Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/Lg_3nvVILwJnqu90_F3r9zAbk1Q.roa
File: Lg_3nvVILwJnqu90_F3r9zAbk1Q.roa (raw, json)
Hash identifier: Q0ny1HlY3b3aRqcBediRfq8vFNRjOY3D2KpynCrHJ/Q=
Subject key identifier: 2E:0F:F7:9E:F5:48:2F:02:67:AA:EF:74:FC:5D:EB:F7:30:1B:93:54
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 018CC26D0642836DE7FA76B232E6C1FB9458
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/Lg_3nvVILwJnqu90_F3r9zAbk1Q.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25124
IP address blocks: 109.162.192.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
109.162.144.0/20 maxlen: 20
109.162.144.0/21 maxlen: 21
109.162.160.0/20 maxlen: 20
109.162.176.0/24 maxlen: 24
81.91.138.112/28 maxlen: 28
81.91.138.80/28 maxlen: 28
81.91.138.48/28 maxlen: 28
109.162.176.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
91.184.80.0/20 maxlen: 20
81.91.138.40/29 maxlen: 29
213.207.240.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
81.91.130.0/23 maxlen: 23
81.91.128.0/20 maxlen: 20
81.91.132.0/22 maxlen: 22
81.91.132.0/23 maxlen: 23
81.91.128.0/23 maxlen: 23
81.91.128.0/22 maxlen: 22
81.91.128.0/21 maxlen: 21
81.91.138.0/24 maxlen: 24
81.91.138.0/23 maxlen: 23
81.91.139.0/24 maxlen: 24
81.91.134.0/23 maxlen: 23
81.91.136.0/23 maxlen: 23
81.91.136.0/22 maxlen: 22
81.91.140.0/23 maxlen: 23
81.91.140.0/22 maxlen: 22
81.91.142.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 20 Oct 2024 12:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:06:42:83:6d:e7:fa:76:b2:32:e6:c1:fb:94:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e0ff79ef5482f0267aaef74fc5debf7301b9354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:57:2f:70:22:c7:80:c3:de:44:e5:3f:06:5c:
c9:21:41:35:bd:43:b7:6c:12:b7:93:3a:86:47:69:
5e:18:fa:6e:bb:e5:81:3b:7f:47:33:98:9f:40:9d:
fe:db:63:d3:c9:9f:dd:d8:d2:fc:68:43:8a:43:9a:
b8:0f:ab:93:3d:44:6a:85:3c:bf:90:cb:4f:ac:b4:
5b:68:87:28:3e:7b:a1:ea:3e:b3:e0:68:27:89:11:
fa:61:d2:2e:19:fb:2a:cd:70:de:3a:bf:56:8c:18:
75:37:64:68:49:8c:e4:b8:ab:0c:15:70:ed:06:d5:
0f:27:46:65:59:4f:cb:dc:96:ba:89:1f:44:87:48:
29:2f:57:e9:50:ef:cc:17:08:d0:2b:31:8e:d7:fc:
f9:9b:4c:cd:9c:6c:45:88:f4:1a:a8:62:94:a1:8c:
d5:dc:81:15:70:c7:52:80:1f:27:4f:3f:af:b2:53:
97:5f:59:89:5c:ca:a8:e0:05:c3:82:f2:a5:d1:ce:
fa:89:7d:de:c5:06:09:43:36:4e:93:30:71:37:2e:
37:ab:28:d0:51:bd:00:77:eb:83:60:71:6c:bb:20:
91:09:2b:6f:04:04:68:c7:af:78:5a:3a:92:c3:08:
