Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LIXPClw-WyE5N9YCtCgF_OFqukw.roa
File: LIXPClw-WyE5N9YCtCgF_OFqukw.roa (raw, json)
Hash identifier: ob/NzED3EGGLQD5+nXK3oSH08eCf+QO7vj6BJ6MAkoI=
Subject key identifier: 2C:85:CF:0A:5C:3E:5B:21:39:37:D6:02:B4:28:05:FC:E1:6A:BA:4C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0195A2E3254700EF8D1D4BE0F5A78C00976A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LIXPClw-WyE5N9YCtCgF_OFqukw.roa
Signing time: Mon 17 Mar 2025 06:55:49 +0000
ROA not before: Mon 17 Mar 2025 06:55:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.59.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 08:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a2:e3:25:47:00:ef:8d:1d:4b:e0:f5:a7:8c:00:97:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 17 06:55:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c85cf0a5c3e5b213937d602b42805fce16aba4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f4:c0:d1:c4:2c:33:ae:ea:35:ce:e2:61:b7:
ed:4c:24:91:b2:c9:12:c2:bd:d5:dc:40:b9:89:af:
81:54:a3:79:67:05:e2:39:2a:b6:99:42:1c:23:85:
d5:52:eb:54:83:b4:8a:bc:be:18:86:6a:ea:78:73:
77:80:14:bc:fd:21:58:74:e9:57:c1:6d:83:de:bb:
89:66:bf:25:a8:85:db:87:23:4e:ff:be:66:a0:f4:
77:84:b6:d2:e0:c0:64:ea:9d:ee:d9:e5:0f:c3:66:
7b:8e:c3:b3:44:e3:02:a9:f6:f4:e6:76:3f:2b:a5:
46:3e:09:14:a3:02:f6:bd:1b:3c:92:80:5e:8f:cb:
e0:53:e4:76:f4:3f:2e:ce:31:8d:53:d0:59:0a:8e:
38:14:00:c1:22:a8:62:e2:0e:b8:9f:70:d2:27:fa:
a5:c2:e8:40:92:4d:d2:7e:b4:eb:71:80:47:0b:fd:
95:a1:ff:eb:00:cc:54:3f:63:b1:c4:e0:91:32:0f:
28:5a:32:92:eb:ec:92:cb:9e:29:c1:a3:02:c4:65:
87:97:9f:ac:7e:56:37:c9:bd:d9:b9:7f:5a:20:0a:
7e:33:82:54:be:84:8e:2b:d3:e5:dd:4a:15:98:4c:
6d:62:d8:31:7c:f3:80:b6:9f:a4:1b:12:e7:d9:e4:
94:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:85:CF:0A:5C:3E:5B:21:39:37:D6:02:B4:28:05:FC:E1:6A:BA:4C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LIXPClw-WyE5N9YCtCgF_OFqukw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
88.151.56.0/23
88.151.59.0/24
88.209.221.0/24
88.209.224.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
57:f8:6d:64:20:fc:ee:6a:e5:b4:06:91:d6:bc:01:29:0c:36:
77:86:38:8b:fc:a8:95:22:6e:e0:9a:a3:92:f3:12:c1:03:09:
96:39:ed:20:09:d5:34:b8:d4:47:4e:2d:95:75:4d:cf:e0:00:
40:24:a9:da:7c:06:10:e0:f4:47:49:45:45:6e:b4:22:0f:14:
4c:06:bd:34:26:8b:2d:f2:ac:73:90:83:8d:78:e3:74:e2:56:
61:3f:cf:70:a7:56:d8:40:bc:99:3e:b0:a9:98:2c:f4:67:38:
62:ba:35:25:26:21:de:08:3d:3c:97:2f:2c:35:cd:c0:ad:3b:
4f:6f:52:a6:bf:e4:34:30:46:b4:b6:c4:64:41:01:44:e0:54:
82:44:d8:94:99:45:2f:93:b9:42:93:c1:48:d5:de:da:4e:37:
ba:07:5f:af:a5:bd:4d:01:9f:a4:13:b1:06:75:a4:8b:65:03:
f6:e9:af:70:92:26:12:b6:bd:58:e3:45:db:9d:b3:60:2d:73:
67:18:76:13:93:a3:02:82:05:b6:e8:a9:fb:3b:36:c2:4a:a1:
8e:92:15:a8:e7:7d:c3:a1:6c:a6:7f:4d:63:ac:29:07:f3:cc:
30:6e:38:37:d2:c4:21:b7:1d:de:96:ee:f8:ed:8d:e7:35:7d:
6f:6d:3e:a9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZWi4yVHAO+NHUvg9aeMAJdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzE3MDY1NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzg1Y2YwYTVjM2U1YjIxMzkzN2Q2MDJiNDI4MDVmY2UxNmFiYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PTA0cQsM67qNc7iYbftTCSRsskS
wr3V3EC5ia+BVKN5ZwXiOSq2mUIcI4XVUutUg7SKvL4YhmrqeHN3gBS8/SFYdOlX
wW2D3ruJZr8lqIXbhyNO/75moPR3hLbS4MBk6p3u2eUPw2Z7jsOzROMCqfb05nY/
K6VGPgkUowL2vRs8koBej8vgU+R29D8uzjGNU9BZCo44FADBIqhi4g64n3DSJ/ql
wuhAkk3SfrTrcYBHC/2Vof/rAMxUP2OxxOCRMg8oWjKS6+ySy54pwaMCxGWHl5+s
flY3yb3ZuX9aIAp+M4JUvoSOK9Pl3UoVmExtYtgxfPOAtp+kGxLn2eSUtwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCyFzwpcPlshOTfWArQoBfzharpMMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTElYUENsdy1XeUU1TjlZQ3RDZ0ZfT0ZxdWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATfKWAwQB
WJc4AwQAWJc7AwQAWNHdAwQAWNHgAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBX
+G1kIPzuauW0BpHWvAEpDDZ3hjiL/KiVIm7gmqOS8xLBAwmWOe0gCdU0uNRHTi2V
dU3P4ABAJKnafAYQ4PRHSUVFbrQiDxRMBr00Jost8qxzkIONeON04lZhP89wp1bY
QLyZPrCpmCz0ZzhiujUlJiHeCD08ly8sNc3ArTtPb1Kmv+Q0MEa0tsRkQQFE4FSC
RNiUmUUvk7lCk8FI1d7aTje6B1+vpb1NAZ+kE7EGdaSLZQP26a9wkiYStr1Y40Xb
nbNgLXNnGHYTk6MCggW26Kn7OzbCSqGOkhWo533DoWymf01jrCkH88wwbjg30sQh
tx3elu747Y3nNX1vbT6p
-----END CERTIFICATE-----
Generated at Fri May 2 08:00:20 2025 by rpki-client