Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lorNIVyozSXni2c2zv1HqYBzhPo.roa
File: lorNIVyozSXni2c2zv1HqYBzhPo.roa (raw, json)
Hash identifier: Y/QFjDZj5VELeVS0DU4Y/6dbVg/bYSliXFwPO4Sbu7U=
Subject key identifier: 96:8A:CD:21:5C:A8:CD:25:E7:8B:67:36:CE:FD:47:A9:80:73:84:FA
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019663A2B830387538F2A5A49BC435E844DF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lorNIVyozSXni2c2zv1HqYBzhPo.roa
Signing time: Wed 23 Apr 2025 17:12:10 +0000
ROA not before: Wed 23 Apr 2025 17:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.91.22.0/24 maxlen: 24
45.128.198.0/24 maxlen: 24
45.130.141.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
2a07:e342::/32 maxlen: 48
2a0f:f44::/32 maxlen: 48
2a0f:f47::/32 maxlen: 48
2a0f:2740::/29 maxlen: 48
2a0f:e383::/32 maxlen: 48
2a0f:e384::/32 maxlen: 48
2a0f:e385::/32 maxlen: 48
2a0f:e387::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Apr 2025 10:55:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:63:a2:b8:30:38:75:38:f2:a5:a4:9b:c4:35:e8:44:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 23 17:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=968acd215ca8cd25e78b6736cefd47a9807384fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6b:4c:c3:6e:2c:ed:69:a6:6d:fc:26:0e:b1:
e5:7f:fb:a0:e6:fd:6f:94:c0:63:f1:90:5d:01:4c:
7c:2d:31:4d:ad:91:65:23:dc:86:f4:df:66:17:52:
97:a4:7d:cf:10:c0:96:19:3f:c2:7c:7e:11:f0:54:
fe:25:2a:89:c6:2e:79:85:51:2d:a1:b6:ec:df:d6:
86:9e:3b:bc:bc:4c:71:19:1d:bf:4c:c2:20:d1:a7:
49:52:1f:9e:c5:7b:ab:42:5a:d7:8d:9e:0a:d3:dc:
6c:69:0f:9e:3f:d9:ff:02:26:2e:0e:b3:46:0b:cf:
c7:9f:48:f1:03:fc:5f:5e:dc:ec:32:d2:1d:df:76:
4f:d6:00:98:fb:d5:93:5f:2e:89:86:c1:8e:e3:ab:
90:9d:2e:6c:f4:76:5f:fd:b4:08:4f:b2:54:4f:2e:
16:8b:65:73:fe:83:32:64:e8:95:38:ae:d2:02:4b:
37:e1:3e:47:dd:05:a8:90:e8:e7:37:7b:80:68:3f:
47:97:88:76:27:d5:2f:c3:75:eb:06:ec:71:fe:78:
b1:97:f2:89:1f:93:20:54:a1:19:3b:38:53:fc:a0:
dc:70:21:ea:80:55:b8:e5:01:ec:ef:b5:de:b2:1a:
5c:87:1c:1a:a2:d2:5f:69:7d:dd:28:56:37:e6:ff:
3d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:8A:CD:21:5C:A8:CD:25:E7:8B:67:36:CE:FD:47:A9:80:73:84:FA
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lorNIVyozSXni2c2zv1HqYBzhPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.22.0/24
45.128.198.0/24
45.130.141.0/24
89.251.2.0/24
IPv6:
2a07:e342::/32
