Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mUajtgfSKr09p_jTv5GmGTEl7oc.roa
File: mUajtgfSKr09p_jTv5GmGTEl7oc.roa (raw, json)
Hash identifier: BwgDlye9ZEUbJqxNNzbkubeAE/bG5N/uu0YN/jVt/Ig=
Subject key identifier: 99:46:A3:B6:07:D2:2A:BD:3D:A7:F8:D3:BF:91:A6:19:31:25:EE:87
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196F75A56D02DB0A9A41F89B506B4E5138F
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mUajtgfSKr09p_jTv5GmGTEl7oc.roa
Signing time: Thu 22 May 2025 09:36:54 +0000
ROA not before: Thu 22 May 2025 09:36:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.83.138.0/24 maxlen: 24
5.175.200.0/24 maxlen: 24
5.175.201.0/24 maxlen: 24
5.175.204.0/24 maxlen: 24
5.175.205.0/24 maxlen: 24
5.175.209.0/24 maxlen: 24
5.175.210.0/24 maxlen: 24
5.175.211.0/24 maxlen: 24
5.175.212.0/24 maxlen: 24
5.175.213.0/24 maxlen: 24
5.175.214.0/24 maxlen: 24
5.175.238.0/24 maxlen: 24
5.230.164.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.71.0/24 maxlen: 24
5.231.72.0/24 maxlen: 24
5.231.73.0/24 maxlen: 24
5.231.74.0/24 maxlen: 24
5.231.75.0/24 maxlen: 24
5.231.79.0/24 maxlen: 24
5.231.92.0/24 maxlen: 24
5.231.113.0/24 maxlen: 24
5.231.240.0/24 maxlen: 24
5.231.241.0/24 maxlen: 24
5.231.242.0/24 maxlen: 24
5.231.243.0/24 maxlen: 24
5.231.244.0/24 maxlen: 24
5.231.245.0/24 maxlen: 24
5.231.246.0/24 maxlen: 24
5.231.247.0/24 maxlen: 24
5.231.248.0/24 maxlen: 24
85.93.5.0/24 maxlen: 24
85.93.21.0/24 maxlen: 24
85.93.31.0/24 maxlen: 24
89.106.90.0/24 maxlen: 24
89.144.5.0/24 maxlen: 24
89.144.34.0/24 maxlen: 24
89.144.39.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.180.0/24 maxlen: 24
94.249.181.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 May 2025 21:46:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:5a:56:d0:2d:b0:a9:a4:1f:89:b5:06:b4:e5:13:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 22 09:36:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9946a3b607d22abd3da7f8d3bf91a6193125ee87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:74:84:84:77:4c:72:b9:9d:26:e0:55:c9:40:
16:da:03:8b:10:d3:93:cd:ef:b8:9f:29:40:9b:4a:
b8:7d:8e:00:8c:5f:f7:9b:e6:04:71:dd:f8:aa:64:
78:25:95:9e:8f:52:8a:c0:5d:61:10:7c:d1:14:5d:
0b:3d:4e:57:84:fd:d0:d3:cf:63:40:bc:38:fc:2c:
6f:cb:21:95:43:b4:2b:f7:a5:40:82:58:ef:b1:75:
e0:86:82:20:ca:7e:ff:fe:56:03:36:34:f0:4b:73:
dd:1f:89:eb:86:f9:ea:28:0b:c2:ab:2d:dd:2d:08:
f8:f0:cb:43:d7:41:27:ab:e2:d0:b8:33:c6:a0:bb:
f2:a9:80:7c:27:54:9a:63:8b:d4:1a:a1:5a:e0:4e:
aa:0d:9c:03:6e:74:fd:ee:b6:74:8f:5d:a2:44:e5:
40:6c:0b:83:b3:93:9c:a7:55:cc:00:47:09:5a:ca:
10:27:ac:a9:59:13:44:b5:a9:33:d1:a8:2c:4c:6a:
22:fd:1f:24:8a:52:7b:be:68:3c:28:d4:40:41:74:
b7:5b:44:a4:85:bb:75:0e:e5:0a:2e:26:b2:4e:42:
f6:fb:d7:be:57:e8:7d:05:c9:f1:58:f5:d8:57:89:
e1:3a:a5:6f:1b:37:1f:fb:1e:82:24:40:f9:bf:ce:
ad:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:46:A3:B6:07:D2:2A:BD:3D:A7:F8:D3:BF:91:A6:19:31:25:EE:87
