Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/LzNiw-1eH6eJZM_ruFJyAgjrDFg.roa
File: LzNiw-1eH6eJZM_ruFJyAgjrDFg.roa (raw, json)
Hash identifier: vOT2UP05jS54B2c3i1/yA/sd4zJn27q2KhZD+FUBTeo=
Subject key identifier: 2F:33:62:C3:ED:5E:1F:A7:89:64:CF:EB:B8:52:72:02:08:EB:0C:58
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 0191C70BC46C42801F51BBC21596C9551682
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/LzNiw-1eH6eJZM_ruFJyAgjrDFg.roa
Signing time: Fri 06 Sep 2024 11:15:22 +0000
ROA not before: Fri 06 Sep 2024 11:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51859
IP address blocks: 185.167.144.0/22 maxlen: 24
212.72.214.0/24 maxlen: 24
213.91.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:0b:c4:6c:42:80:1f:51:bb:c2:15:96:c9:55:16:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Sep 6 11:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f3362c3ed5e1fa78964cfebb852720208eb0c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e3:ff:a8:c9:11:97:30:2d:42:82:95:9d:08:
cc:37:68:cd:55:f7:2a:9d:9a:71:53:dc:6a:6f:ca:
7b:9f:66:8f:12:d5:d1:47:b3:27:ec:a2:e8:6f:0e:
83:ce:a6:1c:26:c9:33:81:88:8a:db:7e:6b:72:bc:
24:39:dd:9d:f5:d2:fe:98:bc:0e:99:ef:d6:f7:70:
3c:a9:9a:9e:bd:db:3f:dd:0c:bd:ab:6f:6a:dc:a6:
ed:98:ad:ad:ec:3f:e3:7a:40:12:41:4d:26:2d:65:
e3:eb:cd:b5:2d:cb:ad:63:db:23:2c:cc:87:2e:c9:
92:b0:48:e1:98:47:ec:e5:1f:51:d9:bf:86:6f:72:
3a:14:c9:29:f1:db:33:3f:c1:ed:10:52:9c:92:1e:
d4:7a:59:90:a3:dd:0c:4c:1f:81:b3:41:2f:04:d7:
8c:0a:00:b7:7b:ea:6f:96:34:b2:20:74:2b:b1:33:
7c:f0:af:fc:6e:e2:af:bf:d3:08:4a:a6:88:13:1f:
12:c9:88:d4:ed:cd:86:83:14:84:1c:58:0d:af:83:
99:59:b8:31:e9:c0:44:f5:72:c3:25:23:62:f1:b0:
9a:5d:ec:a3:c0:3e:e5:f8:f5:e9:88:05:d3:2a:02:
c3:86:29:af:32:d6:3f:9c:43:34:fe:bb:1a:ca:3e:
5b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:33:62:C3:ED:5E:1F:A7:89:64:CF:EB:B8:52:72:02:08:EB:0C:58
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/LzNiw-1eH6eJZM_ruFJyAgjrDFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.144.0/22
212.72.214.0/24
213.91.181.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:8b:d9:bb:21:03:0e:45:33:67:c4:36:0f:b3:5e:ae:39:49:
f7:2d:80:da:22:f6:4e:bb:af:52:37:8c:25:e4:93:29:af:aa:
e2:d0:55:ed:4b:da:d5:45:b6:f4:bb:37:db:45:14:60:a9:59:
22:a7:a2:de:91:3d:df:35:5f:d3:fa:61:31:68:ec:2a:06:d1:
d7:68:fb:ca:36:2e:a7:a2:c9:9f:d4:21:bf:3e:87:a4:c6:70:
65:af:9e:40:7b:9c:fc:8e:5b:b0:25:07:5a:cd:f6:e0:a8:52:
de:57:9a:f3:49:40:34:46:e2:0b:a1:63:df:dc:8f:40:dc:d4:
44:e0:52:df:27:4c:61:87:91:d4:1b:5c:d0:ee:ad:e0:1a:f6:
48:14:72:bb:da:1a:57:d7:f6:e2:c9:a3:2c:7d:d5:ba:56:2a:
ba:85:fb:54:9a:1a:8b:4d:19:7a:3d:4a:ef:11:53:0c:a8:b9:
f5:6c:d5:4d:37:66:86:95:a1:96:61:96:49:05:c4:2c:4e:d6:
2f:56:4e:ff:d6:e3:96:44:dd:d9:aa:b0:9b:64:0f:44:90:3e:
81:26:33:28:01:57:fe:dc:63:9f:d7:d5:64:da:8c:b8:50:ac:
2c:fa:9c:53:53:b5:10:46:c2:4a:ea:09:ed:17:72:ef:0f:6a:
a6:25:a5:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHHC8RsQoAfUbvCFZbJVRaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwOTA2MTExNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMzNjJjM2VkNWUxZmE3ODk2NGNmZWJiODUyNzIwMjA4ZWIwYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OP/qMkRlzAtQoKVnQjMN2jNVfcq
nZpxU9xqb8p7n2aPEtXRR7Mn7KLobw6DzqYcJskzgYiK235rcrwkOd2d9dL+mLwO
me/W93A8qZqevds/3Qy9q29q3KbtmK2t7D/jekASQU0mLWXj6821LcutY9sjLMyH
LsmSsEjhmEfs5R9R2b+Gb3I6FMkp8dszP8HtEFKckh7UelmQo90MTB+Bs0EvBNeM
CgC3e+pvljSyIHQrsTN88K/8buKvv9MISqaIEx8SyYjU7c2GgxSEHFgNr4OZWbgx
6cBE9XLDJSNi8bCaXeyjwD7l+PXpiAXTKgLDhimvMtY/nEM0/rsayj5b8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC8zYsPtXh+niWTP67hScgII6wxYMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvTHpOaXctMWVINmVKWk1fcnVGSnlBZ2pyREZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuaeQAwQA
1EjWAwQA1Vu1MA0GCSqGSIb3DQEBCwUAA4IBAQCti9m7IQMORTNnxDYPs16uOUn3
LYDaIvZOu69SN4wl5JMpr6ri0FXtS9rVRbb0uzfbRRRgqVkip6LekT3fNV/T+mEx
aOwqBtHXaPvKNi6nosmf1CG/PoekxnBlr55Ae5z8jluwJQdazfbgqFLeV5rzSUA0
RuILoWPf3I9A3NRE4FLfJ0xhh5HUG1zQ7q3gGvZIFHK72hpX1/biyaMsfdW6Viq6
hftUmhqLTRl6PUrvEVMMqLn1bNVNN2aGlaGWYZZJBcQsTtYvVk7/1uOWRN3ZqrCb
ZA9EkD6BJjMoAVf+3GOf19Vk2oy4UKws+pxTU7UQRsJK6gntF3LvD2qmJaUp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:07 2025 by rpki-client