Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/l2TH8ak1lCgTFpwLCJzrHHGkVVQ.roa
File: l2TH8ak1lCgTFpwLCJzrHHGkVVQ.roa (raw, json)
Hash identifier: M1wdpUClMGuD9Cwj8Kcdoo5PboPvIZ5AkN7a7QoZbsM=
Subject key identifier: 97:64:C7:F1:A9:35:94:28:13:16:9C:0B:08:9C:EB:1C:71:A4:55:54
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 019576B183C638070E774CEBCEC14F7A3FC5
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/l2TH8ak1lCgTFpwLCJzrHHGkVVQ.roa
Signing time: Sat 08 Mar 2025 16:58:19 +0000
ROA not before: Sat 08 Mar 2025 16:58:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49121
IP address blocks: 5.57.209.0/24 maxlen: 24
37.221.68.0/24 maxlen: 24
37.221.69.0/24 maxlen: 24
37.221.70.0/24 maxlen: 24
37.221.71.0/24 maxlen: 24
45.87.117.0/24 maxlen: 24
45.87.118.0/24 maxlen: 24
45.87.119.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
185.186.1.0/24 maxlen: 24
185.232.166.0/24 maxlen: 24
194.61.10.0/23 maxlen: 23
194.147.74.0/23 maxlen: 23
2a09:e200::/48 maxlen: 48
2a09:e200:e200::/48 maxlen: 48
2a09:e206:c1::/48 maxlen: 48
2a09:e207:810::/48 maxlen: 48
2a09:e207:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Mar 2025 17:16:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:76:b1:83:c6:38:07:0e:77:4c:eb:ce:c1:4f:7a:3f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Mar 8 16:58:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9764c7f1a935942813169c0b089ceb1c71a45554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ca:53:d4:f1:f5:ef:47:fb:31:d8:40:34:7d:
6f:f6:5b:d9:52:26:f6:dc:e4:4c:05:af:65:69:cd:
6c:8a:7b:d7:27:32:d5:3a:cd:70:0c:8f:e0:33:2d:
6d:99:4a:4b:32:6b:66:1d:4a:91:9e:e8:f0:1e:55:
93:1e:53:f2:ed:28:b6:9f:af:18:5e:5d:31:1f:d5:
15:dd:6f:d5:dc:c5:2a:fe:51:95:6d:68:43:31:1c:
c5:c8:c0:1b:8c:c7:48:df:3b:f5:31:22:af:0b:01:
45:f8:62:ed:ec:79:dc:90:da:2b:06:66:21:9f:b9:
4a:03:58:9f:0a:16:1d:1a:32:44:a4:bf:ef:d4:c8:
8a:45:ea:ef:c0:5b:12:b3:9d:00:b1:3c:bc:97:d1:
d7:61:20:97:ef:b0:05:2d:71:73:d8:5e:12:47:cc:
45:d2:b0:30:1e:b4:69:77:33:0a:0d:20:9a:4a:9a:
bb:5f:35:47:c5:57:84:ea:4c:9a:9e:1b:5b:99:15:
69:ad:5b:f9:26:f8:ae:19:13:76:fb:94:7f:7d:6c:
21:6d:37:02:64:ae:02:2d:a2:be:7a:c5:a8:31:9c:
13:9b:e6:85:75:1b:76:84:c5:a6:90:d2:af:9d:05:
37:8b:88:31:7d:95:2b:3d:05:a5:3f:bd:8c:18:a7:
b4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:64:C7:F1:A9:35:94:28:13:16:9C:0B:08:9C:EB:1C:71:A4:55:54
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/l2TH8ak1lCgTFpwLCJzrHHGkVVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.209.0/24
