Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LnPfF-T5zkoxGDpJ5JKGOgQuTB4.roa
File: LnPfF-T5zkoxGDpJ5JKGOgQuTB4.roa (raw, json)
Hash identifier: e6FdrW/72KJC7zCAMaA7FWl1xT/p7LEwsV1rIr9Yd40=
Subject key identifier: 2E:73:DF:17:E4:F9:CE:4A:31:18:3A:49:E4:92:86:3A:04:2E:4C:1E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FA57C61A68CE64D8560B7887AB8B7A55C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LnPfF-T5zkoxGDpJ5JKGOgQuTB4.roa
Signing time: Thu 23 May 2024 12:45:43 +0000
ROA not before: Thu 23 May 2024 12:45:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 82.153.152.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 May 2024 07:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:7c:61:a6:8c:e6:4d:85:60:b7:88:7a:b8:b7:a5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 23 12:45:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e73df17e4f9ce4a31183a49e492863a042e4c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:02:f2:d9:1b:64:2b:3a:06:ff:be:95:d2:65:
4d:b3:ce:e9:b7:56:c8:0c:43:a3:88:ff:b3:0d:d2:
03:16:b1:08:cc:8a:14:c6:2f:8d:99:77:40:bb:47:
b5:e2:cf:5d:bb:52:c9:7f:5a:9c:63:36:ed:e9:45:
a5:d9:18:07:9b:56:1c:0d:ea:38:5b:4e:83:61:c7:
30:6c:96:55:ed:97:e4:4e:20:17:f7:09:a1:89:b9:
72:cf:88:9b:db:66:b5:55:4c:f4:e1:51:bc:b9:7a:
80:be:80:6c:8d:eb:81:39:c5:5a:e3:e7:c2:6f:96:
23:55:2a:a6:c2:23:0d:75:f8:9b:3a:c9:bf:0b:38:
a1:69:a2:b0:a6:5e:98:d7:b1:50:cb:5f:d9:91:35:
e0:75:da:05:3e:cb:98:48:a5:03:ed:72:a8:e1:71:
8e:5a:75:45:bc:f6:9f:6b:59:96:b0:d5:15:c4:df:
d0:27:8c:31:ad:35:5a:2e:15:8b:df:51:f6:81:4d:
1f:fb:a2:67:38:85:93:24:cb:04:a6:7c:c1:a4:d6:
ec:7b:aa:24:0f:6f:d0:3c:62:e1:9f:ae:fe:50:f3:
0b:c0:a8:95:c5:10:26:80:99:61:03:62:a8:d5:41:
86:7a:b5:5f:bd:2e:87:c3:3d:0a:c9:ab:04:27:6c:
1c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:73:DF:17:E4:F9:CE:4A:31:18:3A:49:E4:92:86:3A:04:2E:4C:1E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LnPfF-T5zkoxGDpJ5JKGOgQuTB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.152.0/24
82.153.225.0/24
89.213.43.0/24
89.213.145.0-89.213.146.255
89.213.161.0/24
109.176.32.0/19
Signature Algorithm: sha256WithRSAEncryption
78:04:6b:e7:63:16:72:1f:0e:d0:91:09:27:7b:a0:ec:b6:ba:
ff:0c:9e:0c:6e:5e:f7:ba:3a:b5:7a:5a:f2:1a:61:14:4b:72:
82:fc:c8:c6:b1:b0:be:77:8f:4c:5f:7d:cb:10:7d:68:16:ce:
1f:76:6f:93:49:66:54:38:a4:54:bf:50:bf:43:57:a0:0f:e6:
f9:ad:a6:5b:00:0c:65:65:2d:15:2f:45:82:7a:30:47:8f:33:
66:e9:af:d7:d4:e1:63:1c:59:67:46:df:47:75:b1:7e:e9:37:
92:70:47:ce:57:31:1b:eb:fb:3b:0d:59:de:c5:6c:fd:8e:0b:
b6:82:a0:fd:fc:dc:e8:6f:2c:3a:2a:42:21:3b:f7:ee:43:75:
a1:35:22:04:67:65:0c:8e:55:d3:1d:38:26:6f:c9:8e:82:a7:
b3:e0:e0:1f:93:a1:0b:f9:6c:b1:dd:7a:15:64:43:be:72:8f:
b8:24:08:ee:fb:36:81:94:bf:19:bb:bd:c9:e3:d6:b8:87:c5:
b4:3a:15:f2:07:4b:56:7c:59:d3:e0:10:bb:e2:29:64:99:7e:
d6:2d:93:56:2d:4d:01:3d:7b:65:23:e5:e1:e6:9a:a5:60:b8:
62:e4:d1:bf:75:32:74:77:7f:cf:b0:6e:1f:14:9d:d6:0c:f3:
25:7f:5d:cd
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY+lfGGmjOZNhWC3iHq4t6VcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIzMTI0NTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTczZGYxN2U0ZjljZTRhMzExODNhNDllNDkyODYzYTA0MmU0YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgLy2RtkKzoG/76V0mVNs87pt1bI
DEOjiP+zDdIDFrEIzIoUxi+NmXdAu0e14s9du1LJf1qcYzbt6UWl2RgHm1YcDeo4
W06DYccwbJZV7ZfkTiAX9wmhiblyz4ib22a1VUz04VG8uXqAvoBsjeuBOcVa4+fC
b5YjVSqmwiMNdfibOsm/CzihaaKwpl6Y17FQy1/ZkTXgddoFPsuYSKUD7XKo4XGO
WnVFvPafa1mWsNUVxN/QJ4wxrTVaLhWL31H2gU0f+6JnOIWTJMsEpnzBpNbse6ok
D2/QPGLhn67+UPMLwKiVxRAmgJlhA2Ko1UGGerVfvS6Hwz0KyasEJ2wcyQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFC5z3xfk+c5KMRg6SeSShjoELkweMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTG5QZkYtVDV6a294R0RwSjVKS0dPZ1F1VEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAUpmYAwQA
UpnhAwQAWdUrMAwDBABZ1ZEDBABZ1ZIDBABZ1aEDBAVtsCAwDQYJKoZIhvcNAQEL
BQADggEBAHgEa+djFnIfDtCRCSd7oOy2uv8MngxuXve6OrV6WvIaYRRLcoL8yMax
sL53j0xffcsQfWgWzh92b5NJZlQ4pFS/UL9DV6AP5vmtplsADGVlLRUvRYJ6MEeP
M2bpr9fU4WMcWWdG30d1sX7pN5JwR85XMRvr+zsNWd7FbP2OC7aCoP383OhvLDoq
QiE79+5DdaE1IgRnZQyOVdMdOCZvyY6Cp7Pg4B+ToQv5bLHdehVkQ75yj7gkCO77
NoGUvxm7vcnj1riHxbQ6FfIHS1Z8WdPgELviKWSZftYtk1YtTQE9e2Uj5eHmmqVg
uGLk0b91MnR3f8+wbh8UndYM8yV/Xc0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:18 2025 by rpki-client