Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/LseVbZvSEkrzRzJvuVEGVXTH49w.roa
File: LseVbZvSEkrzRzJvuVEGVXTH49w.roa (raw, json)
Hash identifier: b/jkmoWZt/bEFdNkMjw1DGhoVFZoEVG+beBH+X7/r/Q=
Subject key identifier: 2E:C7:95:6D:9B:D2:12:4A:F3:47:32:6F:B9:51:06:55:74:C7:E3:DC
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 0194987DC42947C6696AF9C9BC98EA00F360
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/LseVbZvSEkrzRzJvuVEGVXTH49w.roa
Signing time: Fri 24 Jan 2025 13:26:06 +0000
ROA not before: Fri 24 Jan 2025 13:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42894
IP address blocks: 131.237.0.0/16 maxlen: 24
131.237.0.0/24 maxlen: 24
131.237.1.0/24 maxlen: 24
131.237.8.0/24 maxlen: 24
131.237.32.0/24 maxlen: 24
131.237.70.0/24 maxlen: 24
131.237.71.0/24 maxlen: 24
131.237.72.0/24 maxlen: 24
131.237.73.0/24 maxlen: 24
131.237.74.0/24 maxlen: 24
131.237.77.0/24 maxlen: 24
131.237.78.0/24 maxlen: 24
131.237.83.0/24 maxlen: 24
131.237.84.0/24 maxlen: 24
131.237.96.0/24 maxlen: 24
131.237.120.0/24 maxlen: 24
131.237.121.0/24 maxlen: 24
131.237.163.0/24 maxlen: 24
145.31.0.0/16 maxlen: 24
145.45.0.0/17 maxlen: 24
145.45.0.0/24 maxlen: 24
145.45.48.0/24 maxlen: 24
145.45.110.0/24 maxlen: 24
145.50.0.0/16 maxlen: 24
145.50.37.0/24 maxlen: 24
145.50.39.0/24 maxlen: 24
145.50.105.0/24 maxlen: 24
145.50.233.0/24 maxlen: 24
194.104.116.0/22 maxlen: 24
2a13:e080::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Jan 2025 09:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:7d:c4:29:47:c6:69:6a:f9:c9:bc:98:ea:00:f3:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 24 13:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ec7956d9bd2124af347326fb951065574c7e3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:de:5b:8d:a3:35:42:ba:a6:3d:46:10:34:6e:
03:3a:3a:54:9a:c5:69:2c:c5:09:6d:c0:d1:7f:45:
4f:35:62:d7:40:46:8d:20:60:c4:18:1a:82:f7:4a:
a3:d6:25:be:14:0b:56:a9:fd:74:f3:37:47:da:f8:
34:f4:4d:52:9e:c2:c8:a8:93:e9:a1:a6:a7:65:c8:
5e:9c:23:1d:39:1d:7a:05:d9:c0:c9:65:1d:63:73:
ee:b9:21:c2:17:c5:35:e6:da:fd:e9:68:a6:18:e1:
d0:49:2b:da:e2:44:e8:82:e7:fb:7c:24:bd:90:a9:
2c:cc:fb:d3:61:63:f7:0a:02:4a:8b:ee:93:53:38:
ca:6e:47:5a:7d:2f:51:cf:c8:00:cb:53:f7:81:7f:
ee:19:2d:f4:ab:57:47:bb:f0:56:0c:e8:fe:c4:62:
2e:d9:88:af:fd:ab:fc:59:d7:33:d9:c5:0a:83:ea:
35:20:e4:a7:55:be:41:85:be:00:b1:d8:f8:d5:57:
d2:a0:d2:9e:c5:3b:da:cf:bb:ce:74:49:2c:7e:5a:
c2:af:c2:22:ee:9c:32:46:80:01:f6:42:dd:0b:08:
