Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/lnrzAWLUSc2sZ5MUq_OwcCj7gfs.roa
File: lnrzAWLUSc2sZ5MUq_OwcCj7gfs.roa (raw, json)
Hash identifier: YIjxybRitaMFDeagSzKc5+2veCpQWTQHWg+0979V2r4=
Subject key identifier: 96:7A:F3:01:62:D4:49:CD:AC:67:93:14:AB:F3:B0:70:28:FB:81:FB
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 019422FBB281194C6871FE7D8F14B3D06E2B
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/lnrzAWLUSc2sZ5MUq_OwcCj7gfs.roa
Signing time: Wed 01 Jan 2025 17:48:28 +0000
ROA not before: Wed 01 Jan 2025 17:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211183
IP address blocks: 5.35.124.0/24 maxlen: 24
5.35.125.0/24 maxlen: 24
5.35.126.0/24 maxlen: 24
5.35.127.0/24 maxlen: 24
5.253.62.0/24 maxlen: 24
37.140.241.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.183.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
94.154.11.0/24 maxlen: 24
185.198.152.0/24 maxlen: 24
185.239.50.0/24 maxlen: 24
185.239.51.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
185.244.51.0/24 maxlen: 24
185.250.44.0/24 maxlen: 24
185.250.46.0/24 maxlen: 24
185.250.47.0/24 maxlen: 24
193.187.96.0/24 maxlen: 24
217.171.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 11:56:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b2:81:19:4c:68:71:fe:7d:8f:14:b3:d0:6e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Jan 1 17:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=967af30162d449cdac679314abf3b07028fb81fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bc:e4:53:af:76:c7:82:d3:50:62:59:90:cc:
29:e8:58:b4:84:18:97:e2:0b:99:74:35:fa:7d:50:
b3:4c:a2:43:e0:d3:bb:90:1a:87:2c:ae:82:ed:a0:
e8:0a:03:47:4e:a0:90:3e:a5:85:f0:12:75:5f:1e:
71:db:54:cb:2f:7f:48:6d:a9:de:12:a3:ce:55:a2:
7f:cc:6a:e6:2e:55:c6:10:00:1f:73:bb:05:3d:d7:
bb:63:07:c2:0d:89:f7:09:fd:f3:11:b8:a2:ba:f8:
e7:b7:6b:9f:9b:e8:2a:8b:19:90:1b:0a:ce:cc:af:
8e:66:58:04:6f:bf:10:b6:03:a8:bf:5d:af:c9:c5:
01:84:dd:69:b8:33:d8:d1:d2:3f:84:b7:6a:90:7c:
57:e5:ef:87:bc:62:2d:6b:23:ee:6a:09:c3:53:3a:
e2:46:75:af:18:48:be:89:7a:95:6d:77:59:36:a9:
ee:d2:0d:0f:fd:b0:e3:a9:42:9e:38:34:1e:60:17:
09:92:91:c4:2a:f1:b2:2d:a3:d8:d7:86:fe:e5:30:
b2:3a:e1:a9:e2:a2:48:38:c3:c5:62:7e:67:ce:e2:
30:99:02:1e:0d:82:4a:82:b9:ba:aa:ee:ba:a8:af:
62:4d:09:9f:be:41:21:31:87:9d:03:32:c5:77:03:
82:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7A:F3:01:62:D4:49:CD:AC:67:93:14:AB:F3:B0:70:28:FB:81:FB
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/lnrzAWLUSc2sZ5MUq_OwcCj7gfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.124.0/22
