Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/lLOeIRkpKiUmWioZK8VWgVu4QC4.roa
File: lLOeIRkpKiUmWioZK8VWgVu4QC4.roa (raw, json)
Hash identifier: V/EHFpChCBTNGbP+DnInZwXQ4F5JjGarmKQVPAQGnTg=
Subject key identifier: 94:B3:9E:21:19:29:2A:25:26:5A:2A:19:2B:C5:56:81:5B:B8:40:2E
Certificate issuer: /CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Certificate serial: 01929451A694F4F2B3279F9DEEA4847A1B22
Authority key identifier: 9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/lLOeIRkpKiUmWioZK8VWgVu4QC4.roa
Signing time: Wed 16 Oct 2024 07:53:51 +0000
ROA not before: Wed 16 Oct 2024 07:53:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215879
IP address blocks: 193.29.144.0/23 maxlen: 23
193.29.144.0/24 maxlen: 24
193.29.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:51:a6:94:f4:f2:b3:27:9f:9d:ee:a4:84:7a:1b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Validity
Not Before: Oct 16 07:53:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94b39e2119292a25265a2a192bc556815bb8402e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8f:ed:0e:af:b0:90:50:38:e8:d3:8b:79:98:
00:f3:34:74:e9:ee:d9:84:76:b4:63:ab:5d:99:da:
e7:5c:f5:ac:9a:15:56:ce:0f:22:82:09:8a:c8:25:
ea:8a:07:f4:7f:3e:f0:83:72:60:a5:5a:0c:01:64:
ce:67:24:aa:76:02:b9:79:d6:7b:bc:d8:15:eb:00:
f9:ef:f1:3c:aa:63:35:7c:42:b4:7d:4b:b9:8b:d1:
6a:45:8a:89:85:e3:64:4f:b0:cd:03:a1:a3:5d:e1:
be:b5:08:03:07:84:94:15:3b:36:5f:fc:d5:ae:17:
8f:76:32:68:c8:d6:4b:3c:f9:71:3b:37:99:9a:fc:
f4:39:b0:f1:25:2a:86:9b:1a:7a:d4:66:fa:b6:83:
11:57:2e:cc:6b:43:60:9d:ec:d5:40:73:9d:68:5a:
2c:1d:f0:90:73:c8:ee:04:45:34:ba:2d:7f:a6:b3:
cd:06:b5:95:a6:68:0c:81:65:ae:a4:fe:5b:be:1a:
46:7a:ca:a6:60:e9:05:df:ed:8f:99:d4:73:e2:ba:
4c:07:3b:18:67:77:a7:ff:46:af:be:a4:2e:fb:ae:
0e:2a:ee:51:d1:8c:ec:90:31:a0:b6:f2:99:2b:b3:
99:67:5d:ac:0c:99:08:bb:c1:ab:f6:8a:c1:80:c8:
5b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B3:9E:21:19:29:2A:25:26:5A:2A:19:2B:C5:56:81:5B:B8:40:2E
X509v3 Authority Key Identifier:
keyid:9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/lLOeIRkpKiUmWioZK8VWgVu4QC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/nLls5ZxZVXUw8OqkTGZFA9nEAe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.144.0/23
Signature Algorithm: sha256WithRSAEncryption
be:0d:60:d7:66:81:0b:e2:a1:ca:28:04:20:0c:48:46:6f:85:
0c:a7:96:b9:97:f4:c2:33:6d:8b:0e:d0:e7:a4:c2:d8:49:88:
a3:1c:91:c5:20:19:1b:42:c0:75:7a:be:d5:90:fa:62:96:c7:
4e:32:30:20:5a:35:96:b9:1b:23:72:ba:ba:f3:a7:95:13:6d:
54:73:41:d5:6d:59:45:f2:9c:90:d9:8d:36:d6:f3:43:00:3c:
2a:65:f0:e5:82:4f:da:12:db:97:ed:e9:a5:e5:41:4c:72:54:
ef:fe:22:b6:fa:8c:ac:44:14:cb:83:54:73:46:60:74:7d:1e:
54:c3:bd:d5:a7:f1:90:83:54:cd:cc:63:3d:86:bd:f9:66:55:
52:be:da:ad:36:33:0d:06:55:4f:c9:2f:83:40:02:60:ce:0b:
71:ce:c5:5b:77:f8:f2:d7:5a:f1:db:23:5e:f6:23:d9:a3:a9:
6d:e0:b4:2b:5e:b4:b9:cf:df:eb:86:72:68:5f:a3:59:f0:c1:
33:f8:43:7c:c5:72:ff:9f:65:e9:04:9c:91:fb:44:bd:4f:48:
24:74:cb:6c:a6:ab:0f:1c:0c:85:cb:93:63:e2:2f:a5:49:75:
93:e5:73:39:9b:e3:fb:5c:a5:66:12:6d:b4:bc:c7:08:24:2d:
13:ff:9f:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKUUaaU9PKzJ5+d7qSEehsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjk2Y2U1OWM1OTU1NzUzMGYwZWFhNDRjNjY0NTAzZDlj
NDAxZWQwHhcNMjQxMDE2MDc1MzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGIzOWUyMTE5MjkyYTI1MjY1YTJhMTkyYmM1NTY4MTViYjg0MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4/tDq+wkFA46NOLeZgA8zR06e7Z
hHa0Y6tdmdrnXPWsmhVWzg8iggmKyCXqigf0fz7wg3JgpVoMAWTOZySqdgK5edZ7
vNgV6wD57/E8qmM1fEK0fUu5i9FqRYqJheNkT7DNA6GjXeG+tQgDB4SUFTs2X/zV
rhePdjJoyNZLPPlxOzeZmvz0ObDxJSqGmxp61Gb6toMRVy7Ma0NgnezVQHOdaFos
HfCQc8juBEU0ui1/prPNBrWVpmgMgWWupP5bvhpGesqmYOkF3+2PmdRz4rpMBzsY
Z3en/0avvqQu+64OKu5R0YzskDGgtvKZK7OZZ12sDJkIu8Gr9orBgMhbfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSzniEZKSolJloqGSvFVoFbuEAuMB8GA1UdIwQY
MBaAFJy5bOWcWVV1MPDqpExmRQPZxAHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQt
ZGRiMGIxNDhlNDZiLzEvbExPZUlSa3BLaVVtV2lvWks4VldnVnU0UUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQtZGRiMGIxNDhlNDZi
LzEvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwR2QMA0G
CSqGSIb3DQEBCwUAA4IBAQC+DWDXZoEL4qHKKAQgDEhGb4UMp5a5l/TCM22LDtDn
pMLYSYijHJHFIBkbQsB1er7VkPpilsdOMjAgWjWWuRsjcrq686eVE21Uc0HVbVlF
8pyQ2Y021vNDADwqZfDlgk/aEtuX7eml5UFMclTv/iK2+oysRBTLg1RzRmB0fR5U
w73Vp/GQg1TNzGM9hr35ZlVSvtqtNjMNBlVPyS+DQAJgzgtxzsVbd/jy11rx2yNe
9iPZo6lt4LQrXrS5z9/rhnJoX6NZ8MEz+EN8xXL/n2XpBJyR+0S9T0gkdMtspqsP
HAyFy5Nj4i+lSXWT5XM5m+P7XKVmEm20vMcIJC0T/5+C
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:50 2025 by rpki-client