Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/lfwaUFEt0gpH9NpbzJy2AiKfwLA.roa
File: lfwaUFEt0gpH9NpbzJy2AiKfwLA.roa (raw, json)
Hash identifier: NTKv90AKMNsBWVBa0sXGAPvfNu28juWsSluMbRvq0wk=
Subject key identifier: 95:FC:1A:50:51:2D:D2:0A:47:F4:DA:5B:CC:9C:B6:02:22:9F:C0:B0
Certificate issuer: /CN=79bb7749abde6f5da4eb1c6ed1c57681617846b0
Certificate serial: 018CC348EA6E2A6BDFDBE1C6C46848EC21F3
Authority key identifier: 79:BB:77:49:AB:DE:6F:5D:A4:EB:1C:6E:D1:C5:76:81:61:78:46:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/lfwaUFEt0gpH9NpbzJy2AiKfwLA.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209346
IP address blocks: 185.157.0.0/22 maxlen: 24
2a0b:2ec0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ea:6e:2a:6b:df:db:e1:c6:c4:68:48:ec:21:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79bb7749abde6f5da4eb1c6ed1c57681617846b0
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95fc1a50512dd20a47f4da5bcc9cb602229fc0b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ac:2e:3e:07:4c:1a:a8:2d:ce:be:c3:75:89:
1e:08:42:b6:ec:d8:96:ce:ae:b6:8d:23:5c:9c:00:
ef:15:24:0f:4e:aa:6c:81:ec:c2:e9:f2:80:c2:e9:
40:63:1e:b4:56:04:db:41:94:62:1a:62:75:dc:8c:
a4:dd:05:37:53:85:c5:4f:e6:f6:d8:96:be:ed:b9:
aa:1b:05:9f:c3:8c:bf:d8:47:93:00:40:10:b2:7c:
01:92:1b:37:bf:7d:bf:52:ab:9f:dd:cd:33:19:1c:
74:a0:94:f6:c5:23:74:a4:5b:15:77:da:8a:10:e1:
37:42:3a:98:61:62:43:46:d5:c3:e8:57:7a:42:49:
91:67:39:59:9c:0d:56:ab:63:3c:79:b9:fd:59:4b:
08:34:1d:01:af:33:c8:65:a0:37:54:83:a2:1c:9e:
85:88:dd:8a:b7:8d:e9:88:bb:83:f1:d4:52:12:c3:
cd:4b:b1:3e:82:fd:00:81:b4:7b:08:cc:de:e8:58:
d0:13:06:79:e6:0f:8f:30:0b:b5:8c:e4:7f:8a:2d:
df:f4:3c:a9:bb:d9:ab:b7:e8:d1:71:42:15:18:c4:
ec:3e:2c:a3:bf:a9:9b:e2:53:ea:ec:83:fc:e4:3b:
e8:00:7d:70:51:16:44:6d:bc:55:40:df:90:9b:13:
31:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FC:1A:50:51:2D:D2:0A:47:F4:DA:5B:CC:9C:B6:02:22:9F:C0:B0
X509v3 Authority Key Identifier:
keyid:79:BB:77:49:AB:DE:6F:5D:A4:EB:1C:6E:D1:C5:76:81:61:78:46:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/lfwaUFEt0gpH9NpbzJy2AiKfwLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/ebt3Saveb12k6xxu0cV2gWF4RrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.0.0/22
IPv6:
2a0b:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
68:1e:a0:ab:ae:cb:0a:f8:77:20:ba:4c:11:62:09:98:c3:d4:
08:da:34:71:13:22:28:ad:97:57:ee:09:c1:3b:cf:bc:c7:e7:
36:b2:62:11:0a:16:69:9d:ef:aa:89:22:27:5e:d4:5c:0e:36:
b5:f6:61:75:f2:f6:90:e2:1a:a5:17:a4:9d:32:63:c3:13:3d:
fc:60:23:86:7f:4f:8f:9f:f4:78:db:17:a6:83:ac:0d:17:cd:
23:ac:7c:50:ad:1a:d2:65:ee:53:0b:f9:64:85:91:0a:8e:cc:
23:25:39:58:dd:77:8e:42:b8:9e:ac:01:c5:1a:46:41:b4:75:
f3:77:aa:aa:76:62:53:cf:9a:40:df:14:77:ce:0b:66:7b:9a:
f2:e6:20:42:99:e5:85:47:d0:f7:55:f2:0c:79:68:80:c2:c4:
79:ef:e0:7e:32:c8:8d:9d:eb:e2:0c:09:bd:ec:6d:50:39:34:
60:e6:c0:2c:46:ed:cf:ed:e4:89:ff:d8:2d:5e:cb:5e:8d:35:
1f:ee:75:dd:dc:14:1d:d4:4a:bb:07:b6:a2:78:5a:b3:b3:72:
e2:83:a0:90:fa:d3:89:e4:27:10:95:ce:f6:a8:4f:a0:12:12:
e9:c6:a6:c8:53:d0:1c:c9:c4:54:6e:b0:e2:86:3b:0b:22:d4:
b9:f3:60:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSOpuKmvf2+HGxGhI7CHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YmI3NzQ5YWJkZTZmNWRhNGViMWM2ZWQxYzU3NjgxNjE3
ODQ2YjAwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWZjMWE1MDUxMmRkMjBhNDdmNGRhNWJjYzljYjYwMjIyOWZjMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6wuPgdMGqgtzr7DdYkeCEK27NiW
zq62jSNcnADvFSQPTqpsgezC6fKAwulAYx60VgTbQZRiGmJ13Iyk3QU3U4XFT+b2
2Ja+7bmqGwWfw4y/2EeTAEAQsnwBkhs3v32/Uquf3c0zGRx0oJT2xSN0pFsVd9qK
EOE3QjqYYWJDRtXD6Fd6QkmRZzlZnA1Wq2M8ebn9WUsINB0BrzPIZaA3VIOiHJ6F
iN2Kt43piLuD8dRSEsPNS7E+gv0AgbR7CMze6FjQEwZ55g+PMAu1jOR/ii3f9Dyp
u9mrt+jRcUIVGMTsPiyjv6mb4lPq7IP85DvoAH1wURZEbbxVQN+QmxMx1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJX8GlBRLdIKR/TaW8yctgIin8CwMB8GA1UdIwQY
MBaAFHm7d0mr3m9dpOscbtHFdoFheEawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJ0M1NhdmViMTJrNnh4dTBjVjJnV0Y0UnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yNWI3YjgtYzMwMi00ZGRhLTg5OGEt
NDgyNWUxOGQ3MzAxLzEvbGZ3YVVGRXQwZ3BIOU5wYnpKeTJBaUtmd0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yNWI3YjgtYzMwMi00ZGRhLTg5OGEtNDgyNWUxOGQ3MzAx
LzEvZWJ0M1NhdmViMTJrNnh4dTBjVjJnV0Y0UnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ0AMA0E
AgACMAcDBQMqCy7AMA0GCSqGSIb3DQEBCwUAA4IBAQBoHqCrrssK+HcgukwRYgmY
w9QI2jRxEyIorZdX7gnBO8+8x+c2smIRChZpne+qiSInXtRcDja19mF18vaQ4hql
F6SdMmPDEz38YCOGf0+Pn/R42xemg6wNF80jrHxQrRrSZe5TC/lkhZEKjswjJTlY
3XeOQrierAHFGkZBtHXzd6qqdmJTz5pA3xR3zgtme5ry5iBCmeWFR9D3VfIMeWiA
wsR57+B+MsiNneviDAm97G1QOTRg5sAsRu3P7eSJ/9gtXstejTUf7nXd3BQd1Eq7
B7aieFqzs3Lig6CQ+tOJ5CcQlc72qE+gEhLpxqbIU9AcycRUbrDihjsLItS582Bf
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:29:00 2025 by rpki-client