Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/LmdIVudYG941MO7gviiVAtISNPA.roa
File: LmdIVudYG941MO7gviiVAtISNPA.roa (raw, json)
Hash identifier: /Rifv/Bhh/qEpbEYBiqbmI1GcH511dVZmQuYRCFTrCU=
Subject key identifier: 2E:67:48:56:E7:58:1B:DE:35:30:EE:E0:BE:28:95:02:D2:12:34:F0
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018D5AC31D01B6CF9A459145B55D506925F8
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/LmdIVudYG941MO7gviiVAtISNPA.roa
Signing time: Tue 30 Jan 2024 14:25:52 +0000
ROA not before: Tue 30 Jan 2024 14:25:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 45.87.95.0/24 maxlen: 32
45.90.210.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.131.152.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
80.66.196.0/22 maxlen: 24
94.124.116.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
185.194.54.0/24 maxlen: 32
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 32
193.111.30.0/23 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 32
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a09::/29 maxlen: 128
2a09:0:15::/48 maxlen: 48
2a09:6::/48 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 14:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:c3:1d:01:b6:cf:9a:45:91:45:b5:5d:50:69:25:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 30 14:25:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e674856e7581bde3530eee0be289502d21234f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7d:b4:86:da:5a:33:59:0b:cc:93:6e:0f:5e:
23:ae:66:c0:8a:aa:f3:64:f2:4f:a8:cf:0c:78:0c:
e5:04:93:81:65:9d:fe:d8:7a:5d:99:46:7c:18:7a:
8a:ca:e4:df:7b:62:c5:2a:67:6e:c1:55:54:e0:13:
fc:27:7f:fa:a5:32:11:33:87:f9:59:73:6c:4b:08:
8c:33:dd:13:fa:ab:01:8f:28:55:a0:be:54:6c:73:
bc:6f:f4:fc:85:a1:4b:d7:a9:7b:7c:e8:95:66:82:
a5:9f:48:bb:84:72:44:b9:a2:f0:5b:c3:f3:c9:2f:
aa:10:2e:14:2d:96:72:6c:8c:de:29:93:d1:82:58:
63:fb:b6:4c:f0:26:12:28:a0:60:10:19:39:9b:a2:
c7:dd:a4:47:72:0f:cf:73:ab:6b:b9:3c:f2:2c:43:
2c:6b:04:43:29:6a:3f:b7:02:34:1f:be:55:9e:0f:
5f:b7:12:6f:fb:6f:85:4f:3c:ba:53:07:79:ad:f1:
3f:ac:25:d5:93:56:ac:67:6d:d6:60:e9:f9:64:26:
0c:80:d8:49:b1:b7:5e:10:ad:ec:8c:85:11:ff:08:
fb:d6:97:f4:68:e9:54:50:5f:b8:a1:67:77:57:60:
ee:26:bf:f4:c3:62:e7:e8:62:03:8f:57:6b:00:f2:
49:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:67:48:56:E7:58:1B:DE:35:30:EE:E0:BE:28:95:02:D2:12:34:F0
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/LmdIVudYG941MO7gviiVAtISNPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.95.0/24
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.111.30.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09::/29
