Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/nvvkGfktJGulTg2RSdSXXZ-pUn8.roa
File: nvvkGfktJGulTg2RSdSXXZ-pUn8.roa (raw, json)
Hash identifier: LbpLLduX0qmYBxPb6Ac4zkBJr4ELq+T7PFxrqLJDXB8=
Subject key identifier: 9E:FB:E4:19:F9:2D:24:6B:A5:4E:0D:91:49:D4:97:5D:9F:A9:52:7F
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0196EE0A8A91036534C09B3CC151AB4026A7
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/nvvkGfktJGulTg2RSdSXXZ-pUn8.roa
Signing time: Tue 20 May 2025 14:13:10 +0000
ROA not before: Tue 20 May 2025 14:13:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 263812
IP address blocks: 93.152.30.0/23 maxlen: 24
93.152.38.0/23 maxlen: 24
93.152.46.0/23 maxlen: 24
93.152.52.0/23 maxlen: 24
93.152.56.0/23 maxlen: 24
93.152.62.0/23 maxlen: 24
93.152.76.0/23 maxlen: 24
93.152.80.0/23 maxlen: 24
93.152.84.0/23 maxlen: 24
93.152.94.0/23 maxlen: 24
93.152.98.0/23 maxlen: 24
93.152.102.0/23 maxlen: 24
93.152.124.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 May 2025 08:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ee:0a:8a:91:03:65:34:c0:9b:3c:c1:51:ab:40:26:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 20 14:13:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9efbe419f92d246ba54e0d9149d4975d9fa9527f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:ad:c0:fa:aa:9c:6e:fc:b9:47:3c:96:35:
d0:42:cc:97:03:a2:86:5e:e3:5e:e6:95:79:a3:cd:
9c:ad:b6:05:74:73:c4:e5:ba:25:e0:d0:fb:23:f7:
44:a9:96:86:0c:f9:80:03:4b:bd:5b:d3:ec:a4:6b:
bf:f2:7b:22:68:51:2b:7a:03:1b:61:e7:68:6b:18:
f0:32:c2:6a:ec:65:e2:f0:b9:e1:bb:5c:05:8a:bd:
61:30:5c:55:26:8c:bd:e7:a3:4c:41:14:f4:b7:8e:
e4:42:43:78:64:85:da:70:15:aa:a9:1f:0b:51:b0:
f6:36:7e:01:e0:b6:e5:ca:4d:b1:64:f5:1b:76:43:
ac:b0:5e:db:f0:39:f7:05:e5:a2:7c:9b:1b:63:fc:
ee:fc:e7:85:55:30:3c:de:2c:14:ae:c5:8b:29:96:
64:81:71:4a:e4:72:c7:02:07:26:88:8e:bf:02:24:
a7:be:2f:6f:08:60:af:f7:c2:fd:ac:1f:38:27:32:
4c:67:68:8b:ee:98:fb:68:0e:f5:1c:67:de:ac:4d:
37:5a:10:e8:4c:e6:3a:72:07:78:4c:e7:12:39:90:
9a:f9:5e:f2:e9:38:4a:b5:c2:59:4f:d7:fb:e9:da:
94:54:bc:28:43:2a:a5:44:87:06:0b:06:ff:ed:a1:
ca:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FB:E4:19:F9:2D:24:6B:A5:4E:0D:91:49:D4:97:5D:9F:A9:52:7F
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/nvvkGfktJGulTg2RSdSXXZ-pUn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.30.0/23
93.152.38.0/23
93.152.46.0/23
93.152.52.0/23
