Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/LmEjTx_zfWB1XJygoCIxyWoeZHY.roa
File: LmEjTx_zfWB1XJygoCIxyWoeZHY.roa (raw, json)
Hash identifier: sHr6oPE4K5wUBh2cUNZ+wJo2YZLh3/F2GzYAvKe/2/E=
Subject key identifier: 2E:61:23:4F:1F:F3:7D:60:75:5C:9C:A0:A0:22:31:C9:6A:1E:64:76
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 01919B002145BD0C2ED865BCC6C94BB8695F
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/LmEjTx_zfWB1XJygoCIxyWoeZHY.roa
Signing time: Wed 28 Aug 2024 21:59:22 +0000
ROA not before: Wed 28 Aug 2024 21:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34187
IP address blocks: 78.26.128.0/18 maxlen: 18
78.26.128.0/19 maxlen: 19
78.26.128.0/24 maxlen: 24
78.26.130.0/24 maxlen: 24
78.26.140.0/22 maxlen: 22
78.26.160.0/19 maxlen: 19
78.26.161.0/24 maxlen: 24
78.26.180.0/23 maxlen: 23
78.26.192.0/18 maxlen: 18
78.26.192.0/19 maxlen: 19
78.26.192.0/20 maxlen: 20
78.26.224.0/19 maxlen: 19
185.70.108.0/22 maxlen: 22
185.70.108.0/23 maxlen: 23
185.70.110.0/23 maxlen: 23
195.245.118.0/23 maxlen: 23
195.245.118.0/24 maxlen: 24
195.245.119.0/24 maxlen: 24
2a03:1240::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Sep 2024 15:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9b:00:21:45:bd:0c:2e:d8:65:bc:c6:c9:4b:b8:69:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Aug 28 21:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e61234f1ff37d60755c9ca0a02231c96a1e6476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:67:f7:3b:a4:7a:25:84:74:ba:47:00:b4:0e:
90:e8:af:fc:46:35:63:9d:49:f2:5a:25:1c:01:45:
d4:93:0e:8c:5c:d9:d1:15:4f:70:48:22:31:8a:85:
2f:93:32:47:86:17:64:01:1d:c3:b7:50:09:24:e4:
f0:54:f9:a0:f0:5e:7a:ff:2c:57:f0:7b:60:89:1b:
ee:0f:66:38:74:e7:74:a0:95:21:be:72:cd:89:00:
9f:82:5f:cc:95:c8:f9:1e:3a:2b:cb:28:04:d1:88:
e8:a6:b8:9d:d6:f9:fc:a2:fc:b7:d7:02:3d:b8:b0:
6a:cb:99:23:71:3c:1e:67:05:88:d5:1b:03:46:19:
52:64:a6:9a:2f:a5:14:c1:85:9a:e3:60:db:63:93:
d2:cf:a2:7f:cb:dc:a1:c4:62:8f:00:75:66:a6:fd:
75:1a:64:48:e9:df:01:a3:c3:63:0f:79:6e:75:ab:
5d:9f:ff:c3:b3:51:65:fe:44:07:47:b6:3f:86:86:
48:ad:c2:2e:4f:6b:c2:a0:70:1d:92:a5:4f:27:06:
06:6e:73:05:a3:c9:57:ab:df:2f:37:7e:cb:6f:77:
8b:3e:c2:f7:3b:89:8f:e7:af:bf:e8:c1:04:c6:5a:
4b:ab:ea:84:32:9b:4c:8f:e5:38:72:c8:19:ab:5b:
0c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:61:23:4F:1F:F3:7D:60:75:5C:9C:A0:A0:22:31:C9:6A:1E:64:76
