Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/owJX_6l6qj0juLrKP7yzD2mSCs8.roa
File: owJX_6l6qj0juLrKP7yzD2mSCs8.roa (raw, json)
Hash identifier: 7ofK2no3MV/zz50F6ZK3uytuo7jFLB/cuz8VS9mltik=
Subject key identifier: A3:02:57:FF:A9:7A:AA:3D:23:B8:BA:CA:3F:BC:B3:0F:69:92:0A:CF
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01966DB130AAC3B8C9D8F227036C49344DAF
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/owJX_6l6qj0juLrKP7yzD2mSCs8.roa
Signing time: Fri 25 Apr 2025 16:04:10 +0000
ROA not before: Fri 25 Apr 2025 16:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
5.231.111.0/24 maxlen: 24
5.231.114.0/24 maxlen: 24
5.231.233.0/24 maxlen: 24
85.93.23.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.249.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Apr 2025 22:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:b1:30:aa:c3:b8:c9:d8:f2:27:03:6c:49:34:4d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 25 16:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a30257ffa97aaa3d23b8baca3fbcb30f69920acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2e:7c:33:70:56:4e:32:c7:7f:c5:8e:82:d6:
1a:09:46:21:95:98:69:14:fe:5b:a1:7e:9e:3a:d3:
fb:34:c8:03:c5:96:b1:a8:48:d9:a1:a1:0f:cb:b0:
3b:58:0e:6c:9b:bb:1f:8c:c1:10:4a:0b:9b:26:f2:
7f:58:51:89:85:07:20:cd:b3:55:66:0a:10:0f:65:
f8:d6:e8:2c:87:ef:de:62:72:4a:f8:26:dc:25:0d:
ad:01:2b:e9:72:5d:d4:81:34:4b:d7:5f:0e:e8:a8:
96:3e:6d:53:72:6d:87:23:33:0b:1d:ce:e4:31:f1:
52:82:36:3a:0e:ee:88:a2:c7:01:0f:5a:c4:2a:32:
75:db:30:af:1a:49:c0:33:31:0c:4b:fb:80:78:d7:
d1:33:c6:70:f1:66:fb:ae:ce:51:0f:a3:c5:cc:c3:
e4:0d:8c:6e:a0:d5:05:f2:4d:67:fe:f1:41:d4:9b:
66:e6:2f:49:b4:68:d9:27:bb:3c:51:7a:6c:90:33:
3a:9e:20:37:82:84:7e:47:70:dd:e0:d3:3f:17:e9:
8e:d3:08:32:23:d4:76:f3:e2:71:0c:a3:f6:fb:d4:
13:72:5a:12:3b:1b:64:5b:fb:06:35:ba:94:3d:e0:
8b:d2:27:73:62:78:e7:05:0a:91:d4:7b:30:84:bb:
5b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:02:57:FF:A9:7A:AA:3D:23:B8:BA:CA:3F:BC:B3:0F:69:92:0A:CF
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/owJX_6l6qj0juLrKP7yzD2mSCs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.237.0/24
5.175.239.0/24
5.231.25.0-5.231.26.255
5.231.111.0/24
5.231.114.0/24
5.231.233.0/24
85.93.23.0/24
89.106.69.0/24
89.106.71.0/24
94.103.167.0/24
94.249.150.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:be:06:93:25:59:18:d4:70:6d:9b:0c:ec:b0:b2:2e:c0:95:
d5:bd:f2:c5:9e:6c:6e:2b:dc:77:41:11:96:ba:f0:b3:1a:8e:
fb:86:be:16:90:fd:02:1b:85:75:ec:55:41:75:79:75:26:80:
1f:6d:d3:6a:a3:92:3a:30:5e:fb:45:8a:bb:12:d9:a2:4d:a7:
a5:54:0f:0a:e6:12:4e:9e:ea:a2:6c:98:79:5c:71:ae:18:ab:
b0:bf:c0:ce:c2:e8:1f:5d:70:5e:b4:38:ca:35:1a:8f:29:cc:
23:f7:a0:06:9e:d6:c6:35:71:96:e3:90:60:a1:9a:16:fc:c1:
ac:83:a4:9c:80:ab:a1:2f:84:f2:c1:19:a0:dd:3b:ac:9c:71:
79:8b:61:cf:41:d8:97:6c:0c:bc:73:da:a3:d5:27:6d:09:97:
14:c6:85:4d:7d:09:19:e9:77:25:80:00:1b:f2:09:cc:f3:b9:
ea:1b:cd:c1:f9:15:b7:c1:57:ea:ab:79:c0:d6:af:56:3b:d0:
cb:66:27:d9:db:b9:a2:ac:37:5e:f9:04:f8:cd:cc:a3:f0:11:
e4:28:6b:96:21:21:a5:6e:37:a8:b7:63:7a:46:a1:10:19:f6:
a5:3f:37:2a:4f:1a:9b:ee:71:23:c7:b5:a8:51:62:88:e7:68:
fc:70:a4:1c
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZZtsTCqw7jJ2PInA2xJNE2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDI1MTYwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzAyNTdmZmE5N2FhYTNkMjNiOGJhY2EzZmJjYjMwZjY5OTIwYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS58M3BWTjLHf8WOgtYaCUYhlZhp
FP5boX6eOtP7NMgDxZaxqEjZoaEPy7A7WA5sm7sfjMEQSgubJvJ/WFGJhQcgzbNV
ZgoQD2X41ugsh+/eYnJK+CbcJQ2tASvpcl3UgTRL118O6KiWPm1Tcm2HIzMLHc7k
MfFSgjY6Du6IoscBD1rEKjJ12zCvGknAMzEMS/uAeNfRM8Zw8Wb7rs5RD6PFzMPk
DYxuoNUF8k1n/vFB1Jtm5i9JtGjZJ7s8UXpskDM6niA3goR+R3Dd4NM/F+mO0wgy
I9R28+JxDKP2+9QTcloSOxtkW/sGNbqUPeCL0idzYnjnBQqR1HswhLtbBwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFKMCV/+peqo9I7i6yj+8sw9pkgrPMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvb3dKWF82bDZxajBqdUxyS1A3eXpEMm1TQ3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQABa/tAwQA
Ba/vMAwDBAAF5xkDBAAF5xoDBAAF528DBAAF53IDBAAF5+kDBABVXRcDBABZakUD
BABZakcDBABeZ6cDBABe+ZYwDQYJKoZIhvcNAQELBQADggEBANa+BpMlWRjUcG2b
DOywsi7AldW98sWebG4r3HdBEZa68LMajvuGvhaQ/QIbhXXsVUF1eXUmgB9t02qj
kjowXvtFirsS2aJNp6VUDwrmEk6e6qJsmHlcca4Yq7C/wM7C6B9dcF60OMo1Go8p
zCP3oAae1sY1cZbjkGChmhb8wayDpJyAq6EvhPLBGaDdO6yccXmLYc9B2JdsDLxz
2qPVJ20JlxTGhU19CRnpdyWAABvyCczzueobzcH5FbfBV+qrecDWr1Y70MtmJ9nb
uaKsN175BPjNzKPwEeQoa5YhIaVuN6i3Y3pGoRAZ9qU/NypPGpvucSPHtahRYojn
aPxwpBw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:31:57 2025 by rpki-client