Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/LzthLNtW-9LsgNFf8y2F8K26su0.roa
File: LzthLNtW-9LsgNFf8y2F8K26su0.roa (raw, json)
Hash identifier: lIv2iEwGVv7uUPUfNrE7a2970EatrAA+9Fz/gmmgCa8=
Subject key identifier: 2F:3B:61:2C:DB:56:FB:D2:EC:80:D1:5F:F3:2D:85:F0:AD:BA:B2:ED
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 019408623641F225A00D22322372976C860D
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/LzthLNtW-9LsgNFf8y2F8K26su0.roa
Signing time: Fri 27 Dec 2024 13:50:41 +0000
ROA not before: Fri 27 Dec 2024 13:50:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.139.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.69.0/24 maxlen: 24
93.179.93.0/24 maxlen: 24
93.179.94.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
93.179.121.0/24 maxlen: 24
95.85.83.0/24 maxlen: 24
95.85.83.0/25 maxlen: 25
95.85.83.128/25 maxlen: 25
95.181.212.0/23 maxlen: 23
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:62:36:41:f2:25:a0:0d:22:32:23:72:97:6c:86:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Dec 27 13:50:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f3b612cdb56fbd2ec80d15ff32d85f0adbab2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e7:a6:de:12:c9:93:81:fe:f7:9e:99:5c:30:
71:bf:24:2b:08:f2:be:bd:0e:66:ec:63:cb:8e:4a:
20:05:37:e7:37:d4:fe:e6:50:6c:04:81:a8:b4:23:
7a:ff:ed:90:87:5c:f8:8e:5f:88:a8:9e:14:03:f9:
1a:9b:80:88:16:44:fd:72:42:98:27:8c:46:6d:d6:
91:b8:52:13:be:60:48:a9:68:3a:6d:3f:80:c9:eb:
bb:be:43:a8:f1:05:7d:0b:73:af:3e:38:73:ac:04:
c0:35:40:43:31:f1:25:c0:3a:e2:88:7d:1e:b0:8a:
7f:25:0a:21:5a:f9:d4:41:a6:4a:8a:a1:e3:38:0f:
35:14:9d:76:9e:58:b6:56:a0:d4:3d:72:81:cf:50:
8f:aa:49:c4:88:a0:18:82:7a:af:f4:fe:ab:a4:1d:
aa:03:17:9e:67:e9:3d:ab:8e:d6:b3:80:b3:66:10:
ed:8c:5f:0e:b9:3b:ac:75:80:9f:84:4a:d9:d3:68:
f7:af:9c:98:2e:2d:14:f8:3b:c3:e3:05:70:de:14:
32:43:8f:9a:18:07:98:03:07:84:ff:6d:48:36:58:
31:11:2a:9c:bd:08:71:b0:34:14:a1:8d:e1:db:df:
01:c1:b8:99:43:c2:2a:da:3c:1c:3d:43:09:91:ac:
8f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3B:61:2C:DB:56:FB:D2:EC:80:D1:5F:F3:2D:85:F0:AD:BA:B2:ED
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/LzthLNtW-9LsgNFf8y2F8K26su0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.68.0/23
93.179.93.0-93.179.94.255
93.179.120.0/23
95.85.83.0/24
95.181.212.0/23
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
ad:59:2f:5e:c2:42:7a:37:8d:61:fb:df:82:ba:5c:c8:7e:b2:
96:9e:08:f9:05:68:90:ed:0a:10:d2:46:0c:ea:2e:ed:5e:e9:
cc:32:11:2d:72:63:f8:94:2d:9d:a4:49:c0:53:06:5b:31:01:
3f:72:f9:e8:a4:c6:88:1a:4f:fc:8a:8e:f3:84:e8:9a:c4:e0:
91:51:ef:91:77:5f:bb:10:24:51:36:0f:2a:e3:4d:4f:d9:e4:
52:92:a8:d6:c6:39:73:8e:10:af:63:53:51:d1:b9:11:86:b6:
2e:ed:99:58:86:20:3c:9b:2e:78:64:1a:35:18:4c:ca:4d:f6:
23:83:1b:5a:f9:e1:f3:5a:8f:e3:03:23:4a:68:14:9d:49:a3:
2f:7d:1c:cc:90:8e:84:3e:7f:e2:2d:2f:13:6b:54:46:be:72:
4b:f7:96:a2:84:8c:86:3c:f6:9c:5a:e2:f5:c6:44:e1:40:1e:
f9:ff:4b:54:6b:e0:9d:6e:41:06:a5:31:9a:5b:55:bd:8b:a2:
28:b2:52:0d:10:c7:ed:0f:e9:e5:00:46:27:99:97:4b:82:fe:
2a:38:7b:71:22:0d:4c:5b:59:b1:b6:61:4c:b9:bc:b8:48:20:
63:86:19:3f:a2:03:c4:be:09:a6:a0:8c:06:57:ba:b4:5a:ad:
d3:45:f6:ab
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQIYjZB8iWgDSIyI3KXbIYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjQxMjI3MTM1MDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNiNjEyY2RiNTZmYmQyZWM4MGQxNWZmMzJkODVmMGFkYmFiMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquem3hLJk4H+956ZXDBxvyQrCPK+
vQ5m7GPLjkogBTfnN9T+5lBsBIGotCN6/+2Qh1z4jl+IqJ4UA/kam4CIFkT9ckKY
J4xGbdaRuFITvmBIqWg6bT+Ayeu7vkOo8QV9C3OvPjhzrATANUBDMfElwDriiH0e
sIp/JQohWvnUQaZKiqHjOA81FJ12nli2VqDUPXKBz1CPqknEiKAYgnqv9P6rpB2q
AxeeZ+k9q47Ws4CzZhDtjF8OuTusdYCfhErZ02j3r5yYLi0U+DvD4wVw3hQyQ4+a
GAeYAweE/21INlgxESqcvQhxsDQUoY3h298BwbiZQ8Iq2jwcPUMJkayPEQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFC87YSzbVvvS7IDRX/MthfCturLtMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvTHp0aExOdFctOUxzZ05GZjh5MkY4SzI2c3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQCW8SIAwQB
XbNEMAwDBABds10DBABds14DBAFds3gDBABfVVMDBAFftdQDBABtxIUDBADDtggw
FAQCAAIwDgMFASoEhoADBQAqCdXAMA0GCSqGSIb3DQEBCwUAA4IBAQCtWS9ewkJ6
N41h+9+CulzIfrKWngj5BWiQ7QoQ0kYM6i7tXunMMhEtcmP4lC2dpEnAUwZbMQE/
cvnopMaIGk/8io7zhOiaxOCRUe+Rd1+7ECRRNg8q401P2eRSkqjWxjlzjhCvY1NR
0bkRhrYu7ZlYhiA8my54ZBo1GEzKTfYjgxta+eHzWo/jAyNKaBSdSaMvfRzMkI6E
Pn/iLS8Ta1RGvnJL95aihIyGPPacWuL1xkThQB75/0tUa+CdbkEGpTGaW1W9i6Io
slINEMftD+nlAEYnmZdLgv4qOHtxIg1MW1mxtmFMuby4SCBjhhk/ogPEvgmmoIwG
V7q0Wq3TRfar
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:08:35 2025 by rpki-client