Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/LQZvjLXG7oHOnKhwyp76CbIUjEE.roa
File: LQZvjLXG7oHOnKhwyp76CbIUjEE.roa (raw, json)
Hash identifier: 5s1fAF0EmNC1dvvdD0kcqFhPeXMJgi6DlIbi9zpuO1U=
Subject key identifier: 2D:06:6F:8C:B5:C6:EE:81:CE:9C:A8:70:CA:9E:FA:09:B2:14:8C:41
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018D2D88B9B10A65488FFF9D29022A169D57
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/LQZvjLXG7oHOnKhwyp76CbIUjEE.roa
Signing time: Sun 21 Jan 2024 19:39:11 +0000
ROA not before: Sun 21 Jan 2024 19:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64200
IP address blocks: 5.182.186.0/23 maxlen: 23
5.182.193.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
31.132.53.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
45.67.147.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.148.0/24 maxlen: 24
63.246.149.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.158.0/23 maxlen: 23
78.31.204.0/24 maxlen: 24
94.154.170.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
192.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 20:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:88:b9:b1:0a:65:48:8f:ff:9d:29:02:2a:16:9d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 21 19:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d066f8cb5c6ee81ce9ca870ca9efa09b2148c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:96:2b:f9:79:35:01:83:43:05:7a:7e:87:47:
06:3d:d9:d4:cb:4d:e8:18:8c:1a:10:69:b9:f3:d8:
a6:40:c2:65:31:a9:fa:a0:17:15:7a:a8:65:c0:bd:
54:96:d4:60:5b:08:6d:ee:0a:d8:bb:75:45:83:34:
84:78:6d:0f:f8:35:0f:b8:77:ca:61:98:60:d0:c0:
6c:8d:c1:ad:80:e0:c4:98:65:a4:ed:a5:f4:d4:39:
0f:1a:39:60:0e:c7:7f:4e:a7:b4:49:50:90:86:0f:
f1:a0:93:a1:76:63:1d:c4:85:cc:39:09:40:84:4b:
12:78:e7:0d:ff:5d:b7:fe:a8:1e:b9:e5:32:76:69:
29:cf:a6:41:c2:65:cc:a9:4c:1d:53:4e:73:c7:40:
0e:29:73:fc:b6:d2:71:7e:27:f9:a5:0a:b6:69:6c:
9c:32:31:f6:85:fd:94:77:51:0b:4d:0f:fd:d9:37:
64:0f:3d:14:32:aa:0d:12:63:f9:74:6c:66:2a:07:
7a:84:c7:38:41:1c:2d:b4:e6:cf:bd:2e:a9:af:5f:
dd:88:c0:d2:81:cd:8a:ae:d4:a6:84:6a:a2:75:fa:
3c:84:68:45:f0:87:51:51:38:bf:69:f7:25:b2:ad:
a2:6c:22:9c:4d:54:17:48:3c:5d:0f:6c:2e:54:db:
8a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:06:6F:8C:B5:C6:EE:81:CE:9C:A8:70:CA:9E:FA:09:B2:14:8C:41
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/LQZvjLXG7oHOnKhwyp76CbIUjEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/23
5.182.193.0-5.182.195.255
31.132.53.0-31.132.55.255
45.67.147.0/24
63.246.129.0-63.246.133.255
63.246.136.0/23
