Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/p2dkUwhpDNOpQDelMXcesVhZM58.roa
File: p2dkUwhpDNOpQDelMXcesVhZM58.roa (raw, json)
Hash identifier: 5i5UTrTBX6h+3m4tD7m13cc8G7hThykMY63VuqXikSo=
Subject key identifier: A7:67:64:53:08:69:0C:D3:A9:40:37:A5:31:77:1E:B1:58:59:33:9F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196DDC5CFB47E5B9E45E57214A06201E639
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/p2dkUwhpDNOpQDelMXcesVhZM58.roa
Signing time: Sat 17 May 2025 10:24:10 +0000
ROA not before: Sat 17 May 2025 10:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 May 2025 04:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dd:c5:cf:b4:7e:5b:9e:45:e5:72:14:a0:62:01:e6:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 17 10:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a767645308690cd3a94037a531771eb15859339f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ca:7f:21:6f:3d:50:01:f2:aa:4f:33:82:e6:
6d:20:46:1d:47:66:fc:5d:a5:c8:1b:48:c6:8f:65:
ae:7e:99:4f:23:64:35:70:54:45:e7:cf:52:c4:a1:
79:38:f4:66:99:c4:d8:9a:09:94:40:a8:44:3d:53:
cf:60:8c:63:84:4f:35:88:f9:07:b0:4d:40:4f:f7:
55:03:e0:7f:00:e5:b1:b0:b5:f2:fd:b5:4a:1e:40:
95:e0:3c:da:a3:2c:a6:0d:55:85:4c:a0:cd:70:5c:
4a:72:0c:93:d9:71:37:f9:83:40:05:57:d6:7d:7b:
fc:4a:dc:aa:57:7c:92:7f:df:e8:9a:5c:ce:e5:95:
07:00:ae:2f:a8:b3:06:35:6a:c5:06:0b:7b:61:d2:
b5:bd:2b:05:56:79:2d:c3:97:06:49:4a:a1:f8:24:
fe:04:51:65:88:36:d9:64:56:01:28:b2:b7:32:b4:
8d:a6:f8:09:e2:17:0e:6a:2b:62:41:cf:88:18:8f:
fb:28:1a:67:d0:c8:bc:55:77:84:06:d7:e4:43:e9:
52:4d:e5:c3:2a:21:99:30:44:dc:25:0b:40:b7:30:
e9:aa:7b:b8:65:a4:54:e3:6f:33:04:a3:93:40:a3:
54:b2:bf:46:ca:c9:f9:ff:72:f2:77:65:d5:df:e3:
a6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:67:64:53:08:69:0C:D3:A9:40:37:A5:31:77:1E:B1:58:59:33:9F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/p2dkUwhpDNOpQDelMXcesVhZM58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
77.90.54.0/24
87.239.131.0/24
94.249.195.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
71:3b:e3:8a:e8:f2:2c:8a:91:17:65:ae:d8:b3:47:82:c8:a9:
37:11:35:08:27:d8:ab:6d:f5:89:56:a4:41:4b:0e:f7:ad:53:
b1:5b:a3:a8:b6:05:17:0c:7d:f9:79:16:28:c0:33:1c:a4:4a:
14:9d:6c:65:c7:a7:90:a5:b9:07:d5:46:e3:02:e6:47:32:b6:
f8:16:4e:f8:cf:98:94:c3:91:b3:da:6c:b2:54:df:ba:7f:d1:
b2:a3:a7:b2:8f:2b:aa:24:56:36:bd:f7:e4:5a:c5:9f:f0:8e:
72:c2:c0:11:69:eb:7e:06:72:9c:b0:87:68:7a:0f:63:3a:0d:
da:83:55:21:97:40:54:37:15:30:05:e5:b7:f0:39:8b:7c:de:
48:2c:2d:45:74:83:b3:23:3e:c3:ea:ba:25:fc:72:dc:1e:83:
80:9a:eb:a5:21:dd:e2:3d:fa:4b:35:98:7c:56:d5:8a:d0:1f:
a1:7b:5b:08:07:11:78:92:c9:00:ee:4d:d9:6f:cc:2a:a2:ee:
13:06:d2:1b:2a:bd:ae:21:f7:f9:bc:9a:d5:d4:ff:fc:92:4b:
c8:df:a7:88:52:38:d0:9f:05:74:55:d5:9f:2a:68:c2:de:9a:
cf:6d:6c:88:e5:f1:d8:1c:cd:34:4e:29:94:81:83:e5:de:8e:
f7:aa:40:b1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZbdxc+0flueReVyFKBiAeY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTE3MTAyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzY3NjQ1MzA4NjkwY2QzYTk0MDM3YTUzMTc3MWViMTU4NTkzMzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8p/IW89UAHyqk8zguZtIEYdR2b8
XaXIG0jGj2WufplPI2Q1cFRF589SxKF5OPRmmcTYmgmUQKhEPVPPYIxjhE81iPkH
sE1AT/dVA+B/AOWxsLXy/bVKHkCV4DzaoyymDVWFTKDNcFxKcgyT2XE3+YNABVfW
fXv8StyqV3ySf9/omlzO5ZUHAK4vqLMGNWrFBgt7YdK1vSsFVnktw5cGSUqh+CT+
BFFliDbZZFYBKLK3MrSNpvgJ4hcOaitiQc+IGI/7KBpn0Mi8VXeEBtfkQ+lSTeXD
KiGZMETcJQtAtzDpqnu4ZaRU428zBKOTQKNUsr9Gysn5/3Lyd2XV3+Om0QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKdnZFMIaQzTqUA3pTF3HrFYWTOfMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvcDJka1V3aHBETk9wUURlbE1YY2VzVmhaTTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABVOBAwQA
TVo2AwQAV++DAwQAXvnDAwQAX9cgAwQAX9ciAwQAshKQAwQA2UWmMA0GCSqGSIb3
DQEBCwUAA4IBAQBxO+OK6PIsipEXZa7Ys0eCyKk3ETUIJ9irbfWJVqRBSw73rVOx
W6OotgUXDH35eRYowDMcpEoUnWxlx6eQpbkH1UbjAuZHMrb4Fk74z5iUw5Gz2myy
VN+6f9Gyo6eyjyuqJFY2vffkWsWf8I5ywsARaet+BnKcsIdoeg9jOg3ag1Uhl0BU
NxUwBeW38DmLfN5ILC1FdIOzIz7D6rol/HLcHoOAmuulId3iPfpLNZh8VtWK0B+h
e1sIBxF4kskA7k3Zb8wqou4TBtIbKr2uIff5vJrV1P/8kkvI36eIUjjQnwV0VdWf
KmjC3prPbWyI5fHYHM00TimUgYPl3o73qkCx
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:55:54 2025 by rpki-client