Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lFcyT-usmW9PPGeE3Lp_oAva14k.roa
File: lFcyT-usmW9PPGeE3Lp_oAva14k.roa (raw, json)
Hash identifier: yEP9tsKdfB3WNE6G5Bh2/tYR9eEknD3zIotCZZo6DpU=
Subject key identifier: 94:57:32:4F:EB:AC:99:6F:4F:3C:67:84:DC:BA:7F:A0:0B:DA:D7:89
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0196AEED50F1B0338AB4EB56C9279A357199
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lFcyT-usmW9PPGeE3Lp_oAva14k.roa
Signing time: Thu 08 May 2025 08:05:10 +0000
ROA not before: Thu 08 May 2025 08:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.171.240.0/22 maxlen: 24
194.238.78.0/24 maxlen: 24
194.238.79.0/24 maxlen: 24
213.18.196.0/22 maxlen: 24
213.18.208.0/22 maxlen: 24
213.18.220.0/22 maxlen: 24
213.18.245.0/24 maxlen: 24
217.177.0.0/21 maxlen: 24
217.177.35.0/24 maxlen: 24
217.177.44.0/22 maxlen: 24
217.177.48.0/22 maxlen: 24
217.177.52.0/22 maxlen: 24
217.179.56.0/22 maxlen: 24
217.179.72.0/22 maxlen: 24
217.179.220.0/22 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.13.0/24 maxlen: 24
217.180.14.0/24 maxlen: 24
217.180.20.0/24 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.38.0/24 maxlen: 24
217.180.45.0/24 maxlen: 24
217.180.46.0/24 maxlen: 24
217.180.59.0/24 maxlen: 24
217.180.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 May 2025 16:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ae:ed:50:f1:b0:33:8a:b4:eb:56:c9:27:9a:35:71:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: May 8 08:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9457324febac996f4f3c6784dcba7fa00bdad789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dd:84:c8:28:3f:ec:7c:15:a0:7b:a8:70:6f:
65:b8:7c:57:b2:6b:1c:dd:6e:3a:36:d0:f5:17:f7:
f1:8c:a1:57:35:f6:3c:6e:17:e9:97:bb:58:5d:6f:
4a:c8:eb:af:31:3f:0e:79:05:65:e4:d5:37:53:93:
e4:f3:53:2c:dc:ac:79:52:87:83:7d:5a:5f:d3:01:
b1:a5:d7:44:b7:2c:e4:0d:17:81:db:a2:9d:9d:f2:
76:3c:0b:68:29:08:8a:dd:b9:27:cc:c5:a5:4f:b4:
eb:33:12:0c:e5:9f:18:04:77:86:76:a7:0e:37:0b:
44:87:46:85:c7:9f:15:b2:dd:36:ef:3d:fe:21:e7:
fc:97:80:12:0f:50:7f:c9:fc:a7:30:fc:d2:5f:ea:
cd:ea:54:48:34:db:1e:b3:35:35:36:78:1e:12:15:
e9:32:e3:25:e8:c7:bd:0d:ab:47:b0:b5:76:81:7e:
cf:0d:bb:49:6c:0f:33:49:66:5e:9d:35:eb:19:21:
73:ed:82:a1:52:5e:d3:4a:44:84:b7:86:41:0b:0b:
65:94:ca:fb:e6:49:92:a0:47:b3:ad:e4:e9:30:ba:
d6:5b:10:17:bb:50:97:b3:27:6d:46:39:37:81:d0:
b7:b1:39:6d:7c:20:df:71:bf:76:70:79:2c:95:f3:
c7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:57:32:4F:EB:AC:99:6F:4F:3C:67:84:DC:BA:7F:A0:0B:DA:D7:89
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lFcyT-usmW9PPGeE3Lp_oAva14k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.240.0/22
