Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/mApN5d3eQN-vEV1iKXG2kBwWTy4.roa
File: mApN5d3eQN-vEV1iKXG2kBwWTy4.roa (raw, json)
Hash identifier: qT7QDmTh6RHv9PNlwb+lr9Slnxh77IVJyA2FYxCAqOk=
Subject key identifier: 98:0A:4D:E5:DD:DE:40:DF:AF:11:5D:62:29:71:B6:90:1C:16:4F:2E
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0195F12EC97D0019764082BD4950D5BFCC57
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/mApN5d3eQN-vEV1iKXG2kBwWTy4.roa
Signing time: Tue 01 Apr 2025 11:48:49 +0000
ROA not before: Tue 01 Apr 2025 11:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214790
IP address blocks: 5.8.44.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.188.51.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
5.189.219.0/24 maxlen: 24
5.189.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 15:40:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:2e:c9:7d:00:19:76:40:82:bd:49:50:d5:bf:cc:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Apr 1 11:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=980a4de5ddde40dfaf115d622971b6901c164f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:79:04:66:cd:4d:06:24:da:5d:c7:5f:72:e6:
76:5d:ea:1c:53:e6:9b:3f:15:00:65:8d:da:b1:97:
bf:87:6b:32:93:3c:32:b5:37:a1:dd:88:67:bf:72:
e3:26:a7:6c:ef:ea:3e:1d:be:5a:d0:22:45:9e:97:
db:d6:06:8e:88:7f:4a:44:3a:a7:cb:0f:63:74:85:
df:99:e6:5c:28:f8:1e:d4:dd:80:77:60:95:9f:bc:
bd:d4:80:59:64:ea:43:27:e9:d3:b5:07:b9:91:56:
92:63:e7:f0:13:cb:c8:24:3d:67:60:8d:50:00:90:
34:ad:68:22:76:45:d5:1f:f9:0d:1a:14:ae:f5:91:
d8:d8:31:d4:f5:52:07:7c:5c:8c:e3:b1:2f:67:53:
5b:9f:52:92:6b:a6:66:42:b7:de:bd:98:20:2f:b7:
f0:83:f8:89:0f:0c:65:e5:3c:de:63:43:e7:ea:47:
7e:e3:ba:3c:6c:94:ab:0f:8e:34:95:a7:a1:a8:64:
55:70:b4:fe:22:53:55:c5:88:c5:81:0a:1c:6d:f1:
26:1d:15:44:8d:f1:09:82:b4:95:52:b3:fb:26:a1:
cf:42:28:85:f0:d1:91:8d:c4:b7:97:76:98:56:d8:
ac:d7:3a:43:cc:6f:dd:12:b8:8a:5c:80:2c:36:e9:
77:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0A:4D:E5:DD:DE:40:DF:AF:11:5D:62:29:71:B6:90:1C:16:4F:2E
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/mApN5d3eQN-vEV1iKXG2kBwWTy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/24
5.101.47.0/24
5.188.51.0/24
5.188.200.0/24
5.188.203.0/24
5.189.219.0/24
5.189.254.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:27:5b:24:f3:46:8e:ca:08:cf:44:3b:44:8e:df:7a:c5:39:
d5:93:6f:cd:90:39:2b:46:15:1e:21:2c:6d:cc:66:9f:d8:ba:
69:95:a7:45:57:84:8b:22:45:2c:32:2d:02:00:3f:a9:d2:c3:
c1:4c:ef:86:d7:5f:dd:82:f8:c6:a0:94:ba:96:00:bf:b2:68:
6c:41:9b:36:51:67:58:b4:93:1d:16:2f:ba:9a:5e:61:1d:ff:
c2:1d:7a:42:3b:69:cb:46:90:a3:76:41:2c:e8:d7:e7:c8:67:
c1:fb:f7:5c:18:d2:4c:67:03:4a:59:7c:45:d1:d2:b4:1d:fb:
28:07:4d:bf:ae:4d:70:36:62:63:02:3a:ae:14:2f:f9:f8:28:
1c:57:f0:eb:36:cc:76:46:86:50:36:92:78:09:fb:20:89:2f:
5a:ff:ef:17:17:75:07:6e:54:99:63:d1:e1:88:9c:cb:1c:0e:
d2:d2:b1:6a:32:67:29:d2:5e:06:2b:80:8c:27:e9:77:5f:e6:
af:f0:42:9f:ee:44:62:a7:da:1f:09:72:8d:33:58:df:95:b5:
21:42:8f:8d:2c:2d:f6:16:d9:83:b5:3e:65:8e:d5:7e:3e:f0:
82:20:bc:6e:ee:dd:61:77:0b:58:52:b6:7e:9d:ba:59:62:94:
d8:2b:5a:db
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZXxLsl9ABl2QIK9SVDVv8xXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwNDAxMTE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBhNGRlNWRkZGU0MGRmYWYxMTVkNjIyOTcxYjY5MDFjMTY0ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXkEZs1NBiTaXcdfcuZ2XeocU+ab
PxUAZY3asZe/h2sykzwytTeh3Yhnv3LjJqds7+o+Hb5a0CJFnpfb1gaOiH9KRDqn
yw9jdIXfmeZcKPge1N2Ad2CVn7y91IBZZOpDJ+nTtQe5kVaSY+fwE8vIJD1nYI1Q
AJA0rWgidkXVH/kNGhSu9ZHY2DHU9VIHfFyM47EvZ1Nbn1KSa6ZmQrfevZggL7fw
g/iJDwxl5TzeY0Pn6kd+47o8bJSrD440laehqGRVcLT+IlNVxYjFgQocbfEmHRVE
jfEJgrSVUrP7JqHPQiiF8NGRjcS3l3aYVtis1zpDzG/dEriKXIAsNul3ewIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJgKTeXd3kDfrxFdYilxtpAcFk8uMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvbUFwTjVkM2VRTi12RVYxaUtYRzJrQndXVHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABQgsAwQA
BWUvAwQABbwzAwQABbzIAwQABbzLAwQABb3bAwQABb3+MA0GCSqGSIb3DQEBCwUA
A4IBAQBNJ1sk80aOygjPRDtEjt96xTnVk2/NkDkrRhUeISxtzGaf2LppladFV4SL
IkUsMi0CAD+p0sPBTO+G11/dgvjGoJS6lgC/smhsQZs2UWdYtJMdFi+6ml5hHf/C
HXpCO2nLRpCjdkEs6NfnyGfB+/dcGNJMZwNKWXxF0dK0HfsoB02/rk1wNmJjAjqu
FC/5+CgcV/DrNsx2RoZQNpJ4CfsgiS9a/+8XF3UHblSZY9HhiJzLHA7S0rFqMmcp
0l4GK4CMJ+l3X+av8EKf7kRip9ofCXKNM1jflbUhQo+NLC32FtmDtT5ljtV+PvCC
ILxu7t1hdwtYUrZ+nbpZYpTYK1rb
-----END CERTIFICATE-----
Generated at Tue Apr 29 14:30:42 2025 by rpki-client