Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/LQ4SKtQkVDoLL6UUGNlC02hIZ_U.roa
File: LQ4SKtQkVDoLL6UUGNlC02hIZ_U.roa (raw, json)
Hash identifier: +gdw83ugUuZHEs0XQ1C+iJES4OdMbrrAqJk7n003+AI=
Subject key identifier: 2D:0E:12:2A:D4:24:54:3A:0B:2F:A5:14:18:D9:42:D3:68:48:67:F5
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 018CCA9925D1BC1E815DE308DA7B236D1D73
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/LQ4SKtQkVDoLL6UUGNlC02hIZ_U.roa
Signing time: Tue 02 Jan 2024 14:34:43 +0000
ROA not before: Tue 02 Jan 2024 14:34:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204873
IP address blocks: 46.238.240.0/21 maxlen: 21
185.174.152.0/23 maxlen: 24
94.101.16.0/20 maxlen: 21
89.191.152.0/23 maxlen: 23
46.238.236.0/22 maxlen: 22
2001:90f::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jul 2024 11:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:25:d1:bc:1e:81:5d:e3:08:da:7b:23:6d:1d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jan 2 14:34:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d0e122ad424543a0b2fa51418d942d3684867f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d8:00:d9:72:d4:3a:3e:0a:2d:41:56:98:24:
9e:f1:24:44:d2:25:35:ca:8a:eb:55:47:e5:fb:f6:
90:12:f5:ce:c7:a2:16:64:86:a4:5c:c7:46:f0:e1:
37:14:48:a6:b5:64:91:55:7a:8e:ac:c3:10:a8:e1:
6f:2e:26:38:16:ba:47:3c:d3:6a:6c:76:1e:16:b2:
78:5c:34:7b:6b:29:65:9b:30:bd:0c:55:4e:bb:0c:
b6:48:b4:18:a5:8e:38:10:88:20:74:4c:f7:48:fc:
02:51:07:fa:2f:f1:54:7a:74:72:4e:75:dc:d2:4d:
2b:14:8e:24:ed:ce:02:d1:fb:88:3e:af:95:5f:ee:
f0:ce:d2:a6:e7:d5:c9:6e:72:44:21:3f:cb:2d:2f:
b2:c1:1e:fa:22:33:1c:2c:ef:37:8f:45:79:83:23:
61:1f:30:88:7c:0b:1a:b8:a9:b1:b5:de:29:a3:1a:
a5:1d:98:ea:73:a9:a3:c7:43:cf:ca:36:59:b7:87:
e4:2e:35:4c:a9:e1:fc:58:59:e7:74:b0:86:15:91:
5d:31:f3:d6:e0:46:25:dc:80:5f:c7:fd:e4:04:94:
3d:b2:2c:3f:1b:c3:e7:7c:49:98:42:b5:64:26:f8:
d2:8d:1a:0c:d9:66:e3:6e:86:d7:23:e4:bb:c1:fa:
da:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:0E:12:2A:D4:24:54:3A:0B:2F:A5:14:18:D9:42:D3:68:48:67:F5
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/LQ4SKtQkVDoLL6UUGNlC02hIZ_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.236.0-46.238.247.255
89.191.152.0/23
94.101.16.0/20
185.174.152.0/23
IPv6:
2001:90f::/32
Signature Algorithm: sha256WithRSAEncryption
ba:c2:93:78:21:9d:48:42:d4:30:86:44:c7:e6:6c:2d:93:de:
56:05:f6:8a:b5:cf:8c:f4:cb:1d:c9:1b:42:a1:c7:e5:31:e2:
31:86:e7:b3:05:ca:a6:59:be:a4:71:2c:e1:92:ac:d0:c8:14:
b0:0d:e1:7f:b8:43:d6:30:e4:28:42:0f:49:f5:a7:18:1f:32:
53:00:7a:d9:d9:61:c3:98:27:27:1d:fa:96:c9:61:e2:60:6d:
94:a5:40:2f:74:55:dc:91:ff:ff:20:88:7d:d5:96:1c:f7:78:
89:1e:e0:bd:7b:e4:c1:da:f5:c3:1c:a4:e7:bb:84:24:25:9c:
0e:08:b4:38:b6:85:99:b8:70:0b:40:5a:25:2e:5e:fa:8e:5f:
16:ad:ac:a2:f2:a3:0d:99:8d:8a:10:99:94:57:45:54:c9:fd:
02:fa:1d:77:a3:31:46:3e:56:32:f2:8c:2c:bc:7b:b8:50:4e:
eb:2c:52:1b:0f:44:dd:9e:04:57:bc:28:21:0b:f8:fa:4c:04:
0e:f7:56:d7:6f:c6:4b:b4:8a:d2:a7:de:70:58:c5:cb:b5:47:
ea:63:3b:96:be:86:cd:b6:03:9b:af:5a:32:1d:35:51:5a:60:
65:66:ce:54:00:52:5a:2b:4e:e4:de:2e:63:ec:37:f8:af:e7:
a2:fc:88:cb
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzKmSXRvB6BXeMI2nsjbR1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjQwMTAyMTQzNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDBlMTIyYWQ0MjQ1NDNhMGIyZmE1MTQxOGQ5NDJkMzY4NDg2N2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstgA2XLUOj4KLUFWmCSe8SRE0iU1
yorrVUfl+/aQEvXOx6IWZIakXMdG8OE3FEimtWSRVXqOrMMQqOFvLiY4FrpHPNNq
bHYeFrJ4XDR7ayllmzC9DFVOuwy2SLQYpY44EIggdEz3SPwCUQf6L/FUenRyTnXc
0k0rFI4k7c4C0fuIPq+VX+7wztKm59XJbnJEIT/LLS+ywR76IjMcLO83j0V5gyNh
HzCIfAsauKmxtd4poxqlHZjqc6mjx0PPyjZZt4fkLjVMqeH8WFnndLCGFZFdMfPW
4EYl3IBfx/3kBJQ9siw/G8PnfEmYQrVkJvjSjRoM2WbjbobXI+S7wfrabQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFC0OEirUJFQ6Cy+lFBjZQtNoSGf1MB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvTFE0U0t0UWtWRG9MTDZVVUdObEMwMmhJWl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAIu7uwD
BAMu7vADBAFZv5gDBAReZRADBAG5rpgwDQQCAAIwBwMFACABCQ8wDQYJKoZIhvcN
AQELBQADggEBALrCk3ghnUhC1DCGRMfmbC2T3lYF9oq1z4z0yx3JG0Khx+Ux4jGG
57MFyqZZvqRxLOGSrNDIFLAN4X+4Q9Yw5ChCD0n1pxgfMlMAetnZYcOYJycd+pbJ
YeJgbZSlQC90VdyR//8giH3Vlhz3eIke4L175MHa9cMcpOe7hCQlnA4ItDi2hZm4
cAtAWiUuXvqOXxatrKLyow2ZjYoQmZRXRVTJ/QL6HXejMUY+VjLyjCy8e7hQTuss
UhsPRN2eBFe8KCEL+PpMBA73Vtdvxku0itKn3nBYxcu1R+pjO5a+hs22A5uvWjId
NVFaYGVmzlQAUlorTuTeLmPsN/iv56L8iMs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:00:11 2025 by rpki-client