Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/LlKsBraPZtxDCgldElHGUufjm1M.roa
File: LlKsBraPZtxDCgldElHGUufjm1M.roa (raw, json)
Hash identifier: z6Yp6jLif8a5V7K/QVSTSC8GNQM0jCYyCbTneKs2PJI=
Subject key identifier: 2E:52:AC:06:B6:8F:66:DC:43:0A:09:5D:12:51:C6:52:E7:E3:9B:53
Certificate issuer: /CN=b0095ed011c94358245c32757d46bed860df4c19
Certificate serial: 0194236A361E1C5C271B06648AB2543D2FDC
Authority key identifier: B0:09:5E:D0:11:C9:43:58:24:5C:32:75:7D:46:BE:D8:60:DF:4C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/LlKsBraPZtxDCgldElHGUufjm1M.roa
Signing time: Wed 01 Jan 2025 19:49:10 +0000
ROA not before: Wed 01 Jan 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200209
IP address blocks: 5.63.20.0/24 maxlen: 24
185.23.109.0/24 maxlen: 24
2a13:a000:1000::/36 maxlen: 36
2a13:a000:2000::/36 maxlen: 36
2a13:a000:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 06 Jan 2025 19:25:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:36:1e:1c:5c:27:1b:06:64:8a:b2:54:3d:2f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0095ed011c94358245c32757d46bed860df4c19
Validity
Not Before: Jan 1 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e52ac06b68f66dc430a095d1251c652e7e39b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:3c:c2:5c:4b:49:05:aa:a5:02:3d:d5:7a:
76:24:5a:70:44:da:e5:6a:84:d8:a8:49:66:3c:98:
c0:64:b5:9b:53:c6:0c:44:01:20:69:0b:47:00:24:
06:ac:64:e1:af:3c:37:d4:9b:45:8e:f4:1c:8f:aa:
d8:31:12:f3:13:49:0d:b2:e9:00:0a:47:9e:ba:a8:
1f:77:a9:f5:c9:f7:ad:ad:f0:cc:b6:ac:c4:41:9c:
7f:27:bf:1f:35:72:31:5a:4b:2b:a1:81:b8:94:08:
25:7c:ea:23:bf:cd:73:f2:a5:ef:cc:98:66:a7:7b:
e1:8f:e5:4d:80:d1:48:f2:40:aa:fd:3d:69:df:65:
37:37:fd:a4:b4:34:9b:54:b8:b1:69:7c:cd:a0:7a:
67:77:4e:20:74:cb:23:40:07:ea:5b:8d:de:25:dd:
19:56:1e:0e:ed:1d:f8:74:4d:84:1f:f8:d0:c8:87:
f4:42:7f:cd:14:c2:39:3f:28:f9:3e:79:ca:6e:3e:
a5:f1:fe:13:dd:f0:ed:d2:93:0e:9f:c7:3d:2e:a7:
6b:41:5d:6d:65:1d:6e:83:5e:01:b3:58:f2:ff:c2:
12:27:9c:48:b9:0a:09:c7:27:9e:05:0d:cc:b6:d0:
9e:44:2f:f5:0f:4e:f1:ce:9f:77:34:1e:87:73:c9:
75:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:52:AC:06:B6:8F:66:DC:43:0A:09:5D:12:51:C6:52:E7:E3:9B:53
X509v3 Authority Key Identifier:
keyid:B0:09:5E:D0:11:C9:43:58:24:5C:32:75:7D:46:BE:D8:60:DF:4C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/LlKsBraPZtxDCgldElHGUufjm1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.20.0/24
185.23.109.0/24
IPv6:
2a13:a000:1000::-2a13:a000:3fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c5:cc:39:86:36:85:49:f7:90:91:5d:ab:a5:7c:55:b2:18:84:
