Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LgEu1NlIszfSKkLq3o9bSS8n6bs.roa
File: LgEu1NlIszfSKkLq3o9bSS8n6bs.roa (raw, json)
Hash identifier: POE+WfqT/n4BMgHmjOBcs+IbOH3KU74fTxwO1tg2y4I=
Subject key identifier: 2E:01:2E:D4:D9:48:B3:37:D2:2A:42:EA:DE:8F:5B:49:2F:27:E9:BB
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01903B45483B035401BD405FB8D04AEA6B14
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LgEu1NlIszfSKkLq3o9bSS8n6bs.roa
Signing time: Fri 21 Jun 2024 14:48:34 +0000
ROA not before: Fri 21 Jun 2024 14:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.10.192.0/24 maxlen: 32
45.10.193.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.153.157.0/24 maxlen: 24
45.153.158.0/23 maxlen: 32
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
87.239.255.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Jul 2024 08:40:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:45:48:3b:03:54:01:bd:40:5f:b8:d0:4a:ea:6b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jun 21 14:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e012ed4d948b337d22a42eade8f5b492f27e9bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6d:02:3f:d9:3c:c0:db:a6:9c:4d:91:08:4a:
da:3f:88:8e:c0:ed:fa:53:09:24:7f:32:4c:8a:b4:
81:7f:51:ec:d5:f0:29:d2:3c:14:fa:28:58:d9:a6:
a0:47:e7:14:1b:f8:c8:de:5d:ee:59:53:08:1d:56:
4f:d2:1b:c6:15:ec:c6:13:d2:21:81:50:40:e6:9c:
6a:37:65:f7:66:33:05:99:bb:15:03:5e:8b:07:30:
b6:1f:fb:86:05:75:b9:00:86:16:9d:d5:b8:06:a7:
e9:c7:eb:31:95:cc:aa:d6:2a:bb:02:22:f3:d8:9a:
ff:e2:18:f3:a3:eb:ae:6f:9f:d6:79:65:c4:17:98:
43:1d:41:00:10:d7:50:4e:4f:bb:57:d1:9f:7e:21:
f1:36:8b:73:b8:e8:4b:84:69:c0:f8:68:a3:63:70:
f9:b0:48:db:2e:bc:1c:8b:89:88:5b:17:39:fc:f4:
6d:06:fe:79:ae:62:e2:e0:2d:24:30:23:73:ca:1d:
54:69:06:13:87:c3:f8:da:03:85:e9:84:4c:f1:67:
2b:b5:e6:c0:dc:d0:b2:cd:49:62:71:e4:57:b1:f1:
09:f8:1a:64:72:3f:e1:c5:57:fb:4e:56:0a:15:84:
34:44:36:c7:d5:19:bc:76:2f:0d:f9:d3:8b:f8:92:
dd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:01:2E:D4:D9:48:B3:37:D2:2A:42:EA:DE:8F:5B:49:2F:27:E9:BB
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LgEu1NlIszfSKkLq3o9bSS8n6bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.10.192.0/23
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.153.157.0-45.153.159.255
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.255.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
18:f4:a9:2d:9f:13:2f:fa:2c:66:66:fd:bd:b9:52:74:ec:e9:
a7:a0:00:dc:59:65:c0:57:3b:d2:50:c1:22:2e:4d:be:48:30:
a9:20:87:b2:b0:3d:7e:c4:cc:4f:d3:67:e0:8f:2a:57:90:39:
0f:38:42:44:33:b7:48:21:57:44:b7:e3:45:fc:ff:2a:43:bf:
ff:a0:6b:87:5c:b8:c4:80:7b:79:dd:13:de:22:22:3f:fe:43:
39:f1:65:5e:32:52:78:67:b9:94:36:67:3a:d0:2a:5c:96:f0:
f3:6e:00:20:2d:13:ef:ae:4d:d7:aa:70:f4:f0:d3:49:84:2b:
4b:19:fe:10:68:6a:f6:57:7f:c2:87:d8:20:43:1e:69:5d:23:
c8:54:9b:32:66:c6:f5:61:00:a7:01:ec:40:b3:55:e8:47:83:
d5:bc:24:14:f2:b1:34:30:c9:c5:52:3f:20:73:50:66:2b:c7:
be:a4:33:dc:bf:4c:89:82:f8:fd:30:90:84:7c:60:3f:97:ed:
50:cd:35:66:ae:04:c0:55:4f:88:db:6f:80:38:c5:84:72:f4:
33:9a:e7:46:0e:ff:e5:00:1f:d9:b4:76:1e:58:1a:45:55:aa:
33:c2:12:03:10:2d:71:84:2b:bb:73:be:76:1a:1f:7f:5c:6b:
4d:a0:b2:7b
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISAZA7RUg7A1QBvUBfuNBK6msUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwNjIxMTQ0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTAxMmVkNGQ5NDhiMzM3ZDIyYTQyZWFkZThmNWI0OTJmMjdlOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv20CP9k8wNumnE2RCEraP4iOwO36
UwkkfzJMirSBf1Hs1fAp0jwU+ihY2aagR+cUG/jI3l3uWVMIHVZP0hvGFezGE9Ih
gVBA5pxqN2X3ZjMFmbsVA16LBzC2H/uGBXW5AIYWndW4Bqfpx+sxlcyq1iq7AiLz
2Jr/4hjzo+uub5/WeWXEF5hDHUEAENdQTk+7V9GffiHxNotzuOhLhGnA+GijY3D5
sEjbLrwci4mIWxc5/PRtBv55rmLi4C0kMCNzyh1UaQYTh8P42gOF6YRM8WcrtebA
3NCyzUliceRXsfEJ+Bpkcj/hxVf7TlYKFYQ0RDbH1Rm8di8N+dOL+JLdGQIDAQAB
o4IDUjCCA04wHQYDVR0OBBYEFC4BLtTZSLM30ipC6t6PW0kvJ+m7MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvTGdFdTFObElzemZTS2tMcTNvOWJTUzhuNmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZgYIKwYBBQUHAQcBAf8EggFVMIIBUTCBzwQCAAEwgcgD
BAAFmq4DBAEtCsADBAItXxgDBAItkFgDBAItlRwwDAMEAC2ZnQMEBS2ZgAMEAi2c
4AMEAFD2HgMEAFZptwMEAFfv/wMEAFkj+QMEAFkoGAMEAFkszQMEAFvk2AMEAF4u
zgMEALkk/gMEALlgogMEAblsaAMEArmTjAMEArmYJAMEArmY+AMEALmZlwMEArmg
LAMEALmmVAMEALm45AMEALm8PQMEALnJvAMEArnZQAMEALny2QMEALx3mgMEAMEk
WQMEAMMvwjB9BAIAAjB3AwUAKgFHQAMFAyoFKMADBQMqBfTAAwUDKgYwQAMFAyoG
RsADBQMqBkoAAwUDKgZQAAMFAyoGVwADBQMqBt+AAwUDKgbkgAMFAyoHR4ADBQMq
B5yAAwUDKgfywAMFAyoKMIADBQMqCz9AAwUDKgzYwAMFAyoM7EAwDQYJKoZIhvcN
AQELBQADggEBABj0qS2fEy/6LGZm/b25UnTs6aegANxZZcBXO9JQwSIuTb5IMKkg
h7KwPX7EzE/TZ+CPKleQOQ84QkQzt0ghV0S340X8/ypDv/+ga4dcuMSAe3ndE94i
Ij/+QznxZV4yUnhnuZQ2ZzrQKlyW8PNuACAtE++uTdeqcPTw00mEK0sZ/hBoavZX
f8KH2CBDHmldI8hUmzJmxvVhAKcB7ECzVehHg9W8JBTysTQwycVSPyBzUGYrx76k
M9y/TImC+P0wkIR8YD+X7VDNNWauBMBVT4jbb4A4xYRy9DOa50YO/+UAH9m0dh5Y
GkVVqjPCEgMQLXGEK7tzvnYaH39ca02gsns=
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:34:26 2025 by rpki-client