Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/LMqWnujholvDnvzU2BrphA8qgmk.roa
File: LMqWnujholvDnvzU2BrphA8qgmk.roa (raw, json)
Hash identifier: weiHoxsYHMy8rgAm5sX797PlhKXN5Z+wkQh7LhWh4Bc=
Subject key identifier: 2C:CA:96:9E:E8:E1:A2:5B:C3:9E:FC:D4:D8:1A:E9:84:0F:2A:82:69
Certificate issuer: /CN=e783b62ab8aea520770c57404be7771f679ec0b5
Certificate serial: 018CC5DD099428F3746BD5565126E157754A
Authority key identifier: E7:83:B6:2A:B8:AE:A5:20:77:0C:57:40:4B:E7:77:1F:67:9E:C0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/54O2KriupSB3DFdAS-d3H2eewLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/LMqWnujholvDnvzU2BrphA8qgmk.roa
Signing time: Mon 01 Jan 2024 16:30:46 +0000
ROA not before: Mon 01 Jan 2024 16:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50419
IP address blocks: 109.95.184.0/24 maxlen: 24
109.95.185.0/24 maxlen: 24
2001:67c:118::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:09:94:28:f3:74:6b:d5:56:51:26:e1:57:75:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e783b62ab8aea520770c57404be7771f679ec0b5
Validity
Not Before: Jan 1 16:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cca969ee8e1a25bc39efcd4d81ae9840f2a8269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d2:6c:7a:b0:5c:ce:74:50:27:1a:63:fe:f0:
e7:ab:55:c9:1b:f3:00:82:11:85:aa:18:e0:93:21:
7e:e4:1a:21:76:f5:6a:7a:bd:57:2b:76:ed:bb:b3:
28:a1:c5:52:e0:64:ff:a4:b3:c8:89:d4:c5:20:83:
49:df:e9:8e:72:01:09:07:7f:86:20:90:55:da:9b:
53:33:e7:34:1c:4c:a5:03:75:2e:fe:21:b7:db:2f:
a2:ef:7a:a9:b3:9b:6a:71:1a:d8:1c:58:03:42:67:
ff:6e:61:7a:83:af:88:0b:8d:82:1d:a1:35:8e:a8:
e9:75:a6:fa:1e:13:20:de:74:c6:ea:d2:4d:4f:05:
05:65:d8:88:fa:ee:f5:a0:11:0e:30:2e:10:69:3f:
4c:0d:79:0e:81:21:40:13:a5:ed:b7:d9:79:f2:c1:
7a:e3:f6:e8:63:85:ed:89:06:e9:0c:6a:0f:b2:16:
ab:66:22:4f:ba:68:c0:f6:3a:e4:ab:e1:72:6a:fe:
c8:59:b7:eb:d5:b9:92:a1:c7:6d:ca:82:1d:44:59:
c0:09:92:aa:55:ed:3f:b8:19:ad:c8:a3:04:4c:cf:
d1:9a:b1:8f:22:45:e1:60:e7:91:11:1c:84:d1:cc:
98:fd:fb:a5:b9:d5:fb:81:d4:b2:eb:2a:9a:7e:14:
b7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CA:96:9E:E8:E1:A2:5B:C3:9E:FC:D4:D8:1A:E9:84:0F:2A:82:69
X509v3 Authority Key Identifier:
keyid:E7:83:B6:2A:B8:AE:A5:20:77:0C:57:40:4B:E7:77:1F:67:9E:C0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/54O2KriupSB3DFdAS-d3H2eewLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/LMqWnujholvDnvzU2BrphA8qgmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/54O2KriupSB3DFdAS-d3H2eewLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.184.0/23
IPv6:
2001:67c:118::/48
