Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/LQWuWNrxzUxbp9ae28CHz9zEDC4.roa
File: LQWuWNrxzUxbp9ae28CHz9zEDC4.roa (raw, json)
Hash identifier: WlEFbemBH3FjUFu+scJAIvb4GzotF3PCqUGTPm8XyHw=
Subject key identifier: 2D:05:AE:58:DA:F1:CD:4C:5B:A7:D6:9E:DB:C0:87:CF:DC:C4:0C:2E
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 01947374904ADCAE2E750FBDBA58D0ABF562
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/LQWuWNrxzUxbp9ae28CHz9zEDC4.roa
Signing time: Fri 17 Jan 2025 08:50:06 +0000
ROA not before: Fri 17 Jan 2025 08:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49332
IP address blocks: 5.57.64.0/21 maxlen: 22
80.243.144.0/20 maxlen: 21
86.111.64.0/20 maxlen: 21
86.111.84.0/23 maxlen: 24
91.212.203.0/24 maxlen: 24
176.32.0.0/21 maxlen: 22
176.39.64.0/19 maxlen: 19
176.39.64.0/20 maxlen: 21
188.190.32.0/19 maxlen: 20
Validation: Failed, certificate revoked on Fri 17 Jan 2025 11:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:74:90:4a:dc:ae:2e:75:0f:bd:ba:58:d0:ab:f5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 17 08:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d05ae58daf1cd4c5ba7d69edbc087cfdcc40c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e8:16:43:a4:0a:8f:e5:03:27:c0:53:45:71:
2c:6c:10:e9:78:30:8e:4d:8c:d2:57:ee:25:23:3d:
3a:5c:63:57:4b:33:a0:16:c9:ac:58:d4:87:ed:c8:
49:94:e5:19:38:9a:d8:4a:2d:8d:25:de:36:90:1f:
b3:73:07:fb:8d:80:23:a7:19:5e:5a:77:f6:37:61:
3e:3c:9c:6d:5a:4f:8d:7d:02:1a:48:b3:d2:15:f7:
10:e2:0d:88:dc:da:98:8e:43:52:dc:e8:fb:59:8c:
c0:6b:af:16:aa:0c:71:b6:d9:df:a8:c4:fb:1f:64:
e0:3e:3c:8a:48:36:bb:a5:b2:f2:07:c7:3a:0e:23:
d9:91:67:59:13:78:e6:b1:ed:05:a2:c8:8e:32:7a:
97:91:27:84:cb:e9:da:18:1f:29:90:ad:72:41:68:
83:28:8b:2e:cd:65:26:0b:50:b8:91:67:2c:dc:8a:
59:d8:7d:fa:68:bd:b0:25:44:e7:8c:ab:a4:35:87:
0f:4e:e5:a9:6b:17:89:e3:65:ca:73:f2:47:0c:3f:
44:e9:1d:19:5c:1a:dc:05:68:8b:06:54:39:9c:98:
75:16:e6:6b:56:92:57:f9:8a:83:f5:7c:26:b7:90:
34:7a:7e:77:7a:be:d3:b4:a3:6d:5d:ed:fa:23:5d:
17:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:05:AE:58:DA:F1:CD:4C:5B:A7:D6:9E:DB:C0:87:CF:DC:C4:0C:2E
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/LQWuWNrxzUxbp9ae28CHz9zEDC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.64.0/21
80.243.144.0/20
86.111.64.0/20
86.111.84.0/23
91.212.203.0/24
176.32.0.0/21
176.39.64.0/19
188.190.32.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:c0:d1:7d:64:54:f6:2e:1d:a6:6e:d6:26:47:5c:da:32:5d:
6c:2e:6d:92:95:d8:f0:ab:cb:1e:d6:d8:de:96:6a:7b:48:b8:
4b:9f:f0:0e:61:93:22:ef:30:ff:eb:fe:4a:27:11:15:c8:00:
b2:ff:44:ee:e7:64:e7:0e:db:ef:65:47:d1:37:6e:6f:02:7c:
fa:f0:0f:96:e5:94:d7:8c:e5:0a:aa:15:fa:29:23:31:62:03:
cd:46:c6:b9:b2:95:3a:46:67:5a:5f:15:ad:21:4c:b2:1b:23:
c8:a6:5f:e6:a2:18:26:5b:69:9a:db:e4:20:87:1c:4a:e8:e7:
d1:e3:b7:8e:38:a3:d3:d2:37:ac:63:5d:bc:47:0b:c0:7a:71:
7c:3a:a8:e7:87:b8:ac:1d:96:30:c9:cb:2a:68:9d:36:3a:61:
c0:55:83:8f:0d:95:da:24:f0:d5:63:49:2c:cf:d1:68:bc:7e:
09:50:d6:01:db:18:d0:5d:16:c0:f5:da:7e:c0:b5:13:a6:87:
72:e7:40:6b:3a:89:9d:54:83:6b:e3:e6:b6:91:57:7a:90:67:
1e:38:87:bc:01:9a:b5:9f:2e:b0:b5:7b:ea:18:05:94:4a:06:
32:c9:24:d5:04:8c:bc:46:60:a7:b0:04:a5:dd:16:65:c9:d3:
03:28:3e:bb
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZRzdJBK3K4udQ+9uljQq/ViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjUwMTE3MDg1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA1YWU1OGRhZjFjZDRjNWJhN2Q2OWVkYmMwODdjZmRjYzQwYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OgWQ6QKj+UDJ8BTRXEsbBDpeDCO
TYzSV+4lIz06XGNXSzOgFsmsWNSH7chJlOUZOJrYSi2NJd42kB+zcwf7jYAjpxle
Wnf2N2E+PJxtWk+NfQIaSLPSFfcQ4g2I3NqYjkNS3Oj7WYzAa68WqgxxttnfqMT7
H2TgPjyKSDa7pbLyB8c6DiPZkWdZE3jmse0FosiOMnqXkSeEy+naGB8pkK1yQWiD
KIsuzWUmC1C4kWcs3IpZ2H36aL2wJUTnjKukNYcPTuWpaxeJ42XKc/JHDD9E6R0Z
XBrcBWiLBlQ5nJh1FuZrVpJX+YqD9Xwmt5A0en53er7TtKNtXe36I10X3QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFC0Frlja8c1MW6fWntvAh8/cxAwuMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL0xRV3VXTnJ4elV4YnA5YWUyOENIejl6RURDNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAMFOUAD
BARQ85ADBARWb0ADBAFWb1QDBABb1MsDBAOwIAADBAWwJ0ADBAW8viAwDQYJKoZI
hvcNAQELBQADggEBAF7A0X1kVPYuHaZu1iZHXNoyXWwubZKV2PCryx7W2N6WantI
uEuf8A5hkyLvMP/r/konERXIALL/RO7nZOcO2+9lR9E3bm8CfPrwD5bllNeM5Qqq
FfopIzFiA81GxrmylTpGZ1pfFa0hTLIbI8imX+aiGCZbaZrb5CCHHEro59Hjt444
o9PSN6xjXbxHC8B6cXw6qOeHuKwdljDJyyponTY6YcBVg48Nldok8NVjSSzP0Wi8
fglQ1gHbGNBdFsD12n7AtROmh3LnQGs6iZ1Ug2vj5raRV3qQZx44h7wBmrWfLrC1
e+oYBZRKBjLJJNUEjLxGYKewBKXdFmXJ0wMoPrs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:41:00 2025 by rpki-client