Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/LoU85_vL1QuCEI9UNn5pyf_uGYg.roa
File: LoU85_vL1QuCEI9UNn5pyf_uGYg.roa (raw, json)
Hash identifier: YcMGuGGrTXcJCRtbn08I8D35pTEvSR4zw+nTGWhKzlg=
Subject key identifier: 2E:85:3C:E7:FB:CB:D5:0B:82:10:8F:54:36:7E:69:C9:FF:EE:19:88
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 0192D258EFC2DA79962327C40359C67C1E4C
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/LoU85_vL1QuCEI9UNn5pyf_uGYg.roa
Signing time: Mon 28 Oct 2024 08:58:16 +0000
ROA not before: Mon 28 Oct 2024 08:58:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43915
IP address blocks: 5.181.104.0/22 maxlen: 22
45.66.36.0/22 maxlen: 22
45.80.160.0/22 maxlen: 22
45.130.56.0/22 maxlen: 22
45.143.112.0/22 maxlen: 22
45.152.28.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
79.135.122.0/23 maxlen: 24
87.117.64.0/22 maxlen: 22
87.117.68.0/23 maxlen: 23
91.239.57.0/24 maxlen: 24
94.154.184.0/22 maxlen: 24
109.224.216.0/22 maxlen: 22
109.224.224.0/22 maxlen: 24
109.224.224.0/23 maxlen: 23
109.224.226.0/23 maxlen: 24
109.224.234.0/23 maxlen: 24
109.224.236.0/22 maxlen: 22
109.224.240.0/23 maxlen: 24
144.178.104.0/23 maxlen: 23
144.178.118.0/23 maxlen: 23
144.178.252.0/23 maxlen: 23
147.189.156.0/22 maxlen: 24
147.189.214.0/24 maxlen: 24
176.116.116.0/22 maxlen: 22
178.248.128.0/21 maxlen: 21
185.23.254.0/23 maxlen: 24
185.147.184.0/22 maxlen: 22
185.161.4.0/22 maxlen: 22
185.231.136.0/21 maxlen: 21
193.35.146.0/23 maxlen: 23
194.105.134.0/23 maxlen: 24
194.145.242.0/23 maxlen: 24
194.146.160.0/22 maxlen: 24
195.184.250.0/23 maxlen: 23
195.206.172.0/22 maxlen: 24
195.242.148.0/23 maxlen: 23
195.244.2.0/23 maxlen: 23
212.59.72.0/21 maxlen: 24
212.108.90.0/23 maxlen: 23
213.225.224.0/22 maxlen: 24
217.14.184.0/21 maxlen: 21
217.20.244.0/22 maxlen: 24
2a07:5940::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 10 Dec 2024 10:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:58:ef:c2:da:79:96:23:27:c4:03:59:c6:7c:1e:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: Oct 28 08:58:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e853ce7fbcbd50b82108f54367e69c9ffee1988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1a:ba:c5:18:3f:3d:10:9c:63:01:d1:b1:00:
17:2b:52:00:68:43:e6:23:15:e8:05:41:ca:ec:a9:
b4:90:88:89:30:ed:8e:8c:85:72:c2:1c:ca:45:1e:
36:ea:55:65:a2:01:a9:93:e9:0c:1b:a3:e7:37:90:
23:a2:b2:ec:04:0a:93:05:fd:62:72:94:b2:f7:0d:
87:61:ee:b0:1f:3c:4d:24:53:f3:d4:02:ad:40:8b:
bd:c2:c6:11:b6:ac:02:08:f1:82:07:e0:9c:2d:b0:
55:d6:45:8d:56:4f:4e:12:96:fe:ca:20:70:a3:95:
f6:84:f3:1e:e4:c8:25:bb:32:57:de:a1:2d:6e:0f:
ec:23:19:d9:0c:5b:0d:51:36:70:65:ff:f7:47:d4:
a4:a6:67:38:cd:f6:1a:da:82:9c:aa:d4:58:04:6c:
0b:54:a7:6f:13:06:5b:7a:05:5b:ec:1a:93:e9:80:
b9:b3:e1:ea:11:67:bb:7d:d6:d2:bc:b6:44:b7:aa:
75:33:8a:a5:46:67:64:3a:22:d4:49:52:e0:4a:f6:
cc:8c:f0:3f:c7:7e:16:b2:3a:41:d3:34:06:ca:3c:
16:85:e2:6e:47:c7:00:72:05:68:f2:9e:45:17:45:
8e:7c:bb:c8:61:6f:ee:fa:d6:cf:59:1e:c8:ce:2a:
fe:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:85:3C:E7:FB:CB:D5:0B:82:10:8F:54:36:7E:69:C9:FF:EE:19:88
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/LoU85_vL1QuCEI9UNn5pyf_uGYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.104.0/22
