Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RqfZA4NU5z2IjeJTPkJKMOvRR7M.roa
File: RqfZA4NU5z2IjeJTPkJKMOvRR7M.roa (raw, json)
Hash identifier: rFmhZGWnaLWULk5cstrAL2GCx/Bzjq0O4O0PJa11OnI=
Subject key identifier: 46:A7:D9:03:83:54:E7:3D:88:8D:E2:53:3E:42:4A:30:EB:D1:47:B3
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197B986B623EF474D186C69C9E01EFE0572
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RqfZA4NU5z2IjeJTPkJKMOvRR7M.roa
Signing time: Sun 29 Jun 2025 02:31:42 +0000
ROA not before: Sun 29 Jun 2025 02:31:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211066
IP address blocks: 5.83.134.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
5.175.192.0/24 maxlen: 24
5.231.80.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Jul 2025 20:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b9:86:b6:23:ef:47:4d:18:6c:69:c9:e0:1e:fe:05:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 29 02:31:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46a7d9038354e73d888de2533e424a30ebd147b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:18:9e:a5:d8:07:c1:c6:4c:20:16:3c:53:
3c:d6:2a:6d:4f:96:2d:2c:86:9d:2b:45:83:25:52:
aa:7a:06:c7:2e:9d:5e:32:20:31:2e:c5:cb:dd:dc:
a6:fe:a9:2f:6d:2d:75:24:bb:b4:31:bd:25:25:c0:
bb:c1:1f:16:f3:c3:b5:0d:08:53:fc:9a:60:29:4b:
c8:d9:42:0d:25:f2:e9:c3:f3:87:2a:fb:16:5e:8a:
bf:84:83:3b:35:41:0c:e1:cc:35:f7:fc:3b:93:4a:
2f:00:4b:62:dd:5e:76:1b:5d:46:27:2f:8a:5c:d6:
c4:9f:1b:f7:26:c7:fb:a8:38:29:20:6e:8d:9b:ab:
c8:09:12:15:a3:b5:87:6b:4b:6f:e0:9a:5f:bd:8e:
c8:fc:2f:35:61:81:f7:93:84:36:da:3b:15:fd:43:
e1:5d:74:de:c5:2f:0b:a6:94:69:9d:50:d4:37:91:
13:80:be:64:63:37:3a:72:16:c0:dd:6f:b7:8f:b2:
55:69:ef:a3:a8:c8:1a:06:61:8e:eb:58:95:c9:fb:
f4:f1:cd:96:07:af:cf:e9:1f:a4:3c:5d:51:84:96:
1e:13:1b:5e:07:bc:1a:7d:23:5f:86:f6:f4:c9:ad:
0c:20:d2:0b:b8:c2:99:4a:c9:e4:d7:5d:20:47:4c:
6a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A7:D9:03:83:54:E7:3D:88:8D:E2:53:3E:42:4A:30:EB:D1:47:B3
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RqfZA4NU5z2IjeJTPkJKMOvRR7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.175.140.0/24
5.175.192.0/24
5.231.80.0/24
94.103.163.0/24
94.249.153.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e0:77:35:31:1b:62:fc:4a:40:ff:ac:70:68:ea:68:9d:01:
6f:5b:fd:71:38:1d:f0:5d:c6:ce:6a:fa:92:91:a6:bb:ae:fb:
7f:e7:22:f5:47:b6:c1:bc:2d:a6:ec:62:78:32:4c:71:49:de:
2c:3e:3e:2e:c9:eb:98:4d:18:71:dc:d2:c2:8e:0a:64:ed:34:
04:41:6d:3c:0d:6c:07:48:a0:c5:51:2c:ff:88:c3:49:14:ad:
0e:06:2c:4e:22:3d:36:1c:6b:2b:6d:1f:df:b7:22:68:ac:37:
0e:02:a5:80:c2:ed:53:33:26:d8:5e:e9:02:1b:56:dd:c9:48:
bd:2b:59:6d:07:55:6a:58:a9:3f:6e:b8:46:c7:17:91:ef:14:
31:64:0e:10:45:c1:1a:f8:f6:f9:ed:60:b1:86:15:60:b0:7b:
51:56:8a:2b:47:68:a3:ec:f0:5a:66:71:2b:59:5d:cd:6d:ea:
4a:ab:57:86:02:4a:1d:e8:6a:e7:15:51:b4:a0:a7:93:47:54:
8a:7b:96:96:2b:2e:75:ef:48:5c:53:ea:05:6f:2e:36:58:f4:
9e:f3:1a:4c:1c:4a:48:1a:b2:e6:b2:4e:fd:19:31:a2:a5:d4:
ac:47:60:7c:d9:57:51:af:f9:38:59:f1:c0:5d:6d:7d:bd:8c:
c9:b3:9c:61
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZe5hrYj70dNGGxpyeAe/gVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjI5MDIzMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmE3ZDkwMzgzNTRlNzNkODg4ZGUyNTMzZTQyNGEzMGViZDE0N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUkYnqXYB8HGTCAWPFM81iptT5Yt
LIadK0WDJVKqegbHLp1eMiAxLsXL3dym/qkvbS11JLu0Mb0lJcC7wR8W88O1DQhT
/JpgKUvI2UINJfLpw/OHKvsWXoq/hIM7NUEM4cw19/w7k0ovAEti3V52G11GJy+K
XNbEnxv3Jsf7qDgpIG6Nm6vICRIVo7WHa0tv4JpfvY7I/C81YYH3k4Q22jsV/UPh
XXTexS8LppRpnVDUN5ETgL5kYzc6chbA3W+3j7JVae+jqMgaBmGO61iVyfv08c2W
B6/P6R+kPF1RhJYeExteB7wafSNfhvb0ya0MINILuMKZSsnk110gR0xqRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEan2QODVOc9iI3iUz5CSjDr0UezMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUnFmWkE0TlU1ejJJamVKVFBrSktNT3ZSUjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOGAwQA
Ba+MAwQABa/AAwQABedQAwQAXmejAwQAXvmZMA0GCSqGSIb3DQEBCwUAA4IBAQBC
4Hc1MRti/EpA/6xwaOponQFvW/1xOB3wXcbOavqSkaa7rvt/5yL1R7bBvC2m7GJ4
MkxxSd4sPj4uyeuYTRhx3NLCjgpk7TQEQW08DWwHSKDFUSz/iMNJFK0OBixOIj02
HGsrbR/ftyJorDcOAqWAwu1TMybYXukCG1bdyUi9K1ltB1VqWKk/brhGxxeR7xQx
ZA4QRcEa+Pb57WCxhhVgsHtRVoorR2ij7PBaZnErWV3NbepKq1eGAkod6GrnFVG0
oKeTR1SKe5aWKy5170hcU+oFby42WPSe8xpMHEpIGrLmsk79GTGipdSsR2B82VdR
r/k4WfHAXW19vYzJs5xh
-----END CERTIFICATE-----
Generated at Wed Jul 2 13:40:21 2025 by rpki-client