Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/LeBb7X0lY1YSJcCwODNbMgkDLq0.roa
File: LeBb7X0lY1YSJcCwODNbMgkDLq0.roa (raw, json)
Hash identifier: TOUBvOfyPg3Y3V8IbtaymRIEi4yzxqwcJiTZOXFK5ZI=
Subject key identifier: 2D:E0:5B:ED:7D:25:63:56:12:25:C0:B0:38:33:5B:32:09:03:2E:AD
Certificate issuer: /CN=37ceaa626cbd89052f3545335dfdb31a13383004
Certificate serial: 018CC500543FF7458FBB37B7B33590F1F647
Authority key identifier: 37:CE:AA:62:6C:BD:89:05:2F:35:45:33:5D:FD:B3:1A:13:38:30:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N86qYmy9iQUvNUUzXf2zGhM4MAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/LeBb7X0lY1YSJcCwODNbMgkDLq0.roa
Signing time: Mon 01 Jan 2024 12:29:42 +0000
ROA not before: Mon 01 Jan 2024 12:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204444
IP address blocks: 194.76.44.0/24 maxlen: 24
194.76.41.0/24 maxlen: 24
194.76.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:54:3f:f7:45:8f:bb:37:b7:b3:35:90:f1:f6:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ceaa626cbd89052f3545335dfdb31a13383004
Validity
Not Before: Jan 1 12:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2de05bed7d2563561225c0b038335b3209032ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:64:5d:20:b7:50:cf:7a:30:a5:e8:e3:78:1d:
f4:43:35:7a:cc:b8:e4:df:e0:51:38:75:fd:16:20:
b8:87:98:57:c6:e9:ee:15:93:2a:44:1f:b7:83:72:
9a:5e:e4:88:b2:9f:db:b1:a8:25:63:b6:bd:c6:24:
53:8f:12:7c:ad:bf:71:76:43:ca:bb:95:66:56:4a:
cb:21:3b:e8:6d:f3:ac:12:a4:92:79:03:19:a3:5d:
a1:53:0c:a3:6d:01:39:2f:fc:60:ba:c5:26:dd:82:
ff:d0:d3:14:32:db:d7:ea:66:f3:0d:69:26:e2:cc:
10:d2:90:6d:a3:13:73:cf:ba:1a:ff:f6:bb:60:1a:
95:67:e7:51:77:54:77:90:dd:ce:0a:5c:ea:7c:3b:
20:d2:eb:c8:09:20:34:06:4e:7d:55:64:94:f6:69:
20:89:9a:01:52:6a:73:ff:68:68:3a:06:7e:97:02:
7c:0f:6a:73:28:48:f9:52:42:c3:b3:88:d4:14:68:
69:38:3a:1c:10:39:ea:00:57:8e:e1:3d:69:7d:75:
dd:ed:33:db:8b:41:10:c2:2f:7e:ff:9c:20:96:93:
65:6b:d6:33:91:ed:9f:5d:15:d7:f1:6d:c9:9a:d8:
a2:9a:01:9c:36:cd:a3:f0:58:f3:12:9d:ab:13:7d:
62:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E0:5B:ED:7D:25:63:56:12:25:C0:B0:38:33:5B:32:09:03:2E:AD
X509v3 Authority Key Identifier:
keyid:37:CE:AA:62:6C:BD:89:05:2F:35:45:33:5D:FD:B3:1A:13:38:30:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N86qYmy9iQUvNUUzXf2zGhM4MAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/LeBb7X0lY1YSJcCwODNbMgkDLq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/N86qYmy9iQUvNUUzXf2zGhM4MAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.41.0/24
194.76.44.0/24
