Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/lmgT3s9rYGz8DYZ8c64XXtBRUO0.roa
File: lmgT3s9rYGz8DYZ8c64XXtBRUO0.roa (raw, json)
Hash identifier: GJq0jwyFASQXNiMFlNVPbAUfpH/YQMwO2duJ01k574Q=
Subject key identifier: 96:68:13:DE:CF:6B:60:6C:FC:0D:86:7C:73:AE:17:5E:D0:51:50:ED
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 0194AD8252C0D79E340BA53521F78FF874D8
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/lmgT3s9rYGz8DYZ8c64XXtBRUO0.roa
Signing time: Tue 28 Jan 2025 15:23:06 +0000
ROA not before: Tue 28 Jan 2025 15:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60798
IP address blocks: 37.156.244.0/24 maxlen: 24
89.45.228.0/24 maxlen: 24
185.116.60.0/24 maxlen: 24
2a0c:79c0:1::/48 maxlen: 48
2a0c:79c0:3::/48 maxlen: 48
2a0c:79c0:5::/48 maxlen: 48
2a0c:79c0:6::/48 maxlen: 48
2a0c:79c0:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Jan 2025 22:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:82:52:c0:d7:9e:34:0b:a5:35:21:f7:8f:f8:74:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Jan 28 15:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=966813decf6b606cfc0d867c73ae175ed05150ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:64:87:43:dc:05:3e:57:27:b8:08:72:b7:
a0:7f:b4:77:84:22:fc:4f:ec:22:5c:04:32:82:19:
de:66:7b:ea:5f:d5:ad:10:e0:25:0a:87:0f:e2:7f:
f8:43:43:d3:20:ec:ec:51:f1:43:d2:b3:53:b4:44:
fb:cb:e6:4f:52:f9:5b:fc:28:1f:a5:c9:a3:4b:70:
97:53:7c:99:67:fc:c7:8a:0a:32:e9:e3:8b:ee:40:
f2:02:c2:c3:53:a7:79:a6:8a:76:af:c8:40:89:62:
ab:f1:a8:01:7c:21:5b:d5:43:f5:7b:24:74:9f:9f:
e8:75:70:e9:4b:26:84:5f:92:2c:e8:85:27:cd:1d:
ba:9e:dd:84:a9:38:5f:94:f0:a1:dd:29:31:1e:af:
21:48:0a:b0:a0:84:1b:49:54:7a:75:0d:7d:39:6f:
fa:fe:4f:3c:87:59:df:22:32:89:72:88:43:3b:e3:
a2:81:86:57:30:ab:6c:af:65:b0:f8:88:dc:64:54:
b5:c8:88:30:b5:36:33:60:bd:e9:01:20:58:5c:37:
c5:86:b0:96:80:88:88:85:08:af:f5:2e:89:6d:e5:
85:e3:5c:99:51:fc:ed:8a:95:e5:07:cb:23:7d:e0:
2b:66:59:96:3a:da:84:61:5b:6a:06:28:93:26:2a:
e6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:68:13:DE:CF:6B:60:6C:FC:0D:86:7C:73:AE:17:5E:D0:51:50:ED
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/lmgT3s9rYGz8DYZ8c64XXtBRUO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.244.0/24
89.45.228.0/24
185.116.60.0/24
IPv6:
2a0c:79c0:1::/48
2a0c:79c0:3::/48
2a0c:79c0:5::-2a0c:79c0:6:ffff:ffff:ffff:ffff:ffff
2a0c:79c0:8::/48
Signature Algorithm: sha256WithRSAEncryption
7b:81:2b:93:fb:1c:11:fa:a6:6d:dc:22:2c:c6:00:3d:a1:77:
fe:1e:08:7b:5d:c6:3d:f8:40:52:6b:dd:65:66:e5:ef:4f:ae:
fa:97:53:e5:60:a8:8f:81:86:28:da:fb:5d:cb:fd:1a:4a:8e:
df:49:2d:0b:cd:12:4b:2f:59:76:ea:a7:6f:d3:11:11:7b:65:
78:de:db:d3:ab:e8:44:fa:5d:98:ab:e7:b4:9d:63:08:01:ba:
61:08:95:50:18:69:f9:7e:be:87:de:a6:6c:da:0a:ed:9a:f2:
85:69:ec:bf:0c:49:e0:32:15:3a:af:f3:86:e9:97:2c:ed:aa:
a7:37:16:31:4e:f9:3a:f4:4c:20:3b:ef:e6:e6:a0:40:03:40:
83:a1:23:69:27:2a:63:ae:19:c3:f2:2b:54:a4:0e:43:97:18:
29:75:49:6a:2a:e9:03:6a:77:61:79:21:25:4a:2c:32:e8:77:
26:19:26:2b:ce:1d:bd:fc:13:ab:88:d5:a8:e4:04:a5:b8:c4:
d7:84:fd:e8:62:c1:2d:55:a5:58:49:d0:8e:e9:3d:7a:47:9f:
36:6b:d5:93:bb:dc:35:fe:90:83:ac:f9:59:b8:dc:83:66:b3:
f3:0f:5e:da:34:ef:12:b6:0c:8a:9a:eb:b7:f0:56:65:d4:69:
1b:1f:9f:a0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZStglLA1540C6U1IfeP+HTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjUwMTI4MTUyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY4MTNkZWNmNmI2MDZjZmMwZDg2N2M3M2FlMTc1ZWQwNTE1MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud1kh0PcBT5XJ7gIcregf7R3hCL8
T+wiXAQyghneZnvqX9WtEOAlCocP4n/4Q0PTIOzsUfFD0rNTtET7y+ZPUvlb/Cgf
pcmjS3CXU3yZZ/zHigoy6eOL7kDyAsLDU6d5pop2r8hAiWKr8agBfCFb1UP1eyR0
n5/odXDpSyaEX5Is6IUnzR26nt2EqThflPCh3SkxHq8hSAqwoIQbSVR6dQ19OW/6
/k88h1nfIjKJcohDO+OigYZXMKtsr2Ww+IjcZFS1yIgwtTYzYL3pASBYXDfFhrCW
gIiIhQiv9S6JbeWF41yZUfztipXlB8sjfeArZlmWOtqEYVtqBiiTJirmvwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFJZoE97Pa2Bs/A2GfHOuF17QUVDtMB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEvbG1nVDNzOXJZR3o4RFlaOGM2NFhYdEJSVU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAYBAIAATASAwQAJZz0AwQA
WS3kAwQAuXQ8MDUEAgACMC8DBwAqDHnAAAEDBwAqDHnAAAMwEgMHACoMecAABQMH
ACoMecAABgMHACoMecAACDANBgkqhkiG9w0BAQsFAAOCAQEAe4Erk/scEfqmbdwi
LMYAPaF3/h4Ie13GPfhAUmvdZWbl70+u+pdT5WCoj4GGKNr7Xcv9GkqO30ktC80S
Sy9Zduqnb9MREXtleN7b06voRPpdmKvntJ1jCAG6YQiVUBhp+X6+h96mbNoK7Zry
hWnsvwxJ4DIVOq/zhumXLO2qpzcWMU75OvRMIDvv5uagQANAg6EjaScqY64Zw/Ir
VKQOQ5cYKXVJairpA2p3YXkhJUosMuh3JhkmK84dvfwTq4jVqOQEpbjE14T96GLB
LVWlWEnQjuk9ekefNmvVk7vcNf6Qg6z5Wbjcg2az8w9e2jTvErYMiprrt/BWZdRp
Gx+foA==
-----END CERTIFICATE-----
Generated at Wed May 14 09:15:30 2025 by rpki-client