Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/y4HJ2dNGZ7HoBnRAAJwxmsw6Hi0.roa
File: y4HJ2dNGZ7HoBnRAAJwxmsw6Hi0.roa (raw, json)
Hash identifier: WkiN5ha2cTUyemE7QyWEk1I3+0LlmIpkPb6i4JO+Nsc=
Subject key identifier: CB:81:C9:D9:D3:46:67:B1:E8:06:74:40:00:9C:31:9A:CC:3A:1E:2D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01966AA17EECAC1077906EDB8391B53685D0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/y4HJ2dNGZ7HoBnRAAJwxmsw6Hi0.roa
Signing time: Fri 25 Apr 2025 01:48:10 +0000
ROA not before: Fri 25 Apr 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 5.83.139.0/24 maxlen: 24
5.231.105.0/24 maxlen: 24
5.231.115.0/24 maxlen: 24
77.90.7.0/24 maxlen: 24
89.144.3.0/24 maxlen: 24
94.103.168.0/24 maxlen: 24
94.249.173.0/24 maxlen: 24
94.249.233.0/24 maxlen: 24
94.249.238.0/24 maxlen: 24
95.215.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 02:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6a:a1:7e:ec:ac:10:77:90:6e:db:83:91:b5:36:85:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 25 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb81c9d9d34667b1e8067440009c319acc3a1e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:cd:a8:38:44:a5:7e:70:a9:f5:41:f1:74:
18:f5:78:a0:99:19:75:e7:86:23:ae:3e:91:ab:c3:
bb:39:a8:d8:c9:d7:e5:54:51:74:e1:70:48:1f:99:
de:aa:b6:33:1c:11:44:c2:51:72:76:95:ca:0f:f1:
15:a9:bc:fc:c4:b2:14:c4:bf:1f:63:f8:c8:2f:ac:
d4:a6:a3:21:0e:07:20:9b:dc:e6:fa:32:7f:30:f8:
d6:3a:c7:01:7d:e7:87:9b:e9:a9:52:d9:38:a6:c2:
47:b7:7d:18:8b:31:c8:92:90:49:1c:74:04:72:04:
bc:cf:ef:d0:9a:04:a5:b1:72:a9:d1:42:af:27:09:
99:a5:58:6e:97:7d:c9:71:74:d4:67:22:2f:c3:f7:
7e:ed:ce:52:23:71:a9:10:aa:72:c8:d3:0f:af:15:
e1:bd:23:76:10:2d:73:d5:b9:27:6b:df:3a:53:60:
53:fb:12:ca:7a:7a:dd:0e:06:cf:48:c0:67:46:d3:
89:7e:7d:75:d8:5e:fd:d6:8c:cb:01:77:58:be:42:
d5:34:26:e3:3b:84:e4:63:9c:ff:a6:1f:65:d1:7f:
55:75:97:67:52:32:05:99:25:da:51:a9:8c:b9:85:
11:b1:5d:f4:4e:1d:c1:bf:1b:91:a3:43:18:24:5b:
81:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:81:C9:D9:D3:46:67:B1:E8:06:74:40:00:9C:31:9A:CC:3A:1E:2D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/y4HJ2dNGZ7HoBnRAAJwxmsw6Hi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.139.0/24
5.231.105.0/24
5.231.115.0/24
77.90.7.0/24
89.144.3.0/24
94.103.168.0/24
94.249.173.0/24
94.249.233.0/24
94.249.238.0/24
95.215.33.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:4d:86:78:53:ef:5a:bd:af:77:03:8b:9a:ee:2f:22:ca:c5:
d4:42:ab:b0:c3:db:0e:ba:2b:be:14:bf:0f:da:04:9b:9f:88:
5d:67:0c:f6:5b:d6:04:86:ac:ed:b4:60:47:5e:a0:24:fd:7d:
22:5e:e4:cd:ba:af:9e:5b:a4:09:60:ea:02:80:c2:44:23:df:
ef:cd:b5:d1:97:9c:1d:31:5d:3c:a0:0a:92:2d:f2:33:6b:e3:
9c:72:75:53:28:05:82:39:e9:c8:e6:f3:0f:8a:08:e0:a8:d4:
eb:55:a1:f8:bc:d1:ff:88:e3:12:e0:ff:39:e2:c2:80:ed:2c:
a1:24:d1:7b:48:f0:2f:73:18:90:1c:84:d5:45:b3:65:20:8d:
77:5f:0e:cb:c9:b8:26:ca:98:ab:b3:a5:fa:9f:0a:8a:f3:a5:
36:d2:04:41:7b:89:65:03:bb:73:4d:de:d4:75:df:4d:df:02:
65:3e:7e:58:b9:b9:98:85:4c:db:7b:0d:59:05:04:a6:5e:d4:
67:1c:e6:8e:53:63:a0:8c:2b:fd:b6:62:58:5a:8f:3f:fd:79:
68:ef:3f:d4:fa:40:78:63:66:1a:c5:66:1e:30:6e:89:90:2c:
d2:ca:29:a4:17:26:44:56:be:93:6d:1e:73:43:09:78:98:e1:
c3:8e:92:5c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZZqoX7srBB3kG7bg5G1NoXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDI1MDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjgxYzlkOWQzNDY2N2IxZTgwNjc0NDAwMDljMzE5YWNjM2ExZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMnNqDhEpX5wqfVB8XQY9XigmRl1
54Yjrj6Rq8O7OajYydflVFF04XBIH5neqrYzHBFEwlFydpXKD/EVqbz8xLIUxL8f
Y/jIL6zUpqMhDgcgm9zm+jJ/MPjWOscBfeeHm+mpUtk4psJHt30YizHIkpBJHHQE
cgS8z+/QmgSlsXKp0UKvJwmZpVhul33JcXTUZyIvw/d+7c5SI3GpEKpyyNMPrxXh
vSN2EC1z1bkna986U2BT+xLKenrdDgbPSMBnRtOJfn112F791ozLAXdYvkLVNCbj
O4TkY5z/ph9l0X9VdZdnUjIFmSXaUamMuYURsV30Th3BvxuRo0MYJFuBOQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMuBydnTRmex6AZ0QACcMZrMOh4tMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveTRISjJkTkdaN0hvQm5SQUFKd3htc3c2SGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABVOLAwQA
BedpAwQABedzAwQATVoHAwQAWZADAwQAXmeoAwQAXvmtAwQAXvnpAwQAXvnuAwQA
X9chMA0GCSqGSIb3DQEBCwUAA4IBAQA9TYZ4U+9ava93A4ua7i8iysXUQquww9sO
uiu+FL8P2gSbn4hdZwz2W9YEhqzttGBHXqAk/X0iXuTNuq+eW6QJYOoCgMJEI9/v
zbXRl5wdMV08oAqSLfIza+OccnVTKAWCOenI5vMPigjgqNTrVaH4vNH/iOMS4P85
4sKA7SyhJNF7SPAvcxiQHITVRbNlII13Xw7Lybgmypirs6X6nwqK86U20gRBe4ll
A7tzTd7Udd9N3wJlPn5YubmYhUzbew1ZBQSmXtRnHOaOU2OgjCv9tmJYWo8//Xlo
7z/U+kB4Y2YaxWYeMG6JkCzSyimkFyZEVr6TbR5zQwl4mOHDjpJc
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:24:07 2025 by rpki-client