f6:21:b5:15:97:56:63:b2:1a:44:52:45:aa:cf:c0:
bb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0F:F7:9E:F5:48:2F:02:67:AA:EF:74:FC:5D:EB:F7:30:1B:93:54
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/Lg_3nvVILwJnqu90_F3r9zAbk1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
Signature Algorithm: sha256WithRSAEncryption
3d:dc:61:4c:ae:52:1d:de:46:bf:38:ea:b9:21:31:59:e4:28:
a2:95:c2:3f:a1:98:a9:69:c5:68:29:f7:e6:1f:d5:25:59:03:
55:b5:dd:71:69:35:c1:10:f9:2d:84:30:31:85:e6:a8:e7:aa:
91:25:91:61:a9:ee:12:ca:ec:c8:11:ec:09:7d:17:26:7c:fc:
46:b0:4a:a2:9c:e8:de:0e:f4:c7:e3:c6:10:eb:28:f2:01:f2:
23:22:ba:a8:cc:8b:36:c4:4e:15:fe:e7:5a:ba:c9:f4:aa:47:
55:1a:0b:c6:ab:0c:b9:f5:8a:1a:7e:76:4c:3a:ea:9c:4c:54:
05:d6:80:54:e4:37:ec:2a:35:fd:45:4c:05:8b:e5:16:fb:c3:
ee:c8:07:93:4a:0c:68:5d:c2:5c:de:a8:42:20:54:cb:54:38:
3f:7b:8b:3c:47:cc:ee:72:36:dd:4d:71:e8:13:f7:05:76:5e:
3a:35:d1:26:aa:9a:23:c2:b2:21:3e:45:bb:53:80:b5:f7:c7:
dc:b7:d7:7e:4c:be:d9:b4:2a:64:34:b5:0b:da:72:df:ba:86:
d5:0f:be:b5:1b:0e:09:3a:21:68:76:d2:09:29:fb:a8:41:6a:
55:40:5a:b1:b4:1b:01:71:59:cf:c6:bf:24:84:85:6e:ec:c1:
d3:73:01:39
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzCbQZCg23n+nayMubB+5RYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTBmZjc5ZWY1NDgyZjAyNjdhYWVmNzRmYzVkZWJmNzMwMWI5MzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1cvcCLHgMPeROU/BlzJIUE1vUO3
bBK3kzqGR2leGPpuu+WBO39HM5ifQJ3+22PTyZ/d2NL8aEOKQ5q4D6uTPURqhTy/
kMtPrLRbaIcoPnuh6j6z4GgniRH6YdIuGfsqzXDeOr9WjBh1N2RoSYzkuKsMFXDt
BtUPJ0ZlWU/L3Ja6iR9Eh0gpL1fpUO/MFwjQKzGO1/z5m0zNnGxFiPQaqGKUoYzV
3IEVcMdSgB8nTz+vslOXX1mJXMqo4AXDgvKl0c76iX3exQYJQzZOkzBxNy43qyjQ
Ub0Ad+uDYHFsuyCRCStvBARox694WjqSwwj2IbUVl1ZjshpEUkWqz8C7uwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC4P9571SC8CZ6rvdPxd6/cwG5NUMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvTGdfM252VklMd0pucXU5MF9GM3I5ekFiazFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQEUVuAAwQE
W7hQMAwDBAdtooADBARtouAwCwMEBNXP0AMDBNXAMA0GCSqGSIb3DQEBCwUAA4IB
AQA93GFMrlId3ka/OOq5ITFZ5CiilcI/oZipacVoKffmH9UlWQNVtd1xaTXBEPkt
hDAxheao56qRJZFhqe4SyuzIEewJfRcmfPxGsEqinOjeDvTH48YQ6yjyAfIjIrqo
zIs2xE4V/udausn0qkdVGgvGqwy59YoafnZMOuqcTFQF1oBU5DfsKjX9RUwFi+UW
+8PuyAeTSgxoXcJc3qhCIFTLVDg/e4s8R8zucjbdTXHoE/cFdl46NdEmqpojwrIh
PkW7U4C198fct9d+TL7ZtCpkNLUL2nLfuobVD761Gw4JOiFodtIJKfuoQWpVQFqx
tBsBcVnPxr8khIVu7MHTcwE5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:13 2025 by rpki-client