c7:7c:5f:18:1e:b8:f2:ca:20:0f:86:3c:f1:ca:9f:27:2f:bf:
f3:1a:ca:98:dc:ce:f4:ff:46:a7:a1:3f:d8:de:18:1f:58:7c:
60:e8:ed:ff:6e:3e:37:35:01:47:64:46:e8:6a:d4:ac:67:50:
b6:1e:2a:84:a9:9d:43:67:e2:b8:1c:4f:32:0b:99:5e:f0:3f:
20:7e:27:ba:32:8e:6b:8c:00:aa:09:92:1f:63:aa:68:b2:08:
f8:31:b4:52:a5:ce:df:5b:e4:ce:cb:25:91:c3:6c:cb:a5:17:
23:61:75:93:64:05:3f:54:17:00:7f:a0:d7:35:b1:18:2e:e1:
3f:d8:86:6b:28:59:f4:35:4e:6b:b3:6b:0f:4c:8a:7d:1b:12:
81:3a:7c:cb:a9:13:e4:20:de:53:e7:f6:a4:73:72:94:67:06:
ed:a6:9b:2b:c8:86:21:30:67:2d:71:c5:2c:3e:8d:87:87:0d:
3f:b8:79:12:6a:8e:04:c7:71:c6:8b:5e:1a:f6:ab:54:bf:db:
ba:2d:e2:35:08:7f:56:d2:d7:2a:8d:d6:08:1b:02:69:83:68:
fa:0d:3b:ce:e4:84:30:36:9a:1d:6a:e3:ad:1e:42:26:87:b2:
63:5a:f1:c8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQjajYeHFwnGwZkirJUPS/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMDk1ZWQwMTFjOTQzNTgyNDVjMzI3NTdkNDZiZWQ4NjBk
ZjRjMTkwHhcNMjUwMTAxMTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTUyYWMwNmI2OGY2NmRjNDMwYTA5NWQxMjUxYzY1MmU3ZTM5YjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6I8wlxLSQWqpQI91Xp2JFpwRNrl
aoTYqElmPJjAZLWbU8YMRAEgaQtHACQGrGThrzw31JtFjvQcj6rYMRLzE0kNsukA
Ckeeuqgfd6n1yfetrfDMtqzEQZx/J78fNXIxWksroYG4lAglfOojv81z8qXvzJhm
p3vhj+VNgNFI8kCq/T1p32U3N/2ktDSbVLixaXzNoHpnd04gdMsjQAfqW43eJd0Z
Vh4O7R34dE2EH/jQyIf0Qn/NFMI5Pyj5PnnKbj6l8f4T3fDt0pMOn8c9LqdrQV1t
ZR1ug14Bs1jy/8ISJ5xIuQoJxyeeBQ3MttCeRC/1D07xzp93NB6Hc8l1LwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFC5SrAa2j2bcQwoJXRJRxlLn45tTMB8GA1UdIwQY
MBaAFLAJXtARyUNYJFwydX1Gvthg30wZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0FsZTBCSEpRMWdrWERKMWZVYS0yR0RmVEJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80OWNkZWMtNjlmMC00NTQwLTg5YmEt
ZWE0NTk2OTk1MGNjLzEvTGxLc0JyYVBadHhEQ2dsZEVsSEdVdWZqbTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80OWNkZWMtNjlmMC00NTQwLTg5YmEtZWE0NTk2OTk1MGNj
LzEvc0FsZTBCSEpRMWdrWERKMWZVYS0yR0RmVEJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQABT8UAwQA
uRdtMBgEAgACMBIwEAMGBCoToAAQAwYGKhOgAAAwDQYJKoZIhvcNAQELBQADggEB
AMXMOYY2hUn3kJFdq6V8VbIYhMd8XxgeuPLKIA+GPPHKnycvv/MaypjczvT/Rqeh
P9jeGB9YfGDo7f9uPjc1AUdkRuhq1KxnULYeKoSpnUNn4rgcTzILmV7wPyB+J7oy
jmuMAKoJkh9jqmiyCPgxtFKlzt9b5M7LJZHDbMulFyNhdZNkBT9UFwB/oNc1sRgu
4T/YhmsoWfQ1Tmuzaw9Min0bEoE6fMupE+Qg3lPn9qRzcpRnBu2mmyvIhiEwZy1x
xSw+jYeHDT+4eRJqjgTHccaLXhr2q1S/27ot4jUIf1bS1yqN1ggbAmmDaPoNO87k
hDA2mh1q460eQiaHsmNa8cg=
-----END CERTIFICATE-----
Generated at Tue May 13 11:32:35 2025 by rpki-client