Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/df52a0-5824-42ad-9b4d-d9a1fa90810f/1/lZAcSZJafobXTTByVnRYNsyljtI.roa
File: lZAcSZJafobXTTByVnRYNsyljtI.roa (raw, json)
Hash identifier: pLwqzoc6TVkFLZStfZlBc1h5G05585CQSCAKEyLIIY8=
Subject key identifier: 95:90:1C:49:92:5A:7E:86:D7:4D:30:72:56:74:58:36:CC:A5:8E:D2
Certificate issuer: /CN=2f246475d7c9ba399f07f843621f6e081372d757
Certificate serial: 018D08715289F410CB16ADEDD3520E5F532E
Authority key identifier: 2F:24:64:75:D7:C9:BA:39:9F:07:F8:43:62:1F:6E:08:13:72:D7:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LyRkddfJujmfB_hDYh9uCBNy11c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/df52a0-5824-42ad-9b4d-d9a1fa90810f/1/lZAcSZJafobXTTByVnRYNsyljtI.roa
Signing time: Sun 14 Jan 2024 14:47:40 +0000
ROA not before: Sun 14 Jan 2024 14:47:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60976
IP address blocks: 217.20.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 13:40:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:71:52:89:f4:10:cb:16:ad:ed:d3:52:0e:5f:53:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f246475d7c9ba399f07f843621f6e081372d757
Validity
Not Before: Jan 14 14:47:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95901c49925a7e86d74d307256745836cca58ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b1:20:8c:ab:3d:85:c0:18:24:be:29:9c:73:
86:64:95:ab:5f:6d:67:26:14:37:a4:46:b8:ee:86:
61:64:36:86:0d:6c:4a:d7:a9:a9:07:e1:de:c8:14:
7e:4a:7a:d7:0c:7e:6c:54:44:01:a9:0c:03:fb:87:
75:62:a0:58:c6:6e:48:6e:a6:d6:4c:fe:c9:c8:8e:
2e:e9:ae:d2:c1:cc:5b:a1:c9:91:c4:f8:49:65:66:
7a:03:dd:07:41:90:8e:9a:6e:8c:30:11:1b:cd:4a:
41:78:24:81:78:12:80:e8:49:71:3b:73:aa:22:e7:
8f:15:0e:85:f5:dc:7d:3d:95:33:b0:f8:d2:4e:a1:
b9:db:6e:a7:09:90:4d:59:99:ee:87:74:4a:c7:95:
ec:61:d2:9b:59:ac:94:e8:9d:5f:e6:c9:90:c8:c5:
8f:7b:ab:68:71:c3:b5:d7:63:3d:6d:41:01:3a:24:
bf:c4:c3:43:99:7e:cc:5f:86:23:7b:a4:73:8d:26:
0f:95:81:54:2c:cc:39:2f:78:28:64:f8:ec:d1:fa:
29:e2:22:fd:7c:6f:59:bc:e5:ca:2f:2a:96:6b:b2:
2e:4c:46:de:59:dd:20:ad:4d:c7:6b:77:c0:af:ff:
ee:d9:0d:c5:16:89:20:28:ca:81:9d:6b:f7:a6:db:
ab:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:90:1C:49:92:5A:7E:86:D7:4D:30:72:56:74:58:36:CC:A5:8E:D2
X509v3 Authority Key Identifier:
keyid:2F:24:64:75:D7:C9:BA:39:9F:07:F8:43:62:1F:6E:08:13:72:D7:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LyRkddfJujmfB_hDYh9uCBNy11c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/df52a0-5824-42ad-9b4d-d9a1fa90810f/1/lZAcSZJafobXTTByVnRYNsyljtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/df52a0-5824-42ad-9b4d-d9a1fa90810f/1/LyRkddfJujmfB_hDYh9uCBNy11c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.252.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:15:76:28:fb:bf:dc:47:e4:d1:34:f8:6d:3a:e4:73:6e:b1:
