Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/LsgQ3t-b74dwS2KLvLDEcinY6MU.roa
File: LsgQ3t-b74dwS2KLvLDEcinY6MU.roa (raw, json)
Hash identifier: THTbhAlEnAXQI7/J3uqO3yoO2LgK7ALKF+WR57ntVzw=
Subject key identifier: 2E:C8:10:DE:DF:9B:EF:87:70:4B:62:8B:BC:B0:C4:72:29:D8:E8:C5
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019484B07F3958DBAE0B9E4D37B66582AEB3
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/LsgQ3t-b74dwS2KLvLDEcinY6MU.roa
Signing time: Mon 20 Jan 2025 17:09:06 +0000
ROA not before: Mon 20 Jan 2025 17:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.247.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 18:51:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:b0:7f:39:58:db:ae:0b:9e:4d:37:b6:65:82:ae:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 20 17:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ec810dedf9bef87704b628bbcb0c47229d8e8c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:ea:62:b5:e1:81:e5:13:e8:91:ac:5f:0f:
8f:26:a5:25:f3:2c:e9:29:32:91:3c:af:c5:99:c5:
30:d3:a7:3c:ad:db:90:a1:fd:53:f4:21:2e:1d:7c:
8b:31:a2:48:93:32:c0:28:e6:70:7c:d6:76:f2:8c:
04:31:c3:e1:08:2b:f7:9a:58:58:13:a0:31:54:ce:
5e:f7:f7:36:23:35:4b:bb:c8:90:f6:24:01:40:09:
ee:17:c2:12:06:c5:2a:32:44:02:66:8b:6e:e4:d9:
be:46:f8:10:36:fd:98:4c:e1:96:16:26:10:b7:9d:
25:9d:cf:96:5b:13:81:6e:fb:a8:54:55:ea:3c:4e:
d6:84:33:54:2c:20:6e:d1:d8:fa:4a:b6:56:cb:7e:
4f:4d:77:ef:8c:76:ae:8f:ba:a5:09:ff:46:79:f9:
23:4b:11:30:65:e0:ce:46:cf:8a:f9:f8:20:da:5f:
e4:f7:4f:8c:57:25:74:cb:fa:8c:62:8f:95:aa:1b:
1d:27:d7:98:2c:f7:48:ac:b7:64:a1:a4:86:c8:0f:
0a:aa:ac:56:2e:98:aa:37:b0:0a:c3:8c:18:61:c5:
bc:cb:ac:b5:6a:c7:c9:ec:0e:b5:c3:dc:1d:14:95:
d2:69:ba:38:98:36:22:b3:58:d9:8c:a0:59:03:6e:
7a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C8:10:DE:DF:9B:EF:87:70:4B:62:8B:BC:B0:C4:72:29:D8:E8:C5
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/LsgQ3t-b74dwS2KLvLDEcinY6MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
Signature Algorithm: sha256WithRSAEncryption
50:47:2c:cf:c9:d1:e0:f4:30:8d:49:3b:9e:9c:13:a9:48:92:
e3:1a:44:58:a5:df:63:a2:b6:89:1e:54:f7:bd:c1:7f:d0:cc:
5a:8f:5d:f5:fe:d8:89:8b:71:10:87:48:ef:6f:46:38:fe:f8:
67:40:89:0f:12:6f:6a:18:7d:4e:0d:0d:67:45:0f:b4:6c:75:
b0:44:d1:62:4d:18:45:3d:18:78:e5:f7:bd:a9:4a:c0:d0:6b:
9c:4e:e0:e3:7a:6e:21:56:2b:96:de:a4:5d:f3:0f:d1:e7:b1:
d5:16:27:f2:fb:4e:d6:a0:f6:6b:24:13:70:ae:f6:a3:ca:f0:
5f:63:bd:66:ad:7d:0f:b4:4d:f7:c6:7c:de:da:c5:f7:19:08:
96:f8:02:cf:7a:dd:60:f7:04:0c:69:aa:64:08:cf:85:be:76:
97:7f:b1:fa:81:78:86:d7:25:30:5f:60:37:c5:23:f7:dd:bf:
c0:20:78:15:77:a1:fb:82:56:7b:39:bc:07:d2:1c:51:3e:6c:
2a:0a:3b:c6:b4:a4:e5:c9:61:46:b6:29:07:51:bd:42:42:7d:
b0:b2:7d:19:c6:87:ad:9c:7f:26:ca:05:99:aa:9c:e0:5e:ae:
b0:81:3c:fd:ff:3f:21:0c:5d:7c:89:40:e7:bd:27:3b:ef:93:
7d:10:de:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSEsH85WNuuC55NN7Zlgq6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTIwMTcwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM4MTBkZWRmOWJlZjg3NzA0YjYyOGJiY2IwYzQ3MjI5ZDhlOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotLqYrXhgeUT6JGsXw+PJqUl8yzp
KTKRPK/FmcUw06c8rduQof1T9CEuHXyLMaJIkzLAKOZwfNZ28owEMcPhCCv3mlhY
E6AxVM5e9/c2IzVLu8iQ9iQBQAnuF8ISBsUqMkQCZotu5Nm+RvgQNv2YTOGWFiYQ
t50lnc+WWxOBbvuoVFXqPE7WhDNULCBu0dj6SrZWy35PTXfvjHauj7qlCf9Gefkj
SxEwZeDORs+K+fgg2l/k90+MVyV0y/qMYo+VqhsdJ9eYLPdIrLdkoaSGyA8KqqxW
LpiqN7AKw4wYYcW8y6y1asfJ7A61w9wdFJXSabo4mDYis1jZjKBZA256qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7IEN7fm++HcEtii7ywxHIp2OjFMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvTHNnUTN0LWI3NGR3UzJLTHZMREVjaW5ZNk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPc7MA0G
CSqGSIb3DQEBCwUAA4IBAQBQRyzPydHg9DCNSTuenBOpSJLjGkRYpd9joraJHlT3
vcF/0Mxaj131/tiJi3EQh0jvb0Y4/vhnQIkPEm9qGH1ODQ1nRQ+0bHWwRNFiTRhF
PRh45fe9qUrA0GucTuDjem4hViuW3qRd8w/R57HVFify+07WoPZrJBNwrvajyvBf
Y71mrX0PtE33xnze2sX3GQiW+ALPet1g9wQMaapkCM+FvnaXf7H6gXiG1yUwX2A3
xSP33b/AIHgVd6H7glZ7ObwH0hxRPmwqCjvGtKTlyWFGtikHUb1CQn2wsn0Zxoet
nH8mygWZqpzgXq6wgTz9/z8hDF18iUDnvSc775N9EN7D
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:53 2025 by rpki-client