5.253.62.0/24
37.140.241.0/24
45.128.204.0/24
79.133.181.0-79.133.183.255
89.191.225.0/24
91.200.84.0/24
94.154.11.0/24
185.198.152.0/24
185.239.50.0/23
185.240.103.0/24
185.244.51.0/24
185.250.44.0/24
185.250.46.0/23
193.187.96.0/24
217.171.146.0/24
Signature Algorithm: sha256WithRSAEncryption
40:24:0e:37:c9:c3:2e:10:8b:cb:fd:c3:02:f8:01:9b:13:b3:
33:59:a0:a4:33:17:64:42:fd:14:62:10:30:5a:2a:a6:c7:61:
01:77:fb:94:90:5c:30:23:a0:eb:74:0b:18:72:06:7b:ec:57:
e3:f7:4a:ca:3d:6b:13:d0:25:c4:db:e1:46:bc:d5:9a:d2:4f:
69:04:89:8e:64:6e:a0:52:c7:64:71:e0:d1:ef:8f:5f:6e:36:
c2:47:b6:42:ae:d0:77:54:24:e7:67:83:72:9f:6b:d4:a7:23:
ea:c0:e2:b6:ae:36:59:81:bb:dc:7a:06:b3:b1:51:d1:ec:e0:
b7:dd:da:53:17:28:14:90:1c:bf:b2:97:9c:8a:88:9a:38:81:
bc:3e:e3:b1:65:9c:ab:61:e4:5b:5e:d1:4e:9a:97:11:dc:56:
a3:60:b8:1e:ac:84:46:8d:d6:dd:f4:73:17:6e:d9:3d:4f:35:
b6:5f:08:55:73:f5:58:2a:07:d5:42:80:07:09:e9:1f:ba:2e:
a5:13:03:f9:74:1a:47:7d:88:ed:8a:67:dd:10:36:c6:45:e6:
e4:60:7b:99:76:97:8b:85:3e:cb:bb:af:fc:9d:9e:67:f7:1d:
ee:1b:f9:7f:0c:70:56:42:ab:46:2e:2f:62:86:2e:ec:25:76:
ae:b6:8e:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZQi+7KBGUxocf59jxSz0G4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjUwMTAxMTc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjdhZjMwMTYyZDQ0OWNkYWM2NzkzMTRhYmYzYjA3MDI4ZmI4MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLzkU692x4LTUGJZkMwp6Fi0hBiX
4guZdDX6fVCzTKJD4NO7kBqHLK6C7aDoCgNHTqCQPqWF8BJ1Xx5x21TLL39Ibane
EqPOVaJ/zGrmLlXGEAAfc7sFPde7YwfCDYn3Cf3zEbiiuvjnt2ufm+gqixmQGwrO
zK+OZlgEb78QtgOov12vycUBhN1puDPY0dI/hLdqkHxX5e+HvGItayPuagnDUzri
RnWvGEi+iXqVbXdZNqnu0g0P/bDjqUKeODQeYBcJkpHEKvGyLaPY14b+5TCyOuGp
4qJIOMPFYn5nzuIwmQIeDYJKgrm6qu66qK9iTQmfvkEhMYedAzLFdwOCCwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFJZ68wFi1EnNrGeTFKvzsHAo+4H7MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvbG5yekFXTFVTYzJzWjVNVXFfT3djQ2o3Z2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAgUjfAME
AAX9PgMEACWM8QMEAC2AzDAMAwQAT4W1AwQDT4WwAwQAWb/hAwQAW8hUAwQAXpoL
AwQAucaYAwQBue8yAwQAufBnAwQAufQzAwQAufosAwQBufouAwQAwbtgAwQA2auS
MA0GCSqGSIb3DQEBCwUAA4IBAQBAJA43ycMuEIvL/cMC+AGbE7MzWaCkMxdkQv0U
YhAwWiqmx2EBd/uUkFwwI6DrdAsYcgZ77Ffj90rKPWsT0CXE2+FGvNWa0k9pBImO
ZG6gUsdkceDR749fbjbCR7ZCrtB3VCTnZ4Nyn2vUpyPqwOK2rjZZgbvcegazsVHR
7OC33dpTFygUkBy/specioiaOIG8PuOxZZyrYeRbXtFOmpcR3FajYLgerIRGjdbd
9HMXbtk9TzW2XwhVc/VYKgfVQoAHCekfui6lEwP5dBpHfYjtimfdEDbGRebkYHuZ
dpeLhT7Lu6/8nZ5n9x3uG/l/DHBWQqtGLi9ihi7sJXauto7f
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:02:39 2025 by rpki-client