Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LsZLzqbWMg4wFEo5OndWT2BFfqY.roa
File: LsZLzqbWMg4wFEo5OndWT2BFfqY.roa (raw, json)
Hash identifier: +CdKt+WRPUY2nlvAR4lcWQbkBnIlPWcpgRrwHPvgGOM=
Subject key identifier: 2E:C6:4B:CE:A6:D6:32:0E:30:14:4A:39:3A:77:56:4F:60:45:7E:A6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193D4413342C3576CA963721B5960AC1426
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LsZLzqbWMg4wFEo5OndWT2BFfqY.roa
Signing time: Tue 17 Dec 2024 10:54:22 +0000
ROA not before: Tue 17 Dec 2024 10:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 5.252.132.0/22 maxlen: 24
85.217.166.0/24 maxlen: 24
85.217.167.0/24 maxlen: 24
85.217.180.0/24 maxlen: 24
85.217.181.0/24 maxlen: 24
85.217.182.0/24 maxlen: 24
85.217.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:41:33:42:c3:57:6c:a9:63:72:1b:59:60:ac:14:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 17 10:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ec64bcea6d6320e30144a393a77564f60457ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:97:06:aa:8a:b8:fe:2c:e0:12:d9:f9:5f:15:
81:27:c5:0e:16:5b:62:ba:64:53:3f:e3:e6:36:9f:
4a:e6:2a:94:f5:b1:b2:a4:2b:94:d2:02:1f:bb:b2:
5b:42:8c:76:7f:19:05:b6:ab:38:c1:d9:c4:22:7b:
56:8a:f2:11:bc:06:b3:f6:16:40:53:28:55:71:0a:
ad:a6:6e:da:8e:67:65:45:27:64:3a:f4:ac:1e:39:
bb:55:5a:7f:fd:31:d4:97:4f:4d:1f:b3:4e:1e:1c:
56:7d:6a:77:0c:8e:ef:c3:a5:69:a4:1e:ef:0d:3c:
fe:a3:b6:e9:48:27:9b:04:3c:50:dc:ff:7d:a7:7e:
02:57:00:ed:fa:17:76:eb:ad:71:b9:cb:4e:22:e9:
8c:50:03:e4:ef:e6:82:1a:56:dc:ee:d7:a2:ce:d5:
c2:f4:fd:67:f3:1c:1b:87:3f:f4:74:17:27:7b:65:
da:93:8a:0e:c0:de:02:a6:50:3f:26:b4:1c:b6:59:
1d:4a:34:e4:04:a7:10:c9:33:4c:2d:56:fd:fa:56:
f2:06:df:bf:b7:95:f1:c9:90:e3:ff:16:05:f8:56:
07:5f:af:a2:c8:91:6a:13:84:55:d6:5f:8c:5d:4e:
26:f5:d0:5c:12:ff:71:5c:ee:47:ed:ab:f1:0f:6e:
cf:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C6:4B:CE:A6:D6:32:0E:30:14:4A:39:3A:77:56:4F:60:45:7E:A6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LsZLzqbWMg4wFEo5OndWT2BFfqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
85.217.166.0/23
85.217.180.0/22
Signature Algorithm: sha256WithRSAEncryption
04:0f:f4:29:6f:5e:45:54:23:6f:30:8e:bd:10:45:db:68:93:
28:f2:3d:99:8a:8b:03:74:f2:f3:d2:34:56:36:3a:16:12:04:
da:89:94:c7:c1:84:2f:0d:97:ff:77:51:95:92:d1:67:83:71:
35:f0:00:68:5b:ac:2c:7d:0f:ee:43:c8:7b:07:fa:0e:6a:20:
2b:6f:b3:4e:dd:4d:a6:b4:38:64:99:82:c3:9c:1d:55:56:fa:
4c:30:56:56:ca:d2:ab:da:84:fb:92:80:49:49:d6:97:13:ba:
ff:9e:85:69:e1:a6:a0:35:32:e2:51:7e:2e:dd:d6:51:a3:b5:
9f:4b:d8:65:f7:e4:7e:79:1e:cd:19:34:1c:ac:59:20:e2:c0:
e0:6a:b6:fb:5d:5f:c1:d3:c1:a2:d2:61:f1:58:ff:fa:c0:20:
31:84:5d:6a:5f:ba:19:89:72:73:a4:bb:ac:25:1a:73:f2:db:
3e:91:e4:4d:a6:d8:9f:da:e8:9c:3d:37:00:12:2f:40:2d:bb:
ea:97:79:56:e5:5c:ca:79:0f:8f:8a:81:91:62:b6:84:f4:59:
22:ce:f0:cf:0a:76:f1:ef:d6:9c:dd:84:bc:da:69:4e:9d:fa:
0d:ec:08:5c:75:4d:a9:16:66:36:7c:f4:05:1a:ae:51:4a:51:
42:87:55:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPUQTNCw1dsqWNyG1lgrBQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjE3MTA1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM2NGJjZWE2ZDYzMjBlMzAxNDRhMzkzYTc3NTY0ZjYwNDU3ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZcGqoq4/izgEtn5XxWBJ8UOFlti
umRTP+PmNp9K5iqU9bGypCuU0gIfu7JbQox2fxkFtqs4wdnEIntWivIRvAaz9hZA
UyhVcQqtpm7ajmdlRSdkOvSsHjm7VVp//THUl09NH7NOHhxWfWp3DI7vw6VppB7v
DTz+o7bpSCebBDxQ3P99p34CVwDt+hd2661xuctOIumMUAPk7+aCGlbc7teiztXC
9P1n8xwbhz/0dBcne2Xak4oOwN4CplA/JrQctlkdSjTkBKcQyTNMLVb9+lbyBt+/
t5XxyZDj/xYF+FYHX6+iyJFqE4RV1l+MXU4m9dBcEv9xXO5H7avxD27PGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC7GS86m1jIOMBRKOTp3Vk9gRX6mMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTHNaTHpxYldNZzR3RkVvNU9uZFdUMkJGZnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBfyEAwQB
VdmmAwQCVdm0MA0GCSqGSIb3DQEBCwUAA4IBAQAED/Qpb15FVCNvMI69EEXbaJMo
8j2ZiosDdPLz0jRWNjoWEgTaiZTHwYQvDZf/d1GVktFng3E18ABoW6wsfQ/uQ8h7
B/oOaiArb7NO3U2mtDhkmYLDnB1VVvpMMFZWytKr2oT7koBJSdaXE7r/noVp4aag
NTLiUX4u3dZRo7WfS9hl9+R+eR7NGTQcrFkg4sDgarb7XV/B08Gi0mHxWP/6wCAx
hF1qX7oZiXJzpLusJRpz8ts+keRNptif2uicPTcAEi9ALbvql3lW5VzKeQ+PioGR
YraE9FkizvDPCnbx79ac3YS82mlOnfoN7AhcdU2pFmY2fPQFGq5RSlFCh1UV
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:22:40 2025 by rpki-client