Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LLfDR285oRYL7GibicyUzEg18GE.roa
File: LLfDR285oRYL7GibicyUzEg18GE.roa (raw, json)
Hash identifier: haehdmhWdvAZFlb7ainPegpGH5HQy6lokfKQSrR0oqo=
Subject key identifier: 2C:B7:C3:47:6F:39:A1:16:0B:EC:68:9B:89:CC:94:CC:48:35:F0:61
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0193FEA7A1F1A03A441DE240F294E6BF6F2B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LLfDR285oRYL7GibicyUzEg18GE.roa
Signing time: Wed 25 Dec 2024 16:30:19 +0000
ROA not before: Wed 25 Dec 2024 16:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.86.16.0/21 maxlen: 21
89.39.242.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fe:a7:a1:f1:a0:3a:44:1d:e2:40:f2:94:e6:bf:6f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 25 16:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cb7c3476f39a1160bec689b89cc94cc4835f061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:02:d0:3b:cc:e3:bb:62:07:33:58:3b:f9:b6:
86:a2:37:9b:1f:b6:41:56:5e:97:25:f5:00:99:4c:
6f:57:31:2c:2a:5c:6b:a8:52:d4:55:98:7a:4b:6b:
66:c8:af:f8:4e:ee:ea:40:3b:bb:08:7f:31:b4:db:
f8:e3:fe:c7:d4:3b:00:3e:e4:80:c8:5b:7d:67:a9:
0d:5c:77:14:c9:9f:37:cc:75:6a:9f:c2:db:f6:99:
97:b2:4e:26:e3:32:8c:08:4c:ef:e2:1f:d2:8f:e6:
cd:5d:87:d0:46:2a:bf:7b:6b:9a:a1:ff:5a:ec:2e:
57:eb:34:84:db:f5:ab:17:06:f7:0e:96:08:69:26:
89:f7:6b:54:37:e3:24:9c:4d:0c:95:60:de:05:74:
ee:0d:88:81:b5:18:fe:4c:a0:e1:b2:d2:e0:53:7e:
6e:8f:37:27:3d:ce:d9:5d:dc:dc:62:a5:23:38:29:
5f:57:86:ec:25:4c:9c:18:b8:6b:96:e5:fd:c7:45:
96:94:49:ae:67:77:fb:2e:45:63:a7:bb:17:d0:bf:
92:86:80:23:d3:6e:7f:73:21:e4:6a:22:1f:56:f7:
5b:9f:c1:4d:03:25:c5:db:1e:85:4d:f3:a7:dc:fa:
4e:e2:9a:96:2a:41:cd:f8:f3:a0:4a:49:c2:ba:4e:
01:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:B7:C3:47:6F:39:A1:16:0B:EC:68:9B:89:CC:94:CC:48:35:F0:61
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LLfDR285oRYL7GibicyUzEg18GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
5.182.28.0/22
45.86.16.0/21
89.39.242.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.180.145.0/24
185.212.11.0/24
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.112.0/24
195.138.116.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
88:5d:a2:59:6b:c2:69:45:56:2d:88:19:72:75:ec:b4:f5:be:
a6:11:47:db:40:72:2e:b8:ed:56:b6:8c:c8:50:6b:cf:b1:d2:
90:c7:c0:a1:94:2d:c8:9b:e8:65:79:81:02:3b:6e:56:0c:03:
cc:60:8d:72:ea:b4:6d:54:86:c0:50:96:9a:d3:e1:b6:ea:e9:
b2:39:ea:3c:af:db:45:50:18:ac:52:ff:c9:2d:4a:3f:62:75:
ef:2e:42:ee:94:fd:4e:ab:78:da:2f:33:de:1e:d8:ed:27:af:
a6:84:c9:8d:d2:e4:41:45:de:b3:13:da:42:30:00:8d:87:a5:
5c:b9:03:c2:a4:db:e5:38:9b:3d:07:60:aa:9b:2a:72:92:e2:
28:61:78:cc:a4:15:8d:ea:60:4d:56:9b:56:50:91:a8:61:63:
9a:5f:aa:26:bf:39:e0:99:f1:f0:ce:e2:59:ca:68:c5:bc:28:
f4:c7:fe:ef:af:9c:b8:5c:e4:a7:bd:ed:62:99:74:9a:90:f2:
61:c4:d4:35:ad:2f:53:c0:57:87:d3:5d:d1:1a:5a:95:6c:44:
90:ce:ce:61:6e:c8:e0:af:86:76:7c:b2:e5:6d:76:36:21:20:
ca:48:e4:74:b0:ae:18:b1:da:9b:92:e8:f6:3b:b3:a6:a5:c7:
49:d2:31:89
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZP+p6HxoDpEHeJA8pTmv28rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQxMjI1MTYzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2I3YzM0NzZmMzlhMTE2MGJlYzY4OWI4OWNjOTRjYzQ4MzVmMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvALQO8zju2IHM1g7+baGojebH7ZB
Vl6XJfUAmUxvVzEsKlxrqFLUVZh6S2tmyK/4Tu7qQDu7CH8xtNv44/7H1DsAPuSA
yFt9Z6kNXHcUyZ83zHVqn8Lb9pmXsk4m4zKMCEzv4h/Sj+bNXYfQRiq/e2uaof9a
7C5X6zSE2/WrFwb3DpYIaSaJ92tUN+MknE0MlWDeBXTuDYiBtRj+TKDhstLgU35u
jzcnPc7ZXdzcYqUjOClfV4bsJUycGLhrluX9x0WWlEmuZ3f7LkVjp7sX0L+ShoAj
025/cyHkaiIfVvdbn8FNAyXF2x6FTfOn3PpO4pqWKkHN+POgSknCuk4B9QIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFCy3w0dvOaEWC+xom4nMlMxINfBhMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTExmRFIyODVvUllMN0dpYmljeVV6RWcxOEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAIF
tAQDBAIFthwDBAMtVhADBABZJ/IDBAJb8kgDBAFb8l4DBABb8mcDBABe58YDBACw
ft8DBAKyr7ADBAC5KGkDBAC5tJEDBAC51AsDBAHCMs4wDAMEAMOKZwMEAMOKbAME
AMOKcAMEAMOKdAMEAMOKeDAMAwQBw4p6AwQHw4oAAwQCw9icMA0GCSqGSIb3DQEB
CwUAA4IBAQCIXaJZa8JpRVYtiBlydey09b6mEUfbQHIuuO1WtozIUGvPsdKQx8Ch
lC3Im+hleYECO25WDAPMYI1y6rRtVIbAUJaa0+G26umyOeo8r9tFUBisUv/JLUo/
YnXvLkLulP1Oq3jaLzPeHtjtJ6+mhMmN0uRBRd6zE9pCMACNh6VcuQPCpNvlOJs9
B2CqmypykuIoYXjMpBWN6mBNVptWUJGoYWOaX6omvzngmfHwzuJZymjFvCj0x/7v
r5y4XOSnve1imXSakPJhxNQ1rS9TwFeH013RGlqVbESQzs5hbsjgr4Z2fLLlbXY2
ISDKSOR0sK4Ysdqbkuj2O7OmpcdJ0jGJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:09:26 2025 by rpki-client