Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/LnWaJ5kwLJWo0MylcXJfhDzPgyk.roa
File: LnWaJ5kwLJWo0MylcXJfhDzPgyk.roa (raw, json)
Hash identifier: xOn4JFFJ0dapaGq6q+xJMkSxHSR/WXm5mP4IUnMMvg8=
Subject key identifier: 2E:75:9A:27:99:30:2C:95:A8:D0:CC:A5:71:72:5F:84:3C:CF:83:29
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0195CCF1BDD70E7877A2C43FBB262E8B71C0
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/LnWaJ5kwLJWo0MylcXJfhDzPgyk.roa
Signing time: Tue 25 Mar 2025 10:55:49 +0000
ROA not before: Tue 25 Mar 2025 10:55:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 45.13.171.0/24 maxlen: 24
93.88.22.0/24 maxlen: 24
93.88.23.0/24 maxlen: 24
185.189.224.0/24 maxlen: 24
185.198.51.0/24 maxlen: 24
195.245.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 11:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:f1:bd:d7:0e:78:77:a2:c4:3f:bb:26:2e:8b:71:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Mar 25 10:55:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e759a2799302c95a8d0cca571725f843ccf8329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:50:50:2e:d5:8d:53:81:d1:4f:12:53:5f:
d6:89:24:33:65:f0:b4:4a:32:1e:19:ef:08:b5:d1:
d4:2e:25:3a:d1:51:84:26:20:b8:ec:44:8d:97:97:
15:91:ae:5d:5a:12:ba:3a:63:af:b6:7d:db:80:de:
2c:3a:a8:f2:21:12:63:cd:ce:9f:96:2a:3f:76:0f:
38:a3:83:a2:83:b8:6a:bb:9e:04:26:96:e8:cf:9d:
a9:1e:3f:f2:eb:26:f8:b8:bb:04:e6:1b:fc:a4:d2:
84:98:b6:6f:af:c1:f9:26:8e:c0:2a:67:9d:3c:96:
72:2a:9c:83:f5:ab:d8:f9:29:b6:18:db:b1:5c:34:
8f:05:ee:d3:6b:c4:62:f6:b0:31:da:ce:23:4a:65:
ff:2e:39:6b:15:23:0f:7d:a1:db:f1:18:20:9e:ce:
a4:7e:bf:02:d2:0c:b4:6c:8c:22:21:a9:43:53:97:
93:9d:5b:e1:83:b1:a2:9d:7b:cd:3a:85:f7:3c:ce:
d4:88:73:31:10:e9:26:ab:34:11:8e:fe:80:54:05:
ff:69:2d:56:e6:ab:88:ad:5c:7a:5b:59:05:71:97:
5e:3a:bc:81:47:42:7e:0b:bf:a4:c5:7c:27:5a:18:
63:7a:fc:c3:09:2b:b2:80:32:84:99:e8:ff:77:36:
53:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:75:9A:27:99:30:2C:95:A8:D0:CC:A5:71:72:5F:84:3C:CF:83:29
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/LnWaJ5kwLJWo0MylcXJfhDzPgyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.171.0/24
93.88.22.0/23
185.189.224.0/24
185.198.51.0/24
195.245.89.0/24
Signature Algorithm: sha256WithRSAEncryption
91:da:4e:a6:fa:13:02:52:d2:f8:9c:5b:ef:c4:f4:36:ba:04:
07:13:ce:f4:06:a4:b6:71:2e:38:06:c3:e8:1b:ed:0b:4c:c2:
87:fc:28:51:2f:f1:1d:26:a8:61:e4:92:15:51:b4:64:8f:66:
2b:dc:12:ac:aa:11:e3:3a:8c:22:ba:26:b2:50:78:8e:92:4a:
2e:6e:5c:c1:32:47:0c:e4:b5:e5:0e:da:ba:0e:35:24:b7:34:
f9:b4:1d:32:70:71:d9:54:ea:a4:40:18:0f:e2:11:30:1a:a0:
8c:fa:31:88:26:95:ed:b9:64:5b:26:90:55:0d:c7:57:d9:00:
a7:46:17:b7:98:02:e5:e8:29:16:89:aa:5a:01:7a:35:a1:f7:
88:f5:40:07:7c:03:42:96:13:65:af:9b:d8:5d:4e:9e:24:06:
27:63:53:91:41:81:e7:46:59:71:e6:31:f3:ce:4f:4e:81:9b:
b1:01:c4:65:43:9e:4c:f2:0e:4d:bd:3b:16:0d:f4:0e:b7:b6:
d1:3e:1f:31:06:ac:af:24:a5:c7:03:44:9f:fb:3b:e8:be:58:
fc:2b:50:08:71:e8:6f:98:bc:31:08:0c:83:45:a5:ac:23:20:
47:8c:70:41:12:18:dd:27:8a:4c:d3:e5:25:42:7e:64:e9:4d:
48:3d:ca:85
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZXM8b3XDnh3osQ/uyYui3HAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjUwMzI1MTA1NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTc1OWEyNzk5MzAyYzk1YThkMGNjYTU3MTcyNWY4NDNjY2Y4MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmZQUC7VjVOB0U8SU1/WiSQzZfC0
SjIeGe8ItdHULiU60VGEJiC47ESNl5cVka5dWhK6OmOvtn3bgN4sOqjyIRJjzc6f
lio/dg84o4Oig7hqu54EJpboz52pHj/y6yb4uLsE5hv8pNKEmLZvr8H5Jo7AKmed
PJZyKpyD9avY+Sm2GNuxXDSPBe7Ta8Ri9rAx2s4jSmX/LjlrFSMPfaHb8Rggns6k
fr8C0gy0bIwiIalDU5eTnVvhg7GinXvNOoX3PM7UiHMxEOkmqzQRjv6AVAX/aS1W
5quIrVx6W1kFcZdeOryBR0J+C7+kxXwnWhhjevzDCSuygDKEmej/dzZTbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC51mieZMCyVqNDMpXFyX4Q8z4MpMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvTG5XYUo1a3dMSldvME15bGNYSmZoRHpQZ3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ2rAwQB
XVgWAwQAub3gAwQAucYzAwQAw/VZMA0GCSqGSIb3DQEBCwUAA4IBAQCR2k6m+hMC
UtL4nFvvxPQ2ugQHE870BqS2cS44BsPoG+0LTMKH/ChRL/EdJqhh5JIVUbRkj2Yr
3BKsqhHjOowiuiayUHiOkkoublzBMkcM5LXlDtq6DjUktzT5tB0ycHHZVOqkQBgP
4hEwGqCM+jGIJpXtuWRbJpBVDcdX2QCnRhe3mALl6CkWiapaAXo1ofeI9UAHfANC
lhNlr5vYXU6eJAYnY1ORQYHnRllx5jHzzk9OgZuxAcRlQ55M8g5NvTsWDfQOt7bR
Ph8xBqyvJKXHA0Sf+zvovlj8K1AIcehvmLwxCAyDRaWsIyBHjHBBEhjdJ4pM0+Ul
Qn5k6U1IPcqF
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:36:10 2025 by rpki-client