194.238.78.0/23
213.18.196.0/22
213.18.208.0/22
213.18.220.0/22
213.18.245.0/24
217.177.0.0/21
217.177.35.0/24
217.177.44.0-217.177.55.255
217.179.56.0/22
217.179.72.0/22
217.179.220.0/22
217.180.12.0-217.180.14.255
217.180.20.0/24
217.180.22.0/23
217.180.38.0/24
217.180.45.0-217.180.46.255
217.180.59.0/24
217.180.61.0/24
Signature Algorithm: sha256WithRSAEncryption
96:88:0a:db:f0:39:c6:40:3d:ea:06:fc:f6:29:63:5e:4e:55:
04:05:45:c2:6a:7f:ff:bc:73:64:13:20:27:86:d1:e4:49:54:
f1:5c:07:af:70:52:a0:fb:e2:18:c9:d1:8f:aa:aa:2f:07:51:
7d:c1:df:dd:41:ba:54:8f:99:76:29:ba:ee:98:f4:26:f0:8f:
b7:95:2a:94:91:19:2b:36:27:7c:0c:cc:18:03:31:35:29:55:
9d:a9:c1:a0:05:da:95:fb:65:1f:ff:8e:db:be:79:47:c8:39:
58:b7:1a:62:fb:fa:dc:95:33:97:88:f8:6d:45:cc:27:2b:98:
d4:1a:77:a0:3c:1b:43:e2:11:1a:c9:0a:34:1c:2c:a2:95:49:
ef:de:85:f2:27:ca:94:10:8d:e8:d6:90:9c:30:a1:47:65:1e:
05:5a:21:07:15:32:a2:43:9e:54:8b:f5:f5:ba:7f:b4:25:94:
aa:55:8a:c8:c9:65:09:88:fb:3e:1d:df:9f:2c:3a:a6:b1:9b:
00:d3:ec:35:33:ba:8e:cc:31:ea:c9:e9:a6:3c:aa:c0:ef:ef:
3d:57:e6:58:33:77:d5:29:a2:1a:50:09:8e:00:f1:40:4d:b6:
48:88:61:dc:0e:8e:40:82:51:73:8c:1d:32:7d:5a:5f:d5:6a:
78:42:1f:77
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZau7VDxsDOKtOtWySeaNXGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNTA4MDgwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDU3MzI0ZmViYWM5OTZmNGYzYzY3ODRkY2JhN2ZhMDBiZGFkNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd2EyCg/7HwVoHuocG9luHxXsmsc
3W46NtD1F/fxjKFXNfY8bhfpl7tYXW9KyOuvMT8OeQVl5NU3U5Pk81Ms3Kx5UoeD
fVpf0wGxpddEtyzkDReB26KdnfJ2PAtoKQiK3bknzMWlT7TrMxIM5Z8YBHeGdqcO
NwtEh0aFx58Vst027z3+Ief8l4ASD1B/yfynMPzSX+rN6lRINNseszU1NngeEhXp
MuMl6Me9DatHsLV2gX7PDbtJbA8zSWZenTXrGSFz7YKhUl7TSkSEt4ZBCwtllMr7
5kmSoEezreTpMLrWWxAXu1CXsydtRjk3gdC3sTltfCDfcb92cHkslfPHDQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFJRXMk/rrJlvTzxnhNy6f6AL2teJMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvbEZjeVQtdXNtVzlQUEdlRTNMcF9vQXZhMTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAI+
q/ADBAHC7k4DBALVEsQDBALVEtADBALVEtwDBADVEvUDBAPZsQADBADZsSMwDAME
AtmxLAMEA9mxMAMEAtmzOAMEAtmzSAMEAtmz3DAMAwQC2bQMAwQA2bQOAwQA2bQU
AwQB2bQWAwQA2bQmMAwDBADZtC0DBADZtC4DBADZtDsDBADZtD0wDQYJKoZIhvcN
AQELBQADggEBAJaICtvwOcZAPeoG/PYpY15OVQQFRcJqf/+8c2QTICeG0eRJVPFc
B69wUqD74hjJ0Y+qqi8HUX3B391BulSPmXYpuu6Y9Cbwj7eVKpSRGSs2J3wMzBgD
MTUpVZ2pwaAF2pX7ZR//jtu+eUfIOVi3GmL7+tyVM5eI+G1FzCcrmNQad6A8G0Pi
ERrJCjQcLKKVSe/ehfInypQQjejWkJwwoUdlHgVaIQcVMqJDnlSL9fW6f7QllKpV
isjJZQmI+z4d358sOqaxmwDT7DUzuo7MMerJ6aY8qsDv7z1X5lgzd9UpohpQCY4A
8UBNtkiIYdwOjkCCUXOMHTJ9Wl/VanhCH3c=
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:46:50 2025 by rpki-client