194.76.53.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:26:95:8e:00:63:e8:91:6f:ea:d8:fb:6c:5f:0a:28:3a:62:
da:e3:cb:46:a5:cb:62:5e:b9:bb:b1:70:96:a2:06:c0:64:50:
48:bf:d0:0f:44:fa:5f:54:7a:35:d2:f8:1a:a5:f5:1b:2d:9b:
42:2a:49:fa:64:ec:64:bf:49:cc:12:5a:5d:9f:4b:10:01:bd:
ee:52:d0:05:e1:ad:33:6c:3f:b7:24:48:84:f0:7e:96:25:68:
c1:04:8b:7b:38:3d:e5:cf:7f:3d:b2:7d:02:a3:2e:7a:09:9f:
ee:0f:0a:5e:a9:c7:ca:ca:cb:3e:ff:8a:f4:72:0f:6f:27:d7:
f7:1a:ca:b7:e3:1a:c1:63:9b:32:9c:e6:a6:5f:1c:21:b4:4f:
c3:9d:18:dc:a4:00:ec:0e:04:f8:e0:11:5a:0c:ee:2b:67:cf:
2f:2c:93:96:b9:23:36:f0:b1:ac:5e:58:f2:e6:c7:d0:11:39:
63:83:4e:1e:93:ef:8d:10:d9:51:7c:96:d6:9b:9e:ba:90:e0:
88:81:13:dc:4a:16:ad:f3:b7:f6:aa:79:e5:1b:ef:9d:13:15:
01:85:50:a6:61:2e:ed:f5:5b:03:82:8b:92:66:60:20:d8:e2:
6c:1b:17:b2:4c:e1:f0:b8:ae:6f:9e:90:1c:1d:d6:51:35:8b:
90:fe:9f:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAFQ/90WPuze3szWQ8fZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Y2VhYTYyNmNiZDg5MDUyZjM1NDUzMzVkZmRiMzFhMTMz
ODMwMDQwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGUwNWJlZDdkMjU2MzU2MTIyNWMwYjAzODMzNWIzMjA5MDMyZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmRdILdQz3owpejjeB30QzV6zLjk
3+BROHX9FiC4h5hXxunuFZMqRB+3g3KaXuSIsp/bsaglY7a9xiRTjxJ8rb9xdkPK
u5VmVkrLITvobfOsEqSSeQMZo12hUwyjbQE5L/xgusUm3YL/0NMUMtvX6mbzDWkm
4swQ0pBtoxNzz7oa//a7YBqVZ+dRd1R3kN3OClzqfDsg0uvICSA0Bk59VWSU9mkg
iZoBUmpz/2hoOgZ+lwJ8D2pzKEj5UkLDs4jUFGhpODocEDnqAFeO4T1pfXXd7TPb
i0EQwi9+/5wglpNla9Yzke2fXRXX8W3JmtiimgGcNs2j8FjzEp2rE31iNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC3gW+19JWNWEiXAsDgzWzIJAy6tMB8GA1UdIwQY
MBaAFDfOqmJsvYkFLzVFM139sxoTODAEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjg2cVlteTlpUVV2TlVVelhmMnpHaE00TUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hZDg5OTQtNTFmMS00YjY1LWFjYTAt
ZTE1YThiNzBlOGQyLzEvTGVCYjdYMGxZMVlTSmNDd09ETmJNZ2tETHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hZDg5OTQtNTFmMS00YjY1LWFjYTAtZTE1YThiNzBlOGQy
LzEvTjg2cVlteTlpUVV2TlVVelhmMnpHaE00TUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwkwpAwQA
wkwsAwQAwkw1MA0GCSqGSIb3DQEBCwUAA4IBAQBNJpWOAGPokW/q2PtsXwooOmLa
48tGpctiXrm7sXCWogbAZFBIv9APRPpfVHo10vgapfUbLZtCKkn6ZOxkv0nMElpd
n0sQAb3uUtAF4a0zbD+3JEiE8H6WJWjBBIt7OD3lz389sn0Coy56CZ/uDwpeqcfK
yss+/4r0cg9vJ9f3Gsq34xrBY5synOamXxwhtE/DnRjcpADsDgT44BFaDO4rZ88v
LJOWuSM28LGsXljy5sfQETljg04ek++NENlRfJbWm566kOCIgRPcShat87f2qnnl
G++dExUBhVCmYS7t9VsDgouSZmAg2OJsGxeyTOHwuK5vnpAcHdZRNYuQ/p/a
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:36 2025 by rpki-client