Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/un6I0sQXh51qX5z7OwYfesuU3WI.roa
File: un6I0sQXh51qX5z7OwYfesuU3WI.roa (raw, json)
Hash identifier: jsrqi4DldipSq8mjGTCWs+vrQduY23ezTozHkQtVS9g=
Subject key identifier: BA:7E:88:D2:C4:17:87:9D:6A:5F:9C:FB:3B:06:1F:7A:CB:94:DD:62
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0199E1EF92E33872299135889CAA73FF78BF
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/un6I0sQXh51qX5z7OwYfesuU3WI.roa
Signing time: Tue 14 Oct 2025 08:56:38 +0000
ROA not before: Tue 14 Oct 2025 08:56:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47263
IP address blocks: 5.231.20.0/23 maxlen: 23
5.231.20.0/24 maxlen: 24
5.231.21.0/24 maxlen: 24
5.231.47.0/24 maxlen: 24
77.90.37.0/24 maxlen: 24
89.144.31.0/24 maxlen: 24
94.103.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Oct 2025 00:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:ef:92:e3:38:72:29:91:35:88:9c:aa:73:ff:78:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 14 08:56:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba7e88d2c417879d6a5f9cfb3b061f7acb94dd62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:70:dc:24:a7:7e:61:27:fd:ef:9f:bb:ec:
17:12:b2:f6:5f:f0:cb:1b:26:de:90:1c:2b:cf:eb:
d1:4a:cf:73:00:3a:f6:2e:13:8b:b0:66:dc:7b:78:
c4:3e:fc:38:03:d6:92:3b:b5:96:e6:5f:fd:06:dd:
9b:66:d5:98:e3:78:e5:e5:86:b5:87:48:66:91:1a:
bc:c8:09:14:2c:6c:91:2a:f6:0b:b3:91:9d:3c:94:
2f:eb:43:af:3c:10:83:1d:5d:0d:8d:51:a6:98:3b:
3d:1c:c4:cf:d2:ba:73:98:8a:d4:3d:3f:64:f3:bd:
83:d0:02:80:a8:f7:97:7b:60:60:33:22:83:24:a0:
c0:af:ee:76:9b:a7:b7:50:26:78:bd:42:5c:43:22:
0c:cc:b8:d7:fa:78:f3:b7:7d:67:75:94:ec:de:b4:
27:64:91:58:1a:57:07:64:f9:ae:cf:12:64:ff:52:
71:aa:ca:a9:81:77:8c:92:64:3f:8b:40:aa:79:39:
ea:b1:7e:d8:36:59:8b:ce:fe:be:17:70:fc:4a:3c:
44:a2:34:30:d7:32:7d:dd:60:a6:44:f8:15:3e:84:
79:3c:75:b6:e9:15:af:04:37:82:b2:d1:61:e9:c3:
f8:45:56:ae:7c:b0:62:a0:e3:7f:5b:09:dd:12:54:
42:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7E:88:D2:C4:17:87:9D:6A:5F:9C:FB:3B:06:1F:7A:CB:94:DD:62
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/un6I0sQXh51qX5z7OwYfesuU3WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.20.0/23
5.231.47.0/24
77.90.37.0/24
89.144.31.0/24
94.103.164.0/24
Signature Algorithm: sha256WithRSAEncryption
05:d6:0c:18:c2:f6:77:0c:26:25:f0:c3:e0:65:74:e5:66:f4:
15:31:81:0d:c5:0a:6f:d0:be:c3:59:80:e3:b5:06:43:06:86:
62:68:06:ec:c2:ef:08:cc:42:14:2e:7f:d5:7d:97:2d:cd:6e:
56:b3:52:a7:f0:d5:19:6b:c6:1d:e1:e1:07:21:19:38:22:12:
a4:96:02:77:4f:5e:e6:85:7c:d2:0d:86:b2:4b:3e:50:a4:00:
40:84:dd:10:2b:7b:71:f2:72:1d:28:66:55:9b:b4:c7:fc:fa:
5f:43:4a:49:12:fa:4c:77:44:d3:29:d6:61:7a:52:c8:a4:fc:
ce:5e:d1:36:6b:f4:6c:13:64:97:b2:0d:7d:25:00:ae:8b:41:
03:1d:3c:48:4d:5e:d5:d4:78:ca:e7:84:ba:62:93:25:1a:74:
b4:ea:77:3c:88:7d:8d:9b:78:87:1e:03:41:4a:5d:02:94:4c:
2d:c5:16:ae:f8:41:25:55:ee:96:e4:1c:15:b4:8d:3c:86:6c:
9c:a9:94:e4:6e:62:f7:ef:da:c1:2c:df:e3:3b:41:f9:67:aa:
d0:9d:ac:cd:95:a0:d7:7b:42:2d:53:26:dc:ff:9c:dc:e2:77:
57:9a:bb:1a:29:9d:b1:e5:d9:ec:b3:ac:34:58:74:66:e6:fb:
9c:12:46:30
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZnh75LjOHIpkTWInKpz/3i/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMDE0MDg1NjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTdlODhkMmM0MTc4NzlkNmE1ZjljZmIzYjA2MWY3YWNiOTRkZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWZw3CSnfmEn/e+fu+wXErL2X/DL
GybekBwrz+vRSs9zADr2LhOLsGbce3jEPvw4A9aSO7WW5l/9Bt2bZtWY43jl5Ya1
h0hmkRq8yAkULGyRKvYLs5GdPJQv60OvPBCDHV0NjVGmmDs9HMTP0rpzmIrUPT9k
872D0AKAqPeXe2BgMyKDJKDAr+52m6e3UCZ4vUJcQyIMzLjX+njzt31ndZTs3rQn
ZJFYGlcHZPmuzxJk/1JxqsqpgXeMkmQ/i0CqeTnqsX7YNlmLzv6+F3D8SjxEojQw
1zJ93WCmRPgVPoR5PHW26RWvBDeCstFh6cP4RVaufLBioON/WwndElRC+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLp+iNLEF4edal+c+zsGH3rLlN1iMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdW42STBzUVhoNTFxWDV6N093WWZlc3VVM1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBecUAwQA
BecvAwQATVolAwQAWZAfAwQAXmekMA0GCSqGSIb3DQEBCwUAA4IBAQAF1gwYwvZ3
DCYl8MPgZXTlZvQVMYENxQpv0L7DWYDjtQZDBoZiaAbswu8IzEIULn/VfZctzW5W
s1Kn8NUZa8Yd4eEHIRk4IhKklgJ3T17mhXzSDYaySz5QpABAhN0QK3tx8nIdKGZV
m7TH/PpfQ0pJEvpMd0TTKdZhelLIpPzOXtE2a/RsE2SXsg19JQCui0EDHTxITV7V
1HjK54S6YpMlGnS06nc8iH2Nm3iHHgNBSl0ClEwtxRau+EElVe6W5BwVtI08hmyc
qZTkbmL379rBLN/jO0H5Z6rQnazNlaDXe0ItUybc/5zc4ndXmrsaKZ2x5dnss6w0
WHRm5vucEkYw
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:49:52 2025 by rpki-client