Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/LxEz82jtFDTqsN9OO-F712kMBSM.roa
File: LxEz82jtFDTqsN9OO-F712kMBSM.roa (raw, json)
Hash identifier: /23vpATy++ydRR+8ZW9Wwm0jsup4UTNbdqzgl/FXv7o=
Subject key identifier: 2F:11:33:F3:68:ED:14:34:EA:B0:DF:4E:3B:E1:7B:D7:69:0C:05:23
Certificate issuer: /CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Certificate serial: 0195289622770DBB5FABEAE6CECF1FFA4CD9
Authority key identifier: 98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/LxEz82jtFDTqsN9OO-F712kMBSM.roa
Signing time: Fri 21 Feb 2025 12:58:02 +0000
ROA not before: Fri 21 Feb 2025 12:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.200.0/24 maxlen: 24
45.88.201.0/24 maxlen: 24
45.88.202.0/24 maxlen: 24
185.14.97.0/24 maxlen: 24
185.125.168.0/22 maxlen: 22
185.181.60.0/22 maxlen: 22
185.243.216.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
193.243.189.0/24 maxlen: 24
194.32.107.0/24 maxlen: 24
195.16.73.0/24 maxlen: 24
198.140.141.0/24 maxlen: 24
2a03:94e0::/32 maxlen: 32
2a03:94e1::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e3::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 20 Mar 2025 12:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:96:22:77:0d:bb:5f:ab:ea:e6:ce:cf:1f:fa:4c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Validity
Not Before: Feb 21 12:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f1133f368ed1434eab0df4e3be17bd7690c0523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ea:88:01:e8:75:1c:b5:9a:53:c3:cd:06:7e:
67:42:8c:55:8f:b9:55:b9:47:e6:92:c6:b8:79:8e:
b2:f2:58:05:5f:f5:3c:42:46:0d:bc:7c:d5:41:dd:
ff:9d:a3:0b:d9:a5:53:8f:b7:0a:88:e9:06:3c:da:
b7:95:23:5e:f5:f7:23:26:db:e4:85:cd:68:c4:7c:
86:b1:52:06:a3:e4:5e:0a:35:13:bd:8b:11:6a:73:
b2:5a:c0:40:88:d4:d2:b3:08:53:5d:55:05:61:ac:
bd:83:23:29:36:ef:4d:db:23:1d:32:36:4c:d1:1f:
c9:33:52:50:82:95:1d:a7:f7:10:39:ac:a2:9e:df:
30:2c:6a:c5:39:5c:a4:64:cb:70:a5:24:cd:a4:75:
0c:5e:84:53:a5:9b:c8:3f:92:68:d0:a7:52:ee:b8:
ee:62:47:e7:0a:1e:8a:fb:c1:da:dc:3e:f8:0c:ba:
c0:59:e9:f1:e5:bc:02:da:7b:2e:55:cc:0d:05:46:
a4:95:50:4b:9f:0c:af:36:c7:dd:ac:ac:ca:b1:c5:
44:4b:ec:da:e0:40:ce:15:b5:99:c3:73:2d:74:49:
86:38:9d:71:fc:4d:2b:d4:6c:55:af:da:b5:b4:d7:
a1:10:f6:77:ec:9a:2c:2e:b2:58:ca:f9:aa:da:4f:
62:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:11:33:F3:68:ED:14:34:EA:B0:DF:4E:3B:E1:7B:D7:69:0C:05:23
X509v3 Authority Key Identifier:
keyid:98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/LxEz82jtFDTqsN9OO-F712kMBSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0-45.88.202.255