45.66.36.0/22
45.80.160.0/22
45.130.56.0/22
45.143.112.0/22
45.152.28.0/22
62.169.148.0/23
79.135.122.0/23
87.117.64.0-87.117.69.255
91.239.57.0/24
94.154.184.0/22
109.224.216.0/22
109.224.224.0/22
109.224.234.0-109.224.241.255
144.178.104.0/23
144.178.118.0/23
144.178.252.0/23
147.189.156.0/22
147.189.214.0/24
176.116.116.0/22
178.248.128.0/21
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
185.231.136.0/21
193.35.146.0/23
194.105.134.0/23
194.145.242.0/23
194.146.160.0/22
195.184.250.0/23
195.206.172.0/22
195.242.148.0/23
195.244.2.0/23
212.59.72.0/21
212.108.90.0/23
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
45:f8:07:a3:e9:bb:cf:fd:14:a3:5b:f5:f4:07:a8:5f:09:d8:
7c:db:4b:8b:35:30:ce:55:87:81:05:c5:c5:3f:f5:3f:ac:ce:
0f:46:c7:9b:9f:91:a4:1d:0f:fa:e0:98:80:d8:9f:2d:9c:1e:
70:b6:fb:bc:62:af:79:81:7a:24:f1:13:8d:19:35:af:bc:54:
e2:76:7f:32:18:50:81:89:40:1e:e6:a3:5e:66:bb:a3:59:81:
67:bb:cf:78:3d:72:42:12:d6:48:33:a3:0f:f6:14:c7:c5:3b:
4c:30:39:a1:30:10:e9:4f:98:e2:1c:70:2d:c2:6c:67:b3:8c:
aa:da:6d:33:d7:c0:9d:86:bb:a5:e5:df:5a:61:6f:56:c8:07:
21:22:dc:59:c7:00:5e:69:33:dd:76:3d:3b:04:43:9f:a8:3e:
67:52:54:b2:e4:ed:79:e3:c1:2b:3b:3d:42:c7:61:55:6c:e4:
47:19:5c:00:b3:c7:a6:30:2a:88:e7:98:06:36:8b:b7:01:8e:
74:25:9e:73:c9:74:c2:39:b4:92:31:7d:57:73:19:77:ad:ec:
b4:91:93:ed:be:6f:3f:45:ec:b8:80:5b:3f:c3:e5:41:34:be:
f5:dd:77:eb:ff:d5:05:d2:20:20:ab:cc:53:58:3e:cd:00:a8:
7d:c3:11:44
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAZLSWO/C2nmWIyfEA1nGfB5MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjQxMDI4MDg1ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTg1M2NlN2ZiY2JkNTBiODIxMDhmNTQzNjdlNjljOWZmZWUxOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRq6xRg/PRCcYwHRsQAXK1IAaEPm
IxXoBUHK7Km0kIiJMO2OjIVywhzKRR426lVlogGpk+kMG6PnN5AjorLsBAqTBf1i
cpSy9w2HYe6wHzxNJFPz1AKtQIu9wsYRtqwCCPGCB+CcLbBV1kWNVk9OEpb+yiBw
o5X2hPMe5MgluzJX3qEtbg/sIxnZDFsNUTZwZf/3R9Skpmc4zfYa2oKcqtRYBGwL
VKdvEwZbegVb7BqT6YC5s+HqEWe7fdbSvLZEt6p1M4qlRmdkOiLUSVLgSvbMjPA/
x34WsjpB0zQGyjwWheJuR8cAcgVo8p5FF0WOfLvIYW/u+tbPWR7Izir+twIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFC6FPOf7y9ULghCPVDZ+acn/7hmIMB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvTG9VODVfdkwxUXVDRUk5VU5uNXB5Zl91R1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCB+wQCAAEwgfQD
BAIFtWgDBAItQiQDBAItUKADBAItgjgDBAItj3ADBAItmBwDBAE+qZQDBAFPh3ow
DAMEBld1QAMEAVd1RAMEAFvvOQMEAl6auAMEAm3g2AMEAm3g4DAMAwQBbeDqAwQB
beDwAwQBkLJoAwQBkLJ2AwQBkLL8AwQCk72cAwQAk73WAwQCsHR0AwQDsviAAwQB
uRf+AwQCuZO4AwQCuaEEAwQDueeIAwQBwSOSAwQBwmmGAwQBwpHyAwQCwpKgAwQB
w7j6AwQCw86sAwQBw/KUAwQBw/QCAwQD1DtIAwQB1GxaAwQC1eHgAwQD2Q64AwQC
2RT0MA0EAgACMAcDBQAqB1lAMA0GCSqGSIb3DQEBCwUAA4IBAQBF+Aej6bvP/RSj
W/X0B6hfCdh820uLNTDOVYeBBcXFP/U/rM4PRsebn5GkHQ/64JiA2J8tnB5wtvu8
Yq95gXok8RONGTWvvFTidn8yGFCBiUAe5qNeZrujWYFnu894PXJCEtZIM6MP9hTH
xTtMMDmhMBDpT5jiHHAtwmxns4yq2m0z18Cdhrul5d9aYW9WyAchItxZxwBeaTPd
dj07BEOfqD5nUlSy5O1548ErOz1Cx2FVbORHGVwAs8emMCqI55gGNou3AY50JZ5z
yXTCObSSMX1Xcxl3rey0kZPtvm8/Rey4gFs/w+VBNL713Xfr/9UF0iAgq8xTWD7N
AKh9wxFE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:09 2025 by rpki-client