Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/lMIguu9s9xj4LuB9_f8HKYOy050.roa
File: lMIguu9s9xj4LuB9_f8HKYOy050.roa (raw, json)
Hash identifier: L1rNIo4a0zN7xntNzOSFFGaf972VFxPc6g0sFLD0fuA=
Subject key identifier: 94:C2:20:BA:EF:6C:F7:18:F8:2E:E0:7D:FD:FF:07:29:83:B2:D3:9D
Certificate issuer: /CN=e5c9fff2f8ed0d65aad0b94f8036f2ee1aeeea0a
Certificate serial: 018CC424C8CD5AE0C2A7D9837D7CA7BB5277
Authority key identifier: E5:C9:FF:F2:F8:ED:0D:65:AA:D0:B9:4F:80:36:F2:EE:1A:EE:EA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/lMIguu9s9xj4LuB9_f8HKYOy050.roa
Signing time: Mon 01 Jan 2024 08:29:54 +0000
ROA not before: Mon 01 Jan 2024 08:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51095
IP address blocks: 185.40.106.0/24 maxlen: 24
213.170.143.0/24 maxlen: 24
89.35.237.0/24 maxlen: 24
2a0c:e080::/29 maxlen: 32
2a0c:e082:10::/44 maxlen: 44
2a0c:e082::/44 maxlen: 44
2a0c:e080::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:c8:cd:5a:e0:c2:a7:d9:83:7d:7c:a7:bb:52:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c9fff2f8ed0d65aad0b94f8036f2ee1aeeea0a
Validity
Not Before: Jan 1 08:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94c220baef6cf718f82ee07dfdff072983b2d39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b5:59:62:48:91:cb:88:2d:56:1e:a4:eb:91:
e6:90:e0:8c:92:b2:90:f5:48:f4:47:c9:a1:87:70:
25:48:9b:8d:11:6a:84:b7:fb:f2:ac:3b:9c:06:13:
30:8d:16:b7:e9:47:80:82:aa:ba:9f:f3:fd:34:22:
98:8e:5b:c5:a1:60:18:16:ab:e0:3b:6b:b8:9f:b7:
2f:31:9e:44:95:95:be:91:b0:33:b1:e0:ae:e5:89:
fa:9f:2f:0e:98:42:39:1b:8c:56:e8:78:94:31:cb:
53:b0:9c:b5:07:eb:d8:72:3c:db:5c:da:59:54:8d:
31:24:fa:20:2c:7d:b9:cc:af:66:65:d0:28:f5:dc:
31:26:05:94:35:69:dc:8a:04:1e:b4:15:d0:a5:55:
9c:96:df:b9:76:b3:a6:fc:12:3e:a4:f2:20:43:b1:
ab:9d:0d:9a:20:84:24:77:89:0f:d2:2a:ef:f3:29:
a1:df:10:50:a1:a9:74:fd:75:05:ad:79:14:3e:f2:
31:fd:f9:a1:d5:93:b1:a7:6e:ea:ad:84:1d:67:df:
02:29:1d:ac:3b:6e:d2:39:a3:08:99:e2:94:da:12:
f1:ca:40:62:e5:67:53:7d:e2:d3:6a:91:1f:8a:cf:
58:77:c3:72:c4:3e:dc:72:12:c2:8c:ec:a0:3e:9f:
57:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C2:20:BA:EF:6C:F7:18:F8:2E:E0:7D:FD:FF:07:29:83:B2:D3:9D
X509v3 Authority Key Identifier:
keyid:E5:C9:FF:F2:F8:ED:0D:65:AA:D0:B9:4F:80:36:F2:EE:1A:EE:EA:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/lMIguu9s9xj4LuB9_f8HKYOy050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5cn_8vjtDWWq0LlPgDby7hru6go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.237.0/24
185.40.106.0/24
213.170.143.0/24
IPv6:
2a0c:e080::/29
