Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lpp7RGlhS-26CU2aikdTaaLGVM4.roa
File: lpp7RGlhS-26CU2aikdTaaLGVM4.roa (raw, json)
Hash identifier: bI4/D5czJt+qtRiWA2l2TjNhfgpE1UCh+FBvM0sWSq4=
Subject key identifier: 96:9A:7B:44:69:61:4B:ED:BA:09:4D:9A:8A:47:53:69:A2:C6:54:CE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01953D2A159706F258B4013074ABBF067FE0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lpp7RGlhS-26CU2aikdTaaLGVM4.roa
Signing time: Tue 25 Feb 2025 12:52:02 +0000
ROA not before: Tue 25 Feb 2025 12:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 81.168.119.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
213.218.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Mar 2025 09:09:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:2a:15:97:06:f2:58:b4:01:30:74:ab:bf:06:7f:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 25 12:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=969a7b4469614bedba094d9a8a475369a2c654ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b9:33:5d:94:81:11:fe:dd:1a:ff:a0:fd:ba:
ef:50:54:54:1d:c0:5e:d4:ec:54:7c:8c:80:68:f9:
3b:d4:34:9e:9f:78:9b:5d:10:3c:2a:2d:69:a1:a0:
d0:ac:94:94:78:4f:b9:e2:c3:a1:05:11:90:a9:a9:
bc:70:d5:f5:24:1d:3b:43:42:6d:f6:8e:82:fe:53:
07:98:2f:8e:2b:7b:1d:6a:64:97:74:42:eb:d1:83:
38:c0:a3:c0:d9:e6:b3:50:7d:72:9c:84:d5:b8:f7:
1f:71:7f:05:c2:b0:a1:07:02:e0:76:e3:d1:6b:9f:
aa:9c:da:c7:4c:d6:a9:39:62:22:f5:76:23:56:2a:
0c:6f:80:22:be:66:0a:b0:78:1b:ca:f9:49:03:9e:
28:d5:2b:76:25:36:b0:b5:d1:31:d9:c5:22:83:63:
d3:b4:25:98:21:22:9e:ff:83:b8:2c:29:8c:b0:02:
d5:b9:23:6e:9c:c2:a0:62:2b:be:7c:2e:10:e2:61:
a2:88:38:a5:bb:a7:e1:23:86:19:e8:19:75:9e:88:
75:8a:49:ed:6b:91:2a:b3:54:f3:8e:48:aa:44:07:
f7:d7:ec:25:56:4e:fd:fe:fd:cc:76:d4:3d:37:56:
7f:8d:03:ff:d2:0c:b1:6f:92:15:44:da:dd:39:85:
5b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:9A:7B:44:69:61:4B:ED:BA:09:4D:9A:8A:47:53:69:A2:C6:54:CE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lpp7RGlhS-26CU2aikdTaaLGVM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.152.131.0/24
213.218.248.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:c6:b2:3f:8d:5d:0c:c4:a5:c2:bc:20:6b:ab:3e:e1:f2:e7:
39:9d:4a:97:06:64:3c:e3:c7:1e:3e:06:89:31:cf:6f:ad:5c:
af:ea:66:2a:82:29:d6:9c:83:82:23:24:f1:8c:c0:6d:66:01:
50:48:ea:c5:50:75:cf:dc:28:87:b5:e9:c2:0f:41:35:dc:de:
f0:2d:65:6d:bf:65:fd:97:39:a6:b6:dd:67:ce:bd:c0:00:84:
c2:b5:7f:bc:4c:ed:0e:ac:e1:96:3a:7f:be:27:ac:cc:7c:70:
0c:52:15:a8:1c:12:98:ce:2b:da:49:b6:8f:2b:8a:6b:3f:21:
97:98:6a:1e:b1:8f:c3:07:1e:0a:66:a2:c3:56:de:18:73:f6:
45:6b:e0:d7:7d:fe:92:8b:f8:a9:b5:27:32:e8:53:66:be:f1:
71:c1:7c:61:cf:eb:c2:49:3f:b3:fc:5c:e4:23:8d:c3:98:b9:
5e:d0:dc:1b:29:1b:58:72:f5:b4:9d:33:9d:a9:af:6b:86:a2:
01:aa:78:c5:77:c2:eb:a0:da:1a:7a:5e:d1:51:65:54:ea:8f:
b3:4b:17:b2:68:e8:e5:bb:66:d0:fe:a5:0b:19:9c:ae:24:0b:
3f:b2:57:1d:ab:0c:07:6b:80:61:ba:dd:01:10:4b:00:ce:79:
1b:1d:b6:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU9KhWXBvJYtAEwdKu/Bn/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjI1MTI1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjlhN2I0NDY5NjE0YmVkYmEwOTRkOWE4YTQ3NTM2OWEyYzY1NGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbkzXZSBEf7dGv+g/brvUFRUHcBe
1OxUfIyAaPk71DSen3ibXRA8Ki1poaDQrJSUeE+54sOhBRGQqam8cNX1JB07Q0Jt
9o6C/lMHmC+OK3sdamSXdELr0YM4wKPA2eazUH1ynITVuPcfcX8FwrChBwLgduPR
a5+qnNrHTNapOWIi9XYjVioMb4AivmYKsHgbyvlJA54o1St2JTawtdEx2cUig2PT
tCWYISKe/4O4LCmMsALVuSNunMKgYiu+fC4Q4mGiiDilu6fhI4YZ6Bl1noh1iknt
a5Eqs1TzjkiqRAf31+wlVk79/v3MdtQ9N1Z/jQP/0gyxb5IVRNrdOYVbwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJaae0RpYUvtuglNmopHU2mixlTOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbHBwN1JHbGhTLTI2Q1UyYWlrZFRhYUxHVk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUah3AwQA
UpiDAwQA1dr4MA0GCSqGSIb3DQEBCwUAA4IBAQCtxrI/jV0MxKXCvCBrqz7h8uc5
nUqXBmQ848cePgaJMc9vrVyv6mYqginWnIOCIyTxjMBtZgFQSOrFUHXP3CiHtenC
D0E13N7wLWVtv2X9lzmmtt1nzr3AAITCtX+8TO0OrOGWOn++J6zMfHAMUhWoHBKY
zivaSbaPK4prPyGXmGoesY/DBx4KZqLDVt4Yc/ZFa+DXff6Si/iptScy6FNmvvFx
wXxhz+vCST+z/FzkI43DmLle0NwbKRtYcvW0nTOdqa9rhqIBqnjFd8LroNoael7R
UWVU6o+zSxeyaOjlu2bQ/qULGZyuJAs/slcdqwwHa4Bhut0BEEsAznkbHbbN
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:15:27 2025 by rpki-client