185.14.97.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
193.243.189.0/24
194.32.107.0/24
195.16.73.0/24
198.140.141.0/24
IPv6:
2a03:94e0::/30
Signature Algorithm: sha256WithRSAEncryption
33:f8:c9:fa:4e:ee:eb:0e:84:64:41:10:a6:74:e1:e1:76:4a:
d2:99:89:da:82:f6:60:a3:ab:48:ca:c7:5d:eb:e9:8d:88:ba:
32:84:5f:dd:01:28:db:c2:fa:cf:00:d3:ad:40:6e:0b:16:76:
73:b1:54:0d:b5:cb:cb:c3:d0:85:3d:60:b2:ad:60:72:4a:11:
4a:81:18:92:38:db:3d:3d:b2:b7:fb:ea:b6:1d:ed:84:0c:24:
a8:af:0e:1f:f1:a9:72:ba:01:4c:e2:bf:65:b4:f4:0b:2e:79:
3e:bc:a8:c8:85:c1:a5:32:d0:61:b0:cb:c8:3b:e7:c4:01:b4:
2f:17:8f:c0:80:57:40:7b:2c:41:9d:50:3d:da:9e:6a:62:1c:
69:2a:f4:5a:76:f0:19:bf:27:14:66:78:c5:5b:5e:db:5a:20:
1e:cc:90:05:d6:5e:2e:2b:d3:01:fd:cb:d7:c9:bf:2b:05:3b:
cf:87:8b:49:4a:2d:3b:17:9c:9b:a6:a9:2a:c7:43:6d:ed:f0:
90:01:43:7c:37:9e:14:a2:17:08:e2:f6:02:4b:e2:82:c4:37:
13:19:42:70:7e:b8:89:78:c7:eb:6e:03:b2:18:09:29:f5:a8:
aa:c9:62:7e:c5:64:75:f0:0e:74:fb:d6:ff:fb:74:50:7f:11:
3b:63:fe:f8
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZUoliJ3Dbtfq+rmzs8f+kzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzFkMDNiNDk1MDRkMzQ0NjVkYzQwYTNkMGY5MDg2Y2Fj
ZmRiOGUwHhcNMjUwMjIxMTI1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjExMzNmMzY4ZWQxNDM0ZWFiMGRmNGUzYmUxN2JkNzY5MGMwNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+qIAeh1HLWaU8PNBn5nQoxVj7lV
uUfmksa4eY6y8lgFX/U8QkYNvHzVQd3/naML2aVTj7cKiOkGPNq3lSNe9fcjJtvk
hc1oxHyGsVIGo+ReCjUTvYsRanOyWsBAiNTSswhTXVUFYay9gyMpNu9N2yMdMjZM
0R/JM1JQgpUdp/cQOayint8wLGrFOVykZMtwpSTNpHUMXoRTpZvIP5Jo0KdS7rju
YkfnCh6K+8Ha3D74DLrAWenx5bwC2nsuVcwNBUaklVBLnwyvNsfdrKzKscVES+za
4EDOFbWZw3MtdEmGOJ1x/E0r1GxVr9q1tNehEPZ37JosLrJYyvmq2k9iXwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFC8RM/No7RQ06rDfTjvhe9dpDAUjMB8GA1UdIwQY
MBaAFJjB0DtJUE00Rl3ECj0PkIbKz9uOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEt
YzMxYmRlNTEwMDg1LzEvTHhFejgyanRGRFRxc045T08tRjcxMmtNQlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEtYzMxYmRlNTEwMDg1
LzEvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGMAwDBAMtWMgD
BAAtWMoDBAC5DmEDBAK5fagDBAK5tTwwDAMEA7nz2AMEALnz2gMEAMHzvQMEAMIg
awMEAMMQSQMEAMaMjTANBAIAAjAHAwUCKgOU4DANBgkqhkiG9w0BAQsFAAOCAQEA
M/jJ+k7u6w6EZEEQpnTh4XZK0pmJ2oL2YKOrSMrHXevpjYi6MoRf3QEo28L6zwDT
rUBuCxZ2c7FUDbXLy8PQhT1gsq1gckoRSoEYkjjbPT2yt/vqth3thAwkqK8OH/Gp
croBTOK/ZbT0Cy55PryoyIXBpTLQYbDLyDvnxAG0LxePwIBXQHssQZ1QPdqeamIc
aSr0WnbwGb8nFGZ4xVte21ogHsyQBdZeLivTAf3L18m/KwU7z4eLSUotOxecm6ap
KsdDbe3wkAFDfDeeFKIXCOL2AkvigsQ3ExlCcH64iXjH624DshgJKfWoqslifsVk
dfAOdPvW//t0UH8RO2P++A==
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:37:43 2025 by rpki-client