93.152.56.0/23
93.152.62.0/23
93.152.76.0/23
93.152.80.0/23
93.152.84.0/23
93.152.94.0/23
93.152.98.0/23
93.152.102.0/23
93.152.124.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:62:78:80:52:1b:a6:98:18:49:1e:4b:81:14:e3:c5:30:c6:
12:59:11:fa:d6:fc:c4:fc:8e:fd:ed:7c:69:99:14:3c:a6:ca:
3d:a9:d7:65:53:07:5b:b4:fa:9b:5f:ad:45:60:1b:59:b5:09:
d0:07:0d:e8:c2:ec:61:a6:38:43:5a:da:7a:c4:a0:ee:8c:16:
8b:9d:0c:be:f1:b1:8c:7a:06:fc:3d:6d:93:f2:52:5f:d8:93:
ee:83:ee:21:70:27:5d:39:26:5d:dd:5d:ca:5d:2b:dc:28:47:
1c:5e:dd:3e:5d:32:a8:65:25:c3:72:15:f8:4b:c3:5c:ad:c6:
a0:8e:e6:07:42:0e:c9:d0:73:53:e9:c4:52:46:23:55:6d:03:
d6:02:e3:ea:8c:a3:13:3a:50:59:fd:2d:4f:59:97:a4:5a:3d:
b3:d3:2e:5f:ee:9f:02:e7:e1:8c:a7:71:cf:62:f5:a9:26:bc:
5d:b2:72:e3:f7:54:b7:41:39:b7:7c:33:5a:cb:9c:04:14:ca:
04:de:c7:38:3c:7f:b7:50:31:82:ae:e3:94:37:ab:74:70:84:
02:85:89:a9:ca:d2:dd:c3:0e:e0:41:71:3c:62:8d:4a:da:b0:
1e:ab:c7:82:56:c2:bd:4e:59:03:8f:7d:7e:dd:0a:e2:a7:f0:
63:0d:90:e0
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZbuCoqRA2U0wJs8wVGrQCanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwNTIwMTQxMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWZiZTQxOWY5MmQyNDZiYTU0ZTBkOTE0OWQ0OTc1ZDlmYTk1MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/utwPqqnG78uUc8ljXQQsyXA6KG
XuNe5pV5o82crbYFdHPE5bol4ND7I/dEqZaGDPmAA0u9W9PspGu/8nsiaFEregMb
YedoaxjwMsJq7GXi8Lnhu1wFir1hMFxVJoy956NMQRT0t47kQkN4ZIXacBWqqR8L
UbD2Nn4B4Lblyk2xZPUbdkOssF7b8Dn3BeWifJsbY/zu/OeFVTA83iwUrsWLKZZk
gXFK5HLHAgcmiI6/AiSnvi9vCGCv98L9rB84JzJMZ2iL7pj7aA71HGferE03WhDo
TOY6cgd4TOcSOZCa+V7y6ThKtcJZT9f76dqUVLwoQyqlRIcGCwb/7aHK1wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJ775Bn5LSRrpU4NkUnUl12fqVJ/MB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvbnZ2a0dma3RKR3VsVGcyUlNkU1hYWi1wVW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBXZgeAwQB
XZgmAwQBXZguAwQBXZg0AwQBXZg4AwQBXZg+AwQBXZhMAwQBXZhQAwQBXZhUAwQB
XZheAwQBXZhiAwQBXZhmAwQBXZh8MA0GCSqGSIb3DQEBCwUAA4IBAQCnYniAUhum
mBhJHkuBFOPFMMYSWRH61vzE/I797XxpmRQ8pso9qddlUwdbtPqbX61FYBtZtQnQ
Bw3owuxhpjhDWtp6xKDujBaLnQy+8bGMegb8PW2T8lJf2JPug+4hcCddOSZd3V3K
XSvcKEccXt0+XTKoZSXDchX4S8NcrcagjuYHQg7J0HNT6cRSRiNVbQPWAuPqjKMT
OlBZ/S1PWZekWj2z0y5f7p8C5+GMp3HPYvWpJrxdsnLj91S3QTm3fDNay5wEFMoE
3sc4PH+3UDGCruOUN6t0cIQChYmpytLdww7gQXE8Yo1K2rAeq8eCVsK9TlkDj31+
3Qrip/BjDZDg
-----END CERTIFICATE-----
Generated at Sat Jun 7 19:43:12 2025 by rpki-client