Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/5cFsQmeN8ZL7oqy0yr91RXksnKU.roa
File: 5cFsQmeN8ZL7oqy0yr91RXksnKU.roa (raw, json)
Hash identifier: gWmDm/AL2CR4tcri6x+6t6P1Nc57FpvFDgr5buMjkAE=
Subject key identifier: E5:C1:6C:42:67:8D:F1:92:FB:A2:AC:B4:CA:BF:75:45:79:2C:9C:A5
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0196957E15BF54B1A93DB2695BC6AEC02FBC
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/5cFsQmeN8ZL7oqy0yr91RXksnKU.roa
Signing time: Sat 03 May 2025 09:33:10 +0000
ROA not before: Sat 03 May 2025 09:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.38.26.0/24 maxlen: 24
185.38.27.0/24 maxlen: 24
194.31.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 May 2025 15:59:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:95:7e:15:bf:54:b1:a9:3d:b2:69:5b:c6:ae:c0:2f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: May 3 09:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5c16c42678df192fba2acb4cabf7545792c9ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:a8:79:59:e6:60:4e:10:5b:15:2d:b5:60:
6a:85:71:3c:8d:f5:d5:d1:60:9d:f9:6f:67:d9:26:
48:8c:ec:e3:6f:c9:d4:e0:02:54:c3:9e:f6:d4:d9:
7a:b6:cb:79:b8:ae:0e:32:6a:27:0d:45:13:b4:54:
83:7f:56:2b:c0:28:39:2b:5a:62:6c:ce:7d:c8:92:
a5:49:48:69:23:b7:bf:51:b5:99:8d:28:53:6e:a0:
17:78:df:5a:1e:fa:01:ce:d9:ea:13:0c:c7:e3:9d:
19:4b:f6:5f:34:be:a4:c1:15:40:7e:dd:10:ca:64:
52:45:50:e2:65:99:12:f0:10:76:c4:87:3a:75:e0:
3b:29:58:02:dc:f3:47:83:5b:58:32:fa:d7:83:63:
65:d7:c0:2a:36:43:10:f9:53:86:d6:a7:5a:a8:c8:
44:b6:88:dd:47:18:0f:dd:e0:d0:b9:a8:d2:e1:c3:
76:5f:57:4b:84:c3:90:c7:b5:0e:16:c8:7e:e1:02:
20:8d:cf:72:ef:ee:2e:f6:d9:83:f2:d0:30:38:50:
76:41:76:da:94:1e:23:9e:20:e2:93:28:15:ba:27:
9d:bb:8c:b1:14:94:61:f4:0f:7d:63:73:b1:c2:1b:
69:6e:1d:fc:40:b0:57:37:d4:19:cc:2a:08:55:33:
b2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C1:6C:42:67:8D:F1:92:FB:A2:AC:B4:CA:BF:75:45:79:2C:9C:A5
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/5cFsQmeN8ZL7oqy0yr91RXksnKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.26.0/23
194.31.165.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e5:c2:74:1a:5e:92:d5:ea:83:d0:5f:15:7b:7f:90:66:d6:
91:dc:79:ad:82:2d:b4:49:9e:02:a4:e9:a9:66:21:93:67:e6:
c0:2c:4f:5b:12:17:89:af:54:b3:5e:41:87:68:6d:63:6f:0c:
65:17:ff:3f:6f:b0:53:cb:63:d8:86:12:56:cf:4c:87:61:95:
3f:37:94:17:52:5f:49:4f:6c:7f:df:40:3f:2c:6c:72:53:e1:
0b:c3:68:69:b9:6d:63:c3:f4:10:5c:35:f1:71:37:67:9e:3f:
9a:b6:4b:ee:aa:a4:2f:be:15:dd:6b:28:d0:a6:29:b5:67:0d:
ad:76:70:3c:d8:9d:1d:a7:3b:c2:45:9a:39:fe:29:3a:2f:4a:
8d:6a:fa:44:a3:6a:74:c0:a5:97:1f:8e:61:07:af:ea:b2:6f:
52:86:2a:a9:ba:75:e7:5e:ea:9b:4a:dc:65:7a:d0:82:fa:91:
08:e0:ef:1a:f8:e3:32:4e:01:45:87:67:30:39:19:6f:7a:28:
b6:01:b9:65:fd:da:83:76:d1:21:ee:66:75:38:eb:83:c4:59:
b9:88:2e:df:fd:e1:66:ad:68:91:7e:97:94:35:d7:67:e0:02:
51:c2:41:38:9e:f4:7c:2e:47:75:bc:ef:f9:cc:b1:ee:1d:5f:
9b:3f:1e:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZaVfhW/VLGpPbJpW8auwC+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwNTAzMDkzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWMxNmM0MjY3OGRmMTkyZmJhMmFjYjRjYWJmNzU0NTc5MmM5Y2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRKoeVnmYE4QWxUttWBqhXE8jfXV
0WCd+W9n2SZIjOzjb8nU4AJUw5721Nl6tst5uK4OMmonDUUTtFSDf1YrwCg5K1pi
bM59yJKlSUhpI7e/UbWZjShTbqAXeN9aHvoBztnqEwzH450ZS/ZfNL6kwRVAft0Q
ymRSRVDiZZkS8BB2xIc6deA7KVgC3PNHg1tYMvrXg2Nl18AqNkMQ+VOG1qdaqMhE
tojdRxgP3eDQuajS4cN2X1dLhMOQx7UOFsh+4QIgjc9y7+4u9tmD8tAwOFB2QXba
lB4jniDikygVuiedu4yxFJRh9A99Y3Oxwhtpbh38QLBXN9QZzCoIVTOy+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOXBbEJnjfGS+6KstMq/dUV5LJylMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvNWNGc1FtZU44Wkw3b3F5MHlyOTFSWGtzbktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuSYaAwQA
wh+lMA0GCSqGSIb3DQEBCwUAA4IBAQAi5cJ0Gl6S1eqD0F8Ve3+QZtaR3Hmtgi20
SZ4CpOmpZiGTZ+bALE9bEheJr1SzXkGHaG1jbwxlF/8/b7BTy2PYhhJWz0yHYZU/
N5QXUl9JT2x/30A/LGxyU+ELw2hpuW1jw/QQXDXxcTdnnj+atkvuqqQvvhXdayjQ
pim1Zw2tdnA82J0dpzvCRZo5/ik6L0qNavpEo2p0wKWXH45hB6/qsm9ShiqpunXn
XuqbStxletCC+pEI4O8a+OMyTgFFh2cwORlveii2Abll/dqDdtEh7mZ1OOuDxFm5
iC7f/eFmrWiRfpeUNddn4AJRwkE4nvR8Lkd1vO/5zLHuHV+bPx5m
-----END CERTIFICATE-----
Generated at Thu May 15 12:25:16 2025 by rpki-client