Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LWidTTm1PnM_sZicWQLGlpomayg.roa
File: LWidTTm1PnM_sZicWQLGlpomayg.roa (raw, json)
Hash identifier: ROibDQO34w8B9jRuYOtws/Agofw991J1Lsgk0BT/PmA=
Subject key identifier: 2D:68:9D:4D:39:B5:3E:73:3F:B1:98:9C:59:02:C6:96:9A:26:6B:28
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143DC94ADC4692869C3494CB54532B0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LWidTTm1PnM_sZicWQLGlpomayg.roa
Signing time: Wed 01 Jan 2025 09:48:03 +0000
ROA not before: Wed 01 Jan 2025 09:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.54.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 15:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:dc:94:ad:c4:69:28:69:c3:49:4c:b5:45:32:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d689d4d39b53e733fb1989c5902c6969a266b28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:52:07:7a:a6:be:8b:2d:ae:6e:20:a5:78:18:
23:9c:d7:98:32:b4:98:45:a7:dc:08:f4:21:ed:fe:
77:24:75:30:88:be:90:a5:47:c9:ea:ec:6a:73:a0:
a2:64:08:5c:98:ff:34:cf:b8:27:d8:92:90:44:5a:
f7:37:30:7d:cf:5f:07:11:2d:65:df:52:94:78:95:
9d:07:e6:44:5c:23:67:1b:4c:8c:59:03:d1:24:d8:
0b:8e:3e:32:21:00:46:d4:18:0e:48:e8:f6:3b:56:
be:b9:46:0e:e9:40:56:1f:98:a3:a2:11:24:48:dd:
b7:69:bd:70:4f:80:38:1c:a4:eb:0f:84:63:c6:97:
9e:46:2c:62:05:3a:3d:02:e8:45:c6:9f:f7:83:59:
2c:1e:32:1b:fd:d1:30:00:cb:e0:ee:cd:a7:60:e7:
87:e9:48:22:b7:5f:5e:4d:7b:78:02:ad:c6:77:e0:
6c:8e:29:30:2c:30:48:37:b5:07:e2:c4:20:2a:ea:
22:ad:c9:e6:ba:83:57:ef:d7:b1:5a:9d:80:0e:d1:
2c:11:45:1a:0d:b7:d9:aa:4e:3d:5c:13:95:bc:57:
47:0c:df:1d:2b:ec:6f:2e:7a:c7:88:57:0d:d4:3e:
4c:62:9a:e5:27:44:45:d5:5d:8d:c0:d9:f3:06:1c:
0c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:68:9D:4D:39:B5:3E:73:3F:B1:98:9C:59:02:C6:96:9A:26:6B:28
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LWidTTm1PnM_sZicWQLGlpomayg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
82.163.0.0/24
89.213.43.0/24
89.213.98.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.27.0/24
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.54.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
59:8e:60:b8:c0:52:c6:39:4a:7e:c6:91:05:81:57:d9:a3:d7:
0f:5b:d2:76:63:19:f9:18:f6:f4:b4:c2:0f:2a:57:83:ce:95:
a3:4e:7e:37:d4:27:f7:87:b7:c1:69:77:24:e5:29:73:ab:ae:
dc:19:c4:6b:9f:d7:e8:40:61:11:fc:76:b8:4b:fe:b4:29:85:
2b:fa:34:74:9f:e8:35:59:49:fc:4c:28:4e:36:d2:c2:34:4d:
91:24:fc:a9:2d:ec:d4:d2:86:8a:1f:5d:95:ef:80:d1:e2:b3:
ba:09:a7:18:5c:ff:41:78:26:59:3b:d2:85:e5:50:89:d4:6b:
b7:ab:f0:84:de:38:75:c7:54:78:07:37:be:58:fd:ef:db:04:
8e:e5:c1:65:7e:bb:26:2a:82:d2:58:a9:59:70:a4:ee:89:46:
e6:45:86:0b:10:10:71:f8:59:6e:b4:3b:b1:b9:67:72:23:c6:
3e:4a:3e:1f:14:4a:72:f4:7a:81:37:12:e5:15:f7:e7:98:5c:
2a:c0:f3:75:a5:d6:20:bf:a5:23:1d:b8:87:d3:38:c8:c5:12:
92:e2:e4:c0:fd:55:28:6b:9c:41:c6:b1:ba:3b:92:d6:20:c8:
19:f9:b6:f2:fb:0d:2a:e3:89:93:93:0e:0b:d7:61:be:75:79:
2f:d5:54:92
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAZQhQ9yUrcRpKGnDSUy1RTKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDY4OWQ0ZDM5YjUzZTczM2ZiMTk4OWM1OTAyYzY5NjlhMjY2YjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFIHeqa+iy2ubiCleBgjnNeYMrSY
RafcCPQh7f53JHUwiL6QpUfJ6uxqc6CiZAhcmP80z7gn2JKQRFr3NzB9z18HES1l
31KUeJWdB+ZEXCNnG0yMWQPRJNgLjj4yIQBG1BgOSOj2O1a+uUYO6UBWH5ijohEk
SN23ab1wT4A4HKTrD4RjxpeeRixiBTo9AuhFxp/3g1ksHjIb/dEwAMvg7s2nYOeH
6Ugit19eTXt4Aq3Gd+BsjikwLDBIN7UH4sQgKuoircnmuoNX79exWp2ADtEsEUUa
DbfZqk49XBOVvFdHDN8dK+xvLnrHiFcN1D5MYprlJ0RF1V2NwNnzBhwM8wIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFC1onU05tT5zP7GYnFkCxpaaJmsoMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTFdpZFRUbTFQbk1fc1ppY1dRTEdscG9tYXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIwDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wMEAFKjAAMEAFnVKwME
AFnVYgMEAFnVoTAMAwQDWdXoAwQBWdXsAwQAbbAbAwQFbbAgAwQAbbDJAwQAbbDr
AwQA1YKCAwQA1YKVAwQA1dI2AwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IB
AQBZjmC4wFLGOUp+xpEFgVfZo9cPW9J2Yxn5GPb0tMIPKleDzpWjTn431Cf3h7fB
aXck5Slzq67cGcRrn9foQGER/Ha4S/60KYUr+jR0n+g1WUn8TChONtLCNE2RJPyp
LezU0oaKH12V74DR4rO6CacYXP9BeCZZO9KF5VCJ1Gu3q/CE3jh1x1R4Bze+WP3v
2wSO5cFlfrsmKoLSWKlZcKTuiUbmRYYLEBBx+FlutDuxuWdyI8Y+Sj4fFEpy9HqB
NxLlFffnmFwqwPN1pdYgv6UjHbiH0zjIxRKS4uTA/VUoa5xBxrG6O5LWIMgZ+bby
+w0q44mTkw4L12G+dXkv1VSS
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:40 2025 by rpki-client