Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/9a10c3-212f-4c5e-97bb-e0d576a5450e/1/lg1clO5o2DiFpbtSZsZoK5GNJV4.roa
File: lg1clO5o2DiFpbtSZsZoK5GNJV4.roa (raw, json)
Hash identifier: DEb/xDZeKFIK7leohxUCI07qU92CWL8Pye88lwwHW9c=
Subject key identifier: 96:0D:5C:94:EE:68:D8:38:85:A5:BB:52:66:C6:68:2B:91:8D:25:5E
Certificate issuer: /CN=71986731925be8551a53091afe6d0972dfa3807e
Certificate serial: 018CC4244A9D315FB2D3EAE96182C809B9A6
Authority key identifier: 71:98:67:31:92:5B:E8:55:1A:53:09:1A:FE:6D:09:72:DF:A3:80:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZhnMZJb6FUaUwka_m0Jct-jgH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/9a10c3-212f-4c5e-97bb-e0d576a5450e/1/lg1clO5o2DiFpbtSZsZoK5GNJV4.roa
Signing time: Mon 01 Jan 2024 08:29:21 +0000
ROA not before: Mon 01 Jan 2024 08:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211007
IP address blocks: 195.85.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4a:9d:31:5f:b2:d3:ea:e9:61:82:c8:09:b9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71986731925be8551a53091afe6d0972dfa3807e
Validity
Not Before: Jan 1 08:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=960d5c94ee68d83885a5bb5266c6682b918d255e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:57:19:e6:9e:b5:41:bb:a6:98:c9:9c:5f:
ee:a6:3e:65:95:a4:65:6c:60:22:1a:95:76:3f:82:
5b:2d:d8:b6:f4:13:f0:63:f9:a1:9f:75:89:87:39:
86:a9:b7:78:35:d8:63:19:8c:42:88:45:4e:31:55:
14:9a:49:b1:6e:76:89:6a:9d:7c:dd:11:08:a6:77:
d6:17:0c:4c:82:a5:6e:eb:94:fc:06:3b:be:d2:1d:
92:0b:02:9e:d9:6e:9f:e8:99:ba:a1:2a:2a:d9:38:
08:5f:62:d5:e0:42:3c:8d:5c:63:08:cf:26:80:0e:
4d:f2:9b:20:53:f5:87:5b:42:90:de:4d:66:31:92:
26:c4:fa:a3:24:4a:9e:d2:b2:0e:64:35:e9:d2:7b:
ce:0e:eb:a1:48:b7:69:0d:be:2c:39:73:ec:c1:af:
fa:4f:75:fa:00:9b:f6:13:e4:81:34:3b:0e:67:21:
ff:90:b2:3c:f3:e7:0f:e9:51:17:db:3f:7a:77:eb:
88:64:87:1e:07:8f:fd:b1:fd:a8:7b:f6:0d:39:5e:
ff:2e:a4:eb:e5:5e:a9:0e:b2:cf:e2:0d:b3:72:a3:
82:91:67:6c:9d:ac:95:ae:20:39:b1:2e:0a:18:ec:
8b:68:b9:7b:0d:d4:d6:d3:c7:18:18:0a:1b:c2:4d:
af:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0D:5C:94:EE:68:D8:38:85:A5:BB:52:66:C6:68:2B:91:8D:25:5E
X509v3 Authority Key Identifier:
keyid:71:98:67:31:92:5B:E8:55:1A:53:09:1A:FE:6D:09:72:DF:A3:80:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZhnMZJb6FUaUwka_m0Jct-jgH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9a10c3-212f-4c5e-97bb-e0d576a5450e/1/lg1clO5o2DiFpbtSZsZoK5GNJV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9a10c3-212f-4c5e-97bb-e0d576a5450e/1/cZhnMZJb6FUaUwka_m0Jct-jgH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.222.0/24
