Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/LwngSiJ4Gyca4vMCFCe4drchfck.roa
File: LwngSiJ4Gyca4vMCFCe4drchfck.roa (raw, json)
Hash identifier: 5wWpz+lOJv0W8qORiGhDl0CAvxVVRLUcKVvdWluq3/c=
Subject key identifier: 2F:09:E0:4A:22:78:1B:27:1A:E2:F3:02:14:27:B8:76:B7:21:7D:C9
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0194228DC0A90AEF941C3D24C34F0D68606F
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/LwngSiJ4Gyca4vMCFCe4drchfck.roa
Signing time: Wed 01 Jan 2025 15:48:22 +0000
ROA not before: Wed 01 Jan 2025 15:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 94.232.248.0/24 maxlen: 24
2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
2a0c:f642::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Jan 2025 07:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c0:a9:0a:ef:94:1c:3d:24:c3:4f:0d:68:60:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Jan 1 15:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f09e04a22781b271ae2f3021427b876b7217dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:80:e4:03:45:ac:7c:b5:ab:b0:ad:65:22:99:
73:76:da:dc:20:27:fb:81:6c:05:c4:bc:a0:34:21:
a6:a8:f1:7f:09:af:1a:20:1a:0a:02:39:56:c9:9a:
57:9f:78:ea:33:58:0e:6e:55:98:f3:56:63:fe:d1:
4c:97:3b:94:40:f2:df:67:5a:06:c6:11:d9:75:ca:
8c:0d:75:62:cc:0a:59:4e:54:58:54:fd:e6:e7:49:
c1:b6:9c:5b:68:c9:b7:e5:6b:e3:c1:af:2b:6b:a5:
5a:b4:8c:11:72:27:fb:2b:f5:a8:68:ba:88:6d:77:
d6:85:e6:5b:a7:bc:c1:4c:31:3a:7f:4a:85:ff:6e:
81:8e:60:79:12:01:24:4c:47:83:19:b5:92:00:b5:
d0:01:a4:d8:7b:8d:a2:76:2c:a3:ca:ca:a1:26:6e:
66:da:76:2c:7e:ef:6c:4b:33:2c:34:fb:a0:e8:ab:
aa:f4:ef:26:2e:f0:07:b1:33:3f:2b:4e:63:2d:ba:
64:0d:31:21:df:a9:2a:a8:df:96:25:dd:2d:cc:a5:
65:c2:c6:30:cb:8b:9d:f6:07:0c:0e:99:64:01:07:
26:09:88:cd:f8:ce:0a:59:15:d9:aa:64:4d:a4:f5:
05:f2:dd:2f:6d:2d:c1:9d:cd:e3:a0:b9:f1:2e:4b:
c7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:09:E0:4A:22:78:1B:27:1A:E2:F3:02:14:27:B8:76:B7:21:7D:C9
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/LwngSiJ4Gyca4vMCFCe4drchfck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.248.0/24
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:6980::/29
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
69:81:f8:e1:9c:84:2b:7b:81:c0:12:29:17:58:d2:7e:e6:f3:
44:4a:17:d4:bf:59:3a:ad:af:3a:22:56:59:60:8e:1a:38:7b:
ec:cd:b8:c5:ba:40:da:d7:87:8d:2a:e2:a5:c6:40:cb:cd:57:
e7:66:8c:f9:ac:79:ac:67:bd:32:b0:98:ed:d9:d2:84:2d:d3:
37:fe:9a:87:71:e4:08:b6:3d:07:e1:e9:25:39:77:70:39:1c:
b0:90:9f:2f:9c:c6:4f:d3:14:a8:12:2f:43:5f:76:ac:1d:b7:
1b:bc:c5:55:b2:cf:08:24:d6:83:80:c1:7b:99:22:c4:24:70:
8c:3f:a4:5f:fb:64:90:c4:8d:b9:88:78:75:35:c1:37:9a:03:
c2:14:3c:aa:87:d4:01:03:99:e0:06:ce:cd:3f:81:c7:fd:f7:
00:1b:5f:22:b3:74:24:2e:a9:d5:fe:83:a0:3b:92:e4:41:42:
02:a3:a9:cc:0a:7c:4f:4e:a9:1e:40:2f:f0:55:ea:bb:91:b8:
74:a2:11:9f:5c:db:bb:9f:57:a2:1a:9c:8e:d5:6e:3d:4a:94:
d7:8c:59:6f:4b:07:fa:93:a6:7a:7c:0c:6b:bc:cf:ee:61:f0:
1e:db:72:2d:6b:03:f9:96:f3:36:e0:24:71:01:50:2b:3e:b5:
87:5b:64:77
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQijcCpCu+UHD0kw08NaGBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwMTAxMTU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjA5ZTA0YTIyNzgxYjI3MWFlMmYzMDIxNDI3Yjg3NmI3MjE3ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIDkA0WsfLWrsK1lIplzdtrcICf7
gWwFxLygNCGmqPF/Ca8aIBoKAjlWyZpXn3jqM1gOblWY81Zj/tFMlzuUQPLfZ1oG
xhHZdcqMDXVizApZTlRYVP3m50nBtpxbaMm35Wvjwa8ra6VatIwRcif7K/WoaLqI
bXfWheZbp7zBTDE6f0qF/26BjmB5EgEkTEeDGbWSALXQAaTYe42idiyjysqhJm5m
2nYsfu9sSzMsNPug6Kuq9O8mLvAHsTM/K05jLbpkDTEh36kqqN+WJd0tzKVlwsYw
y4ud9gcMDplkAQcmCYjN+M4KWRXZqmRNpPUF8t0vbS3Bnc3joLnxLkvHRwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC8J4EoieBsnGuLzAhQnuHa3IX3JMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvTHduZ1NpSjRHeWNhNHZNQ0ZDZTRkcmNoZmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAXuj4MCIE
AgACMBwDBQMqBt3AAwUDKguAQAMFAyoMaYADBQAqDPZCMA0GCSqGSIb3DQEBCwUA
A4IBAQBpgfjhnIQre4HAEikXWNJ+5vNEShfUv1k6ra86IlZZYI4aOHvszbjFukDa
14eNKuKlxkDLzVfnZoz5rHmsZ70ysJjt2dKELdM3/pqHceQItj0H4eklOXdwORyw
kJ8vnMZP0xSoEi9DX3asHbcbvMVVss8IJNaDgMF7mSLEJHCMP6Rf+2SQxI25iHh1
NcE3mgPCFDyqh9QBA5ngBs7NP4HH/fcAG18is3QkLqnV/oOgO5LkQUICo6nMCnxP
TqkeQC/wVeq7kbh0ohGfXNu7n1eiGpyO1W49SpTXjFlvSwf6k6Z6fAxrvM/uYfAe
23ItawP5lvM24CRxAVArPrWHW2R3
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:41:42 2025 by rpki-client