Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lbzFJn3TcRzgCFB3ThTBSp5F5TQ.roa
File: lbzFJn3TcRzgCFB3ThTBSp5F5TQ.roa (raw, json)
Hash identifier: 5qk3CpZXa2Dfe6O88WLoZIEg/JgLgGZSldpgKAMgPzc=
Subject key identifier: 95:BC:C5:26:7D:D3:71:1C:E0:08:50:77:4E:14:C1:4A:9E:45:E5:34
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 019146A193B58DFBC8AE76FC86815E24DDAC
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lbzFJn3TcRzgCFB3ThTBSp5F5TQ.roa
Signing time: Mon 12 Aug 2024 12:47:59 +0000
ROA not before: Mon 12 Aug 2024 12:47:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21415
IP address blocks: 109.121.192.0/24 maxlen: 24
109.121.202.0/24 maxlen: 24
109.121.203.0/24 maxlen: 24
109.121.254.0/24 maxlen: 24
109.121.255.0/24 maxlen: 24
178.169.142.0/24 maxlen: 24
178.169.143.0/24 maxlen: 24
178.169.162.0/24 maxlen: 24
178.169.165.0/24 maxlen: 24
178.169.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:a1:93:b5:8d:fb:c8:ae:76:fc:86:81:5e:24:dd:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Aug 12 12:47:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95bcc5267dd3711ce00850774e14c14a9e45e534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7f:2a:99:de:7e:a7:79:2f:76:83:55:1a:6c:
9b:71:37:a9:e2:02:d0:31:41:64:63:b2:b2:3f:3c:
5f:f4:aa:20:1e:72:2f:a5:fe:62:30:65:9a:a8:9c:
29:14:74:4d:62:70:34:4f:f4:60:ba:0e:7a:98:e8:
1a:e1:c3:ce:d2:49:ed:db:99:c3:c4:32:db:f1:2c:
e0:56:fc:5e:3c:af:0e:5d:cd:9a:28:a2:e5:8a:36:
f3:7c:97:f2:1d:e8:07:36:a0:89:a9:d3:0b:1e:0a:
24:5f:dc:39:61:cf:61:58:07:28:88:b3:df:0e:dc:
40:c1:23:7c:f0:86:f2:28:62:27:7f:38:0f:ae:cf:
f7:d9:49:13:bb:e6:be:6d:d0:b0:ab:75:4d:90:50:
80:b4:96:30:52:f3:24:69:f0:67:35:a1:ec:44:94:
5a:29:ec:d0:5f:64:fb:e0:6e:30:cf:6c:8f:42:37:
cb:df:51:2b:97:26:3a:0c:96:67:62:9f:42:21:66:
f7:18:9a:91:95:5b:5c:70:6a:ac:ec:0c:ee:3c:7f:
1d:4a:e5:f6:73:61:c9:1a:9f:0b:64:e3:25:d7:54:
9b:3b:1d:74:85:17:2e:0b:b7:6b:bb:e9:9d:7f:10:
ed:18:e6:f0:df:3a:12:9d:34:70:90:90:8c:c4:7a:
33:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BC:C5:26:7D:D3:71:1C:E0:08:50:77:4E:14:C1:4A:9E:45:E5:34
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lbzFJn3TcRzgCFB3ThTBSp5F5TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.192.0/24
109.121.202.0/23
109.121.254.0/23
178.169.142.0/23
178.169.162.0/24
178.169.165.0/24
178.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
36:39:2f:5e:2e:ae:6d:8a:ad:53:f8:1d:c7:fa:19:37:01:df:
a1:e8:07:ed:f2:87:e0:30:86:c0:9d:00:29:a0:9b:1c:81:dc:
06:b7:06:31:8b:0b:8f:2a:d1:a3:04:e9:23:97:84:05:ca:05:
d0:6b:d5:be:c9:1b:44:0c:f2:b9:42:fb:4e:d5:21:bd:46:da:
32:68:31:1d:b7:ec:0f:38:d6:b0:b7:a7:57:b7:4f:93:7d:c5:
c1:e9:51:09:3c:a9:a3:7c:2e:e5:e1:9f:f4:23:19:3b:e2:7e:
ed:a1:19:93:1d:b7:51:66:39:d9:d2:94:c7:8d:db:4e:e4:4a:
47:80:a4:26:f1:01:e6:9f:e6:01:02:2e:5d:d5:4a:c5:5d:dd:
f8:45:e6:6a:d9:3f:fd:80:26:0a:72:06:63:2c:15:1f:d8:5c:
d4:db:38:59:af:44:57:bf:77:07:33:f5:65:66:95:5c:73:ed:
6b:1e:6e:43:a3:c9:d1:65:b3:bc:46:26:13:7d:f6:7f:00:4c:
90:6f:34:50:a9:51:23:b7:98:04:28:f9:bc:ce:57:8a:66:87:
01:13:0d:21:5a:5c:52:12:d1:e0:85:2b:6b:a7:34:8b:2d:c4:
26:0b:f1:67:2d:59:65:4e:0a:69:32:8c:10:75:c6:58:69:ad:
32:03:02:71
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZFGoZO1jfvIrnb8hoFeJN2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwODEyMTI0NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJjYzUyNjdkZDM3MTFjZTAwODUwNzc0ZTE0YzE0YTllNDVlNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA038qmd5+p3kvdoNVGmybcTep4gLQ
MUFkY7KyPzxf9KogHnIvpf5iMGWaqJwpFHRNYnA0T/Rgug56mOga4cPO0knt25nD
xDLb8SzgVvxePK8OXc2aKKLlijbzfJfyHegHNqCJqdMLHgokX9w5Yc9hWAcoiLPf
DtxAwSN88IbyKGInfzgPrs/32UkTu+a+bdCwq3VNkFCAtJYwUvMkafBnNaHsRJRa
KezQX2T74G4wz2yPQjfL31ErlyY6DJZnYp9CIWb3GJqRlVtccGqs7AzuPH8dSuX2
c2HJGp8LZOMl11SbOx10hRcuC7dru+mdfxDtGObw3zoSnTRwkJCMxHozzQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJW8xSZ903Ec4AhQd04UwUqeReU0MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvbGJ6RkpuM1RjUnpnQ0ZCM1RoVEJTcDVGNVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAbXnAAwQB
bXnKAwQBbXn+AwQBsqmOAwQAsqmiAwQAsqmlAwQAsqmpMA0GCSqGSIb3DQEBCwUA
A4IBAQA2OS9eLq5tiq1T+B3H+hk3Ad+h6Aft8ofgMIbAnQApoJscgdwGtwYxiwuP
KtGjBOkjl4QFygXQa9W+yRtEDPK5QvtO1SG9RtoyaDEdt+wPONawt6dXt0+TfcXB
6VEJPKmjfC7l4Z/0Ixk74n7toRmTHbdRZjnZ0pTHjdtO5EpHgKQm8QHmn+YBAi5d
1UrFXd34ReZq2T/9gCYKcgZjLBUf2FzU2zhZr0RXv3cHM/VlZpVcc+1rHm5Do8nR
ZbO8RiYTffZ/AEyQbzRQqVEjt5gEKPm8zleKZocBEw0hWlxSEtHghStrpzSLLcQm
C/FnLVllTgppMowQdcZYaa0yAwJx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:35 2025 by rpki-client