Signature Algorithm: sha256WithRSAEncryption
41:f8:80:35:a5:f4:fd:b5:5f:60:c8:ef:41:0e:b2:61:a0:4c:
5e:89:66:a2:91:62:8d:2f:15:be:19:ed:27:a3:24:e4:39:ea:
41:cb:29:c8:b7:5f:a1:8d:43:28:ba:e7:cb:cd:dc:57:8d:40:
6e:e4:98:46:82:61:04:57:b5:5b:67:10:c8:b9:fa:a6:72:51:
2c:dc:40:66:0d:bf:2c:48:09:1d:3b:bc:9f:57:d4:7b:db:8b:
7a:4b:9b:29:97:bb:c1:d7:09:ab:f4:64:79:1f:50:1b:8a:9c:
c9:8f:6d:5c:1c:c0:98:04:3a:df:76:3d:c6:08:5a:5a:fd:c7:
25:cb:8e:4b:67:1c:3b:f4:1a:dc:37:22:c8:22:e1:bb:94:98:
8f:2a:cc:4f:9c:3e:b1:17:d5:c8:7e:45:91:7f:7f:d0:b2:27:
26:5a:25:06:64:ae:4f:60:3f:17:b0:93:ea:cd:e8:f3:ee:f5:
6c:1e:e5:99:7a:5a:ce:ea:d7:f2:88:ab:79:d3:24:fe:85:e5:
fd:41:48:f5:2e:3e:75:8a:06:1c:ab:14:96:d3:1c:fb:f6:86:
15:11:cf:cd:30:85:15:b1:0a:2c:ca:e7:71:52:b9:06:55:35:
32:86:f3:3d:b8:8d:0e:6f:fe:8e:d8:16:e9:63:81:9b:4d:c5:
62:05:9d:c1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJMjNWuDCp9mDfXynu1J3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzlmZmYyZjhlZDBkNjVhYWQwYjk0ZjgwMzZmMmVlMWFl
ZWVhMGEwHhcNMjQwMTAxMDgyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGMyMjBiYWVmNmNmNzE4ZjgyZWUwN2RmZGZmMDcyOTgzYjJkMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirVZYkiRy4gtVh6k65HmkOCMkrKQ
9Uj0R8mhh3AlSJuNEWqEt/vyrDucBhMwjRa36UeAgqq6n/P9NCKYjlvFoWAYFqvg
O2u4n7cvMZ5ElZW+kbAzseCu5Yn6ny8OmEI5G4xW6HiUMctTsJy1B+vYcjzbXNpZ
VI0xJPogLH25zK9mZdAo9dwxJgWUNWncigQetBXQpVWclt+5drOm/BI+pPIgQ7Gr
nQ2aIIQkd4kP0irv8ymh3xBQoal0/XUFrXkUPvIx/fmh1ZOxp27qrYQdZ98CKR2s
O27SOaMImeKU2hLxykBi5WdTfeLTapEfis9Yd8NyxD7cchLCjOygPp9X5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJTCILrvbPcY+C7gff3/BymDstOdMB8GA1UdIwQY
MBaAFOXJ//L47Q1lqtC5T4A28u4a7uoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNuXzh2anREV1dxMExsUGdEYnk3aHJ1NmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hZjIzYzYtZWZlYy00OTFiLTg3Y2Qt
OWZhYTYyYTFmMTc4LzEvbE1JZ3V1OXM5eGo0THVCOV9mOEhLWU95MDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hZjIzYzYtZWZlYy00OTFiLTg3Y2QtOWZhYTYyYTFmMTc4
LzEvNWNuXzh2anREV1dxMExsUGdEYnk3aHJ1NmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWSPtAwQA
uShqAwQA1aqPMA0EAgACMAcDBQMqDOCAMA0GCSqGSIb3DQEBCwUAA4IBAQBB+IA1
pfT9tV9gyO9BDrJhoExeiWaikWKNLxW+Ge0noyTkOepByynIt1+hjUMouufLzdxX
jUBu5JhGgmEEV7VbZxDIufqmclEs3EBmDb8sSAkdO7yfV9R724t6S5spl7vB1wmr
9GR5H1AbipzJj21cHMCYBDrfdj3GCFpa/ccly45LZxw79BrcNyLIIuG7lJiPKsxP
nD6xF9XIfkWRf3/QsicmWiUGZK5PYD8XsJPqzejz7vVsHuWZelrO6tfyiKt50yT+
heX9QUj1Lj51igYcqxSW0xz79oYVEc/NMIUVsQosyudxUrkGVTUyhvM9uI0Ob/6O
2BbpY4GbTcViBZ3B
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:55 2025 by rpki-client