Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/LuraUcFvmchTem0caSmXmYXitYM.roa
File: LuraUcFvmchTem0caSmXmYXitYM.roa (raw, json)
Hash identifier: h6+dckLZCxXznWHM5k4hbKgyOqWpKU3G6huvGRVXQ5g=
Subject key identifier: 2E:EA:DA:51:C1:6F:99:C8:53:7A:6D:1C:69:29:97:99:85:E2:B5:83
Certificate issuer: /CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Certificate serial: 0194037BF8EA03C233EB3992BBEB76B0E576
Authority key identifier: 5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/LuraUcFvmchTem0caSmXmYXitYM.roa
Signing time: Thu 26 Dec 2024 15:00:43 +0000
ROA not before: Thu 26 Dec 2024 15:00:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6789
IP address blocks: 185.166.72.0/22 maxlen: 24
193.37.134.0/24 maxlen: 24
193.37.155.0/24 maxlen: 24
193.37.224.0/24 maxlen: 24
193.37.229.0/24 maxlen: 24
194.247.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:03:7b:f8:ea:03:c2:33:eb:39:92:bb:eb:76:b0:e5:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Validity
Not Before: Dec 26 15:00:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2eeada51c16f99c8537a6d1c6929979985e2b583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b4:1f:56:43:00:2d:7f:ff:b8:d2:cc:6c:3c:
f2:d0:a6:7d:d4:c7:54:22:5e:43:63:3d:4a:01:6c:
f4:b9:6b:80:8d:4e:ba:a0:68:f6:dc:40:bf:7c:fd:
3e:9c:d9:45:c2:0c:f3:4b:52:5f:f1:c5:13:c4:14:
ea:89:60:73:53:7f:ac:7d:e5:49:30:83:6f:ed:29:
91:29:93:05:97:1c:88:46:41:2c:e2:86:99:a5:93:
7a:b1:5e:48:c8:d9:e5:9a:15:b3:e3:7d:e9:08:8a:
08:03:db:2d:26:d2:ff:64:e1:a7:2f:2b:1d:09:66:
ba:22:ee:b6:ec:45:14:2a:1a:c0:81:c7:08:ca:cc:
51:14:2c:13:54:f5:0c:01:dd:4f:49:ee:90:9e:73:
bc:35:d3:10:e8:15:33:b0:65:6c:3b:ce:fb:c1:05:
07:13:dd:5a:ad:c3:41:fa:8a:b2:0b:34:52:34:a4:
fe:7f:23:62:c0:f9:7b:31:d0:6e:1f:9e:56:d7:3a:
26:ce:e9:6e:71:99:b0:68:80:2c:0f:93:2f:e9:52:
c8:f7:19:65:78:cd:57:f2:ad:38:18:ed:40:83:a8:
a5:23:ad:1f:14:00:4c:8d:14:11:29:6e:e5:17:7b:
ea:21:93:3b:f2:9e:71:ae:78:b5:ba:e2:80:0a:08:
bc:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:EA:DA:51:C1:6F:99:C8:53:7A:6D:1C:69:29:97:99:85:E2:B5:83
X509v3 Authority Key Identifier:
keyid:5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/LuraUcFvmchTem0caSmXmYXitYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.72.0/22
193.37.134.0/24
193.37.155.0/24
193.37.224.0/24
193.37.229.0/24
194.247.33.0/24
Signature Algorithm: sha256WithRSAEncryption
