Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/LgJNldJzl9fVd6h04Ohoo7hUDC0.roa
File: LgJNldJzl9fVd6h04Ohoo7hUDC0.roa (raw, json)
Hash identifier: 8jrBRbp4Ls/jncKh6dktlvuvHYWk1xSruX2uG8xknR0=
Subject key identifier: 2E:02:4D:95:D2:73:97:D7:D5:77:A8:74:E0:E8:68:A3:B8:54:0C:2D
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0194073DD06EC6493393B0899B9D922B9C64
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/LgJNldJzl9fVd6h04Ohoo7hUDC0.roa
Signing time: Fri 27 Dec 2024 08:31:19 +0000
ROA not before: Fri 27 Dec 2024 08:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.242.0/24 maxlen: 24
194.143.203.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
213.220.3.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:07:3d:d0:6e:c6:49:33:93:b0:89:9b:9d:92:2b:9c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Dec 27 08:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e024d95d27397d7d577a874e0e868a3b8540c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:80:37:07:84:f0:a2:6d:f3:3e:0e:ab:b1:c4:
ed:f2:c6:1d:9d:6a:54:b7:46:13:38:db:76:25:e1:
c1:cd:49:8a:6b:7a:6a:9a:a2:ad:ef:ba:1c:a7:4f:
93:60:87:c1:8b:c5:39:ab:38:68:6e:75:1e:cc:90:
1e:d9:bc:2d:08:3d:23:8c:84:f6:ce:21:8e:ff:a0:
f0:04:d5:f8:a5:45:53:04:74:07:80:1e:e9:23:45:
7b:87:5a:20:6e:ce:19:7f:20:35:9f:f4:52:38:66:
65:6b:5b:46:e4:89:4f:b6:46:27:47:30:7d:d5:b5:
6c:95:5c:5f:e9:62:38:dc:7a:00:01:92:8a:0c:52:
05:56:22:6b:43:1f:29:36:ce:10:d4:69:a9:fb:c5:
92:08:96:f4:f1:3d:79:c3:33:19:b8:ff:91:c9:61:
75:f9:9f:f1:15:af:a5:e0:e5:88:25:ca:02:ff:73:
23:d4:0b:d9:2a:7c:6e:bd:71:46:13:c8:ec:59:ea:
ab:d3:60:e6:f8:bc:6f:6e:8e:2a:95:e2:72:7f:c5:
27:04:41:00:1c:8a:cd:71:36:8a:89:90:de:3a:c5:
36:a8:99:bf:54:1d:22:4f:57:12:b3:f7:f6:0e:64:
4c:bb:53:43:b0:40:5c:7f:01:ef:52:14:84:73:71:
74:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:02:4D:95:D2:73:97:D7:D5:77:A8:74:E0:E8:68:A3:B8:54:0C:2D
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/LgJNldJzl9fVd6h04Ohoo7hUDC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/24
194.143.203.0/24
194.143.205.0/24
194.143.221.0/24
213.220.3.0/24
213.220.19.0/24
Signature Algorithm: sha256WithRSAEncryption
20:3d:a0:b9:99:6d:9d:f4:82:3f:2c:2c:d5:d6:01:18:c1:a7:
a5:29:a2:6b:d8:05:9d:0e:fe:3b:01:ed:46:3c:2b:11:05:1f:
20:88:60:b8:5d:b2:fe:9b:06:ea:12:bc:4d:e9:f3:3a:80:1e:
bc:c1:c9:b2:dd:54:fe:94:0a:c9:e9:4b:cf:c6:0f:41:ec:4e:
98:47:49:86:84:13:c5:1c:c8:25:48:d1:d0:68:82:16:60:5d:
5e:82:27:f0:3c:f7:4c:78:f4:17:5a:e3:81:83:d0:88:88:de:
b7:a9:b5:82:2f:fb:87:e4:62:e7:f8:c6:31:b8:fa:fb:7d:ed:
8d:2c:19:c2:90:b3:a4:8a:e6:48:0f:a1:0d:24:26:fc:f9:d2:
ef:47:36:f0:e8:23:31:d4:9a:cc:e1:33:fc:b2:0a:fa:3d:11:
db:12:09:19:18:31:6d:38:ac:68:93:25:56:91:fd:22:d9:f3:
de:7d:be:af:77:13:60:a0:45:84:cc:2d:39:2e:3d:f4:5d:6f:
4d:a9:3f:12:1f:5f:c0:08:43:ee:14:23:2a:ea:4e:7e:9d:57:
a4:07:e2:85:7c:fe:30:55:8a:42:88:47:d8:9c:24:4b:c9:4a:
94:79:ef:db:c4:3c:dd:da:92:c9:86:ed:17:47:14:54:ea:39:
99:a3:03:2a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQHPdBuxkkzk7CJm52SK5xkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQxMjI3MDgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTAyNGQ5NWQyNzM5N2Q3ZDU3N2E4NzRlMGU4NjhhM2I4NTQwYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIA3B4Twom3zPg6rscTt8sYdnWpU
t0YTONt2JeHBzUmKa3pqmqKt77ocp0+TYIfBi8U5qzhobnUezJAe2bwtCD0jjIT2
ziGO/6DwBNX4pUVTBHQHgB7pI0V7h1ogbs4ZfyA1n/RSOGZla1tG5IlPtkYnRzB9
1bVslVxf6WI43HoAAZKKDFIFViJrQx8pNs4Q1Gmp+8WSCJb08T15wzMZuP+RyWF1
+Z/xFa+l4OWIJcoC/3Mj1AvZKnxuvXFGE8jsWeqr02Dm+Lxvbo4qleJyf8UnBEEA
HIrNcTaKiZDeOsU2qJm/VB0iT1cSs/f2DmRMu1NDsEBcfwHvUhSEc3F0nQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC4CTZXSc5fX1XeodODoaKO4VAwtMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvTGdKTmxkSnpsOWZWZDZoMDRPaG9vN2hVREMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZvyAwQA
wo/LAwQAwo/NAwQAwo/dAwQA1dwDAwQA1dwTMA0GCSqGSIb3DQEBCwUAA4IBAQAg
PaC5mW2d9II/LCzV1gEYwaelKaJr2AWdDv47Ae1GPCsRBR8giGC4XbL+mwbqErxN
6fM6gB68wcmy3VT+lArJ6UvPxg9B7E6YR0mGhBPFHMglSNHQaIIWYF1egifwPPdM
ePQXWuOBg9CIiN63qbWCL/uH5GLn+MYxuPr7fe2NLBnCkLOkiuZID6ENJCb8+dLv
Rzbw6CMx1JrM4TP8sgr6PRHbEgkZGDFtOKxokyVWkf0i2fPefb6vdxNgoEWEzC05
Lj30XW9NqT8SH1/ACEPuFCMq6k5+nVekB+KFfP4wVYpCiEfYnCRLyUqUee/bxDzd
2pLJhu0XRxRU6jmZowMq
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:24:29 2025 by rpki-client