Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/lZZnba3AKrPjm9oTy2JVrhUn_Oc.roa
File: lZZnba3AKrPjm9oTy2JVrhUn_Oc.roa (raw, json)
Hash identifier: sLMlKKD5L/y0nKl29ziw8fobmSywMWn5oJPYk6R26iE=
Subject key identifier: 95:96:67:6D:AD:C0:2A:B3:E3:9B:DA:13:CB:62:55:AE:15:27:FC:E7
Certificate issuer: /CN=bde2db8498ee8f7b3ab5caae83829596620702c1
Certificate serial: 018CCA29542BC5546036B980889FF4CE9FE5
Authority key identifier: BD:E2:DB:84:98:EE:8F:7B:3A:B5:CA:AE:83:82:95:96:62:07:02:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/lZZnba3AKrPjm9oTy2JVrhUn_Oc.roa
Signing time: Tue 02 Jan 2024 12:32:35 +0000
ROA not before: Tue 02 Jan 2024 12:32:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41325
IP address blocks: 84.38.48.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:54:2b:c5:54:60:36:b9:80:88:9f:f4:ce:9f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde2db8498ee8f7b3ab5caae83829596620702c1
Validity
Not Before: Jan 2 12:32:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9596676dadc02ab3e39bda13cb6255ae1527fce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:31:81:91:cd:f9:b3:e0:e9:bb:87:9a:ec:a7:
3d:33:84:70:70:54:fc:4d:4d:0a:32:ba:1e:01:03:
4a:b2:f7:7f:a8:09:8a:15:24:14:23:02:b0:57:74:
89:be:e8:a2:7b:ed:c0:47:f8:43:38:aa:f3:a0:23:
a3:27:1e:76:ec:6d:98:dc:1d:5c:d6:a1:69:df:64:
ac:6c:63:7d:56:5e:86:53:a5:4c:da:cd:41:9c:13:
f1:7f:78:f6:1d:af:f9:32:fa:e8:97:7f:74:4d:de:
d8:60:ec:6a:93:4b:3c:91:94:39:e2:40:19:2b:22:
d5:ee:92:23:ef:65:80:bf:68:96:68:f9:59:b3:fd:
2d:4f:8a:f9:b5:8a:93:2f:6a:02:4b:a1:9a:33:b9:
c2:e9:37:29:e8:5f:e0:48:45:1c:22:d1:08:c9:df:
96:ea:3c:a5:78:68:8c:1d:75:79:05:e4:0f:d9:53:
b2:c2:d9:03:e1:99:8f:98:bb:f3:7e:d7:d6:bb:13:
f2:7e:95:14:d5:d9:29:ce:da:d6:3c:bd:bf:3c:d0:
fc:4d:01:49:e9:31:71:4e:e5:f0:3b:3b:91:7d:96:
6e:12:eb:a8:76:1a:41:90:e5:e7:3a:73:80:b1:b5:
7b:11:90:a6:14:1a:4e:d3:38:a7:06:19:50:84:b3:
e4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:96:67:6D:AD:C0:2A:B3:E3:9B:DA:13:CB:62:55:AE:15:27:FC:E7
X509v3 Authority Key Identifier:
keyid:BD:E2:DB:84:98:EE:8F:7B:3A:B5:CA:AE:83:82:95:96:62:07:02:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/lZZnba3AKrPjm9oTy2JVrhUn_Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/veLbhJjuj3s6tcqug4KVlmIHAsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.48.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:77:a6:3e:0d:a3:1a:45:0a:97:98:96:cd:5f:23:27:df:8a:
90:2d:f2:80:45:3b:1f:94:a1:81:65:1a:bd:15:dc:10:ea:5b:
df:ba:44:8a:a6:e8:4c:9a:38:49:94:e3:51:97:87:6a:58:c0:
b6:cb:4f:8c:60:d2:bb:1b:54:87:f5:ed:d5:4b:6a:1a:92:a7:
58:84:18:e9:42:54:51:db:5f:2b:5d:cd:4e:e5:1e:63:59:2f:
de:1b:0d:80:13:3f:1c:dc:29:26:d9:f5:db:df:b6:8b:96:09:
35:c4:2c:1b:ca:3a:93:d0:a2:7e:0e:17:f3:a7:28:2c:eb:31:
1a:87:47:17:0a:4c:83:25:99:b9:30:14:c1:4c:00:ec:35:9b:
08:0c:94:f6:e2:30:2b:bf:b1:ed:dd:b8:87:64:b5:fb:e8:56:
9b:aa:5d:64:7f:4e:f1:81:f4:ab:bf:8e:8a:10:e3:03:c9:49:
b3:e8:c5:94:7d:c5:74:f8:34:90:da:5f:ef:54:b8:ae:fd:de:
14:a7:f3:5f:6a:3b:37:77:c0:b3:19:87:5a:01:95:8e:52:10:
7e:cc:99:d5:08:26:56:78:5d:ed:82:72:2a:94:2d:2e:33:26:
58:4b:59:4a:e3:7e:3c:25:b5:af:5a:df:59:85:18:4f:55:74:
13:33:f1:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKVQrxVRgNrmAiJ/0zp/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTJkYjg0OThlZThmN2IzYWI1Y2FhZTgzODI5NTk2NjIw
NzAyYzEwHhcNMjQwMTAyMTIzMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk2Njc2ZGFkYzAyYWIzZTM5YmRhMTNjYjYyNTVhZTE1MjdmY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDGBkc35s+Dpu4ea7Kc9M4RwcFT8
TU0KMroeAQNKsvd/qAmKFSQUIwKwV3SJvuiie+3AR/hDOKrzoCOjJx527G2Y3B1c
1qFp32SsbGN9Vl6GU6VM2s1BnBPxf3j2Ha/5Mvrol390Td7YYOxqk0s8kZQ54kAZ
KyLV7pIj72WAv2iWaPlZs/0tT4r5tYqTL2oCS6GaM7nC6Tcp6F/gSEUcItEIyd+W
6jyleGiMHXV5BeQP2VOywtkD4ZmPmLvzftfWuxPyfpUU1dkpztrWPL2/PND8TQFJ
6TFxTuXwOzuRfZZuEuuodhpBkOXnOnOAsbV7EZCmFBpO0zinBhlQhLPkKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWWZ22twCqz45vaE8tiVa4VJ/znMB8GA1UdIwQY
MBaAFL3i24SY7o97OrXKroOClZZiBwLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVMYmhKanVqM3M2dGNxdWc0S1ZsbUlIQXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iMTliZDgtZTFkOC00Mzg4LWEzYjYt
MTIyNTVlMzYxMmVjLzEvbFpabmJhM0FLclBqbTlvVHkySlZyaFVuX09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iMTliZDgtZTFkOC00Mzg4LWEzYjYtMTIyNTVlMzYxMmVj
LzEvdmVMYmhKanVqM3M2dGNxdWc0S1ZsbUlIQXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEVCYwMA0G
CSqGSIb3DQEBCwUAA4IBAQA+d6Y+DaMaRQqXmJbNXyMn34qQLfKARTsflKGBZRq9
FdwQ6lvfukSKpuhMmjhJlONRl4dqWMC2y0+MYNK7G1SH9e3VS2oakqdYhBjpQlRR
218rXc1O5R5jWS/eGw2AEz8c3Ckm2fXb37aLlgk1xCwbyjqT0KJ+Dhfzpygs6zEa
h0cXCkyDJZm5MBTBTADsNZsIDJT24jArv7Ht3biHZLX76Fabql1kf07xgfSrv46K
EOMDyUmz6MWUfcV0+DSQ2l/vVLiu/d4Up/Nfajs3d8CzGYdaAZWOUhB+zJnVCCZW
eF3tgnIqlC0uMyZYS1lK4348JbWvWt9ZhRhPVXQTM/Fm
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:17:11 2025 by rpki-client