Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Lhg7FB-MoC9WRMItQvlSAqJrO1M.roa
File: Lhg7FB-MoC9WRMItQvlSAqJrO1M.roa (raw, json)
Hash identifier: TraTQ8kJv2oW2h5olRGtv3YjTsfxHYyNt6NnMgr0K2I=
Subject key identifier: 2E:18:3B:14:1F:8C:A0:2F:56:44:C2:2D:42:F9:52:02:A2:6B:3B:53
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01973A88DF39D1F437714062DF543FCB4050
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Lhg7FB-MoC9WRMItQvlSAqJrO1M.roa
Signing time: Wed 04 Jun 2025 10:42:17 +0000
ROA not before: Wed 04 Jun 2025 10:42:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 45.139.68.0/23 maxlen: 24
45.150.80.0/23 maxlen: 24
95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
193.36.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 13:56:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:88:df:39:d1:f4:37:71:40:62:df:54:3f:cb:40:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jun 4 10:42:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e183b141f8ca02f5644c22d42f95202a26b3b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b0:02:d6:19:65:37:90:38:eb:d3:ff:78:a3:
fb:5a:18:3c:f4:c9:32:c9:53:10:e0:09:0b:d4:85:
d9:22:98:9b:37:85:94:33:96:57:63:c4:5c:03:60:
b5:db:08:ce:df:6a:67:58:11:6d:98:a8:c6:4b:61:
ea:84:71:92:89:74:aa:a5:41:09:d9:ff:0c:5a:4f:
9e:6c:0b:b4:c1:dd:4d:0b:2b:7f:f8:c3:0b:43:7f:
fc:7e:ee:94:b1:2d:31:99:72:97:e0:71:9f:c4:75:
fe:c1:fe:56:44:b9:fc:db:d4:06:00:fa:03:92:01:
2e:b1:01:af:b9:db:83:22:1e:f1:8c:90:34:6c:d2:
9c:79:eb:ab:19:69:e6:97:06:ab:14:9a:0c:88:2a:
0d:46:26:a5:56:2d:67:65:eb:f3:36:12:ed:f7:d9:
f9:95:8b:2d:5a:f9:14:cf:ad:a8:81:d1:52:67:32:
bd:9c:b5:cc:ae:4d:62:44:44:1b:c0:34:5b:ae:dd:
30:30:85:83:cf:a1:1a:59:66:19:bc:47:fd:3f:d8:
35:6c:5e:f4:d6:ad:27:8d:fe:69:89:53:5f:60:46:
32:8a:46:66:9d:11:95:92:ea:4f:a8:9a:2f:28:61:
6e:a5:c2:d7:67:5c:f5:d6:3c:48:e8:bf:5f:64:9b:
52:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:18:3B:14:1F:8C:A0:2F:56:44:C2:2D:42:F9:52:02:A2:6B:3B:53
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Lhg7FB-MoC9WRMItQvlSAqJrO1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.68.0/23
45.150.80.0/23
95.214.38.0/23
193.36.163.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:10:4a:28:30:76:67:13:af:72:7d:2d:88:8e:72:b6:f8:36:
13:2c:24:4b:9c:71:3c:a0:d4:4d:18:d9:e7:8e:2e:48:89:46:
2c:69:32:e5:22:df:df:94:7f:20:02:cd:23:8f:ae:a7:21:ca:
a2:1d:67:9c:fc:bc:12:23:3d:c3:cc:be:77:bd:f2:fd:e4:d7:
b5:c0:b7:c4:bd:09:12:f6:37:10:5a:38:ba:70:da:8a:31:05:
73:63:ad:21:07:b7:ca:24:c0:8f:d8:96:53:b5:54:0a:c7:e4:
00:83:ad:fa:39:02:ae:98:62:31:6e:a0:a0:09:fd:81:38:25:
81:2c:5d:69:6c:01:b4:87:cc:ca:5d:14:e3:78:16:5c:bf:fe:
08:59:2e:a2:2a:71:c1:c8:9e:89:8c:c1:28:f2:ac:2b:10:33:
60:e6:2d:ad:58:52:fb:9a:c1:c9:86:b9:69:43:63:00:cb:31:
f9:30:d5:f0:fc:98:81:77:3e:f0:00:ed:7f:00:fe:87:c0:9c:
52:47:21:51:8b:1c:80:6a:cc:0d:70:29:4e:01:e0:3e:77:0c:
4a:ef:15:2d:fa:79:39:dd:09:49:da:99:6b:6a:bc:50:fa:3d:
0d:3e:94:72:96:f4:14:22:c1:98:e7:17:93:7a:3e:6a:07:9c:
ae:cc:36:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZc6iN850fQ3cUBi31Q/y0BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwNjA0MTA0MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTE4M2IxNDFmOGNhMDJmNTY0NGMyMmQ0MmY5NTIwMmEyNmIzYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLAC1hllN5A469P/eKP7Whg89Mky
yVMQ4AkL1IXZIpibN4WUM5ZXY8RcA2C12wjO32pnWBFtmKjGS2HqhHGSiXSqpUEJ
2f8MWk+ebAu0wd1NCyt/+MMLQ3/8fu6UsS0xmXKX4HGfxHX+wf5WRLn829QGAPoD
kgEusQGvuduDIh7xjJA0bNKceeurGWnmlwarFJoMiCoNRialVi1nZevzNhLt99n5
lYstWvkUz62ogdFSZzK9nLXMrk1iREQbwDRbrt0wMIWDz6EaWWYZvEf9P9g1bF70
1q0njf5piVNfYEYyikZmnRGVkupPqJovKGFupcLXZ1z11jxI6L9fZJtSRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC4YOxQfjKAvVkTCLUL5UgKiaztTMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvTGhnN0ZCLU1vQzlXUk1JdFF2bFNBcUpyTzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYtEAwQB
LZZQAwQBX9YmAwQAwSSjMA0GCSqGSIb3DQEBCwUAA4IBAQDKEEooMHZnE69yfS2I
jnK2+DYTLCRLnHE8oNRNGNnnji5IiUYsaTLlIt/flH8gAs0jj66nIcqiHWec/LwS
Iz3DzL53vfL95Ne1wLfEvQkS9jcQWji6cNqKMQVzY60hB7fKJMCP2JZTtVQKx+QA
g636OQKumGIxbqCgCf2BOCWBLF1pbAG0h8zKXRTjeBZcv/4IWS6iKnHByJ6JjMEo
8qwrEDNg5i2tWFL7msHJhrlpQ2MAyzH5MNXw/JiBdz7wAO1/AP6HwJxSRyFRixyA
aswNcClOAeA+dwxK7xUt+nk53QlJ2plrarxQ+j0NPpRylvQUIsGY5xeTej5qB5yu
zDZh
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:19:16 2025 by rpki-client