:
ce:e3:27:6c:ea:d2:75:ef:52:36:f7:a6:d0:1d:cf:
d4:86:0d:2b:9b:95:38:3d:4d:3f:b6:e0:ab:7d:64:
3e:f8:a9:77:e1:fa:7c:41:68:e9:23:52:0c:28:81:
ab:f3:a8:e3:63:d5:34:28:16:d2:85:5f:c8:15:24:
eb:aa:6c:02:07:68:8d:f2:4b:47:56:4e:0b:98:06:
96:17:8a:d1:c4:48:05:1a:86:e2:ef:f9:0c:a7:f3:
b3:c2:60:3e:95:f4:ec:a3:0c:06:70:74:a3:a2:4e:
4f:85:fd:dc:f1:06:48:af:d5:b5:13:8e:b7:22:93:
bc:4b:5c:c9:57:0a:39:a6:f5:9c:a9:37:6d:b0:7c:
a3:dc:18:4c:83:a7:84:c0:41:84:8b:98:cf:e5:f1:
71:5a:f6:64:c1:db:8b:22:3f:5c:c2:6a:ff:3a:da:
1f:67:24:df:a5:98:d8:b3:9d:dc:31:10:41:0e:c9:
f9:1e:27:58:d0:58:2c:a2:23:9f:44:0d:c6:cf:43:
9d:12:cd:c4:c3:0a:45:21:f0:ec:25:01:3b:47:12:
c1:2f:e6:eb:cc:74:8b:4b:5c:60:08:4f:e9:b1:94:
3c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:40:C0:A2:76:4A:6B:02:37:45:ED:43:9D:3F:2F:4C:09:F5:D8:C9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/j0DAonZKawI3Re1DnT8vTAn12Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.231.70.0/24
5.231.82.0/24
5.231.96.0/24
77.90.22.0/24
77.90.39.0/24
77.90.41.0/24
77.90.52.0/24
89.106.70.0/24
89.144.7.0-89.144.8.255
89.144.14.0/24
89.144.16.0/24
89.144.25.0/24
89.144.35.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:8e:8a:a6:4c:a3:49:4f:5e:b5:85:13:0e:bb:ae:46:52:78:
68:be:f9:24:75:fe:f5:5f:fb:c8:10:e7:38:93:1c:2f:17:2f:
33:04:ea:ec:d6:11:07:63:4b:32:01:09:40:be:f2:e4:0d:fe:
ab:07:b5:e9:7c:06:f1:7f:68:7d:f9:f2:e5:f9:66:3d:77:4e:
05:3d:d6:25:d5:b6:36:aa:e8:81:fa:18:81:53:f1:cf:02:8c:
44:b8:71:9d:54:12:85:f1:fd:c6:68:05:ea:4b:df:ff:77:4a:
4a:fe:e2:cd:94:f5:ff:f8:27:55:b2:25:c6:f0:fb:4e:8b:85:
51:9c:03:56:ed:8d:51:67:44:7c:fd:de:c9:2c:48:b3:3d:5e:
e4:89:54:cd:d9:8b:77:2c:c3:28:3a:be:a5:22:0a:42:33:e8:
1b:d9:6c:1a:2e:44:12:37:81:7d:29:a1:10:1a:ed:60:98:4b:
d1:3d:69:17:20:86:3a:e3:86:cc:39:e3:6d:2b:79:a8:f8:e7:
99:ca:95:62:e8:17:54:68:7c:17:67:04:57:d4:cb:27:62:45:
60:e1:7b:31:4b:09:fb:b0:a2:34:43:d8:a9:2e:63:6a:da:cc:
84:bf:41:27:a1:66:8d:9f:0b:99:ff:e2:c1:f2:4d:60:91:7e:
1f:17:5c:af
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZYJRrMb/qU2A+aZq+SSbXWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA2MDQwNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjQwYzBhMjc2NGE2YjAyMzc0NWVkNDM5ZDNmMmY0YzA5ZjVkOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNrCQJsa5WEFbipDRzNgMyt0RkMF
m7lAEWErKB7O4yds6tJ171I296bQHc/Uhg0rm5U4PU0/tuCrfWQ++Kl34fp8QWjp
I1IMKIGr86jjY9U0KBbShV/IFSTrqmwCB2iN8ktHVk4LmAaWF4rRxEgFGobi7/kM
p/OzwmA+lfTsowwGcHSjok5Phf3c8QZIr9W1E463IpO8S1zJVwo5pvWcqTdtsHyj
3BhMg6eEwEGEi5jP5fFxWvZkwduLIj9cwmr/OtofZyTfpZjYs53cMRBBDsn5HidY
0FgsoiOfRA3Gz0OdEs3EwwpFIfDsJQE7RxLBL+brzHSLS1xgCE/psZQ8qwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFI9AwKJ2SmsCN0XtQ50/L0wJ9djJMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvajBEQW9uWkthd0kzUmUxRG5UOHZUQW4xMk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQABVOWAwQA
BedGAwQABedSAwQABedgAwQATVoWAwQATVonAwQATVopAwQATVo0AwQAWWpGMAwD
BABZkAcDBABZkAgDBABZkA4DBABZkBADBABZkBkDBABZkCMwDQYJKoZIhvcNAQEL
BQADggEBALaOiqZMo0lPXrWFEw67rkZSeGi++SR1/vVf+8gQ5ziTHC8XLzME6uzW
EQdjSzIBCUC+8uQN/qsHtel8BvF/aH358uX5Zj13TgU91iXVtjaq6IH6GIFT8c8C
jES4cZ1UEoXx/cZoBepL3/93Skr+4s2U9f/4J1WyJcbw+06LhVGcA1btjVFnRHz9
3sksSLM9XuSJVM3Zi3cswyg6vqUiCkIz6BvZbBouRBI3gX0poRAa7WCYS9E9aRcg
hjrjhsw5420reaj455nKlWLoF1RofBdnBFfUyydiRWDhezFLCfuwojRD2KkuY2ra
zIS/QSehZo2fC5n/4sHyTWCRfh8XXK8=
-----END CERTIFICATE-----
Generated at Sun Jun 15 23:17:37 2025 by rpki-client