Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LtUNXJ-EXbWHTDvbLY_CcgCLWKM.roa
File: LtUNXJ-EXbWHTDvbLY_CcgCLWKM.roa (raw, json)
Hash identifier: UxGJS2eOXf3Kh5F0Zsq5UbEvRQlOrIqzWj559mk6kUo=
Subject key identifier: 2E:D5:0D:5C:9F:84:5D:B5:87:4C:3B:DB:2D:8F:C2:72:00:8B:58:A3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194F98EF41863D79D3EA3284A6B498E0A55
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LtUNXJ-EXbWHTDvbLY_CcgCLWKM.roa
Signing time: Wed 12 Feb 2025 09:48:02 +0000
ROA not before: Wed 12 Feb 2025 09:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.156.0/24 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 15:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:8e:f4:18:63:d7:9d:3e:a3:28:4a:6b:49:8e:0a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 12 09:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ed50d5c9f845db5874c3bdb2d8fc272008b58a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:3c:9a:43:2c:e7:f2:2d:da:07:7a:6e:48:0c:
47:c1:49:65:17:aa:32:c2:f9:8f:86:7a:98:98:87:
b4:6a:09:f1:13:0d:e8:b8:d2:b0:66:6c:ea:cb:2e:
55:ca:00:e3:c4:24:b4:b3:85:92:6a:7e:a8:40:e0:
6a:f0:0b:b1:ac:11:be:a9:ee:77:d7:30:68:ec:87:
d3:6d:c3:01:d1:e3:e8:ac:a8:3b:bb:23:55:c9:03:
25:b6:f2:5b:a2:50:56:1a:5c:b8:ed:a8:33:bd:2e:
93:13:72:e8:fa:22:7a:1b:46:b7:f4:68:54:e7:90:
19:b4:bb:64:4c:57:a3:9f:c7:fd:ca:72:32:0c:64:
f3:68:18:4a:55:1b:c4:2a:07:60:4a:56:90:9b:40:
b3:8a:f0:d6:be:59:bb:b8:f0:a3:36:1a:8e:90:4c:
d8:91:bf:76:32:8b:2e:9d:6a:f5:bf:d0:50:c1:ea:
93:27:40:ba:89:b4:59:11:e1:dd:95:d1:05:67:f4:
51:2c:2f:42:68:27:a4:03:a5:69:46:22:47:5d:bd:
ca:92:e9:c9:fa:69:88:4c:34:4c:c9:c7:91:f5:66:
e3:53:1e:a7:69:72:ff:b9:3d:69:2f:c8:a9:c7:80:
0c:92:20:e8:75:d6:d9:e5:22:32:92:bb:c0:e6:30:
90:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D5:0D:5C:9F:84:5D:B5:87:4C:3B:DB:2D:8F:C2:72:00:8B:58:A3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LtUNXJ-EXbWHTDvbLY_CcgCLWKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.243.0/24
82.163.0.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.156.0/24
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:09:c4:8a:d2:94:34:9b:5f:a8:5f:c0:f4:8f:5a:c4:e1:05:
8e:cf:f6:f8:ea:37:d6:06:3b:5c:67:55:bc:b3:a8:ad:c9:58:
51:2f:cb:22:14:59:e1:e4:0a:7d:dc:a6:2a:b5:29:3d:15:4d:
3d:1d:e2:47:20:a0:a2:60:b2:c0:90:f7:5e:0d:87:b1:4b:fd:
46:6c:27:fb:35:b0:ec:cb:d6:08:04:cd:51:e1:eb:13:30:ba:
bf:e8:99:fa:86:84:06:e1:f0:0c:d5:d0:46:3d:bd:94:ba:cc:
87:ed:ab:2e:02:99:85:27:d1:ba:7a:08:6c:09:8b:bb:31:18:
9f:a0:a5:1a:8f:3c:00:16:01:80:9e:df:3c:63:83:cf:74:50:
5c:e5:30:b1:ec:25:f7:c4:aa:a3:a7:bd:92:51:75:d5:9d:0e:
83:f3:32:5d:37:fa:86:b4:66:97:25:df:90:d9:46:e0:a6:88:
62:32:c3:70:f8:ee:7d:60:38:3b:ce:ba:c4:3b:71:7c:be:d1:
1f:4f:29:74:be:d1:e9:41:b9:fa:82:00:77:ae:f2:25:f5:6e:
25:55:38:f1:e5:e4:c2:23:64:6f:7a:d2:2e:e7:fd:2e:3f:47:
b2:9d:5f:6a:8e:fe:a9:24:1c:a2:ef:b0:ae:7c:d0:5b:df:77:
2c:d1:62:a0
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZT5jvQYY9edPqMoSmtJjgpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjEyMDk0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQ1MGQ1YzlmODQ1ZGI1ODc0YzNiZGIyZDhmYzI3MjAwOGI1OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8zyaQyzn8i3aB3puSAxHwUllF6oy
wvmPhnqYmIe0agnxEw3ouNKwZmzqyy5VygDjxCS0s4WSan6oQOBq8AuxrBG+qe53
1zBo7IfTbcMB0ePorKg7uyNVyQMltvJbolBWGly47agzvS6TE3Lo+iJ6G0a39GhU
55AZtLtkTFejn8f9ynIyDGTzaBhKVRvEKgdgSlaQm0CzivDWvlm7uPCjNhqOkEzY
kb92MosunWr1v9BQweqTJ0C6ibRZEeHdldEFZ/RRLC9CaCekA6VpRiJHXb3KkunJ
+mmITDRMyceR9WbjUx6naXL/uT1pL8ipx4AMkiDoddbZ5SIykrvA5jCQ0wIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFC7VDVyfhF21h0w72y2PwnIAi1ijMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTHRVTlhKLUVYYldIVER2YkxZX0NjZ0NMV0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAFKYCAMEAVKYsAMEAFKZMgMEAlKZiAMEAFKZ8wMEAFKjAAMEAVnVLAMEAVnV
MgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwD
BAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnV
oAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBAD
BAJtsMwDBAFtsPIDBAG5MX4DBATCaVADBADUJk8DBAHUJlgDBADVgpwDBADVmCsD
BALV0jQDBADV2tMwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOC
AQEAPAnEitKUNJtfqF/A9I9axOEFjs/2+Oo31gY7XGdVvLOorclYUS/LIhRZ4eQK
fdymKrUpPRVNPR3iRyCgomCywJD3Xg2HsUv9Rmwn+zWw7MvWCATNUeHrEzC6v+iZ
+oaEBuHwDNXQRj29lLrMh+2rLgKZhSfRunoIbAmLuzEYn6ClGo88ABYBgJ7fPGOD
z3RQXOUwsewl98Sqo6e9klF11Z0Og/MyXTf6hrRmlyXfkNlG4KaIYjLDcPjufWA4
O866xDtxfL7RH08pdL7R6UG5+oIAd67yJfVuJVU48eXkwiNkb3rSLuf9Lj9Hsp1f
ao7+qSQcou+wrnzQW993LNFioA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:09:23 2025 by rpki-client