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
23:dd:2d:1e:ea:5e:1b:54:55:7e:e0:7a:02:22:34:03:b0:8e:
bd:38:6b:e5:7c:b6:7c:eb:55:88:a7:51:b5:b9:a9:ce:ac:b8:
a8:bf:bb:37:11:b0:31:31:9f:8c:1b:cb:fc:89:af:ae:29:45:
21:18:2a:3a:fe:0d:56:e9:e7:93:95:7c:be:5e:35:6a:88:fd:
83:e3:04:4a:22:9f:2b:1a:20:6f:68:63:94:7c:0b:2e:09:c7:
00:a6:34:74:7d:35:2a:de:f3:8f:d9:95:48:65:d2:d9:0a:59:
26:12:a9:b6:0b:0b:65:2d:b6:7b:1b:70:33:ae:16:91:9d:38:
55:d5:f3:93:c6:41:5b:6c:9d:55:69:bb:02:20:c9:c8:a1:ad:
d3:e5:89:e2:c9:a9:f6:97:ab:5d:4d:12:a3:0b:6f:77:16:02:
09:3f:f5:f4:76:04:3a:d8:06:38:ca:63:2d:60:c1:a3:85:7c:
17:b0:fa:0f:33:44:09:d7:2a:3a:70:32:28:7b:36:01:cc:e4:
6e:9c:d5:8f:3e:f0:f3:5a:5d:80:07:f3:a1:b3:0a:5c:09:d4:
c3:c3:94:09:cf:b9:3e:b7:64:a3:57:46:9a:c8:9c:38:20:e9:
21:b8:43:57:a0:3c:4c:c6:09:d0:f1:77:8f:9a:7e:fa:5d:42:
7a:66:28:de
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAY1awx0Bts+aRZFFtV1QaSX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTMwMTQyNTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTY3NDg1NmU3NTgxYmRlMzUzMGVlZTBiZTI4OTUwMmQyMTIzNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh320htpaM1kLzJNuD14jrmbAiqrz
ZPJPqM8MeAzlBJOBZZ3+2HpdmUZ8GHqKyuTfe2LFKmduwVVU4BP8J3/6pTIRM4f5
WXNsSwiMM90T+qsBjyhVoL5UbHO8b/T8haFL16l7fOiVZoKln0i7hHJEuaLwW8Pz
yS+qEC4ULZZybIzeKZPRglhj+7ZM8CYSKKBgEBk5m6LH3aRHcg/Pc6truTzyLEMs
awRDKWo/twI0H75Vng9ftxJv+2+FTzy6Uwd5rfE/rCXVk1asZ23WYOn5ZCYMgNhJ
sbdeEK3sjIUR/wj71pf0aOlUUF+4oWd3V2DuJr/0w2Ln6GIDj1drAPJJ7QIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFC5nSFbnWBveNTDu4L4olQLSEjTwMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvTG1kSVZ1ZFlHOTQxTU83Z3ZpaVZBdElTTlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCBkwQCAAEwgYwD
BAAtV18DBAAtWtIDBAAtXJ0DBAItghQDBAItg5gDBAIti8ADBAItj+gDBAJQQsQD
BAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAO53tgDBAC5+FcD
BAHBbx4DBADCJBgDBALCaJgDBAHCqTYDBADD9dswDAMEAMP18QMEAMP18jBoBAIA
AjBiAwUDKgZPwAMFAyoGV8ADBQMqB+kAAwUDKgf6AAMFAyoJAAADBQMqDO1AAwUD
Kg0fwAMFAyoNNkADBQMqDUNAAwUDKg1LwAMFAyoNdUADBQMqDd6AAwUDKg5iAAMF
AyoQJgAwDQYJKoZIhvcNAQELBQADggEBACPdLR7qXhtUVX7gegIiNAOwjr04a+V8
tnzrVYinUbW5qc6suKi/uzcRsDExn4wby/yJr64pRSEYKjr+DVbp55OVfL5eNWqI
/YPjBEoinysaIG9oY5R8Cy4JxwCmNHR9NSre84/ZlUhl0tkKWSYSqbYLC2Uttnsb
cDOuFpGdOFXV85PGQVtsnVVpuwIgycihrdPlieLJqfaXq11NEqMLb3cWAgk/9fR2
BDrYBjjKYy1gwaOFfBew+g8zRAnXKjpwMih7NgHM5G6c1Y8+8PNaXYAH86GzClwJ
1MPDlAnPuT63ZKNXRprInDgg6SG4Q1egPEzGCdDxd4+afvpdQnpmKN4=
-----END CERTIFICATE-----
Generated at Mon May 12 11:37:47 2025 by rpki-client