2a0f:f44::/32
2a0f:f47::/32
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e387::/32
Signature Algorithm: sha256WithRSAEncryption
0d:50:78:c5:7d:97:dc:22:16:e6:80:42:79:1d:39:42:8b:c9:
cf:36:da:f3:9b:1c:8e:5e:66:a4:17:eb:05:d2:40:53:01:83:
2e:5c:5b:76:5a:a5:5d:14:8b:b6:6d:e7:6f:58:cc:da:6e:65:
25:14:6b:c6:3f:65:d9:46:5f:66:f6:5e:fe:c2:c7:ab:47:dd:
dd:95:b2:4e:78:79:e2:45:c9:a5:36:94:33:d1:29:e6:46:0c:
72:5e:0e:78:79:d2:e2:88:f7:a9:7d:dd:35:59:89:03:a0:96:
11:71:d2:63:98:4b:fe:6d:fe:d5:0e:68:2b:59:80:f7:f3:58:
03:1c:89:22:a3:1b:93:ed:2a:83:d6:c6:64:26:82:0e:cd:6d:
62:46:ba:3a:db:c4:d9:3d:e1:43:21:75:66:c1:92:2e:00:1e:
78:59:b6:d1:a0:ef:57:14:85:5c:fb:67:19:7b:98:2f:c6:b9:
82:51:83:a3:64:91:3d:53:64:e1:a4:8c:54:59:c8:98:24:3e:
8d:31:1b:89:b1:7b:67:32:a9:c9:b1:51:bc:56:e4:42:62:36:
b1:73:16:24:6d:ba:b9:a7:fe:a2:da:4f:1f:e4:a6:39:6d:fc:
ca:62:4e:81:99:6f:40:60:9b:39:94:d6:4a:2f:e7:b3:d7:1a:
c1:59:05:4b
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZZjorgwOHU48qWkm8Q16ETfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwNDIzMTcxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjhhY2QyMTVjYThjZDI1ZTc4YjY3MzZjZWZkNDdhOTgwNzM4NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomtMw24s7WmmbfwmDrHlf/ug5v1v
lMBj8ZBdAUx8LTFNrZFlI9yG9N9mF1KXpH3PEMCWGT/CfH4R8FT+JSqJxi55hVEt
obbs39aGnju8vExxGR2/TMIg0adJUh+exXurQlrXjZ4K09xsaQ+eP9n/AiYuDrNG
C8/Hn0jxA/xfXtzsMtId33ZP1gCY+9WTXy6JhsGO46uQnS5s9HZf/bQIT7JUTy4W
i2Vz/oMyZOiVOK7SAks34T5H3QWokOjnN3uAaD9Hl4h2J9Uvw3XrBuxx/nixl/KJ
H5MgVKEZOzhT/KDccCHqgFW45QHs77XeshpchxwaotJfaX3dKFY35v89oQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFJaKzSFcqM0l54tnNs79R6mAc4T6MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbG9yTklWeW96U1huaTJjMnp2MUhxWUJ6aFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzAeBAIAATAYAwQALVsWAwQA
LYDGAwQALYKNAwQAWfsCMDkEAgACMDMDBQAqB+NCAwUAKg8PRAMFACoPD0cDBQMq
DydAMA4DBQAqD+ODAwUBKg/jhAMFACoP44cwDQYJKoZIhvcNAQELBQADggEBAA1Q
eMV9l9wiFuaAQnkdOUKLyc822vObHI5eZqQX6wXSQFMBgy5cW3ZapV0Ui7Zt529Y
zNpuZSUUa8Y/ZdlGX2b2Xv7Cx6tH3d2Vsk54eeJFyaU2lDPRKeZGDHJeDnh50uKI
96l93TVZiQOglhFx0mOYS/5t/tUOaCtZgPfzWAMciSKjG5PtKoPWxmQmgg7NbWJG
ujrbxNk94UMhdWbBki4AHnhZttGg71cUhVz7Zxl7mC/GuYJRg6NkkT1TZOGkjFRZ
yJgkPo0xG4mxe2cyqcmxUbxW5EJiNrFzFiRturmn/qLaTx/kpjlt/MpiToGZb0Bg
mzmU1kov57PXGsFZBUs=
-----END CERTIFICATE-----
Generated at Wed May 7 11:09:29 2025 by rpki-client