Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AT7_Jc0WIGjKjo3Oc-D7dG0GnIQ.roa
File: AT7_Jc0WIGjKjo3Oc-D7dG0GnIQ.roa (raw, json)
Hash identifier: aX5JfcvURIeC+vdhDNrnWJQy/RXRwGiyy7sqQ22sKG0=
Subject key identifier: 01:3E:FF:25:CD:16:20:68:CA:8E:8D:CE:73:E0:FB:74:6D:06:9C:84
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194F3674C6A4706DC124683041AAC250F3F
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AT7_Jc0WIGjKjo3Oc-D7dG0GnIQ.roa
Signing time: Tue 11 Feb 2025 05:07:00 +0000
ROA not before: Tue 11 Feb 2025 05:07:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.145.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.83.159.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.138.0/24 maxlen: 24
5.175.142.0/24 maxlen: 24
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.130.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 11 Feb 2025 22:21:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f3:67:4c:6a:47:06:dc:12:46:83:04:1a:ac:25:0f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 11 05:07:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=013eff25cd162068ca8e8dce73e0fb746d069c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:27:da:84:ba:19:7a:0f:81:33:97:8a:f3:
d9:16:c3:1c:36:e3:00:a8:a0:25:e1:7f:6b:7d:cf:
ef:cf:54:81:33:7d:7a:40:08:38:17:62:ef:27:ab:
1c:e7:15:9f:62:63:ba:38:c5:ab:ce:ee:14:d0:09:
d0:3a:f7:bb:17:fe:d5:ab:81:f9:2f:90:1b:3e:09:
a9:c9:1b:03:d3:71:4f:b6:64:e4:fb:67:cc:5f:13:
c5:0a:45:a4:ed:c6:9b:6d:7e:bf:b4:31:3a:83:96:
35:e1:8e:89:5c:51:16:b9:a9:33:52:ea:56:a0:1e:
f4:1d:09:64:f0:a6:66:1e:de:17:dc:49:53:ba:8f:
87:60:2a:c8:10:8c:2d:6e:ef:ad:90:3f:50:d3:d7:
1c:1d:56:86:e3:b0:32:ee:77:4b:65:e9:fa:91:a3:
57:83:8f:0e:78:c0:56:22:ab:24:64:63:48:b5:6d:
88:10:f1:d0:84:fb:22:60:3a:a5:cc:dd:fd:55:2e:
cc:1a:6d:58:5d:41:7c:18:c5:00:f3:c8:c4:fe:62:
59:cc:a9:6b:5d:c6:95:3b:66:5f:92:24:3a:2c:5a:
f0:e2:fa:77:3a:7a:14:e3:65:ac:f7:ea:65:50:57:
ff:7f:c0:f2:95:06:25:69:55:db:a4:9f:55:1e:1a:
6d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3E:FF:25:CD:16:20:68:CA:8E:8D:CE:73:E0:FB:74:6D:06:9C:84
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AT7_Jc0WIGjKjo3Oc-D7dG0GnIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.138.0/24
5.175.142.0/23
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
b8:99:df:b1:f0:d8:ee:de:e5:6e:a2:3a:a1:8e:c4:88:b0:19:
d1:1f:ac:7d:c9:9f:63:8e:d8:75:88:be:4f:aa:c0:ea:b2:b7:
ee:66:d1:65:b7:1f:f9:6c:fa:26:3f:57:b1:84:46:4a:f4:c2:
e4:12:73:ea:1c:d0:93:65:9b:df:5b:5f:48:29:87:7e:4c:2a:
af:81:12:de:9a:63:b7:80:0d:71:7a:91:ef:64:2d:2a:5f:cc:
33:e2:1e:08:0f:0b:f9:53:4e:d9:5f:5f:a0:ab:0c:05:91:38:
20:1e:7a:47:63:ab:e2:a2:99:12:9c:fa:53:e0:a5:73:55:1d:
ab:6c:c5:93:5c:47:a6:86:27:a9:46:d5:1f:9b:2a:c6:bb:ed:
50:43:06:b1:19:a6:66:fd:df:f9:12:17:71:98:35:13:ad:6e:
56:03:36:0b:10:de:50:ac:a5:ca:35:29:5a:4f:c2:18:f8:70:
f6:cb:94:34:5d:d7:cd:44:9d:f1:7c:e4:c2:a9:d7:c1:6c:32:
ad:2e:25:65:57:f0:27:0e:19:27:b9:20:e4:5e:9d:c8:8f:29:
73:9d:8d:01:8a:2e:83:31:4c:b1:9b:b2:67:c0:60:93:4b:b0:
b5:49:58:5f:57:36:a5:b6:17:ec:d1:ef:ea:e1:cf:6c:ad:50:
86:30:13:d7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZTzZ0xqRwbcEkaDBBqsJQ8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjExMDUwNzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTNlZmYyNWNkMTYyMDY4Y2E4ZThkY2U3M2UwZmI3NDZkMDY5Yzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqosn2oS6GXoPgTOXivPZFsMcNuMA
qKAl4X9rfc/vz1SBM316QAg4F2LvJ6sc5xWfYmO6OMWrzu4U0AnQOve7F/7Vq4H5
L5AbPgmpyRsD03FPtmTk+2fMXxPFCkWk7cabbX6/tDE6g5Y14Y6JXFEWuakzUupW
oB70HQlk8KZmHt4X3ElTuo+HYCrIEIwtbu+tkD9Q09ccHVaG47Ay7ndLZen6kaNX
g48OeMBWIqskZGNItW2IEPHQhPsiYDqlzN39VS7MGm1YXUF8GMUA88jE/mJZzKlr
XcaVO2ZfkiQ6LFrw4vp3OnoU42Ws9+plUFf/f8DylQYlaVXbpJ9VHhptDQIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFAE+/yXNFiBoyo6NznPg+3RtBpyEMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQVQ3X0pjMFdJR2pLam8zT2MtRDdkRzBHbklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCBzQQCAAEwgcYD
BAUFU4ADBAIFr4ADBAAFr4UDBAAFr4oDBAEFr44wDAMEAQWv2gMEAAWv3DAMAwQA
Ba/hAwQABa/oAwQABa/rMAwDBAQFr/ADBAAFr/QwCwMEAAWv+wMDBAWgAwMBBeYD
BAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakADBAZZkAADBAReZ6AD
BAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcDBADBHPsDBAHDbg4D
BATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMFAyoBvUADBQMqAgeg
AwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAuJnfsfDY7t7lbqI6oY7EiLAZ0R+s
fcmfY47YdYi+T6rA6rK37mbRZbcf+Wz6Jj9XsYRGSvTC5BJz6hzQk2Wb31tfSCmH
fkwqr4ES3ppjt4ANcXqR72QtKl/MM+IeCA8L+VNO2V9foKsMBZE4IB56R2Or4qKZ
Epz6U+Clc1Udq2zFk1xHpoYnqUbVH5sqxrvtUEMGsRmmZv3f+RIXcZg1E61uVgM2
CxDeUKylyjUpWk/CGPhw9suUNF3XzUSd8XzkwqnXwWwyrS4lZVfwJw4ZJ7kg5F6d
yI8pc52NAYougzFMsZuyZ8Bgk0uwtUlYX1c2pbYX7NHv6uHPbK1QhjAT1w==
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:32:09 2025 by rpki-client