Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lBequbBAm8JKW-ck5K_FBZEamAc.roa
File: lBequbBAm8JKW-ck5K_FBZEamAc.roa (raw, json)
Hash identifier: fKWLIf2BHIqwBDlGPz8/N6D65tTSDLL+vLCYvWdamfY=
Subject key identifier: 94:17:AA:B9:B0:40:9B:C2:4A:5B:E7:24:E4:AF:C5:05:91:1A:98:07
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197263BFCE2A970C2EAE43D9ED5E0D1720A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lBequbBAm8JKW-ck5K_FBZEamAc.roa
Signing time: Sat 31 May 2025 12:05:54 +0000
ROA not before: Sat 31 May 2025 12:05:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.83.150.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
5.231.203.0/24 maxlen: 24
5.231.234.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
77.90.58.0/24 maxlen: 24
85.93.1.0/24 maxlen: 24
85.93.6.0/24 maxlen: 24
85.93.22.0/24 maxlen: 24
89.144.14.0/24 maxlen: 24
89.144.16.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.18.0/24 maxlen: 24
89.144.25.0/24 maxlen: 24
89.144.35.0/24 maxlen: 24
94.103.168.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
178.18.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 May 2025 13:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:26:3b:fc:e2:a9:70:c2:ea:e4:3d:9e:d5:e0:d1:72:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 31 12:05:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9417aab9b0409bc24a5be724e4afc505911a9807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ef:02:b8:65:9e:9a:29:1a:ed:2a:35:bb:53:
4f:81:93:5a:78:4a:55:9c:c7:f1:95:df:a3:3b:4e:
5b:a5:52:1d:0b:a2:ec:76:fc:dc:28:e8:f6:ca:c8:
0a:fc:c0:78:6d:a0:87:d4:a8:6e:62:00:ac:0e:47:
7f:98:19:7e:2d:93:9d:73:d8:1a:d7:84:fb:4e:bc:
77:fd:de:b6:6c:02:f4:ea:cd:41:38:17:30:25:a4:
d6:06:a6:c5:a4:00:5f:e4:86:4f:6a:4b:8e:e0:e6:
95:b4:67:94:5c:9b:71:94:30:84:f9:fa:cc:f4:8e:
09:c8:b7:35:f4:50:f4:a5:58:a8:d6:5e:8b:d7:1e:
9a:1a:24:a9:ca:86:02:c4:bc:b1:f1:bd:46:5b:e6:
15:05:81:cf:b2:c9:c1:d0:1c:ac:fd:15:60:e3:b0:
75:24:cc:48:68:db:39:1a:e2:a9:db:c2:80:6b:a8:
ac:d2:a2:1f:e0:cc:bd:28:b6:92:ef:89:a5:56:e0:
ff:79:f1:f7:c2:4f:a3:13:dd:fe:29:9d:7d:ff:ad:
07:e4:f8:e6:44:e1:a0:80:6b:7f:6e:c8:61:0c:1a:
3f:ec:f6:fd:57:d0:f0:5f:8c:94:e9:c1:51:52:b3:
22:99:a1:2f:96:6a:a6:f2:49:8f:ad:5f:5d:43:93:
41:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:17:AA:B9:B0:40:9B:C2:4A:5B:E7:24:E4:AF:C5:05:91:1A:98:07
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lBequbBAm8JKW-ck5K_FBZEamAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.231.70.0/24
5.231.82.0/24
5.231.96.0/24
5.231.203.0/24
5.231.234.0/24