37.221.68.0/22
45.87.117.0-45.87.119.255
185.186.0.0/23
185.232.166.0/24
194.61.10.0/23
194.147.74.0/23
IPv6:
2a09:e200::/48
2a09:e200:e200::/48
2a09:e206:c1::/48
2a09:e207:810::/48
2a09:e207:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
77:98:c7:2d:dd:82:8e:52:c2:46:2e:7e:89:73:86:fc:32:a4:
92:bf:31:d9:3d:c7:83:ba:d0:a1:7c:c3:9d:61:52:39:a1:aa:
c6:e4:30:ec:cd:af:e4:be:64:59:f2:fe:a0:e9:d0:39:f4:d5:
60:dc:60:15:6c:ab:01:05:7b:86:ab:df:f1:78:22:0b:50:7c:
31:bf:fb:88:e9:4a:ca:34:41:99:f9:39:85:a5:46:96:de:73:
b2:08:36:9c:e6:05:bc:d5:06:12:b7:bc:8c:84:6e:87:63:7c:
ec:d4:ab:84:75:82:fc:9a:e4:93:28:dd:b8:16:aa:f4:45:05:
8c:07:07:81:26:3b:93:7a:01:bf:bb:d6:22:86:f8:68:40:06:
cf:4a:0f:ec:cc:e0:19:6f:8f:a6:91:8a:de:81:2d:96:c5:e3:
a8:1a:43:dd:df:94:26:af:29:bb:6a:d0:37:55:c2:75:50:14:
7a:2a:20:c6:71:70:bb:44:53:d8:cd:82:39:04:f1:dc:0a:10:
24:e4:19:8d:03:dd:23:96:c9:c9:d8:fc:94:3c:f3:44:86:16:
e3:a8:21:e9:8f:a0:5d:f4:e0:c5:e7:04:c0:3f:dd:89:af:10:
67:41:16:0c:7d:7d:67:b8:30:85:0d:7b:0f:d9:08:54:9e:ff:
5d:c7:2f:6b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZV2sYPGOAcOd0zrzsFPej/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjUwMzA4MTY1ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzY0YzdmMWE5MzU5NDI4MTMxNjljMGIwODljZWIxYzcxYTQ1NTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcpT1PH170f7MdhANH1v9lvZUib2
3ORMBa9lac1sinvXJzLVOs1wDI/gMy1tmUpLMmtmHUqRnujwHlWTHlPy7Si2n68Y
Xl0xH9UV3W/V3MUq/lGVbWhDMRzFyMAbjMdI3zv1MSKvCwFF+GLt7HnckNorBmYh
n7lKA1ifChYdGjJEpL/v1MiKRervwFsSs50AsTy8l9HXYSCX77AFLXFz2F4SR8xF
0rAwHrRpdzMKDSCaSpq7XzVHxVeE6kyanhtbmRVprVv5JviuGRN2+5R/fWwhbTcC
ZK4CLaK+esWoMZwTm+aFdRt2hMWmkNKvnQU3i4gxfZUrPQWlP72MGKe03wIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFJdkx/GpNZQoExacCwic6xxxpFVUMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvbDJUSDhhazFsQ2dURnB3TENKenJISEdrVlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wOAQCAAEwMgMEAAU50QME
AiXdRDAMAwQALVd1AwQDLVdwAwQBuboAAwQAueimAwQBwj0KAwQBwpNKMDMEAgAC
MC0DBwAqCeIAAAADBwAqCeIA4gADBwAqCeIGAMEDBwAqCeIHCBADBwAqCeIH//8w
DQYJKoZIhvcNAQELBQADggEBAHeYxy3dgo5SwkYufolzhvwypJK/Mdk9x4O60KF8
w51hUjmhqsbkMOzNr+S+ZFny/qDp0Dn01WDcYBVsqwEFe4ar3/F4IgtQfDG/+4jp
Sso0QZn5OYWlRpbec7IINpzmBbzVBhK3vIyEbodjfOzUq4R1gvya5JMo3bgWqvRF
BYwHB4EmO5N6Ab+71iKG+GhABs9KD+zM4Blvj6aRit6BLZbF46gaQ93flCavKbtq
0DdVwnVQFHoqIMZxcLtEU9jNgjkE8dwKECTkGY0D3SOWycnY/JQ880SGFuOoIemP
oF304MXnBMA/3YmvEGdBFgx9fWe4MIUNew/ZCFSe/13HL2s=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:29 2025 by rpki-client