Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LuFneKU_gXowboheJvFvtSUCmFk.roa
File: LuFneKU_gXowboheJvFvtSUCmFk.roa (raw, json)
Hash identifier: bFfegfjvX/ZPIKKJPmw+vvwRMVxgiU16XVRJkRk9ns0=
Subject key identifier: 2E:E1:67:78:A5:3F:81:7A:30:6E:88:5E:26:F1:6F:B5:25:02:98:59
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01940399CF3F788F72B2802FE30755EDB65F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LuFneKU_gXowboheJvFvtSUCmFk.roa
Signing time: Thu 26 Dec 2024 15:33:19 +0000
ROA not before: Thu 26 Dec 2024 15:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 09:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:03:99:cf:3f:78:8f:72:b2:80:2f:e3:07:55:ed:b6:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 26 15:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ee16778a53f817a306e885e26f16fb525029859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0d:b8:14:4c:f7:ff:58:2d:75:f5:aa:74:99:
55:18:73:bd:39:21:98:6c:3c:27:b5:54:40:d5:9e:
87:fe:f6:4d:dc:8d:ba:a6:f8:ce:42:d6:0f:f4:3e:
b6:82:a1:c5:67:43:78:90:d4:60:fe:38:17:16:ed:
a2:da:c9:81:6f:59:bf:f5:73:c5:61:53:1c:39:07:
ea:98:40:08:09:e2:07:4e:fe:26:08:9e:c0:ac:c9:
b5:ca:e9:15:3b:05:0a:e9:34:17:85:22:1b:78:52:
a0:72:a8:d5:28:0f:63:98:48:31:c8:15:38:82:9a:
9d:73:b0:ee:fa:0c:60:69:a1:df:c3:f6:8a:00:bd:
27:1e:0a:eb:39:21:0d:5c:09:15:bb:cd:27:64:2d:
da:17:14:c5:9d:eb:c5:b4:55:30:fe:2d:b5:0d:62:
27:bd:d2:ce:60:81:e4:da:ed:27:c6:2d:3c:4f:1a:
77:01:63:60:8b:79:7f:40:78:97:98:05:33:aa:cf:
6f:8e:d8:9b:33:58:ef:95:ff:d8:b3:72:8a:6e:9d:
a3:1a:63:44:f1:5b:a4:6b:60:bd:60:be:6b:52:ce:
0e:d9:af:e1:84:5e:8c:91:f2:0d:25:ce:41:14:02:
4e:73:cf:40:9f:29:1f:55:05:09:b6:d8:21:db:ab:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E1:67:78:A5:3F:81:7A:30:6E:88:5E:26:F1:6F:B5:25:02:98:59
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LuFneKU_gXowboheJvFvtSUCmFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
185.230.53.0/24
185.234.22.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:8d:27:ff:c3:f8:23:16:0b:cc:52:f0:63:a6:cd:e2:10:17:
54:7d:8e:c4:90:c3:60:bb:f1:6c:c4:d3:6a:b4:09:07:f6:44:
76:57:5c:c6:ec:be:38:69:7d:d6:33:5c:34:f6:8c:f5:4b:7a:
67:d4:c6:c4:0b:d3:df:f3:02:d4:e6:ec:d0:f1:57:fd:5f:97:
a8:98:d6:f8:11:73:01:f4:37:a7:06:7c:17:81:22:a1:b2:d2:
01:74:c9:1f:f9:7f:c7:b6:23:60:47:e8:94:ce:22:3c:c4:d2:
4d:b1:ed:7b:8b:09:2b:1c:00:7b:39:f4:79:ba:ee:73:4f:ea:
0e:e6:71:e9:04:f8:fb:4b:3f:34:cf:da:f7:94:3d:c6:45:5f:
64:6b:c3:5e:5c:38:11:b8:56:2f:e3:aa:23:09:99:07:2c:fa:
37:4b:ad:c3:fe:20:c5:34:44:eb:79:47:18:8c:8c:e6:ce:ec:
98:6e:d4:d2:5b:ac:65:85:9d:d0:52:7f:36:96:91:23:1d:8e:
d5:22:4d:b3:36:d2:17:c6:0e:26:3e:fa:cd:c4:ba:47:b2:c3:
44:ea:6c:27:93:80:8e:aa:58:51:f2:ba:43:26:09:b8:8b:65:
67:84:13:4e:e4:20:0e:2c:6a:68:ac:3a:c6:a4:f4:e3:78:04:
b3:43:0a:8e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQDmc8/eI9ysoAv4wdV7bZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjI2MTUzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWUxNjc3OGE1M2Y4MTdhMzA2ZTg4NWUyNmYxNmZiNTI1MDI5ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg24FEz3/1gtdfWqdJlVGHO9OSGY
bDwntVRA1Z6H/vZN3I26pvjOQtYP9D62gqHFZ0N4kNRg/jgXFu2i2smBb1m/9XPF
YVMcOQfqmEAICeIHTv4mCJ7ArMm1yukVOwUK6TQXhSIbeFKgcqjVKA9jmEgxyBU4
gpqdc7Du+gxgaaHfw/aKAL0nHgrrOSENXAkVu80nZC3aFxTFnevFtFUw/i21DWIn
vdLOYIHk2u0nxi08Txp3AWNgi3l/QHiXmAUzqs9vjtibM1jvlf/Ys3KKbp2jGmNE
8Vuka2C9YL5rUs4O2a/hhF6MkfINJc5BFAJOc89AnykfVQUJttgh26stlQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFC7hZ3ilP4F6MG6IXibxb7UlAphZMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTHVGbmVLVV9nWG93Ym9oZUp2RnZ0U1VDbUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQAueY1AwQAueoWAwQBwQhwAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQAdjSf/w/gjFgvMUvBjps3iEBdUfY7EkMNgu/FsxNNq
tAkH9kR2V1zG7L44aX3WM1w09oz1S3pn1MbEC9Pf8wLU5uzQ8Vf9X5eomNb4EXMB
9DenBnwXgSKhstIBdMkf+X/HtiNgR+iUziI8xNJNse17iwkrHAB7OfR5uu5zT+oO
5nHpBPj7Sz80z9r3lD3GRV9ka8NeXDgRuFYv46ojCZkHLPo3S63D/iDFNETreUcY
jIzmzuyYbtTSW6xlhZ3QUn82lpEjHY7VIk2zNtIXxg4mPvrNxLpHssNE6mwnk4CO
qlhR8rpDJgm4i2VnhBNO5CAOLGporDrGpPTjeASzQwqO
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:11:19 2025 by rpki-client