0e:21:a6:c7:a8:17:0b:f9:e8:a0:eb:dd:7a:85:76:78:52:fd:
91:66:5e:bb:3e:04:49:30:00:58:17:e4:a7:58:93:f4:11:4b:
7a:f9:60:32:72:f1:18:1d:a5:c9:63:eb:de:36:17:b0:bd:25:
a5:85:60:76:8c:f6:17:cb:a2:89:90:5a:31:e7:f3:75:6c:53:
c6:fc:13:16:5f:00:ea:b8:f5:e2:67:ab:a8:e3:2d:c7:b1:96:
29:8e:4a:e1:69:49:b4:54:4e:33:63:54:c9:56:f5:b6:5d:a5:
e3:82:89:09:3a:63:b1:b5:da:3d:9b:78:97:48:fc:49:44:d4:
e2:e8:3e:42:13:a9:f6:d7:4b:d5:70:68:bd:4d:cb:e5:28:2c:
82:1f:e3:5b:50:11:1d:fc:89:07:3f:a5:03:58:3a:51:f2:ae:
f0:12:b3:2f:60:26:cb:f2:64:e0:c9:da:29:23:67:23:f7:b1:
e3:ee:ce:f3:83:01:7a:fc:1e:82:7a:be:7a:9c:02:52:e4:c2:
aa:ab:d2:45:cb:68:bf:2f:3d:ee:02:67:3c:a5:04:8e:6f:46:
86:96:eb:c3:8f:67:73:dd:b4:93:b9:31:cb:4a:fb:3b:b4:d5:
5b:3c:0b:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0IcVKJ9BDLFq3t01IOX1MuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMjQ2NDc1ZDdjOWJhMzk5ZjA3Zjg0MzYyMWY2ZTA4MTM3
MmQ3NTcwHhcNMjQwMTE0MTQ0NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkwMWM0OTkyNWE3ZTg2ZDc0ZDMwNzI1Njc0NTgzNmNjYTU4ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrEgjKs9hcAYJL4pnHOGZJWrX21n
JhQ3pEa47oZhZDaGDWxK16mpB+HeyBR+SnrXDH5sVEQBqQwD+4d1YqBYxm5IbqbW
TP7JyI4u6a7SwcxbocmRxPhJZWZ6A90HQZCOmm6MMBEbzUpBeCSBeBKA6ElxO3Oq
IuePFQ6F9dx9PZUzsPjSTqG5226nCZBNWZnuh3RKx5XsYdKbWayU6J1f5smQyMWP
e6toccO112M9bUEBOiS/xMNDmX7MX4Yje6RzjSYPlYFULMw5L3goZPjs0fop4iL9
fG9ZvOXKLyqWa7IuTEbeWd0grU3Ha3fAr//u2Q3FFokgKMqBnWv3pturCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWQHEmSWn6G100wclZ0WDbMpY7SMB8GA1UdIwQY
MBaAFC8kZHXXybo5nwf4Q2IfbggTctdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHlSa2RkZkp1am1mQl9oRFloOXVDQk55MTFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kZjUyYTAtNTgyNC00MmFkLTliNGQt
ZDlhMWZhOTA4MTBmLzEvbFpBY1NaSmFmb2JYVFRCeVZuUllOc3lsanRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kZjUyYTAtNTgyNC00MmFkLTliNGQtZDlhMWZhOTA4MTBm
LzEvTHlSa2RkZkp1am1mQl9oRFloOXVDQk55MTFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RT8MA0G
CSqGSIb3DQEBCwUAA4IBAQC0FXYo+7/cR+TRNPhtOuRzbrEOIabHqBcL+eig6916
hXZ4Uv2RZl67PgRJMABYF+SnWJP0EUt6+WAycvEYHaXJY+veNhewvSWlhWB2jPYX
y6KJkFox5/N1bFPG/BMWXwDquPXiZ6uo4y3HsZYpjkrhaUm0VE4zY1TJVvW2XaXj
gokJOmOxtdo9m3iXSPxJRNTi6D5CE6n210vVcGi9TcvlKCyCH+NbUBEd/IkHP6UD
WDpR8q7wErMvYCbL8mTgydopI2cj97Hj7s7zgwF6/B6Cer56nAJS5MKqq9JFy2i/
Lz3uAmc8pQSOb0aGluvDj2dz3bSTuTHLSvs7tNVbPAtm
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:53:08 2025 by rpki-client