Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LJb80bg7IfJFP5N0RCajeRM2Kyk.roa
File: LJb80bg7IfJFP5N0RCajeRM2Kyk.roa (raw, json)
Hash identifier: UIlcINbl+awpw9Rl9FHIl4RYtOzM6XY5zeoVPTQEZ/Y=
Subject key identifier: 2C:96:FC:D1:B8:3B:21:F2:45:3F:93:74:44:26:A3:79:13:36:2B:29
Certificate issuer: /CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Certificate serial: 018CC5002C4FB9E6E6DEBC52E02F6488F2FF
Authority key identifier: 2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LJb80bg7IfJFP5N0RCajeRM2Kyk.roa
Signing time: Mon 01 Jan 2024 12:29:32 +0000
ROA not before: Mon 01 Jan 2024 12:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30801
IP address blocks: 82.98.0.0/18 maxlen: 24
85.203.64.0/18 maxlen: 24
82.98.0.0/19 maxlen: 19
82.98.32.0/20 maxlen: 20
92.61.128.0/20 maxlen: 20
82.98.48.0/21 maxlen: 21
178.16.240.0/20 maxlen: 24
82.98.56.0/22 maxlen: 22
82.98.60.0/22 maxlen: 22
217.67.144.0/20 maxlen: 20
2a04:1e00::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2c:4f:b9:e6:e6:de:bc:52:e0:2f:64:88:f2:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Validity
Not Before: Jan 1 12:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c96fcd1b83b21f2453f93744426a37913362b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7d:65:bd:b8:5f:47:56:8d:91:4a:f3:4d:12:
4e:1d:8c:84:b1:1d:49:ba:04:55:b9:ae:66:40:2b:
d6:22:8e:15:d3:a6:26:72:81:87:68:81:18:84:3f:
33:6e:9f:83:0e:8a:5e:9b:cc:e1:e4:28:d8:68:c5:
8a:c3:f9:6e:54:7a:e0:1b:ca:3a:9d:33:fb:f6:20:
f2:b4:8d:b8:3f:bd:ee:fd:bf:72:cd:e6:81:fa:66:
62:cf:68:3b:a2:c4:3c:ae:8b:13:a9:ab:5d:8d:81:
17:2e:f2:6c:19:5e:a0:01:36:2a:86:02:15:cb:7b:
e1:b0:4c:07:c6:3f:79:e9:a4:89:90:f6:ad:08:18:
18:23:a8:39:e7:cb:a5:82:a0:bc:18:a7:3f:4b:ce:
2a:bd:ab:ca:b9:77:72:fe:bf:c7:ef:f0:6b:ff:4a:
61:73:b7:51:e0:63:98:f5:a3:49:78:15:9d:97:94:
b8:04:fb:71:05:29:f9:24:b0:50:6a:7c:a8:0f:d3:
2c:92:6f:c6:f1:06:d7:26:54:78:e3:15:7e:20:09:
3e:90:8f:29:0a:e7:18:20:c0:a1:30:11:86:b5:d3:
6f:19:ed:57:53:fd:ca:f9:ac:1a:4c:f4:2d:3d:f8:
d7:bc:ee:b6:7c:eb:51:ce:37:d8:a4:95:ca:1f:0b:
47:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:96:FC:D1:B8:3B:21:F2:45:3F:93:74:44:26:A3:79:13:36:2B:29
X509v3 Authority Key Identifier:
keyid:2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LJb80bg7IfJFP5N0RCajeRM2Kyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.0.0/18
85.203.64.0/18
92.61.128.0/20
178.16.240.0/20
217.67.144.0/20
IPv6:
2a04:1e00::/29
Signature Algorithm: sha256WithRSAEncryption
76:cf:53:63:26:87:98:3b:73:94:95:16:2f:7f:5e:6c:82:2b:
1f:07:c7:5c:2c:70:12:cb:ff:19:eb:77:d6:68:bb:f5:da:c6:
df:26:36:35:5d:ff:85:d9:71:00:73:d1:10:e5:15:09:fc:41:
f9:8d:ab:b0:0d:f6:53:a7:09:65:14:01:82:73:5a:9d:24:61:
d1:09:9f:bb:fd:52:e4:28:2e:77:bf:25:07:69:29:75:fd:19:
6c:7c:89:33:db:a1:d3:2c:40:89:fd:8e:0e:80:c3:a6:94:89:
89:7f:f5:f4:3d:98:8b:11:d4:31:d2:36:a9:a6:bc:e9:d0:29:
6e:f1:7b:4b:24:c6:5b:78:0f:64:e9:35:a5:b6:d3:97:b2:a1:
6d:66:7b:dd:e6:fe:be:b7:0e:4b:56:75:e1:6d:e7:1d:90:6a:
8c:57:38:b2:73:0a:38:3a:21:ca:1b:ba:35:cd:22:a7:9c:8d:
d6:70:a7:3b:97:08:18:7b:49:19:02:48:7c:19:45:a6:be:4b:
7d:bc:1c:24:73:51:45:f4:8d:ff:93:b1:60:02:d4:15:9c:e2:
b1:ec:81:b6:a8:67:f3:da:e9:cd:1c:b2:32:95:ed:43:2c:77:
34:03:8a:31:2f:5a:9e:c1:96:22:a5:56:17:40:7f:23:31:03:
f7:c8:ee:44
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzFACxPuebm3rxS4C9kiPL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzEyMWUxNTQ1ZGYzZTViYjg2ZTkxODhmMjgyNWZhZDc0
NzdmNzUwHhcNMjQwMTAxMTIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzk2ZmNkMWI4M2IyMWYyNDUzZjkzNzQ0NDI2YTM3OTEzMzYyYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH1lvbhfR1aNkUrzTRJOHYyEsR1J
ugRVua5mQCvWIo4V06YmcoGHaIEYhD8zbp+DDopem8zh5CjYaMWKw/luVHrgG8o6
nTP79iDytI24P73u/b9yzeaB+mZiz2g7osQ8rosTqatdjYEXLvJsGV6gATYqhgIV
y3vhsEwHxj956aSJkPatCBgYI6g558ulgqC8GKc/S84qvavKuXdy/r/H7/Br/0ph
c7dR4GOY9aNJeBWdl5S4BPtxBSn5JLBQanyoD9Mskm/G8QbXJlR44xV+IAk+kI8p
CucYIMChMBGGtdNvGe1XU/3K+awaTPQtPfjXvO62fOtRzjfYpJXKHwtHmQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCyW/NG4OyHyRT+TdEQmo3kTNispMB8GA1UdIwQY
MBaAFC7BIeFUXfPlu4bpGI8oJfrXR391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgt
OWY1MjJhMjg0NTk1LzEvTEpiODBiZzdJZkpGUDVOMFJDYWplUk0yS3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgtOWY1MjJhMjg0NTk1
LzEvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGUmIAAwQG
VctAAwQEXD2AAwQEshDwAwQE2UOQMA0EAgACMAcDBQMqBB4AMA0GCSqGSIb3DQEB
CwUAA4IBAQB2z1NjJoeYO3OUlRYvf15sgisfB8dcLHASy/8Z63fWaLv12sbfJjY1
Xf+F2XEAc9EQ5RUJ/EH5jauwDfZTpwllFAGCc1qdJGHRCZ+7/VLkKC53vyUHaSl1
/RlsfIkz26HTLECJ/Y4OgMOmlImJf/X0PZiLEdQx0japprzp0Clu8XtLJMZbeA9k
6TWlttOXsqFtZnvd5v6+tw5LVnXhbecdkGqMVziycwo4OiHKG7o1zSKnnI3WcKc7
lwgYe0kZAkh8GUWmvkt9vBwkc1FF9I3/k7FgAtQVnOKx7IG2qGfz2unNHLIyle1D
LHc0A4oxL1qewZYipVYXQH8jMQP3yO5E
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:37 2025 by rpki-client