26:a9:da:af:29:73:58:53:44:6d:ec:1d:7f:2f:cd:
22:ba:06:7d:c2:5c:d4:78:e3:8a:88:11:19:52:62:
96:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C7:95:6D:9B:D2:12:4A:F3:47:32:6F:B9:51:06:55:74:C7:E3:DC
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/LseVbZvSEkrzRzJvuVEGVXTH49w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
194.104.116.0/22
IPv6:
2a13:e080::/32
Signature Algorithm: sha256WithRSAEncryption
6c:c4:a2:e0:c6:e9:64:2a:39:68:33:ed:2b:e0:6e:87:ce:82:
2e:c1:fb:e7:2b:00:1f:6c:ee:3b:f3:4c:82:d2:d8:57:b6:2d:
b7:96:b7:d6:40:0d:47:93:21:63:c2:8f:a0:7a:7a:23:7e:8a:
2f:83:b2:4e:1a:46:bb:2b:6a:a8:96:57:94:ed:3e:49:30:89:
9c:07:fc:04:d1:07:24:3e:3a:90:3b:1a:ab:5f:7d:67:2f:b7:
c6:9a:c2:28:10:9a:2d:a5:8f:9f:28:dd:df:ea:e4:34:7d:23:
c9:af:77:dc:21:92:4f:71:88:ae:5a:e6:30:7a:da:5c:63:59:
4a:84:e6:d6:6d:e4:d4:d3:90:ca:2e:2b:ec:4d:85:d5:8b:9c:
f8:44:3f:c4:d2:2d:4d:e0:5c:73:d3:27:b7:8b:c5:0d:43:89:
c1:1d:ac:f6:c9:14:ca:57:12:61:86:f3:d5:56:91:0a:76:cc:
c3:49:69:8a:08:2f:6c:cb:c5:84:00:b8:19:f5:84:f4:f9:a7:
82:2f:0a:59:2f:80:ed:0e:0b:67:9f:12:db:0e:b6:b9:51:74:
a3:af:dd:6c:f9:2c:8e:53:de:d4:4b:0e:e3:91:2e:22:30:e7:
93:cb:b4:3c:83:5e:da:f9:0b:c9:e0:13:7e:c4:67:ad:44:94:
96:c0:62:69
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZSYfcQpR8ZpavnJvJjqAPNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjUwMTI0MTMyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM3OTU2ZDliZDIxMjRhZjM0NzMyNmZiOTUxMDY1NTc0YzdlM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd5bjaM1QrqmPUYQNG4DOjpUmsVp
LMUJbcDRf0VPNWLXQEaNIGDEGBqC90qj1iW+FAtWqf108zdH2vg09E1SnsLIqJPp
oaanZchenCMdOR16BdnAyWUdY3PuuSHCF8U15tr96WimGOHQSSva4kToguf7fCS9
kKkszPvTYWP3CgJKi+6TUzjKbkdafS9Rz8gAy1P3gX/uGS30q1dHu/BWDOj+xGIu
2Yiv/av8Wdcz2cUKg+o1IOSnVb5Bhb4Asdj41VfSoNKexTvaz7vOdEksflrCr8Ii
7pwyRoAB9kLdCwgmqdqvKXNYU0Rt7B1/L80iugZ9wlzUeOOKiBEZUmKWdQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC7HlW2b0hJK80cyb7lRBlV0x+PcMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvTHNlVmJadlNFa3J6UnpKdnVWRUdWWFRINDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQBsxKLgxulkKjloM+0r4G6HzoIuwfvnKwAfbO4780yC0thXti23lrfWQA1H
kyFjwo+genojfoovg7JOGka7K2qolleU7T5JMImcB/wE0QckPjqQOxqrX31nL7fG
msIoEJotpY+fKN3f6uQ0fSPJr3fcIZJPcYiuWuYwetpcY1lKhObWbeTU05DKLivs
TYXVi5z4RD/E0i1N4Fxz0ye3i8UNQ4nBHaz2yRTKVxJhhvPVVpEKdszDSWmKCC9s
y8WEALgZ9YT0+aeCLwpZL4DtDgtnnxLbDra5UXSjr91s+SyOU97USw7jkS4iMOeT
y7Q8g17a+QvJ4BN+xGetRJSWwGJp
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:57:23 2025 by rpki-client