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mUajtgfSKr09p_jTv5GmGTEl7oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.175.200.0/23
5.175.204.0/23
5.175.209.0-5.175.214.255
5.175.238.0/24
5.230.164.0/24
5.231.61.0/24
5.231.71.0-5.231.75.255
5.231.79.0/24
5.231.92.0/24
5.231.113.0/24
5.231.240.0-5.231.248.255
85.93.5.0/24
85.93.21.0/24
85.93.31.0/24
89.106.90.0/24
89.144.5.0/24
89.144.34.0/24
89.144.39.0/24
94.249.168.0/23
94.249.180.0/23
94.249.237.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:70:a2:e7:6d:05:0e:57:37:f4:46:32:b2:64:56:1d:ea:3c:
a4:b4:0c:4d:85:b2:24:23:9e:e2:c7:cb:e6:49:c4:19:70:5a:
07:41:a9:bb:dd:d8:da:3b:de:bc:23:43:a8:0a:52:df:46:d4:
fe:6c:ad:e6:38:0f:8a:57:9d:0b:63:be:45:fe:81:d2:95:dd:
34:48:68:eb:5e:90:a5:5a:5b:0b:c9:7a:48:8b:75:ce:7f:25:
6c:64:32:98:c7:a5:e5:34:34:bd:cb:15:8b:14:6e:9b:0b:07:
16:21:87:20:0c:09:7d:37:65:1f:11:76:05:8b:c3:79:64:80:
07:df:db:e9:2b:ca:19:cb:bb:4c:f5:b5:a2:52:f5:30:24:77:
a2:f0:f7:36:3a:d1:fc:e4:d0:d6:b2:93:8f:88:e8:77:dd:c2:
23:84:df:c1:e4:e1:1b:dd:2b:cd:36:05:86:e8:34:0a:7b:02:
a0:2d:08:b7:d7:8b:f6:a8:0e:9d:a8:94:76:c1:2a:74:b2:54:
51:ae:09:ea:bf:81:36:d5:3a:55:23:ca:25:78:0e:3e:cd:49:
94:96:56:0d:e0:71:01:7a:23:30:81:48:9b:3d:95:1d:66:a7:
cc:7a:62:50:6e:1a:aa:26:76:34:a1:9c:34:6e:b4:be:0a:44:
37:06:ca:3f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZb3WlbQLbCppB+JtQa05ROPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTIyMDkzNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ2YTNiNjA3ZDIyYWJkM2RhN2Y4ZDNiZjkxYTYxOTMxMjVlZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXSEhHdMcrmdJuBVyUAW2gOLENOT
ze+4nylAm0q4fY4AjF/3m+YEcd34qmR4JZWej1KKwF1hEHzRFF0LPU5XhP3Q089j
QLw4/CxvyyGVQ7Qr96VAgljvsXXghoIgyn7//lYDNjTwS3PdH4nrhvnqKAvCqy3d
LQj48MtD10Enq+LQuDPGoLvyqYB8J1SaY4vUGqFa4E6qDZwDbnT97rZ0j12iROVA
bAuDs5Ocp1XMAEcJWsoQJ6ypWRNEtakz0agsTGoi/R8kilJ7vmg8KNRAQXS3W0Sk
hbt1DuUKLiayTkL2+9e+V+h9BcnxWPXYV4nhOqVvGzcf+x6CJED5v86tQwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFJlGo7YH0iq9Paf407+RphkxJe6HMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbVVhanRnZlNLcjA5cF9qVHY1R21HVEVsN29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAF
U4oDBAEFr8gDBAEFr8wwDAMEAAWv0QMEAAWv1gMEAAWv7gMEAAXmpAMEAAXnPTAM
AwQABedHAwQCBedIAwQABedPAwQABedcAwQABedxMAwDBAQF5/ADBAAF5/gDBABV
XQUDBABVXRUDBABVXR8DBABZaloDBABZkAUDBABZkCIDBABZkCcDBAFe+agDBAFe
+bQDBABe+e0wDQYJKoZIhvcNAQELBQADggEBALBwoudtBQ5XN/RGMrJkVh3qPKS0
DE2FsiQjnuLHy+ZJxBlwWgdBqbvd2No73rwjQ6gKUt9G1P5sreY4D4pXnQtjvkX+
gdKV3TRIaOtekKVaWwvJekiLdc5/JWxkMpjHpeU0NL3LFYsUbpsLBxYhhyAMCX03
ZR8RdgWLw3lkgAff2+kryhnLu0z1taJS9TAkd6Lw9zY60fzk0Nayk4+I6HfdwiOE
38Hk4RvdK802BYboNAp7AqAtCLfXi/aoDp2olHbBKnSyVFGuCeq/gTbVOlUjyiV4
Dj7NSZSWVg3gcQF6IzCBSJs9lR1mp8x6YlBuGqomdjShnDRutL4KRDcGyj8=
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:29:34 2025 by rpki-client