Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lto9imGYbdb5oTZUxEzp535Ue4s.roa
File: lto9imGYbdb5oTZUxEzp535Ue4s.roa (raw, json)
Hash identifier: vJ3EoacjDpDHRrGRJ6CqspRUOK+sQt1smVUMKBA1Fos=
Subject key identifier: 96:DA:3D:8A:61:98:6D:D6:F9:A1:36:54:C4:4C:E9:E7:7E:54:7B:8B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01970ACB2757CE60C749065A7F2A0C87AE91
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lto9imGYbdb5oTZUxEzp535Ue4s.roa
Signing time: Mon 26 May 2025 04:12:55 +0000
ROA not before: Mon 26 May 2025 04:12:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
89.106.88.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 09:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0a:cb:27:57:ce:60:c7:49:06:5a:7f:2a:0c:87:ae:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 26 04:12:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96da3d8a61986dd6f9a13654c44ce9e77e547b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b2:5d:fd:c1:47:0c:64:b9:21:32:64:46:69:
1c:92:b4:94:60:3c:90:16:eb:48:13:3d:2a:ec:fd:
d8:50:47:6f:86:9c:f8:3b:a2:d8:c8:d0:18:07:c5:
a9:6d:d0:2b:16:61:3e:7a:09:2d:28:e8:e9:67:4b:
52:46:91:08:ec:0e:bf:dd:3e:34:88:46:1e:27:5f:
39:11:d2:90:49:74:84:2e:e8:80:40:d1:98:ee:65:
0c:9c:1a:22:ba:2f:de:de:0d:5f:36:27:49:33:42:
44:ec:d3:ba:b8:72:a6:66:a1:72:83:2b:1f:99:7a:
0a:70:a3:4a:75:1b:9d:a4:b0:19:5e:9b:1c:bc:08:
2d:92:a4:cb:f6:bf:ff:cc:96:60:24:d4:22:80:f0:
5e:fa:4e:8a:02:36:e8:4d:c0:63:57:64:c4:4d:09:
af:35:f6:69:b6:a3:14:72:6b:05:4c:ec:a8:e0:27:
b6:8e:0f:b1:7f:9b:21:39:6d:5d:0e:7d:4d:a6:61:
3e:c9:fc:56:17:1d:8d:1c:aa:ae:e3:66:4d:c8:10:
2c:c4:80:b9:b7:5e:e7:9d:d1:51:a0:a1:a8:36:6f:
44:04:5d:de:bd:66:ac:6c:05:c5:ef:04:b6:41:fa:
2c:af:9a:af:de:0b:0c:cd:cf:e5:aa:96:82:2f:dd:
a5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DA:3D:8A:61:98:6D:D6:F9:A1:36:54:C4:4C:E9:E7:7E:54:7B:8B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lto9imGYbdb5oTZUxEzp535Ue4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.237.0/24
5.175.239.0/24
5.231.25.0/24
5.231.82.0/24
5.231.96.0/24
77.90.39.0/24
89.106.88.0/24
94.103.167.0/24
185.13.156.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ca:d5:f2:2e:a2:3e:df:13:c8:6e:11:b2:33:dd:51:92:a6:
07:f0:b2:d6:6c:de:9b:d5:24:db:fc:07:d9:3f:ad:65:3e:cf:
fb:bb:60:a1:e5:4f:bb:ad:51:d1:f8:0a:11:e6:50:77:f8:ce:
09:f9:ca:fe:fa:22:d5:2b:ba:9e:8c:9e:42:3b:a3:a8:d4:78:
bc:51:74:8f:7b:25:07:43:3e:fb:ab:45:00:94:23:d0:ed:89:
71:8b:df:2d:d6:40:f9:42:f7:15:05:5b:4f:bf:47:02:cc:97:
5a:63:0a:cc:1f:50:f7:40:5b:0c:46:ba:4f:70:cc:66:43:62:
ac:d3:9a:4e:bc:28:6e:f5:77:4d:8d:1c:3f:28:c2:4f:66:60:
bf:cb:51:7f:b4:b1:ad:21:5c:f1:e5:40:bf:b2:ae:a7:90:37:
37:66:44:92:81:f5:7f:e8:d5:c1:d1:43:21:43:e5:e3:ae:38:
64:17:d8:ad:be:68:06:2a:4b:ab:6e:2b:c3:c1:e7:87:a2:cf:
b7:21:ab:50:2f:25:63:31:38:ea:19:b2:88:a6:6b:96:e6:8a:
6d:17:98:19:4a:aa:b4:61:7e:aa:4a:e5:66:c7:c5:7d:87:23:
4f:9d:28:77:ed:9f:f3:bf:b7:2e:9e:d7:45:0a:68:5e:8c:8a:
82:e8:4b:3a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZcKyydXzmDHSQZafyoMh66RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTI2MDQxMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRhM2Q4YTYxOTg2ZGQ2ZjlhMTM2NTRjNDRjZTllNzdlNTQ3YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubJd/cFHDGS5ITJkRmkckrSUYDyQ
FutIEz0q7P3YUEdvhpz4O6LYyNAYB8WpbdArFmE+egktKOjpZ0tSRpEI7A6/3T40
iEYeJ185EdKQSXSELuiAQNGY7mUMnBoiui/e3g1fNidJM0JE7NO6uHKmZqFygysf
mXoKcKNKdRudpLAZXpscvAgtkqTL9r//zJZgJNQigPBe+k6KAjboTcBjV2TETQmv
NfZptqMUcmsFTOyo4Ce2jg+xf5shOW1dDn1NpmE+yfxWFx2NHKqu42ZNyBAsxIC5
t17nndFRoKGoNm9EBF3evWasbAXF7wS2Qfosr5qv3gsMzc/lqpaCL92l1QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJbaPYphmG3W+aE2VMRM6ed+VHuLMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbHRvOWltR1liZGI1b1RaVXhFenA1MzVVZTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABVOWAwQA
Ba/tAwQABa/vAwQABecZAwQABedSAwQABedgAwQATVonAwQAWWpYAwQAXmenAwQA
uQ2cMA0GCSqGSIb3DQEBCwUAA4IBAQBZytXyLqI+3xPIbhGyM91RkqYH8LLWbN6b
1STb/AfZP61lPs/7u2Ch5U+7rVHR+AoR5lB3+M4J+cr++iLVK7qejJ5CO6Oo1Hi8
UXSPeyUHQz77q0UAlCPQ7Ylxi98t1kD5QvcVBVtPv0cCzJdaYwrMH1D3QFsMRrpP
cMxmQ2Ks05pOvChu9XdNjRw/KMJPZmC/y1F/tLGtIVzx5UC/sq6nkDc3ZkSSgfV/
6NXB0UMhQ+XjrjhkF9itvmgGKkurbivDweeHos+3IatQLyVjMTjqGbKIpmuW5opt
F5gZSqq0YX6qSuVmx8V9hyNPnSh37Z/zv7cuntdFCmhejIqC6Es6
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:08:52 2025 by rpki-client