Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/lALHPuhMP7UOIFJxvSbYZBdxKSs.roa
File: lALHPuhMP7UOIFJxvSbYZBdxKSs.roa (raw, json)
Hash identifier: p8asSSmrR/lnMnv93DJiN56wV05P89KGW5/YvQHI54M=
Subject key identifier: 94:02:C7:3E:E8:4C:3F:B5:0E:20:52:71:BD:26:D8:64:17:71:29:2B
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 01928AB50503BCE84261EE3F734DC772E1BD
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/lALHPuhMP7UOIFJxvSbYZBdxKSs.roa
Signing time: Mon 14 Oct 2024 11:06:11 +0000
ROA not before: Mon 14 Oct 2024 11:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58327
IP address blocks: 5.252.252.0/22 maxlen: 24
176.120.168.0/21 maxlen: 24
185.74.193.0/24 maxlen: 24
185.74.194.0/23 maxlen: 24
185.194.25.0/24 maxlen: 24
185.221.191.0/24 maxlen: 24
185.224.93.0/24 maxlen: 24
185.224.94.0/23 maxlen: 24
185.226.228.0/24 maxlen: 24
185.239.4.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
193.242.188.0/23 maxlen: 24
2a09:4e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 27 Dec 2024 10:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:b5:05:03:bc:e8:42:61:ee:3f:73:4d:c7:72:e1:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Oct 14 11:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9402c73ee84c3fb50e205271bd26d8641771292b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:31:34:30:c6:d0:a6:35:d4:82:4d:2d:fb:45:
97:85:7e:65:8d:bf:5e:01:e9:8b:df:7f:7a:3d:72:
bc:ba:9a:be:00:65:4f:43:6c:98:a2:dc:e3:54:2e:
d8:1c:74:96:92:ae:a4:3f:46:0f:71:a3:bd:c2:f0:
b6:39:ca:72:49:6e:5a:02:22:f5:21:db:31:7d:de:
93:15:09:9f:a4:0a:9f:db:b8:d7:05:3a:d9:f0:69:
af:0c:1f:f4:9c:03:a6:47:e6:24:ba:2e:3d:d2:4c:
b5:6c:19:38:f8:90:79:29:f4:e3:99:ef:9e:30:cf:
ca:60:d3:85:07:cd:d4:e8:d1:70:58:7a:94:a9:ca:
7b:90:54:35:17:46:07:08:0f:02:15:d1:1a:7e:8c:
1b:9b:ff:77:f4:cf:ef:a0:9f:fb:e0:db:2f:a9:aa:
ad:df:e7:76:66:3d:71:d7:de:51:31:6c:4d:d4:80:
c0:94:48:e6:6a:74:1c:7a:7d:27:d9:11:51:44:22:
cf:63:5f:e8:f5:61:7e:ea:53:cc:67:96:04:0a:2a:
4b:31:bd:f5:78:09:2c:46:f2:70:a6:db:c6:20:09:
12:06:5f:ec:b4:5e:cb:22:79:ee:25:1e:0d:47:0f:
c0:60:df:49:97:6d:8c:a0:bf:a8:ac:81:79:7e:d9:
eb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:02:C7:3E:E8:4C:3F:B5:0E:20:52:71:BD:26:D8:64:17:71:29:2B
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/lALHPuhMP7UOIFJxvSbYZBdxKSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
176.120.168.0/21
185.74.193.0-185.74.195.255
185.194.25.0/24
185.221.191.0/24
185.224.93.0-185.224.95.255
185.226.228.0/24
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
IPv6:
2a09:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
04:a2:07:fe:36:b4:bd:28:d3:43:86:52:f4:29:ca:1e:24:dc:
43:99:2d:f5:80:c8:7d:96:12:df:83:ca:e6:6e:a6:26:6a:ec:
59:48:1e:60:58:a2:d1:76:4b:68:03:85:13:83:7b:3c:1e:bd:
cb:14:25:15:6a:d9:3b:c7:60:fc:3f:91:ec:b7:8a:ca:7d:0e:
e5:7a:15:2f:22:0d:15:e5:5b:56:22:96:09:b8:29:66:ab:4f:
a1:02:c3:36:80:6d:51:b2:86:6e:fb:30:6f:9f:4b:30:b9:a8:
dd:f4:63:93:2d:a5:90:10:1c:e6:2d:f2:83:cf:e3:23:4b:94:
de:93:b8:08:bd:3e:34:b4:c0:cf:d7:c7:af:10:c6:29:06:18:
29:7e:06:ea:0d:c8:0d:9b:8f:12:1f:40:19:46:cd:b6:79:0c:
02:d9:5d:64:d0:10:d0:1e:8e:ee:fd:7f:98:e1:dd:5c:e1:70:
e8:7a:7a:23:1e:b2:14:b3:38:aa:3e:df:be:f5:ab:e4:a4:79:
21:86:0d:f8:e0:c0:0e:46:04:20:f7:e0:57:0d:71:24:90:75:
c0:ee:ca:1e:ca:37:32:a4:b7:f2:3c:9c:31:70:bc:80:c4:a1:
b0:d9:50:3e:e0:9a:fd:95:43:80:90:11:b1:e2:49:39:4b:66:
f9:63:5d:83
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZKKtQUDvOhCYe4/c03HcuG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjQxMDE0MTEwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDAyYzczZWU4NGMzZmI1MGUyMDUyNzFiZDI2ZDg2NDE3NzEyOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijE0MMbQpjXUgk0t+0WXhX5ljb9e
AemL3396PXK8upq+AGVPQ2yYotzjVC7YHHSWkq6kP0YPcaO9wvC2OcpySW5aAiL1
Idsxfd6TFQmfpAqf27jXBTrZ8GmvDB/0nAOmR+Ykui490ky1bBk4+JB5KfTjme+e
MM/KYNOFB83U6NFwWHqUqcp7kFQ1F0YHCA8CFdEafowbm/939M/voJ/74Nsvqaqt
3+d2Zj1x195RMWxN1IDAlEjmanQcen0n2RFRRCLPY1/o9WF+6lPMZ5YECipLMb31
eAksRvJwptvGIAkSBl/stF7LInnuJR4NRw/AYN9Jl22MoL+orIF5ftnrYQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFJQCxz7oTD+1DiBScb0m2GQXcSkrMB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvbEFMSFB1aE1QN1VPSUZKeHZTYllaQmR4S1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQCBfz8AwQD
sHioMAwDBAC5SsEDBAK5SsADBAC5whkDBAC53b8wDAMEALngXQMEBbngQAMEALni
5AMEArnvBAMEAbzUIAMEAcHyvDANBAIAAjAHAwUDKglOQDANBgkqhkiG9w0BAQsF
AAOCAQEABKIH/ja0vSjTQ4ZS9CnKHiTcQ5kt9YDIfZYS34PK5m6mJmrsWUgeYFii
0XZLaAOFE4N7PB69yxQlFWrZO8dg/D+R7LeKyn0O5XoVLyINFeVbViKWCbgpZqtP
oQLDNoBtUbKGbvswb59LMLmo3fRjky2lkBAc5i3yg8/jI0uU3pO4CL0+NLTAz9fH
rxDGKQYYKX4G6g3IDZuPEh9AGUbNtnkMAtldZNAQ0B6O7v1/mOHdXOFw6Hp6Ix6y
FLM4qj7fvvWr5KR5IYYN+ODADkYEIPfgVw1xJJB1wO7KHso3MqS38jycMXC8gMSh
sNlQPuCa/ZVDgJARseJJOUtm+WNdgw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:01 2025 by rpki-client