Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/N_litQhWolxYLHKpBZGhMi_dLY0.roa
File: N_litQhWolxYLHKpBZGhMi_dLY0.roa (raw, json)
Hash identifier: lZbJCNf0k/z2WXJzLdIK/n8vhC18k17Qe+uyCBmLvmc=
Subject key identifier: 37:F9:62:B5:08:56:A2:5C:58:2C:72:A9:05:91:A1:32:2F:DD:2D:8D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01951549F3694D940CCF65C0E015F5DEF050
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/N_litQhWolxYLHKpBZGhMi_dLY0.roa
Signing time: Mon 17 Feb 2025 19:02:02 +0000
ROA not before: Mon 17 Feb 2025 19:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.83.159.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 18 Feb 2025 12:59:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:15:49:f3:69:4d:94:0c:cf:65:c0:e0:15:f5:de:f0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 17 19:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37f962b50856a25c582c72a90591a1322fdd2d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6f:9d:7d:4c:8c:6c:0b:8f:f8:3b:74:43:21:
8d:bc:98:ad:75:94:7a:ce:3f:42:6b:35:18:10:07:
ed:d9:b5:65:5a:e2:cb:15:66:e1:26:97:9a:1a:66:
2f:12:dc:68:11:8b:3a:f4:59:52:58:39:76:c0:ed:
26:fc:6e:24:08:5a:2d:3b:bc:a7:b9:d6:2a:b1:6d:
13:b1:da:cb:77:35:ed:e8:3a:4d:e9:b6:6e:7a:7f:
b5:74:11:5c:08:78:ff:ba:3b:c9:06:50:4d:ce:66:
fd:5e:4b:8e:55:36:0c:b5:72:8b:53:28:c7:ee:55:
6d:a7:57:04:2d:36:b4:0f:70:a3:ea:48:09:33:97:
2c:9d:3c:e0:d8:73:83:ce:bf:01:4b:48:12:d9:fa:
81:1e:96:7b:37:7a:48:18:1f:40:1d:b1:45:e0:ee:
eb:11:b7:a9:70:9b:98:d4:59:86:db:29:98:10:64:
4d:57:c8:51:2e:51:d9:ed:22:e7:12:f5:05:77:83:
64:2e:f5:a9:8b:20:e8:88:7d:4a:6b:37:f5:dc:cc:
a9:74:29:51:e2:6c:18:4e:52:78:06:c3:4b:b9:43:
98:30:85:d6:0b:91:9d:41:dd:98:02:46:15:f5:e0:
e4:63:d2:08:7e:9a:54:24:17:44:2d:c8:c5:ef:58:
90:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F9:62:B5:08:56:A2:5C:58:2C:72:A9:05:91:A1:32:2F:DD:2D:8D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/N_litQhWolxYLHKpBZGhMi_dLY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:03:1c:26:58:59:e9:f6:01:36:d3:d8:fb:5c:2c:9f:9f:3b:
cd:47:58:23:dc:e9:39:96:e4:03:9b:dc:2f:83:8d:a6:6a:30:
62:e7:9a:37:1c:5d:60:fc:1f:71:12:e7:27:9e:a9:f4:48:70:
2c:7a:07:41:94:89:e1:06:f2:82:78:70:fa:21:98:ae:76:16:
3d:86:72:60:cc:8b:fb:69:87:71:3a:a9:b8:fe:cc:f7:2c:b1:
74:1f:eb:97:49:10:c7:41:06:fb:80:44:a3:91:48:31:b1:03:
b4:d2:85:56:eb:71:bd:fd:e2:c5:f3:3e:61:84:85:7e:83:f9:
03:81:f0:71:bd:8a:22:cf:aa:0d:40:f3:c9:cf:6f:44:d7:43:
54:03:8d:77:5d:07:25:33:14:f5:a2:a1:17:ff:41:55:ec:7c:
6e:94:f4:10:21:83:85:c2:ed:46:dc:7c:83:4f:81:c8:97:70:
60:d2:37:11:ca:13:45:2e:41:ec:f3:b9:2a:f1:47:9a:55:c1:
b1:5f:13:95:ef:1d:c5:ca:8e:5c:38:a0:a9:dd:42:b6:79:0d:
f7:6f:35:29:c4:0f:cc:9f:c2:36:98:2f:58:0b:44:82:0a:1a:
d7:ac:ca:fc:ac:ec:5d:b6:fc:43:c7:ba:a8:40:9f:34:cd:4c:
16:b8:15:dc
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZUVSfNpTZQMz2XA4BX13vBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjE3MTkwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y5NjJiNTA4NTZhMjVjNTgyYzcyYTkwNTkxYTEzMjJmZGQyZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG+dfUyMbAuP+Dt0QyGNvJitdZR6
zj9CazUYEAft2bVlWuLLFWbhJpeaGmYvEtxoEYs69FlSWDl2wO0m/G4kCFotO7yn
udYqsW0TsdrLdzXt6DpN6bZuen+1dBFcCHj/ujvJBlBNzmb9XkuOVTYMtXKLUyjH
7lVtp1cELTa0D3Cj6kgJM5csnTzg2HODzr8BS0gS2fqBHpZ7N3pIGB9AHbFF4O7r
EbepcJuY1FmG2ymYEGRNV8hRLlHZ7SLnEvUFd4NkLvWpiyDoiH1Kazf13MypdClR
4mwYTlJ4BsNLuUOYMIXWC5GdQd2YAkYV9eDkY9IIfppUJBdELcjF71iQrwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFDf5YrUIVqJcWCxyqQWRoTIv3S2NMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTl9saXRRaFdvbHhZTEhLcEJaR2hNaV9kTFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgcEEAgABMIG6AwQF
BVOAAwQCBa+AAwQABa+FMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv6AMEAAWv
6zAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQDU/NQAwQF
VV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQE
shKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoD
BQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZI
hvcNAQELBQADggEBAAwDHCZYWen2ATbT2PtcLJ+fO81HWCPc6TmW5AOb3C+DjaZq
MGLnmjccXWD8H3ES5yeeqfRIcCx6B0GUieEG8oJ4cPohmK52Fj2GcmDMi/tph3E6
qbj+zPcssXQf65dJEMdBBvuARKORSDGxA7TShVbrcb394sXzPmGEhX6D+QOB8HG9
iiLPqg1A88nPb0TXQ1QDjXddByUzFPWioRf/QVXsfG6U9BAhg4XC7UbcfINPgciX
cGDSNxHKE0UuQezzuSrxR5pVwbFfE5XvHcXKjlw4oKndQrZ5DfdvNSnED8yfwjaY
L1gLRIIKGtesyvys7F22/EPHuqhAnzTNTBa4Fdw=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:22:52 2025 by rpki-client