Signature Algorithm: sha256WithRSAEncryption
64:dd:3e:15:52:05:79:bd:43:4a:97:20:1e:c9:ef:7b:e9:ac:
b1:fc:47:34:b9:f1:df:5f:7c:c0:25:3c:33:72:50:3a:38:a6:
eb:41:1f:47:16:3d:01:17:92:5a:56:78:7e:33:27:90:91:05:
66:b2:9f:3f:72:d3:d1:56:b7:de:cc:3d:09:4b:da:3d:c8:92:
04:02:8a:0b:5f:d0:36:ae:32:72:7a:63:4b:bd:60:a8:e8:53:
6a:6a:f9:a5:01:4d:47:fd:ca:c2:6f:54:16:fd:c4:81:8b:61:
cf:31:38:6f:b2:26:fa:83:c0:8c:c7:6b:b5:d7:49:b8:34:98:
78:af:f4:cd:74:57:aa:11:7a:2e:da:17:06:b9:9f:9e:11:1c:
7b:6d:4a:d5:91:d3:40:cd:60:71:a9:b3:a4:20:68:02:21:d4:
4c:81:dd:91:8e:fb:23:65:cb:75:a0:30:91:4a:8e:b9:8f:f4:
55:46:db:ce:ee:7b:04:09:a9:f5:a6:6a:9f:aa:e1:72:6f:37:
ea:93:8f:4b:ad:0b:c1:64:62:c9:d2:68:60:3e:7e:1c:bc:bf:
11:49:37:8d:84:97:c6:32:ab:2d:07:c9:e9:6c:23:16:82:19:
2e:24:82:25:f8:88:ec:00:4f:d3:8a:6d:d2:1a:4f:6a:a1:83:
47:c3:78:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJEqdMV+y0+rpYYLICbmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTg2NzMxOTI1YmU4NTUxYTUzMDkxYWZlNmQwOTcyZGZh
MzgwN2UwHhcNMjQwMTAxMDgyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjBkNWM5NGVlNjhkODM4ODVhNWJiNTI2NmM2NjgyYjkxOGQyNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVdXGeaetUG7ppjJnF/upj5llaRl
bGAiGpV2P4JbLdi29BPwY/mhn3WJhzmGqbd4NdhjGYxCiEVOMVUUmkmxbnaJap18
3REIpnfWFwxMgqVu65T8Bju+0h2SCwKe2W6f6Jm6oSoq2TgIX2LV4EI8jVxjCM8m
gA5N8psgU/WHW0KQ3k1mMZImxPqjJEqe0rIOZDXp0nvODuuhSLdpDb4sOXPswa/6
T3X6AJv2E+SBNDsOZyH/kLI88+cP6VEX2z96d+uIZIceB4/9sf2oe/YNOV7/LqTr
5V6pDrLP4g2zcqOCkWdsnayVriA5sS4KGOyLaLl7DdTW08cYGAobwk2vtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYNXJTuaNg4haW7UmbGaCuRjSVeMB8GA1UdIwQY
MBaAFHGYZzGSW+hVGlMJGv5tCXLfo4B+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pobk1aSmI2RlVhVXdrYV9tMEpjdC1qZ0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85YTEwYzMtMjEyZi00YzVlLTk3YmIt
ZTBkNTc2YTU0NTBlLzEvbGcxY2xPNW8yRGlGcGJ0U1pzWm9LNUdOSlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85YTEwYzMtMjEyZi00YzVlLTk3YmItZTBkNTc2YTU0NTBl
LzEvY1pobk1aSmI2RlVhVXdrYV9tMEpjdC1qZ0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1XeMA0G
CSqGSIb3DQEBCwUAA4IBAQBk3T4VUgV5vUNKlyAeye976ayx/Ec0ufHfX3zAJTwz
clA6OKbrQR9HFj0BF5JaVnh+MyeQkQVmsp8/ctPRVrfezD0JS9o9yJIEAooLX9A2
rjJyemNLvWCo6FNqavmlAU1H/crCb1QW/cSBi2HPMThvsib6g8CMx2u110m4NJh4
r/TNdFeqEXou2hcGuZ+eERx7bUrVkdNAzWBxqbOkIGgCIdRMgd2RjvsjZct1oDCR
So65j/RVRtvO7nsECan1pmqfquFybzfqk49LrQvBZGLJ0mhgPn4cvL8RSTeNhJfG
MqstB8npbCMWghkuJIIl+IjsAE/Tim3SGk9qoYNHw3iS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:42 2025 by rpki-client