Signature Algorithm: sha256WithRSAEncryption
4e:33:ac:b5:fb:d4:48:08:af:ad:2d:b8:ec:95:13:9e:69:2b:
8a:5d:f6:88:26:75:c8:f7:01:e0:2d:18:23:06:3c:bb:93:33:
06:a4:18:1d:c6:d8:0b:3e:b2:93:fa:eb:79:92:74:b3:67:f4:
7f:85:e6:21:05:4c:97:5a:05:3c:bb:e3:bc:4a:e0:56:4f:42:
1c:80:ca:50:bf:65:25:67:96:32:1a:08:c6:14:e1:30:39:82:
16:7e:e0:af:40:84:ba:a1:64:63:14:41:04:b5:c5:4a:6f:40:
6d:71:68:4e:3e:d5:b1:b1:8a:f7:be:5b:27:38:7e:e8:61:16:
2e:4a:69:c9:34:ee:f7:08:96:84:b1:b3:ac:d3:b0:12:03:72:
69:18:6c:20:0a:e4:5e:09:f4:6d:33:d5:c9:51:d9:97:07:0e:
35:23:69:8f:f8:95:ba:34:53:0d:38:c7:ed:9c:cd:5e:47:7d:
88:d5:9c:29:c4:b2:b2:39:d5:64:af:9c:06:7f:88:4c:16:75:
a9:fe:d1:4f:5b:85:80:98:f3:aa:d5:e6:c1:25:89:f8:83:15:
ee:ce:a8:34:68:1d:7c:af:b7:9d:91:60:06:de:45:bf:22:dc:
25:65:12:36:c7:da:4b:e8:04:0e:c3:6c:b8:14:ad:86:88:54:
d3:e9:95:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3QmUKPN0a9VWUSbhV3VKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ODNiNjJhYjhhZWE1MjA3NzBjNTc0MDRiZTc3NzFmNjc5
ZWMwYjUwHhcNMjQwMTAxMTYzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2NhOTY5ZWU4ZTFhMjViYzM5ZWZjZDRkODFhZTk4NDBmMmE4MjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNJserBcznRQJxpj/vDnq1XJG/MA
ghGFqhjgkyF+5BohdvVqer1XK3btu7MoocVS4GT/pLPIidTFIINJ3+mOcgEJB3+G
IJBV2ptTM+c0HEylA3Uu/iG32y+i73qps5tqcRrYHFgDQmf/bmF6g6+IC42CHaE1
jqjpdab6HhMg3nTG6tJNTwUFZdiI+u71oBEOMC4QaT9MDXkOgSFAE6Xtt9l58sF6
4/boY4XtiQbpDGoPsharZiJPumjA9jrkq+Fyav7IWbfr1bmSocdtyoIdRFnACZKq
Ve0/uBmtyKMETM/RmrGPIkXhYOeRERyE0cyY/fuludX7gdSy6yqafhS33QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCzKlp7o4aJbw5781Nga6YQPKoJpMB8GA1UdIwQY
MBaAFOeDtiq4rqUgdwxXQEvndx9nnsC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTRPMktyaXVwU0IzREZkQVMtZDNIMmVld0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mYWRiM2YtZGM5Ni00OTAyLTg2ZWIt
MTlkZjViNGQxMDE0LzEvTE1xV251amhvbHZEbnZ6VTJCcnBoQThxZ21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mYWRiM2YtZGM5Ni00OTAyLTg2ZWItMTlkZjViNGQxMDE0
LzEvNTRPMktyaXVwU0IzREZkQVMtZDNIMmVld0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBbV+4MA8E
AgACMAkDBwAgAQZ8ARgwDQYJKoZIhvcNAQELBQADggEBAE4zrLX71EgIr60tuOyV
E55pK4pd9ogmdcj3AeAtGCMGPLuTMwakGB3G2As+spP663mSdLNn9H+F5iEFTJda
BTy747xK4FZPQhyAylC/ZSVnljIaCMYU4TA5ghZ+4K9AhLqhZGMUQQS1xUpvQG1x
aE4+1bGxive+Wyc4fuhhFi5Kack07vcIloSxs6zTsBIDcmkYbCAK5F4J9G0z1clR
2ZcHDjUjaY/4lbo0Uw04x+2czV5HfYjVnCnEsrI51WSvnAZ/iEwWdan+0U9bhYCY
86rV5sElifiDFe7OqDRoHXyvt52RYAbeRb8i3CVlEjbH2kvoBA7DbLgUrYaIVNPp
lX8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:12 2025 by rpki-client