59:a8:49:1b:c1:26:bc:bb:e4:be:41:59:6d:0e:d0:c7:ed:69:
7e:0f:64:5e:40:8c:62:ff:74:2d:ff:01:c9:3b:a2:f7:2a:dc:
8c:70:67:be:e0:bd:7e:f4:e3:ed:6e:97:0f:7e:0f:7d:cc:10:
e7:a7:68:ee:4d:e1:6e:70:f4:c4:79:25:69:16:21:57:1f:50:
33:f6:e0:1b:dd:6a:fa:08:2f:12:1c:19:35:ca:cf:0a:f3:10:
fe:4c:40:2c:bc:60:47:b2:c7:b2:a8:59:66:cc:22:fd:17:c9:
25:83:17:b6:90:3a:5b:d3:6e:d3:e1:a2:73:2b:7d:64:4b:32:
10:0a:db:a4:26:fc:13:53:fa:f3:71:ea:48:6e:df:46:1e:68:
55:7d:65:46:c0:54:fb:7d:d8:16:12:5c:82:e0:5e:8e:8c:4f:
10:82:c7:f0:22:93:7b:af:a2:c1:02:35:83:83:21:85:c5:72:
d6:ac:28:9c:49:52:97:b8:08:ee:e6:bb:ce:62:d0:59:41:0e:
c8:a2:86:e8:87:a5:94:2b:7f:15:bd:82:85:44:39:5d:6a:0f:
25:b6:15:9d:aa:e9:0d:a9:80:e8:03:76:7f:1b:fd:0c:cf:b1:
62:d7:28:d4:cc:39:ba:a3:95:d6:6c:4d:4d:86:3d:ab:2c:49:
18:f0:1b:d4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQDe/jqA8Iz6zmSu+t2sOV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2MyZjdkNzkwYTgzMDBhN2RkMzUxOWUwZmI4ODdmYTRk
ZTAyNjAwHhcNMjQxMjI2MTUwMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWVhZGE1MWMxNmY5OWM4NTM3YTZkMWM2OTI5OTc5OTg1ZTJiNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLQfVkMALX//uNLMbDzy0KZ91MdU
Il5DYz1KAWz0uWuAjU66oGj23EC/fP0+nNlFwgzzS1Jf8cUTxBTqiWBzU3+sfeVJ
MINv7SmRKZMFlxyIRkEs4oaZpZN6sV5IyNnlmhWz433pCIoIA9stJtL/ZOGnLysd
CWa6Iu627EUUKhrAgccIysxRFCwTVPUMAd1PSe6QnnO8NdMQ6BUzsGVsO877wQUH
E91arcNB+oqyCzRSNKT+fyNiwPl7MdBuH55W1zomzulucZmwaIAsD5Mv6VLI9xll
eM1X8q04GO1Ag6ilI60fFABMjRQRKW7lF3vqIZM78p5xrni1uuKACgi8NQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC7q2lHBb5nIU3ptHGkpl5mF4rWDMB8GA1UdIwQY
MBaAFF3ML315CoMAp901GeD7iH+k3gJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEt
YmY3MTQ0OWQ5N2RkLzEvTHVyYVVjRnZtY2hUZW0wY2FTbVhtWVhpdFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEtYmY3MTQ0OWQ5N2Rk
LzEvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuaZIAwQA
wSWGAwQAwSWbAwQAwSXgAwQAwSXlAwQAwvchMA0GCSqGSIb3DQEBCwUAA4IBAQBZ
qEkbwSa8u+S+QVltDtDH7Wl+D2ReQIxi/3Qt/wHJO6L3KtyMcGe+4L1+9OPtbpcP
fg99zBDnp2juTeFucPTEeSVpFiFXH1Az9uAb3Wr6CC8SHBk1ys8K8xD+TEAsvGBH
sseyqFlmzCL9F8klgxe2kDpb027T4aJzK31kSzIQCtukJvwTU/rzcepIbt9GHmhV
fWVGwFT7fdgWElyC4F6OjE8QgsfwIpN7r6LBAjWDgyGFxXLWrCicSVKXuAju5rvO
YtBZQQ7Iooboh6WUK38VvYKFRDldag8lthWdqukNqYDoA3Z/G/0Mz7Fi1yjUzDm6
o5XWbE1Nhj2rLEkY8BvU
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:38:02 2025 by rpki-client