Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/LSoACxQ5JmTRyJbovbxWtGFkUFg.roa
File: LSoACxQ5JmTRyJbovbxWtGFkUFg.roa (raw, json)
Hash identifier: Yx/g8+A+QnfpJfhFypCei1WbyHoX5VCIUXuaJ07kEd0=
Subject key identifier: 2D:2A:00:0B:14:39:26:64:D1:C8:96:E8:BD:BC:56:B4:61:64:50:58
Certificate issuer: /CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Certificate serial: 0194129B5B9009BE77FCFB66FF2153B19875
Authority key identifier: A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/LSoACxQ5JmTRyJbovbxWtGFkUFg.roa
Signing time: Sun 29 Dec 2024 13:29:18 +0000
ROA not before: Sun 29 Dec 2024 13:29:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21245
IP address blocks: 31.3.0.0/24 maxlen: 24
31.3.1.0/24 maxlen: 24
31.3.2.0/24 maxlen: 24
31.3.3.0/24 maxlen: 24
31.3.4.0/24 maxlen: 24
31.3.5.0/24 maxlen: 24
31.3.6.0/24 maxlen: 24
31.3.7.0/24 maxlen: 24
80.91.216.0/24 maxlen: 24
146.19.176.0/24 maxlen: 24
185.21.180.0/24 maxlen: 24
185.21.181.0/24 maxlen: 24
185.21.182.0/24 maxlen: 24
185.21.183.0/24 maxlen: 24
185.22.160.0/24 maxlen: 24
185.22.161.0/24 maxlen: 24
185.22.162.0/24 maxlen: 24
185.22.163.0/24 maxlen: 24
185.87.172.0/24 maxlen: 24
185.87.173.0/24 maxlen: 24
185.87.174.0/24 maxlen: 24
185.87.175.0/24 maxlen: 24
185.155.102.0/24 maxlen: 24
185.201.196.0/24 maxlen: 24
185.201.197.0/24 maxlen: 24
185.201.198.0/24 maxlen: 24
185.230.16.0/24 maxlen: 24
185.230.17.0/24 maxlen: 24
185.230.19.0/24 maxlen: 24
185.235.10.0/24 maxlen: 24
185.241.63.0/24 maxlen: 24
2a03:3f00::/48 maxlen: 48
2a03:3f00:1::/48 maxlen: 48
2a03:3f00:2::/48 maxlen: 48
2a03:3f00:3::/48 maxlen: 48
2a03:3f00:4::/48 maxlen: 48
2a03:3f00:5::/48 maxlen: 48
2a03:3f00:6::/48 maxlen: 48
2a03:3f00:7::/48 maxlen: 48
2a03:3f00:10::/48 maxlen: 48
2a03:3f00:17::/48 maxlen: 48
2a03:3f00:19::/48 maxlen: 48
2a03:3f00:31::/48 maxlen: 48
2a03:3f00:160::/48 maxlen: 48
2a03:3f00:161::/48 maxlen: 48
2a03:3f00:162::/48 maxlen: 48
2a03:3f00:163::/48 maxlen: 48
2a03:3f00:172::/48 maxlen: 48
2a03:3f00:174::/48 maxlen: 48
2a03:3f00:175::/48 maxlen: 48
2a03:3f00:180::/48 maxlen: 48
2a03:3f00:181::/48 maxlen: 48
2a03:3f00:182::/48 maxlen: 48
2a03:3f00:183::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:9b:5b:90:09:be:77:fc:fb:66:ff:21:53:b1:98:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Validity
Not Before: Dec 29 13:29:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d2a000b14392664d1c896e8bdbc56b461645058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f4:4d:20:2d:06:fe:59:6c:d3:00:2f:dd:1c:
29:a8:42:3b:76:8c:29:8f:c6:74:cb:e1:68:96:62:
ea:59:14:30:5c:42:ac:6b:1e:51:c9:5a:fc:74:19:
d8:89:9d:4c:20:b6:94:0d:ca:14:96:af:49:08:c3:
9e:9d:63:99:62:84:2b:0d:88:8f:31:72:3c:49:91:
70:12:7d:7f:74:8b:39:91:ea:ae:40:52:fc:4f:16:
84:63:45:0f:2f:c6:f0:83:c4:5a:9c:7f:56:15:43:
9b:be:f4:92:a0:b4:40:15:79:84:21:f8:66:27:34:
54:a2:78:f6:51:13:98:23:bc:e8:f2:bb:ca:d6:b6:
1b:b7:9a:bd:fb:25:b1:df:f4:16:4a:22:6f:eb:e3:
ff:31:ca:ff:c5:6c:5c:7b:d5:fe:c5:84:1e:a3:fa:
25:8e:18:4b:84:7e:ed:fe:88:06:c8:2e:88:30:42:
7b:6f:82:93:e3:f1:fd:1a:bb:ab:d8:45:48:4d:03:
1a:51:ce:4b:83:b4:79:c8:b4:2f:06:8d:8a:16:02:
9d:20:1d:4d:9b:df:f2:7b:91:a6:6b:d4:cf:dc:7a:
c7:15:42:6c:c1:55:06:b1:32:b1:9b:b3:df:86:7a:
63:19:e8:e9:28:c6:b0:6b:62:94:e3:af:c3:04:63:
94:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2A:00:0B:14:39:26:64:D1:C8:96:E8:BD:BC:56:B4:61:64:50:58
X509v3 Authority Key Identifier:
keyid:A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/LSoACxQ5JmTRyJbovbxWtGFkUFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.0.0/21
80.91.216.0/24
146.19.176.0/24
185.21.180.0/22
185.22.160.0/22
185.87.172.0/22
185.155.102.0/24
185.201.196.0-185.201.198.255
185.230.16.0/23
185.230.19.0/24
185.235.10.0/24
185.241.63.0/24
IPv6:
2a03:3f00::/45
2a03:3f00:10::/48
2a03:3f00:17::/48
2a03:3f00:19::/48
2a03:3f00:31::/48
2a03:3f00:160::/46
2a03:3f00:172::/48
2a03:3f00:174::/47
2a03:3f00:180::/46
Signature Algorithm: sha256WithRSAEncryption
73:8b:a7:40:f9:34:90:4e:5d:c8:e1:b3:de:91:78:72:f9:4d:
00:e9:b6:c9:40:85:45:ed:5a:aa:17:4b:21:99:b9:e4:89:2b:
73:d9:87:df:45:f2:16:d8:ff:75:27:97:42:92:85:ac:4b:ea:
95:1c:de:2e:44:06:51:86:08:16:59:ff:fa:50:ba:15:47:02:
16:16:6b:9d:86:e7:2d:75:c8:47:ca:8d:11:a7:e5:0c:9a:e7:
26:b0:79:1b:04:ea:68:0b:33:7b:3a:6f:d2:47:76:18:97:1b:
68:0b:a0:c0:1d:7b:59:0a:a1:20:ba:e4:dd:f3:54:04:84:af:
3e:70:25:55:00:d5:56:42:22:7d:6c:e9:bb:f0:8e:c9:86:f9:
b8:6f:9f:01:34:3c:c6:32:ac:47:5e:1f:94:54:ed:81:db:45:
06:97:b7:e6:1a:91:a4:72:52:04:0f:70:62:0d:94:9b:3a:76:
50:a8:e9:00:c9:45:fc:84:ae:ba:f0:6a:b9:a4:d0:9c:6a:89:
f9:3f:4e:9a:e9:79:f9:c7:68:d0:7e:b8:fb:91:29:fd:2a:8b:
19:79:bc:b8:e6:97:d3:65:30:c2:57:97:4d:3f:f1:4b:89:c4:
09:94:88:f2:70:c1:68:36:23:94:68:fd:68:76:81:6b:a4:6f:
2a:07:58:5e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQSm1uQCb53/Ptm/yFTsZh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjE4Zjk2YWFhMDM1NjdmMjJmYzAyYzQyYTY5MzU3MDg2
NTVhYTkwHhcNMjQxMjI5MTMyOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDJhMDAwYjE0MzkyNjY0ZDFjODk2ZThiZGJjNTZiNDYxNjQ1MDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvRNIC0G/lls0wAv3RwpqEI7dowp
j8Z0y+FolmLqWRQwXEKsax5RyVr8dBnYiZ1MILaUDcoUlq9JCMOenWOZYoQrDYiP
MXI8SZFwEn1/dIs5kequQFL8TxaEY0UPL8bwg8RanH9WFUObvvSSoLRAFXmEIfhm
JzRUonj2UROYI7zo8rvK1rYbt5q9+yWx3/QWSiJv6+P/Mcr/xWxce9X+xYQeo/ol
jhhLhH7t/ogGyC6IMEJ7b4KT4/H9Grur2EVITQMaUc5Lg7R5yLQvBo2KFgKdIB1N
m9/ye5Gma9TP3HrHFUJswVUGsTKxm7PfhnpjGejpKMawa2KU46/DBGOUpQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFC0qAAsUOSZk0ciW6L28VrRhZFBYMB8GA1UdIwQY
MBaAFKSxj5aqoDVn8i/ALEKmk1cIZVqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2Ut
YzY5NGYwZWFjYmE2LzEvTFNvQUN4UTVKbVRSeUpib3ZieFd0R0ZrVUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2UtYzY5NGYwZWFjYmE2
LzEvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTBWBAIAATBQAwQDHwMA
AwQAUFvYAwQAkhOwAwQCuRW0AwQCuRagAwQCuVesAwQAuZtmMAwDBAK5ycQDBAC5
ycYDBAG55hADBAC55hMDBAC56woDBAC58T8wVwQCAAIwUQMHAyoDPwAAAAMHACoD
PwAAEAMHACoDPwAAFwMHACoDPwAAGQMHACoDPwAAMQMHAioDPwABYAMHACoDPwAB
cgMHASoDPwABdAMHAioDPwABgDANBgkqhkiG9w0BAQsFAAOCAQEAc4unQPk0kE5d
yOGz3pF4cvlNAOm2yUCFRe1aqhdLIZm55Ikrc9mH30XyFtj/dSeXQpKFrEvqlRze
LkQGUYYIFln/+lC6FUcCFhZrnYbnLXXIR8qNEaflDJrnJrB5GwTqaAszezpv0kd2
GJcbaAugwB17WQqhILrk3fNUBISvPnAlVQDVVkIifWzpu/COyYb5uG+fATQ8xjKs
R14flFTtgdtFBpe35hqRpHJSBA9wYg2Umzp2UKjpAMlF/ISuuvBquaTQnGqJ+T9O
mul5+cdo0H64+5Ep/SqLGXm8uOaX02UwwleXTT/xS4nECZSI8nDBaDYjlGj9aHaB
a6RvKgdYXg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:26:26 2025 by rpki-client