Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/LASO_qXw5aUwrm9oKo9hPA6fQLw.roa
File: LASO_qXw5aUwrm9oKo9hPA6fQLw.roa (raw, json)
Hash identifier: qMYOkuH6RepdwJxqmVku4LRsRis/mMMxGL7c8/A8f2s=
Subject key identifier: 2C:04:8E:FE:A5:F0:E5:A5:30:AE:6F:68:2A:8F:61:3C:0E:9F:40:BC
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 018CC2DB23CA9BB767E37B1591E4A52A447D
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/LASO_qXw5aUwrm9oKo9hPA6fQLw.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 185.15.100.0/22 maxlen: 24
5.152.168.0/21 maxlen: 24
5.8.184.0/21 maxlen: 24
37.1.176.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:23:ca:9b:b7:67:e3:7b:15:91:e4:a5:2a:44:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c048efea5f0e5a530ae6f682a8f613c0e9f40bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:42:de:86:8a:c3:75:88:fe:25:a3:d1:61:65:
64:bf:a4:b9:9b:78:4b:22:c4:1c:61:11:35:22:bc:
5b:7b:50:d7:08:bf:22:43:78:bc:b7:85:87:ef:01:
50:66:e2:00:c4:14:19:b7:69:06:44:cc:65:67:53:
17:45:a8:c3:97:6b:ab:3f:ec:50:19:6b:cf:66:07:
dc:52:4f:1c:0e:9f:fe:4d:b5:9a:61:b0:51:c4:e2:
39:8c:27:cd:88:f2:19:6c:8b:65:24:b4:3f:cc:f6:
4a:8f:d9:b3:97:9f:b9:1e:f7:af:52:5c:5b:a6:3d:
61:77:20:9c:b5:0a:75:48:36:27:91:81:74:d5:6d:
24:9b:b3:8d:82:16:01:00:c3:51:95:02:a6:5e:1e:
5f:c0:25:b8:38:af:0a:a7:65:5d:92:c8:b7:b6:5a:
00:16:08:50:7d:0d:c3:7f:bd:a1:f4:89:88:ba:02:
79:7e:07:39:23:0a:57:22:10:7f:3f:e5:51:49:38:
e6:ce:ec:0a:40:28:52:9f:f5:2e:47:75:b3:53:8c:
d4:c6:6b:ba:31:41:ec:8b:eb:e3:7b:e3:2b:4d:ce:
71:49:69:a8:ef:a2:18:c4:4a:fe:3c:9d:75:69:c0:
44:28:93:10:da:5d:09:90:89:db:c8:2c:63:14:f1:
a6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:04:8E:FE:A5:F0:E5:A5:30:AE:6F:68:2A:8F:61:3C:0E:9F:40:BC
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/LASO_qXw5aUwrm9oKo9hPA6fQLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/21
5.152.168.0/21
37.1.176.0/21
185.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
44:73:d6:18:55:1b:ad:c0:f7:51:65:9c:56:94:f0:19:22:c2:
99:94:ed:bf:c4:b2:ea:93:a1:92:0b:2d:99:31:b5:da:4f:70:
cd:e6:a3:2a:97:06:1e:2e:87:60:7c:8c:a5:39:a5:60:91:60:
c7:5e:3d:82:7c:ea:65:ae:2b:a2:4d:69:0f:a6:ac:66:aa:bd:
7e:48:ed:f4:58:a3:65:ed:84:5d:cb:29:6f:f6:1a:5f:54:1c:
d5:5d:38:5b:25:a7:3b:a6:a5:16:2c:4e:b7:f9:7a:b1:50:37:
23:12:73:39:03:ee:c6:47:56:04:6f:89:74:1a:9b:e2:df:d0:
55:6e:d6:80:4c:30:e9:f0:5a:d8:0f:c7:9e:0d:3f:b7:55:91:
69:5f:02:e8:82:8c:76:a6:f1:5d:46:ff:2a:e0:c5:cb:f5:17:
ac:26:6e:c5:dd:b9:93:06:9c:1c:2d:4a:fe:88:b5:87:d5:4e:
ec:c8:4d:b6:5f:b9:c6:d6:eb:3a:48:da:15:4a:99:a9:d7:2e:
04:e9:44:be:ca:5e:1d:5c:11:7e:94:b0:99:6e:80:c2:52:68:
78:a6:f6:23:ca:ce:7e:ed:7e:49:31:3e:5d:9d:b8:3d:e6:09:
de:14:28:42:c2:ce:99:f2:05:b6:44:3f:85:12:f5:da:2b:28:
03:bc:c3:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2yPKm7dn43sVkeSlKkR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTg5YjY3YzY2ZGViZjVkZWQzZjI4ODBiYjQ5NDFkMzA0
MTEyNTcwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA0OGVmZWE1ZjBlNWE1MzBhZTZmNjgyYThmNjEzYzBlOWY0MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkLehorDdYj+JaPRYWVkv6S5m3hL
IsQcYRE1Irxbe1DXCL8iQ3i8t4WH7wFQZuIAxBQZt2kGRMxlZ1MXRajDl2urP+xQ
GWvPZgfcUk8cDp/+TbWaYbBRxOI5jCfNiPIZbItlJLQ/zPZKj9mzl5+5HvevUlxb
pj1hdyCctQp1SDYnkYF01W0km7ONghYBAMNRlQKmXh5fwCW4OK8Kp2Vdksi3tloA
FghQfQ3Df72h9ImIugJ5fgc5IwpXIhB/P+VRSTjmzuwKQChSn/UuR3WzU4zUxmu6
MUHsi+vje+MrTc5xSWmo76IYxEr+PJ11acBEKJMQ2l0JkInbyCxjFPGmLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCwEjv6l8OWlMK5vaCqPYTwOn0C8MB8GA1UdIwQY
MBaAFLGom2fGbev13tPyiAu0lB0wQRJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTct
MjEwMGJmMGYxNDBhLzEvTEFTT19xWHc1YVV3cm05b0tvOWhQQTZmUUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBh
LzEvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBQi4AwQD
BZioAwQDJQGwAwQCuQ9kMA0GCSqGSIb3DQEBCwUAA4IBAQBEc9YYVRutwPdRZZxW
lPAZIsKZlO2/xLLqk6GSCy2ZMbXaT3DN5qMqlwYeLodgfIylOaVgkWDHXj2CfOpl
riuiTWkPpqxmqr1+SO30WKNl7YRdyylv9hpfVBzVXThbJac7pqUWLE63+XqxUDcj
EnM5A+7GR1YEb4l0Gpvi39BVbtaATDDp8FrYD8eeDT+3VZFpXwLogox2pvFdRv8q
4MXL9ResJm7F3bmTBpwcLUr+iLWH1U7syE22X7nG1us6SNoVSpmp1y4E6US+yl4d
XBF+lLCZboDCUmh4pvYjys5+7X5JMT5dnbg95gneFChCws6Z8gW2RD+FEvXaKygD
vMND
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:19:15 2025 by rpki-client