77.90.22.0/24
77.90.41.0/24
77.90.52.0/24
77.90.58.0/24
85.93.1.0/24
85.93.6.0/24
85.93.22.0/24
89.144.14.0/24
89.144.16.0-89.144.18.255
89.144.25.0/24
89.144.35.0/24
94.103.168.0/24
94.249.153.0/24
94.249.158.0/24
178.18.147.0/24
Signature Algorithm: sha256WithRSAEncryption
15:88:94:5b:c7:7a:0f:e2:9d:2f:83:c5:a2:dc:63:2d:eb:f8:
2c:32:87:94:d0:65:ce:aa:a8:b4:d7:e6:91:23:c2:79:68:53:
4e:44:70:54:d5:4c:b6:2a:40:e6:f5:2f:26:bf:0f:a5:f1:79:
d1:41:76:de:b7:29:4c:eb:cb:af:fb:98:ff:52:7b:4b:e4:3e:
87:ba:6e:ec:72:a2:ac:92:90:65:13:6b:3d:38:eb:ac:45:32:
c3:be:f3:85:a3:03:6f:f3:78:21:d3:9a:7b:30:d4:8f:f0:17:
01:38:58:ac:00:6e:c3:f3:cb:06:26:11:31:b6:cd:33:e8:e3:
8e:3d:75:66:68:fa:12:d8:1a:5f:bf:d8:98:f3:c8:55:10:97:
31:89:cf:13:b1:21:b7:87:65:92:3e:e5:25:c7:6a:61:52:bb:
6f:28:04:90:82:7d:63:aa:71:07:ac:a9:bc:a5:90:3c:1c:90:
61:60:e6:f6:bf:ac:eb:84:ff:6b:26:88:ed:b7:27:12:cd:5d:
99:4a:dc:44:78:19:d4:c2:8d:3a:d1:57:79:86:fc:fa:d3:e8:
60:1b:4f:6f:d6:98:d0:13:c0:11:aa:97:f3:23:14:1b:3b:06:
5c:72:59:af:79:9b:3c:d3:80:7b:cc:f2:ad:3b:c6:1b:2d:75:
d7:5f:36:1a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZcmO/ziqXDC6uQ9ntXg0XIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTMxMTIwNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDE3YWFiOWIwNDA5YmMyNGE1YmU3MjRlNGFmYzUwNTkxMWE5ODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO8CuGWemika7So1u1NPgZNaeEpV
nMfxld+jO05bpVIdC6LsdvzcKOj2ysgK/MB4baCH1KhuYgCsDkd/mBl+LZOdc9ga
14T7Trx3/d62bAL06s1BOBcwJaTWBqbFpABf5IZPakuO4OaVtGeUXJtxlDCE+frM
9I4JyLc19FD0pVio1l6L1x6aGiSpyoYCxLyx8b1GW+YVBYHPssnB0Bys/RVg47B1
JMxIaNs5GuKp28KAa6is0qIf4My9KLaS74mlVuD/efH3wk+jE93+KZ19/60H5Pjm
ROGggGt/bshhDBo/7Pb9V9DwX4yU6cFRUrMimaEvlmqm8kmPrV9dQ5NBHQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFJQXqrmwQJvCSlvnJOSvxQWRGpgHMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbEJlcXViQkFtOEpLVy1jazVLX0ZCWkVhbUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAF
U5YDBAAF50YDBAAF51IDBAAF52ADBAAF58sDBAAF5+oDBABNWhYDBABNWikDBABN
WjQDBABNWjoDBABVXQEDBABVXQYDBABVXRYDBABZkA4wDAMEBFmQEAMEAFmQEgME
AFmQGQMEAFmQIwMEAF5nqAMEAF75mQMEAF75ngMEALISkzANBgkqhkiG9w0BAQsF
AAOCAQEAFYiUW8d6D+KdL4PFotxjLev4LDKHlNBlzqqotNfmkSPCeWhTTkRwVNVM
tipA5vUvJr8PpfF50UF23rcpTOvLr/uY/1J7S+Q+h7pu7HKirJKQZRNrPTjrrEUy
w77zhaMDb/N4IdOaezDUj/AXAThYrABuw/PLBiYRMbbNM+jjjj11Zmj6EtgaX7/Y
mPPIVRCXMYnPE7Eht4dlkj7lJcdqYVK7bygEkIJ9Y6pxB6ypvKWQPByQYWDm9r+s
64T/ayaI7bcnEs1dmUrcRHgZ1MKNOtFXeYb8+tPoYBtPb9aY0BPAEaqX8yMUGzsG
XHJZr3mbPNOAe8zyrTvGGy111182Gg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:37:46 2025 by rpki-client