Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/LfHAz5W0w5O9rpEF6k7e9aOV158.roa
File: LfHAz5W0w5O9rpEF6k7e9aOV158.roa (raw, json)
Hash identifier: A8y6zPDXcplC/OwgCr3mGGb6KbeOh8kBU9Pijaf2bIo=
Subject key identifier: 2D:F1:C0:CF:95:B4:C3:93:BD:AE:91:05:EA:4E:DE:F5:A3:95:D7:9F
Certificate issuer: /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial: 0192BD2B2FA2E46CC77D5F4F82DB5AB25536
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/LfHAz5W0w5O9rpEF6k7e9aOV158.roa
Signing time: Thu 24 Oct 2024 06:16:16 +0000
ROA not before: Thu 24 Oct 2024 06:16:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215597
IP address blocks: 82.199.222.0/24 maxlen: 24
82.199.223.0/24 maxlen: 24
185.95.206.0/24 maxlen: 24
185.95.207.0/24 maxlen: 24
212.95.142.0/24 maxlen: 24
212.95.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Oct 2024 12:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:2b:2f:a2:e4:6c:c7:7d:5f:4f:82:db:5a:b2:55:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Validity
Not Before: Oct 24 06:16:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2df1c0cf95b4c393bdae9105ea4edef5a395d79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:72:ee:52:e8:f6:6b:75:c4:c3:b3:fc:37:69:
39:ee:77:cc:f4:c1:ec:9c:92:cd:7d:35:65:aa:5b:
d3:48:f0:2d:af:41:4f:47:36:9e:5f:e0:ec:4e:ea:
3d:82:b7:d3:35:63:d4:11:94:ff:78:32:cb:8b:73:
ec:af:90:68:b6:a0:27:12:a0:96:45:8b:8c:f1:32:
33:b4:a9:cf:60:93:83:9f:a8:56:58:8a:09:2f:bd:
a9:31:e4:a7:d2:a8:e6:aa:83:d4:4c:2c:98:35:cd:
67:d3:58:04:da:5a:52:0b:c9:3f:1d:f2:ed:f2:d5:
2f:b6:3f:9e:51:16:f4:65:ef:42:77:e9:c4:d6:bc:
65:5f:19:5e:24:19:4e:a5:53:7b:83:61:e4:a0:e2:
0c:fc:97:22:dd:d6:19:23:e8:4e:e1:18:94:41:02:
ac:f2:74:96:ba:62:5a:04:1f:61:9b:f1:de:49:a3:
d8:eb:dc:63:b4:e1:c3:be:22:3c:6f:b5:88:67:8b:
91:91:ff:39:8b:a0:7d:6e:e6:5f:1b:ec:97:de:09:
df:f8:8b:7f:92:90:ab:06:28:14:ba:85:da:6f:90:
ff:03:d0:a5:f1:80:ab:95:fa:ac:21:99:92:61:d6:
7e:fd:7f:72:78:95:ea:c2:2b:6b:01:c5:2a:96:f1:
71:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F1:C0:CF:95:B4:C3:93:BD:AE:91:05:EA:4E:DE:F5:A3:95:D7:9F
X509v3 Authority Key Identifier:
keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/LfHAz5W0w5O9rpEF6k7e9aOV158.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.199.222.0/23
185.95.206.0/23
212.95.142.0/24
212.95.148.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:27:08:bd:24:35:30:7a:07:c4:bb:e3:07:9a:18:9e:8a:8f:
92:5b:73:02:a8:c5:36:a0:3e:9a:88:c3:36:62:23:28:40:ec:
f6:67:b8:f1:dc:8b:8c:38:8a:99:55:5c:1c:0a:a6:c3:a7:62:
9f:c2:c1:cf:27:47:81:53:6a:a2:90:8b:36:06:6f:c9:db:c2:
57:5e:6e:0d:13:6c:92:f1:89:c1:28:a2:a6:2c:58:e7:f4:39:
8d:93:b9:88:cd:c0:4e:76:c0:47:52:21:e9:32:de:ba:70:dc:
a1:77:3e:f0:da:08:be:d4:96:8f:fb:09:71:c2:9f:15:f5:29:
3e:de:77:4e:00:aa:2d:fd:aa:4f:b5:09:3d:61:83:81:77:6a:
1e:8a:c8:dc:9e:23:cc:bf:88:aa:1d:17:58:35:3e:04:1d:8c:
63:c8:be:52:4a:4f:ce:d1:09:7b:09:9f:98:37:4c:e0:9a:80:
47:17:4e:86:e7:6d:d9:40:f7:25:8c:ee:e1:77:b7:c3:c4:70:
da:88:59:70:b8:dc:15:e5:7e:a4:b0:51:a2:4b:35:8d:95:76:
28:7b:cf:6c:48:19:14:61:0a:3a:8b:e0:c0:27:ae:11:3f:50:
6a:ed:23:9d:f6:14:d8:c7:e1:12:aa:23:2d:d8:a8:c1:b3:a9:
69:7a:d5:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZK9Ky+i5GzHfV9PgttaslU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEz
MzhmZmUwHhcNMjQxMDI0MDYxNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGYxYzBjZjk1YjRjMzkzYmRhZTkxMDVlYTRlZGVmNWEzOTVkNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHLuUuj2a3XEw7P8N2k57nfM9MHs
nJLNfTVlqlvTSPAtr0FPRzaeX+DsTuo9grfTNWPUEZT/eDLLi3Psr5BotqAnEqCW
RYuM8TIztKnPYJODn6hWWIoJL72pMeSn0qjmqoPUTCyYNc1n01gE2lpSC8k/HfLt
8tUvtj+eURb0Ze9Cd+nE1rxlXxleJBlOpVN7g2HkoOIM/Jci3dYZI+hO4RiUQQKs
8nSWumJaBB9hm/HeSaPY69xjtOHDviI8b7WIZ4uRkf85i6B9buZfG+yX3gnf+It/
kpCrBigUuoXab5D/A9Cl8YCrlfqsIZmSYdZ+/X9yeJXqwitrAcUqlvFxdQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC3xwM+VtMOTva6RBepO3vWjldefMB8GA1UdIwQY
MBaAFEndjxpipdf4AhLeDz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2Yt
Y2VlYzQ5MTI0YzBmLzEvTGZIQXo1VzB3NU85cnBFRjZrN2U5YU9WMTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBm
LzEvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUsfeAwQB
uV/OAwQA1F+OAwQA1F+UMA0GCSqGSIb3DQEBCwUAA4IBAQCeJwi9JDUwegfEu+MH
mhieio+SW3MCqMU2oD6aiMM2YiMoQOz2Z7jx3IuMOIqZVVwcCqbDp2KfwsHPJ0eB
U2qikIs2Bm/J28JXXm4NE2yS8YnBKKKmLFjn9DmNk7mIzcBOdsBHUiHpMt66cNyh
dz7w2gi+1JaP+wlxwp8V9Sk+3ndOAKot/apPtQk9YYOBd2oeisjcniPMv4iqHRdY
NT4EHYxjyL5SSk/O0Ql7CZ+YN0zgmoBHF06G523ZQPcljO7hd7fDxHDaiFlwuNwV
5X6ksFGiSzWNlXYoe89sSBkUYQo6i+DAJ64RP1Bq7SOd9hTYx+ESqiMt2KjBs6lp
etWj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:12 2025 by rpki-client