Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/l7GwvNWynpfxN1lsg_g18eLih_A.roa
File: l7GwvNWynpfxN1lsg_g18eLih_A.roa (raw, json)
Hash identifier: SCB9W/A5OOtEjLsgQF4rNwZnggS23jbbwyPzD/rVO6M=
Subject key identifier: 97:B1:B0:BC:D5:B2:9E:97:F1:37:59:6C:83:F8:35:F1:E2:E2:87:F0
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01967E709A07CE8BCB9F1906B40A93470DAB
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/l7GwvNWynpfxN1lsg_g18eLih_A.roa
Signing time: Mon 28 Apr 2025 22:07:10 +0000
ROA not before: Mon 28 Apr 2025 22:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
5.231.111.0/24 maxlen: 24
5.231.114.0/24 maxlen: 24
5.231.233.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
85.93.23.0/24 maxlen: 24
89.106.88.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.249.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 07:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7e:70:9a:07:ce:8b:cb:9f:19:06:b4:0a:93:47:0d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 28 22:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97b1b0bcd5b29e97f137596c83f835f1e2e287f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6d:bb:d9:bc:e7:79:1a:da:91:8f:6b:b5:76:
17:be:a3:7d:58:b9:27:ff:6a:f2:fa:08:b6:8f:5a:
d7:aa:48:21:46:90:05:8c:35:ce:2b:2a:1f:16:49:
78:7f:96:60:8f:b5:86:32:34:1c:67:02:3b:d9:6c:
9c:f4:c5:7d:2a:8b:89:ee:b8:0b:27:ca:af:6a:a8:
1e:92:cd:86:67:0e:3f:51:3f:b1:79:bb:ca:df:bd:
e6:b9:1c:72:ce:09:0d:a3:21:ff:a3:cd:4d:28:79:
64:e3:ec:90:a6:4c:85:45:01:1d:63:b4:1f:6e:1f:
60:62:71:e1:08:c4:73:61:c8:41:bf:c2:5a:73:0a:
0b:a9:76:6c:17:95:fe:f0:3f:c8:ee:e6:46:92:23:
4b:b7:12:c6:7e:fe:09:d9:ac:41:22:de:e5:bf:86:
33:70:6d:e2:2a:a0:1e:2d:ad:3e:0b:c4:b1:d0:b3:
d8:42:c6:f4:57:da:42:3a:8b:9d:4b:11:55:57:d6:
57:cd:03:cb:2a:46:ef:8f:57:be:69:d7:b2:98:bb:
04:f2:f3:0b:91:48:75:0c:1d:ef:08:a0:a2:4a:05:
f7:97:97:dd:db:66:0f:f6:04:bb:ec:c7:a4:60:75:
5a:41:c2:40:03:40:bc:a5:67:b9:f6:0b:d2:1b:fd:
3b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B1:B0:BC:D5:B2:9E:97:F1:37:59:6C:83:F8:35:F1:E2:E2:87:F0
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/l7GwvNWynpfxN1lsg_g18eLih_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.237.0/24
5.175.239.0/24
5.231.25.0/24
5.231.82.0/24
5.231.96.0/24
5.231.111.0/24
5.231.114.0/24
5.231.233.0/24
77.90.39.0/24
85.93.23.0/24
89.106.88.0/24
94.103.167.0/24
94.249.150.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:01:dd:c4:14:5b:2d:dd:36:3a:13:9d:f4:65:87:ed:b2:14:
e2:69:ed:7a:c9:b7:c1:be:f9:63:e0:b2:1b:b1:5b:c2:3c:ce:
f0:db:2f:40:14:89:2a:ce:b5:17:13:bc:6f:e7:e5:db:c5:a2:
7f:86:b4:b4:69:85:f5:16:e4:d1:9a:b9:63:3a:ac:18:27:43:
ca:44:92:91:ca:0a:c2:b1:b7:f8:5f:d5:a5:bc:26:0f:f7:72:
3c:b1:01:ee:41:3f:3e:75:a1:08:3d:9e:50:af:4b:41:5b:03:
df:f8:74:d0:70:d7:fd:75:44:8e:c2:1e:b7:60:7a:52:c1:54:
b5:71:1f:7c:aa:d3:13:73:08:0c:5b:e2:5c:78:f5:fb:35:98:
ed:19:c2:12:96:8d:d0:e1:6b:1c:98:4f:bb:fa:57:88:30:87:
2e:42:c0:0d:50:2b:4a:76:39:9d:76:bf:f4:f2:98:81:61:75:
be:aa:a3:70:a2:50:f9:86:af:5b:f3:02:28:59:48:fa:01:97:
51:d7:a2:25:e6:b4:b7:80:64:83:83:4b:12:fe:9d:c5:b9:36:
a9:0e:ee:5c:a6:c1:30:c3:65:13:e2:03:17:88:0f:99:12:5a:
06:80:03:dd:57:fe:b5:69:83:e8:76:c1:f9:28:a1:a8:40:cf:
4b:02:60:d0
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZZ+cJoHzovLnxkGtAqTRw2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDI4MjIwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2IxYjBiY2Q1YjI5ZTk3ZjEzNzU5NmM4M2Y4MzVmMWUyZTI4N2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm272bzneRrakY9rtXYXvqN9WLkn
/2ry+gi2j1rXqkghRpAFjDXOKyofFkl4f5Zgj7WGMjQcZwI72Wyc9MV9KouJ7rgL
J8qvaqgeks2GZw4/UT+xebvK373muRxyzgkNoyH/o81NKHlk4+yQpkyFRQEdY7Qf
bh9gYnHhCMRzYchBv8JacwoLqXZsF5X+8D/I7uZGkiNLtxLGfv4J2axBIt7lv4Yz
cG3iKqAeLa0+C8Sx0LPYQsb0V9pCOoudSxFVV9ZXzQPLKkbvj1e+adeymLsE8vML
kUh1DB3vCKCiSgX3l5fd22YP9gS77MekYHVaQcJAA0C8pWe59gvSG/073wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJexsLzVsp6X8TdZbIP4NfHi4ofwMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbDdHd3ZOV3lucGZ4TjFsc2dfZzE4ZUxpaF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQABVOWAwQA
Ba/tAwQABa/vAwQABecZAwQABedSAwQABedgAwQABedvAwQABedyAwQABefpAwQA
TVonAwQAVV0XAwQAWWpYAwQAXmenAwQAXvmWMA0GCSqGSIb3DQEBCwUAA4IBAQDR
Ad3EFFst3TY6E530ZYftshTiae16ybfBvvlj4LIbsVvCPM7w2y9AFIkqzrUXE7xv
5+XbxaJ/hrS0aYX1FuTRmrljOqwYJ0PKRJKRygrCsbf4X9WlvCYP93I8sQHuQT8+
daEIPZ5Qr0tBWwPf+HTQcNf9dUSOwh63YHpSwVS1cR98qtMTcwgMW+JcePX7NZjt
GcISlo3Q4WscmE+7+leIMIcuQsANUCtKdjmddr/08piBYXW+qqNwolD5hq9b8wIo
WUj6AZdR16Il5rS3gGSDg0sS/p3FuTapDu5cpsEww2UT4gMXiA+ZEloGgAPdV/61
aYPodsH5KKGoQM9LAmDQ
-----END CERTIFICATE-----
Generated at Tue Jun 17 21:24:35 2025 by rpki-client