Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaranFMLTz1uAwq9bzpwRqu1Gbg.roa
File: LaranFMLTz1uAwq9bzpwRqu1Gbg.roa (raw, json)
Hash identifier: Tx7D2kZR4QSrXDQbg7HBWvOi8MKHNF5MjXVCje3KpGs=
Subject key identifier: 2D:AA:DA:9C:53:0B:4F:3D:6E:03:0A:BD:6F:3A:70:46:AB:B5:19:B8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EA89A23E0CB39F3A8E1D78C13A4A7A414
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaranFMLTz1uAwq9bzpwRqu1Gbg.roa
Signing time: Thu 04 Apr 2024 10:14:17 +0000
ROA not before: Thu 04 Apr 2024 10:14:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.249.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.133.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.245.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
213.130.149.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 15:59:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:9a:23:e0:cb:39:f3:a8:e1:d7:8c:13:a4:a7:a4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 4 10:14:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2daada9c530b4f3d6e030abd6f3a7046abb519b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:0f:cc:e1:68:2a:80:60:5a:e1:47:19:20:
03:5e:2c:ba:c3:66:e7:5e:92:bd:38:1b:60:0f:4b:
41:94:0b:24:43:97:5c:30:f3:8a:f0:cb:46:a5:66:
ef:04:e0:f2:1b:b1:60:26:50:63:f2:ae:ea:c6:4e:
71:56:26:ff:7e:ef:f0:72:6e:ce:82:c2:ac:f2:42:
b9:c6:df:cb:28:05:98:93:b0:fe:b4:a8:6a:d5:66:
d5:b0:75:da:cd:b4:71:ac:2c:59:f8:03:69:56:22:
df:45:ff:c0:07:62:62:b6:2f:99:22:5d:33:ff:3c:
7c:56:c8:ff:e4:9e:e5:8f:59:c0:53:e7:09:a3:82:
9d:37:1e:e1:ad:9a:d4:38:61:14:13:b1:1d:a1:55:
7b:d9:2b:2e:bc:17:df:6a:43:ca:50:93:b3:9e:45:
9b:29:96:0f:0e:bf:77:55:fa:cf:93:4a:af:f4:d0:
e4:08:ef:16:48:95:94:ed:aa:2c:7b:89:f2:43:bc:
e4:f7:a8:a8:a5:4f:bc:51:8d:85:e2:9c:af:01:01:
57:c2:7d:4c:71:d7:be:97:dc:d2:17:d7:fd:53:6f:
06:cd:a5:0c:27:a5:20:62:47:31:21:1b:70:2a:44:
99:b7:51:d7:40:9f:4e:0f:ae:11:8c:b9:6a:ee:9d:
8a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:AA:DA:9C:53:0B:4F:3D:6E:03:0A:BD:6F:3A:70:46:AB:B5:19:B8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LaranFMLTz1uAwq9bzpwRqu1Gbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.152.249.0/24
82.153.136.0/22
89.213.133.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.245.0/24
185.49.126.0/23
213.130.149.0/24
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
87:f3:96:9e:91:3d:3d:ac:55:19:9b:8f:1a:e3:9f:db:9d:32:
26:f2:0e:17:66:ae:18:3c:e7:e2:06:ac:c7:b5:68:85:44:bb:
0d:2d:f3:fd:3f:8d:fc:91:e7:fc:67:8c:4e:6a:b5:b2:32:2f:
8b:6f:e3:3a:b9:5d:24:f2:5d:e7:34:88:38:21:53:62:2a:fc:
bc:12:6d:30:dc:0d:be:8d:f8:91:b3:fd:ba:3f:21:20:40:41:
8e:dd:02:15:8f:2a:df:28:e4:bd:6f:e4:d2:f7:37:67:18:59:
9f:b0:73:1f:63:41:6b:d4:e8:af:18:70:7e:17:7a:2f:9e:40:
98:b8:52:aa:50:59:6c:fa:e4:43:34:17:d8:c1:ce:40:4e:38:
db:f3:ee:e7:b6:e8:53:52:97:3c:b3:1b:6e:34:7d:3a:dd:41:
24:00:3a:20:93:53:96:67:ca:da:92:f9:99:a5:c3:a7:b6:af:
ca:84:2e:39:ed:00:d8:fc:2a:2c:db:cb:dd:51:f2:3f:df:64:
67:92:dc:ad:fc:78:8b:13:51:71:36:12:14:02:22:8e:5f:6b:
2b:8a:83:2a:dd:45:4f:dd:e7:49:7c:c0:cb:31:24:45:ad:78:
6e:a0:41:fe:ac:22:6f:45:65:6e:ef:3d:f1:4f:99:9e:9b:3b:
70:cb:51:4d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY6omiPgyznzqOHXjBOkp6QUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA0MTAxNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGFhZGE5YzUzMGI0ZjNkNmUwMzBhYmQ2ZjNhNzA0NmFiYjUxOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0l0PzOFoKoBgWuFHGSADXiy6w2bn
XpK9OBtgD0tBlAskQ5dcMPOK8MtGpWbvBODyG7FgJlBj8q7qxk5xVib/fu/wcm7O
gsKs8kK5xt/LKAWYk7D+tKhq1WbVsHXazbRxrCxZ+ANpViLfRf/AB2Jiti+ZIl0z
/zx8Vsj/5J7lj1nAU+cJo4KdNx7hrZrUOGEUE7EdoVV72SsuvBffakPKUJOznkWb
KZYPDr93VfrPk0qv9NDkCO8WSJWU7aose4nyQ7zk96iopU+8UY2F4pyvAQFXwn1M
cde+l9zSF9f9U28GzaUMJ6UgYkcxIRtwKkSZt1HXQJ9OD64RjLlq7p2KpQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFC2q2pxTC089bgMKvW86cEartRm4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTGFyYW5GTUxUejF1QXdxOWJ6cHdScXUxR2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBUpiwAwQA
Upj5AwQCUpmIAwQAWdWFMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBABtsPUD
BAG5MX4DBADVgpUDBADVmCowDQYJKoZIhvcNAQELBQADggEBAIfzlp6RPT2sVRmb
jxrjn9udMibyDhdmrhg85+IGrMe1aIVEuw0t8/0/jfyR5/xnjE5qtbIyL4tv4zq5
XSTyXec0iDghU2Iq/LwSbTDcDb6N+JGz/bo/ISBAQY7dAhWPKt8o5L1v5NL3N2cY
WZ+wcx9jQWvU6K8YcH4Xei+eQJi4UqpQWWz65EM0F9jBzkBOONvz7ue26FNSlzyz
G240fTrdQSQAOiCTU5ZnytqS+Zmlw6e2r8qELjntANj8Kizby91R8j/fZGeS3K38
eIsTUXE2EhQCIo5fayuKgyrdRU/d50l8wMsxJEWteG6gQf6sIm9FZW7vPfFPmZ6b
O3DLUU0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:04 2025 by rpki-client