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/LmEjTx_zfWB1XJygoCIxyWoeZHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.26.128.0/17
185.70.108.0/22
195.245.118.0/23
IPv6:
2a03:1240::/48
Signature Algorithm: sha256WithRSAEncryption
a0:73:c9:68:49:c3:a9:a0:6a:b6:30:d7:67:99:00:e4:67:7b:
6d:55:e1:08:b2:47:e3:51:12:c3:41:d7:60:e8:79:ac:03:3b:
ac:f7:82:d3:96:19:39:6a:dc:03:85:71:e8:91:a3:9c:48:28:
69:9d:27:01:c8:2d:4b:47:53:2c:21:eb:85:2d:c9:21:42:78:
83:95:ea:b5:e2:87:2f:ba:75:ad:f6:fa:a6:d7:25:75:70:1d:
be:ce:2e:82:42:0e:4d:c1:df:f2:9b:a7:37:d1:96:2f:4b:ee:
32:dd:a1:9e:e1:6c:bb:e7:03:04:75:02:c1:52:3f:cf:d7:ee:
e2:92:99:14:2e:dd:d2:84:a2:78:ca:31:bd:ce:d8:a5:a4:b5:
3e:45:a9:46:3d:6b:d5:2b:b4:10:f0:11:08:fe:38:a3:23:8f:
41:f4:37:51:56:a2:69:41:2e:73:d3:0f:11:93:86:ea:05:fc:
81:21:5d:4a:28:e9:b6:2a:71:1f:b5:a8:b4:c3:2c:64:81:eb:
78:23:3e:8a:f4:de:1f:c3:b7:c3:10:4b:3d:e1:9e:04:1e:62:
fb:19:bb:30:94:a5:d5:f1:50:e8:0e:f1:1d:2a:8f:c2:79:d4:
37:5d:0e:18:7e:30:16:4e:10:66:7e:e0:8e:0b:a1:da:a4:09:
2d:01:6a:0f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZGbACFFvQwu2GW8xslLuGlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjQwODI4MjE1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYxMjM0ZjFmZjM3ZDYwNzU1YzljYTBhMDIyMzFjOTZhMWU2NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWf3O6R6JYR0ukcAtA6Q6K/8RjVj
nUnyWiUcAUXUkw6MXNnRFU9wSCIxioUvkzJHhhdkAR3Dt1AJJOTwVPmg8F56/yxX
8HtgiRvuD2Y4dOd0oJUhvnLNiQCfgl/Mlcj5HjoryygE0Yjoprid1vn8ovy31wI9
uLBqy5kjcTweZwWI1RsDRhlSZKaaL6UUwYWa42DbY5PSz6J/y9yhxGKPAHVmpv11
GmRI6d8Bo8NjD3ludatdn//Ds1Fl/kQHR7Y/hoZIrcIuT2vCoHAdkqVPJwYGbnMF
o8lXq98vN37Lb3eLPsL3O4mP56+/6MEExlpLq+qEMptMj+U4csgZq1sMYwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC5hI08f831gdVycoKAiMclqHmR2MB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvTG1FalR4X3pmV0IxWEp5Z29DSXh5V29lWkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQHThqAAwQC
uUZsAwQBw/V2MA8EAgACMAkDBwAqAxJAAAAwDQYJKoZIhvcNAQELBQADggEBAKBz
yWhJw6mgarYw12eZAORne21V4QiyR+NREsNB12DoeawDO6z3gtOWGTlq3AOFceiR
o5xIKGmdJwHILUtHUywh64UtySFCeIOV6rXihy+6da32+qbXJXVwHb7OLoJCDk3B
3/KbpzfRli9L7jLdoZ7hbLvnAwR1AsFSP8/X7uKSmRQu3dKEonjKMb3O2KWktT5F
qUY9a9UrtBDwEQj+OKMjj0H0N1FWomlBLnPTDxGThuoF/IEhXUoo6bYqcR+1qLTD
LGSB63gjPor03h/Dt8MQSz3hngQeYvsZuzCUpdXxUOgO8R0qj8J51DddDhh+MBZO
EGZ+4I4LodqkCS0Bag8=
-----END CERTIFICATE-----
Generated at Mon Apr 28 04:33:36 2025 by rpki-client