Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/871268-bcc1-4722-b14b-dd02811903df/1/lLq_VIOz2uROBY3L6jnQTRVANkk.roa
File: lLq_VIOz2uROBY3L6jnQTRVANkk.roa (raw, json)
Hash identifier: wBMGLbdTvPEO/SZDoPbEf/BIEn4dJnA7P+mRMiOj6w4=
Subject key identifier: 94:BA:BF:54:83:B3:DA:E4:4E:05:8D:CB:EA:39:D0:4D:15:40:36:49
Certificate issuer: /CN=cd73f238d96cf67a5efc0c37476fd306029af552
Certificate serial: 018CC6B945117C79D66CC4C63188C8C5B278
Authority key identifier: CD:73:F2:38:D9:6C:F6:7A:5E:FC:0C:37:47:6F:D3:06:02:9A:F5:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zXPyONls9npe_Aw3R2_TBgKa9VI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/871268-bcc1-4722-b14b-dd02811903df/1/lLq_VIOz2uROBY3L6jnQTRVANkk.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12390
IP address blocks: 185.91.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:45:11:7c:79:d6:6c:c4:c6:31:88:c8:c5:b2:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd73f238d96cf67a5efc0c37476fd306029af552
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94babf5483b3dae44e058dcbea39d04d15403649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:00:c2:d1:06:60:6a:46:8f:c9:dd:97:ed:d8:
37:48:64:40:ce:e2:d1:68:4b:ad:8e:2c:59:74:88:
ce:75:0d:d5:5b:d6:57:c1:68:79:6f:31:28:ff:1d:
b2:c0:3c:4d:6c:4b:bd:90:0b:a1:3a:5c:02:1c:da:
58:6c:7c:e4:75:90:4c:45:81:f0:87:14:6b:cf:4a:
fb:07:db:4f:bb:fe:cb:cd:3f:96:cd:b4:bd:a4:7b:
b9:24:aa:22:6d:f6:5b:19:49:6b:b1:c2:5b:9f:83:
83:e8:58:f8:fb:0f:c1:5f:3a:15:23:a3:fd:cd:f1:
b5:41:8e:37:6b:41:d9:40:8f:6f:24:72:28:de:20:
68:a3:2d:7e:8b:31:fd:49:a9:8e:74:d9:8e:e5:e4:
84:ed:d9:37:d2:2b:80:f9:7b:66:3e:09:e5:2b:24:
0f:10:9b:3d:00:99:ad:38:62:57:b4:71:1f:4c:69:
cf:bc:aa:56:40:8c:fa:77:fd:f0:48:e5:cc:8d:22:
fa:a4:ea:96:62:18:d4:ee:bd:07:c3:f9:47:78:c4:
53:4f:0b:65:8b:d2:fa:10:3c:33:c7:9e:b8:0c:49:
e4:66:ac:a2:d3:39:da:d4:ca:38:28:41:c2:1b:4a:
88:58:7b:38:09:fc:0e:3a:53:42:dc:92:f6:eb:35:
6c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:BA:BF:54:83:B3:DA:E4:4E:05:8D:CB:EA:39:D0:4D:15:40:36:49
X509v3 Authority Key Identifier:
keyid:CD:73:F2:38:D9:6C:F6:7A:5E:FC:0C:37:47:6F:D3:06:02:9A:F5:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zXPyONls9npe_Aw3R2_TBgKa9VI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/871268-bcc1-4722-b14b-dd02811903df/1/lLq_VIOz2uROBY3L6jnQTRVANkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/871268-bcc1-4722-b14b-dd02811903df/1/zXPyONls9npe_Aw3R2_TBgKa9VI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.114.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:94:16:0a:ff:c7:90:db:78:36:32:2d:e8:29:cb:49:91:cc:
c5:25:b5:ab:fd:28:90:f1:4c:3d:ca:c9:7a:c8:bc:14:8e:6a:
a5:33:38:08:72:22:41:bd:b9:84:15:3d:1a:60:a8:18:3d:52:
41:42:7e:e3:10:fa:87:1d:bd:ef:05:c9:0f:40:a6:2c:5f:39:
4d:c1:2c:69:b4:45:46:39:c5:75:de:43:a3:40:8d:75:c6:61:
23:e1:0a:b9:67:84:68:db:86:5f:e6:b4:50:b8:83:a3:4e:f4:
af:9b:40:42:21:23:81:43:e3:a6:74:c8:53:23:17:1d:14:c5:
8f:0c:13:34:04:39:9b:36:da:44:cb:3f:eb:21:b0:c4:ea:85:
ba:47:88:8d:5d:56:2f:90:4e:32:e6:07:ac:59:b6:bc:91:ce:
1c:98:a0:99:9f:d3:87:b1:0a:26:1b:4e:14:2c:ca:56:75:c6:
71:96:0a:00:c5:bf:6a:a8:0d:3b:e3:8d:bd:56:ad:75:74:e4:
8e:4e:16:56:86:2a:94:4c:4f:97:3c:b9:17:96:22:26:d8:1e:
a5:d1:21:0d:1a:37:83:f4:a6:d6:07:4a:63:55:56:5c:2c:ba:
6e:23:94:98:f2:b4:b2:11:ae:83:62:d5:a6:ca:b2:a2:fe:81:
7f:e7:f5:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuUURfHnWbMTGMYjIxbJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNzNmMjM4ZDk2Y2Y2N2E1ZWZjMGMzNzQ3NmZkMzA2MDI5
YWY1NTIwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGJhYmY1NDgzYjNkYWU0NGUwNThkY2JlYTM5ZDA0ZDE1NDAzNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQDC0QZgakaPyd2X7dg3SGRAzuLR
aEutjixZdIjOdQ3VW9ZXwWh5bzEo/x2ywDxNbEu9kAuhOlwCHNpYbHzkdZBMRYHw
hxRrz0r7B9tPu/7LzT+WzbS9pHu5JKoibfZbGUlrscJbn4OD6Fj4+w/BXzoVI6P9
zfG1QY43a0HZQI9vJHIo3iBooy1+izH9SamOdNmO5eSE7dk30iuA+XtmPgnlKyQP
EJs9AJmtOGJXtHEfTGnPvKpWQIz6d/3wSOXMjSL6pOqWYhjU7r0Hw/lHeMRTTwtl
i9L6EDwzx564DEnkZqyi0zna1Mo4KEHCG0qIWHs4CfwOOlNC3JL26zVsFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJS6v1SDs9rkTgWNy+o50E0VQDZJMB8GA1UdIwQY
MBaAFM1z8jjZbPZ6XvwMN0dv0wYCmvVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelhQeU9ObHM5bnBlX0F3M1IyX1RCZ0thOVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84NzEyNjgtYmNjMS00NzIyLWIxNGIt
ZGQwMjgxMTkwM2RmLzEvbExxX1ZJT3oydVJPQlkzTDZqblFUUlZBTmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84NzEyNjgtYmNjMS00NzIyLWIxNGItZGQwMjgxMTkwM2Rm
LzEvelhQeU9ObHM5bnBlX0F3M1IyX1RCZ0thOVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVtyMA0G
CSqGSIb3DQEBCwUAA4IBAQAelBYK/8eQ23g2Mi3oKctJkczFJbWr/SiQ8Uw9ysl6
yLwUjmqlMzgIciJBvbmEFT0aYKgYPVJBQn7jEPqHHb3vBckPQKYsXzlNwSxptEVG
OcV13kOjQI11xmEj4Qq5Z4Ro24Zf5rRQuIOjTvSvm0BCISOBQ+OmdMhTIxcdFMWP
DBM0BDmbNtpEyz/rIbDE6oW6R4iNXVYvkE4y5gesWba8kc4cmKCZn9OHsQomG04U
LMpWdcZxlgoAxb9qqA074429Vq11dOSOThZWhiqUTE+XPLkXliIm2B6l0SENGjeD
9KbWB0pjVVZcLLpuI5SY8rSyEa6DYtWmyrKi/oF/5/Ur
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:46 2025 by rpki-client