Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/lGUNgnodIt4sq7HKkHcVtF2rlbs.roa
File: lGUNgnodIt4sq7HKkHcVtF2rlbs.roa (raw, json)
Hash identifier: 0vHdDRrf8Bok83vGPXq650wHxTzAAwQ94rpz6Ix3t8g=
Subject key identifier: 94:65:0D:82:7A:1D:22:DE:2C:AB:B1:CA:90:77:15:B4:5D:AB:95:BB
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019527B7A9626FAEE5AE1C08274D2AD1F450
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/lGUNgnodIt4sq7HKkHcVtF2rlbs.roa
Signing time: Fri 21 Feb 2025 08:55:02 +0000
ROA not before: Fri 21 Feb 2025 08:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 45.141.234.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 18:04:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:b7:a9:62:6f:ae:e5:ae:1c:08:27:4d:2a:d1:f4:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 21 08:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94650d827a1d22de2cabb1ca907715b45dab95bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:9b:b0:ce:ca:52:28:ff:3b:95:35:4a:91:84:
7f:ee:43:6a:a0:a4:6f:0d:9b:e1:1f:63:b4:bf:47:
db:59:6a:93:de:90:f7:66:81:6c:f7:de:e5:c6:bc:
30:7a:78:27:d7:70:fa:f9:5d:8e:b2:cf:47:12:4a:
c1:08:71:2d:e2:6e:07:f4:1f:42:15:1d:57:ba:a7:
74:4f:32:72:8c:cb:90:e0:db:a4:cf:ca:1a:1a:8c:
7b:a5:fc:54:cd:f2:fe:d1:ae:78:aa:a1:04:79:45:
08:7c:53:c5:5a:fd:db:77:2a:07:27:b9:e6:46:6c:
03:75:84:e7:8e:14:6f:1d:fe:77:57:4d:d8:fd:a7:
07:72:ae:d1:a2:83:a6:7c:fe:87:f7:16:e9:36:fd:
3b:62:56:d3:05:69:69:61:6d:c7:8f:fe:0b:07:28:
95:e4:62:6c:0a:cf:a4:5f:fe:96:4a:33:7e:7c:c4:
32:77:cb:b0:44:bd:3c:dd:dc:57:e0:5d:d5:24:f8:
3e:f8:72:8d:bf:83:36:d4:fd:36:a0:4a:6b:f4:01:
3f:03:4d:76:df:f6:91:ec:7c:79:65:31:67:98:8b:
61:ec:df:cf:f1:aa:17:85:b2:39:e6:08:3e:5f:94:
da:1e:71:34:fa:7b:4e:d3:c9:a9:66:75:41:13:d1:
b0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:65:0D:82:7A:1D:22:DE:2C:AB:B1:CA:90:77:15:B4:5D:AB:95:BB
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/lGUNgnodIt4sq7HKkHcVtF2rlbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
78.159.131.0/24
93.152.207.0/24
93.152.230.0/24
Signature Algorithm: sha256WithRSAEncryption
60:32:d4:50:64:bb:bd:ea:fd:be:ab:47:f0:bc:d1:58:44:70:
94:57:1f:f9:66:e0:15:5d:43:39:02:1d:3a:e6:18:96:c6:86:
09:3b:75:f3:02:0e:56:45:1a:65:04:2b:6e:1e:e8:28:a4:59:
8e:38:0c:e7:d5:0b:cd:8a:6a:ff:de:9a:b1:e9:0d:d0:84:66:
4e:7e:77:54:33:47:aa:77:42:c2:78:c4:f9:d8:ae:50:29:49:
05:c8:45:e1:bc:9c:75:eb:b4:2e:78:f7:50:ed:f8:4b:87:7a:
71:bb:ad:08:83:82:fe:eb:51:7b:88:38:a5:d3:b8:2f:c4:c5:
ca:7e:99:e8:ac:5b:f1:25:70:de:05:02:dc:3d:a1:fa:f5:5f:
b8:f8:6f:b9:0e:25:78:1c:d8:9f:3d:7e:c7:cf:af:68:a7:dc:
7e:bd:81:12:be:9a:98:d3:75:16:93:4a:59:47:f6:b9:23:c9:
fe:39:ff:bc:1d:47:3f:82:1d:6a:9e:a2:04:ea:03:dd:6f:4c:
c2:49:51:12:3f:83:90:87:21:57:f2:28:7d:2d:80:49:ec:27:
82:f7:72:16:f7:0e:b1:5d:04:f5:9f:6a:e2:e6:74:89:c3:e6:
fd:d4:b3:7e:36:a9:9d:04:8a:2b:55:ef:7a:ed:7a:88:21:9d:
7e:9a:6c:a5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUnt6lib67lrhwIJ00q0fRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwMjIxMDg1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY1MGQ4MjdhMWQyMmRlMmNhYmIxY2E5MDc3MTViNDVkYWI5NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+puwzspSKP87lTVKkYR/7kNqoKRv
DZvhH2O0v0fbWWqT3pD3ZoFs997lxrwwengn13D6+V2Oss9HEkrBCHEt4m4H9B9C
FR1Xuqd0TzJyjMuQ4Nukz8oaGox7pfxUzfL+0a54qqEEeUUIfFPFWv3bdyoHJ7nm
RmwDdYTnjhRvHf53V03Y/acHcq7RooOmfP6H9xbpNv07YlbTBWlpYW3Hj/4LByiV
5GJsCs+kX/6WSjN+fMQyd8uwRL083dxX4F3VJPg++HKNv4M21P02oEpr9AE/A012
3/aR7Hx5ZTFnmIth7N/P8aoXhbI55gg+X5TaHnE0+ntO08mpZnVBE9GwNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJRlDYJ6HSLeLKuxypB3FbRdq5W7MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvbEdVTmdub2RJdDRzcTdIS2tIY1Z0RjJybGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY3qAwQA
Tp+DAwQAXZjPAwQAXZjmMA0GCSqGSIb3DQEBCwUAA4IBAQBgMtRQZLu96v2+q0fw
vNFYRHCUVx/5ZuAVXUM5Ah065hiWxoYJO3XzAg5WRRplBCtuHugopFmOOAzn1QvN
imr/3pqx6Q3QhGZOfndUM0eqd0LCeMT52K5QKUkFyEXhvJx167QuePdQ7fhLh3px
u60Ig4L+61F7iDil07gvxMXKfpnorFvxJXDeBQLcPaH69V+4+G+5DiV4HNifPX7H
z69op9x+vYESvpqY03UWk0pZR/a5I8n+Of+8HUc/gh1qnqIE6gPdb0zCSVESP4OQ
hyFX8ih9LYBJ7CeC93IW9w6xXQT1n2ri5nSJw+b91LN+NqmdBIorVe967XqIIZ1+
mmyl
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:58:37 2025 by rpki-client