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.149.255
63.246.151.0-63.246.152.255
63.246.158.0/23
78.31.204.0/24
94.154.170.0/24
185.171.124.0/23
185.171.127.0/24
185.201.41.0/24
185.201.43.0/24
185.205.206.0/24
192.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e1:42:89:69:b2:a6:35:9d:3f:9b:fd:02:b0:e0:aa:bd:0c:
61:c3:b1:e1:e5:cc:b3:84:3a:95:42:c3:6f:0a:31:9b:56:52:
03:7f:6c:16:e1:ac:9d:4e:6c:4d:c3:71:0b:61:cf:05:85:f2:
dc:d7:be:18:33:d3:40:c4:13:d7:97:16:b6:11:2d:50:8c:7f:
16:b2:db:49:b6:35:b6:dc:4f:53:79:06:82:8b:ac:9c:a8:4b:
85:fc:ee:bf:bb:46:46:40:69:9a:f5:e4:69:d5:e4:b6:3d:88:
a7:8b:23:1f:2d:ed:b5:84:ff:15:18:ab:26:d8:73:66:9d:b7:
38:f5:ac:33:fb:9b:26:1a:97:3c:14:5e:e5:18:bc:0b:d8:c1:
5e:2c:89:04:27:83:ea:76:bc:81:0b:b7:f1:d9:f6:63:75:c7:
8e:30:30:bb:b3:e7:0e:d9:d2:6c:4a:0e:59:08:b3:cc:c0:02:
0a:40:a1:01:76:90:87:56:27:1a:ec:ca:65:33:71:27:33:bd:
bf:3a:50:cb:32:7d:0d:77:db:a2:3c:79:05:05:69:39:65:09:
39:55:da:3b:d9:29:b1:0d:25:d0:e5:a0:dd:4b:4e:99:65:8b:
c7:9a:d7:e1:e2:e3:d8:a5:bd:1b:06:e6:c8:55:4f:78:1d:8d:
c9:43:34:a2
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY0tiLmxCmVIj/+dKQIqFp1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTIxMTkzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA2NmY4Y2I1YzZlZTgxY2U5Y2E4NzBjYTllZmEwOWIyMTQ4YzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJYr+Xk1AYNDBXp+h0cGPdnUy03o
GIwaEGm589imQMJlMan6oBcVeqhlwL1UltRgWwht7grYu3VFgzSEeG0P+DUPuHfK
YZhg0MBsjcGtgODEmGWk7aX01DkPGjlgDsd/Tqe0SVCQhg/xoJOhdmMdxIXMOQlA
hEsSeOcN/123/qgeueUydmkpz6ZBwmXMqUwdU05zx0AOKXP8ttJxfif5pQq2aWyc
MjH2hf2Ud1ELTQ/92TdkDz0UMqoNEmP5dGxmKgd6hMc4QRwttObPvS6pr1/diMDS
gc2KrtSmhGqidfo8hGhF8IdRUTi/afclsq2ibCKcTVQXSDxdD2wuVNuK+QIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFC0Gb4y1xu6BzpyocMqe+gmyFIxBMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvTFFadmpMWEc3b0hPbktod3lwNzZDYklVakVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAEF
trowDAMEAAW2wQMEAgW2wDAMAwQAH4Q1AwQDH4QwAwQALUOTMAwDBAA/9oEDBAE/
9oQDBAE/9ogDBAA/9osDBAA/9o4wDAMEAD/2kQMEAT/2lDAMAwQAP/aXAwQAP/aY
AwQBP/aeAwQATh/MAwQAXpqqAwQBuat8AwQAuat/AwQAuckpAwQAuckrAwQAuc3O
AwQAwJFEMA0GCSqGSIb3DQEBCwUAA4IBAQCN4UKJabKmNZ0/m/0CsOCqvQxhw7Hh
5cyzhDqVQsNvCjGbVlIDf2wW4aydTmxNw3ELYc8FhfLc174YM9NAxBPXlxa2ES1Q
jH8WsttJtjW23E9TeQaCi6ycqEuF/O6/u0ZGQGma9eRp1eS2PYiniyMfLe21hP8V
GKsm2HNmnbc49awz+5smGpc8FF7lGLwL2MFeLIkEJ4PqdryBC7fx2fZjdceOMDC7
s+cO2dJsSg5ZCLPMwAIKQKEBdpCHVica7MplM3EnM72/OlDLMn0Nd9uiPHkFBWk5
ZQk5Vdo72SmxDSXQ5aDdS06ZZYvHmtfh4uPYpb0bBubIVU94HY3JQzSi
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:37:21 2025 by rpki-client