Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaYsZM0AOMRA6naGE4C58Jm18og.roa
File: LaYsZM0AOMRA6naGE4C58Jm18og.roa (raw, json)
Hash identifier: Rccemu77W7EVcT/ESW72bO9lSn9zA/GskhZIYfyg4xs=
Subject key identifier: 2D:A6:2C:64:CD:00:38:C4:40:EA:76:86:13:80:B9:F0:99:B5:F2:88
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01941C17597174DEDE7633B4FE76CF6013F5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaYsZM0AOMRA6naGE4C58Jm18og.roa
Signing time: Tue 31 Dec 2024 09:41:19 +0000
ROA not before: Tue 31 Dec 2024 09:41:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:17:59:71:74:de:de:76:33:b4:fe:76:cf:60:13:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 31 09:41:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2da62c64cd0038c440ea76861380b9f099b5f288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:33:7f:8a:52:c2:39:2b:c1:b3:e3:99:c3:12:
b9:fe:83:cd:1a:2d:c6:6f:8e:4f:27:0a:6e:63:e6:
51:b4:f7:f4:37:2f:c7:ea:6b:27:08:72:a6:b4:d2:
fe:c7:00:ea:21:f7:0b:eb:5d:4d:36:fb:a9:89:29:
b5:80:e5:ea:8c:9e:3e:e5:42:cd:3c:a3:16:5b:05:
81:4f:76:c9:60:3b:04:50:f1:e3:07:59:52:6d:a4:
86:e8:2f:2e:c7:4f:cd:99:90:ea:0e:78:90:03:9a:
49:de:88:f7:97:75:c9:8b:23:26:1c:5d:5d:a1:59:
27:2c:4a:ce:9a:01:5c:96:fa:72:36:d6:e1:56:f1:
15:e2:28:3f:ab:6f:3e:f3:ae:93:c3:65:0d:19:1d:
6e:ee:81:87:cc:0e:16:17:95:6f:1f:c9:5d:a0:34:
a2:6a:08:0b:39:d2:2c:ee:4d:58:7f:d9:af:83:b6:
67:f5:89:0a:8f:9f:03:3b:be:91:5f:d5:ed:02:04:
44:48:59:4b:a8:ca:08:8f:e5:89:c4:f6:55:c8:18:
0f:21:fe:06:c0:03:38:15:90:15:a6:0e:31:9a:d2:
85:6a:f7:7a:25:64:23:52:67:ea:d0:b2:e3:c9:9b:
f7:84:cc:8d:70:a0:d3:16:a7:a1:51:7d:db:b8:35:
62:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A6:2C:64:CD:00:38:C4:40:EA:76:86:13:80:B9:F0:99:B5:F2:88
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaYsZM0AOMRA6naGE4C58Jm18og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.122.0/24
82.152.131.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
80:6f:f9:31:3a:29:dc:1d:e4:9b:b2:8f:4a:09:d2:66:00:96:
46:81:24:3a:c7:a8:64:e5:e6:a3:24:46:83:de:c8:10:75:58:
cb:be:60:3e:a3:d7:b9:6e:20:6d:9d:27:86:32:c4:8a:f7:37:
9b:3c:c4:af:e3:ae:0e:27:71:e0:a1:a3:46:6a:7a:e8:7c:60:
48:74:05:73:14:49:47:3e:9c:c4:d5:88:3e:4f:3e:e3:a6:4c:
cf:c2:80:38:7f:f1:c2:41:61:95:43:67:03:fd:32:a4:70:9a:
72:35:12:13:12:c2:3e:74:5a:cc:4f:f8:a4:6a:f1:80:13:af:
3c:46:29:e2:b0:6b:11:95:76:5b:10:34:77:da:94:69:50:24:
6d:02:c9:da:cf:4a:8f:bf:40:dd:6f:34:bf:67:06:3a:da:b5:
55:06:55:49:76:37:81:52:76:f5:d2:10:f3:64:fd:ac:48:80:
08:09:52:5b:f9:d2:a0:5f:59:e3:19:6a:bc:fd:00:48:94:27:
39:3d:28:91:d4:c1:7a:10:7d:a7:29:c8:34:82:10:c7:d8:4e:
71:13:86:fc:fa:9f:03:46:2c:93:55:76:1b:f2:45:23:07:a2:
d9:5c:b0:e1:d1:6d:02:ef:de:84:20:ed:f0:bd:66:24:8c:c2:
34:45:79:c9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQcF1lxdN7edjO0/nbPYBP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjMxMDk0MTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGE2MmM2NGNkMDAzOGM0NDBlYTc2ODYxMzgwYjlmMDk5YjVmMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjN/ilLCOSvBs+OZwxK5/oPNGi3G
b45PJwpuY+ZRtPf0Ny/H6msnCHKmtNL+xwDqIfcL611NNvupiSm1gOXqjJ4+5ULN
PKMWWwWBT3bJYDsEUPHjB1lSbaSG6C8ux0/NmZDqDniQA5pJ3oj3l3XJiyMmHF1d
oVknLErOmgFclvpyNtbhVvEV4ig/q28+866Tw2UNGR1u7oGHzA4WF5VvH8ldoDSi
aggLOdIs7k1Yf9mvg7Zn9YkKj58DO76RX9XtAgRESFlLqMoIj+WJxPZVyBgPIf4G
wAM4FZAVpg4xmtKFavd6JWQjUmfq0LLjyZv3hMyNcKDTFqehUX3buDViRwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC2mLGTNADjEQOp2hhOAufCZtfKIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTGFZc1pNMEFPTVJBNm5hR0U0QzU4Sm0xOG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUQW9AwQA
Uah6AwQAUpiDAwQAWdWYAwQAWdWwAwQAWdW3AwQAbbDmMA0GCSqGSIb3DQEBCwUA
A4IBAQCAb/kxOincHeSbso9KCdJmAJZGgSQ6x6hk5eajJEaD3sgQdVjLvmA+o9e5
biBtnSeGMsSK9zebPMSv464OJ3HgoaNGanrofGBIdAVzFElHPpzE1Yg+Tz7jpkzP
woA4f/HCQWGVQ2cD/TKkcJpyNRITEsI+dFrMT/ikavGAE688RinisGsRlXZbEDR3
2pRpUCRtAsnaz0qPv0DdbzS/ZwY62rVVBlVJdjeBUnb10hDzZP2sSIAICVJb+dKg
X1njGWq8/QBIlCc5PSiR1MF6EH2nKcg0ghDH2E5xE4b8+p8DRiyTVXYb8kUjB6LZ
XLDh0W0C796EIO3wvWYkjMI0RXnJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:22 2025 by rpki-client