Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/xd2kOGS4mgFM08WhrPa1L-rK6Pk.roa
File: xd2kOGS4mgFM08WhrPa1L-rK6Pk.roa (raw, json)
Hash identifier: LddktYpB3EmXGjOxKUZoN7AegvyNSQBHFF8ruxzwy6g=
Subject key identifier: C5:DD:A4:38:64:B8:9A:01:4C:D3:C5:A1:AC:F6:B5:2F:EA:CA:E8:F9
Certificate issuer: /CN=5d6c15ca903d7d25453eaeb5f724a04e3aa65908
Certificate serial: 01956CED34FF3E4794FD24D784C06AD9AA83
Authority key identifier: 5D:6C:15:CA:90:3D:7D:25:45:3E:AE:B5:F7:24:A0:4E:3A:A6:59:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XWwVypA9fSVFPq619ySgTjqmWQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/xd2kOGS4mgFM08WhrPa1L-rK6Pk.roa
Signing time: Thu 06 Mar 2025 19:27:19 +0000
ROA not before: Thu 06 Mar 2025 19:27:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6775
IP address blocks: 5.154.186.0/24 maxlen: 24
79.134.224.0/19 maxlen: 24
79.134.225.0/24 maxlen: 24
79.134.227.0/24 maxlen: 24
79.134.228.0/24 maxlen: 24
79.134.229.0/24 maxlen: 24
79.134.230.0/24 maxlen: 24
79.134.231.0/24 maxlen: 24
79.134.232.0/24 maxlen: 24
79.134.233.0/24 maxlen: 24
79.134.234.0/24 maxlen: 24
79.134.235.0/24 maxlen: 24
79.134.236.0/23 maxlen: 23
79.134.236.0/24 maxlen: 24
79.134.237.0/24 maxlen: 24
79.134.238.0/23 maxlen: 23
79.134.240.0/20 maxlen: 24
79.134.243.0/24 maxlen: 24
79.134.247.0/24 maxlen: 24
79.134.250.0/23 maxlen: 23
79.134.250.0/24 maxlen: 24
79.134.251.0/24 maxlen: 24
79.134.252.0/24 maxlen: 24
79.134.254.0/23 maxlen: 23
85.209.172.0/22 maxlen: 24
128.0.33.0/24 maxlen: 24
185.22.52.0/22 maxlen: 22
185.22.52.0/24 maxlen: 24
2001:4b28::/32 maxlen: 32
2a01:528::/32 maxlen: 32
2a04:1d40::/29 maxlen: 29
2a04:1d40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Mar 2025 09:14:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:ed:34:ff:3e:47:94:fd:24:d7:84:c0:6a:d9:aa:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d6c15ca903d7d25453eaeb5f724a04e3aa65908
Validity
Not Before: Mar 6 19:27:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5dda43864b89a014cd3c5a1acf6b52feacae8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3a:51:46:b5:b7:b1:64:57:44:16:c3:a1:9b:
8e:90:a7:41:2e:c6:9f:23:3f:ba:3f:4a:44:13:f3:
7e:eb:43:76:7e:f2:db:91:f5:8a:33:f6:98:72:01:
58:0d:5d:04:34:a8:6c:a1:b7:40:26:e8:b1:6a:9b:
37:4e:4d:18:6b:ab:15:5e:14:b5:8d:2d:9d:b8:86:
96:f8:78:bc:e2:73:76:ae:dd:5a:3f:2e:8f:ec:59:
11:73:e9:79:1a:1c:69:62:31:f3:0d:06:7e:1e:e5:
e1:d9:a0:30:c3:2e:8f:19:59:5a:47:ed:32:4d:1e:
5f:5e:d4:e6:f6:ee:c8:ab:ae:e2:5e:bc:f8:55:9d:
25:01:07:59:d3:c0:91:83:95:5e:6b:ce:48:99:2d:
20:87:d3:9f:7c:98:8a:42:f5:81:0d:32:47:cf:be:
f8:44:8d:ca:27:cd:df:2b:b3:d2:73:1b:f6:ce:5a:
5f:ba:8f:e8:eb:93:34:55:0b:40:e9:4c:58:55:08:
cb:b0:35:45:ff:bc:e2:69:2c:6c:29:58:52:a8:fc:
d2:f2:95:58:3e:dc:4e:6e:e3:5a:9f:53:9d:40:14:
7a:f2:29:fb:df:16:e0:23:b2:00:5d:2e:ee:50:08:
3d:61:07:45:c3:a3:c0:42:3d:d7:08:ae:d4:b4:44:
a6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DD:A4:38:64:B8:9A:01:4C:D3:C5:A1:AC:F6:B5:2F:EA:CA:E8:F9
X509v3 Authority Key Identifier:
keyid:5D:6C:15:CA:90:3D:7D:25:45:3E:AE:B5:F7:24:A0:4E:3A:A6:59:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWwVypA9fSVFPq619ySgTjqmWQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/xd2kOGS4mgFM08WhrPa1L-rK6Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/XWwVypA9fSVFPq619ySgTjqmWQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.186.0/24
79.134.224.0/19
85.209.172.0/22
128.0.33.0/24
185.22.52.0/22
IPv6:
2001:4b28::/32
2a01:528::/32
2a04:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
33:d8:ed:da:63:f5:63:49:00:2b:c7:89:b2:d4:86:4c:e3:8e:
a9:82:3d:23:3a:aa:13:32:b1:3a:9b:bd:2c:03:c4:c9:ca:f3:
fc:bc:e3:de:5f:9c:9c:a3:34:a8:24:fb:e5:a1:c2:57:d8:e9:
5d:72:62:ab:13:ae:8f:80:2e:5e:ad:ee:09:57:eb:64:2f:fe:
eb:71:e7:13:7c:ac:1f:c8:54:ce:88:9f:ae:e8:c4:a1:32:bd:
09:d5:72:a9:69:52:07:04:21:d7:5e:dd:97:c9:25:d7:64:1a:
f9:cb:86:33:16:91:3f:cb:48:29:ef:53:85:f8:a4:27:4d:e5:
8e:50:d9:c9:c3:7a:57:19:02:03:43:73:c8:cd:8b:83:46:ab:
9b:9c:11:da:12:9c:59:38:62:bc:a0:00:2f:55:8d:44:3e:b6:
56:87:c8:3a:36:5e:96:d6:74:a6:86:cb:fb:b2:07:57:3d:0b:
bf:90:46:d1:a1:41:b5:2c:57:dd:7d:08:ee:7a:0b:fa:c6:87:
69:fe:f5:01:4f:5f:22:94:6d:f1:63:22:8f:57:f2:b1:4c:13:
c2:54:4b:ec:66:67:84:56:07:f1:ba:ae:0a:45:39:8e:a9:5c:
e1:68:51:e1:10:71:07:4b:b7:7f:98:b4:df:a3:89:4b:e5:ec:
b2:5c:87:d7
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZVs7TT/PkeU/STXhMBq2aqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNmMxNWNhOTAzZDdkMjU0NTNlYWViNWY3MjRhMDRlM2Fh
NjU5MDgwHhcNMjUwMzA2MTkyNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRkYTQzODY0Yjg5YTAxNGNkM2M1YTFhY2Y2YjUyZmVhY2FlOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DpRRrW3sWRXRBbDoZuOkKdBLsaf
Iz+6P0pEE/N+60N2fvLbkfWKM/aYcgFYDV0ENKhsobdAJuixaps3Tk0Ya6sVXhS1
jS2duIaW+Hi84nN2rt1aPy6P7FkRc+l5GhxpYjHzDQZ+HuXh2aAwwy6PGVlaR+0y
TR5fXtTm9u7Iq67iXrz4VZ0lAQdZ08CRg5Vea85ImS0gh9OffJiKQvWBDTJHz774
RI3KJ83fK7PScxv2zlpfuo/o65M0VQtA6UxYVQjLsDVF/7ziaSxsKVhSqPzS8pVY
PtxObuNan1OdQBR68in73xbgI7IAXS7uUAg9YQdFw6PAQj3XCK7UtESmmQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFMXdpDhkuJoBTNPFoaz2tS/qyuj5MB8GA1UdIwQY
MBaAFF1sFcqQPX0lRT6utfckoE46plkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFd3VnlwQTlmU1ZGUHE2MTl5U2dUanFtV1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yODY0YzgtYzA0Mi00MjhmLWEwMmQt
M2IzNGMyM2I5YzVhLzEveGQya09HUzRtZ0ZNMDhXaHJQYTFMLXJLNlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yODY0YzgtYzA0Mi00MjhmLWEwMmQtM2IzNGMyM2I5YzVh
LzEvWFd3VnlwQTlmU1ZGUHE2MTl5U2dUanFtV1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQABZq6AwQF
T4bgAwQCVdGsAwQAgAAhAwQCuRY0MBsEAgACMBUDBQAgAUsoAwUAKgEFKAMFAyoE
HUAwDQYJKoZIhvcNAQELBQADggEBADPY7dpj9WNJACvHibLUhkzjjqmCPSM6qhMy
sTqbvSwDxMnK8/y8495fnJyjNKgk++WhwlfY6V1yYqsTro+ALl6t7glX62Qv/utx
5xN8rB/IVM6In67oxKEyvQnVcqlpUgcEIdde3ZfJJddkGvnLhjMWkT/LSCnvU4X4
pCdN5Y5Q2cnDelcZAgNDc8jNi4NGq5ucEdoSnFk4YrygAC9VjUQ+tlaHyDo2XpbW
dKaGy/uyB1c9C7+QRtGhQbUsV919CO56C/rGh2n+9QFPXyKUbfFjIo9X8rFME8JU
S+xmZ4RWB/G6rgpFOY6pXOFoUeEQcQdLt3+YtN+jiUvl7LJch9c=
-----END CERTIFICATE-----
Generated at Sun May 11 11:13:32 2025 by rpki-client