Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/cc24b9-5918-4557-a832-4017cef5bca9/1/LcuUlGrhIXee-sgNJD-6xSVIxqo.roa
File: LcuUlGrhIXee-sgNJD-6xSVIxqo.roa (raw, json)
Hash identifier: VxNYgNr9vv5MynMoNO1ggKVPvK5Nz83HAt9Tt4jnXbM=
Subject key identifier: 2D:CB:94:94:6A:E1:21:77:9E:FA:C8:0D:24:3F:BA:C5:25:48:C6:AA
Certificate issuer: /CN=1a71810fec8e7b0b5ec2629e99c89635926c6251
Certificate serial: 018CC4922A54DB1254F00FF4A6509840322B
Authority key identifier: 1A:71:81:0F:EC:8E:7B:0B:5E:C2:62:9E:99:C8:96:35:92:6C:62:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GnGBD-yOewtewmKemciWNZJsYlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/cc24b9-5918-4557-a832-4017cef5bca9/1/LcuUlGrhIXee-sgNJD-6xSVIxqo.roa
Signing time: Mon 01 Jan 2024 10:29:22 +0000
ROA not before: Mon 01 Jan 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60791
IP address blocks: 185.25.248.0/22 maxlen: 22
2a00:7f20::/32 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2a:54:db:12:54:f0:0f:f4:a6:50:98:40:32:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a71810fec8e7b0b5ec2629e99c89635926c6251
Validity
Not Before: Jan 1 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dcb94946ae121779efac80d243fbac52548c6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c5:e1:e2:19:c1:e6:88:1c:ab:95:c1:0b:b3:
a8:6e:6d:c0:d3:f9:4c:69:ac:b2:66:0e:aa:17:10:
80:33:88:12:07:84:d2:f7:25:7a:d2:af:72:80:e0:
f5:f8:2b:d4:c3:07:b6:08:72:46:4a:b0:aa:0c:75:
e9:95:11:55:67:10:1f:7b:4e:6e:a3:22:8d:76:c3:
54:77:48:86:d2:bf:8d:9d:15:89:cd:9c:f1:1b:50:
16:ff:bb:22:45:2b:51:58:07:05:b2:28:c0:a5:62:
31:3a:66:ca:74:a6:72:d5:35:6c:86:a8:b6:2f:7a:
c6:cb:43:c0:3b:d9:a2:5c:0f:8a:f6:c1:fd:11:0c:
49:c2:25:22:de:ef:ff:a4:c6:0b:f1:89:e4:d6:59:
75:ec:da:a2:56:1c:c7:f3:58:31:a4:e4:6d:f5:7f:
a6:29:e5:63:6d:1a:79:41:7c:7d:e9:80:a7:ad:b9:
c2:02:d0:69:da:1a:96:21:cc:58:54:e1:ad:65:95:
9e:17:89:57:91:1d:75:c3:cd:af:d2:6e:93:39:bb:
af:09:53:c4:6c:f5:e0:ca:29:45:49:b2:e2:73:ae:
02:69:b2:3e:73:8d:4c:9e:27:8d:34:fd:d1:6b:36:
cc:05:76:c3:bb:d0:08:91:4e:3a:11:12:53:dd:04:
1f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CB:94:94:6A:E1:21:77:9E:FA:C8:0D:24:3F:BA:C5:25:48:C6:AA
X509v3 Authority Key Identifier:
keyid:1A:71:81:0F:EC:8E:7B:0B:5E:C2:62:9E:99:C8:96:35:92:6C:62:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GnGBD-yOewtewmKemciWNZJsYlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cc24b9-5918-4557-a832-4017cef5bca9/1/LcuUlGrhIXee-sgNJD-6xSVIxqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cc24b9-5918-4557-a832-4017cef5bca9/1/GnGBD-yOewtewmKemciWNZJsYlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.248.0/22
IPv6:
2a00:7f20::/32
Signature Algorithm: sha256WithRSAEncryption
44:29:61:e1:57:5c:39:de:77:5c:ae:08:76:6d:3e:53:8c:e3:
08:7c:4b:0a:05:e1:38:10:78:37:7b:8d:8f:49:d4:43:53:f6:
68:cd:e4:6a:85:dd:fc:8d:9c:70:76:5d:11:78:61:93:12:bc:
4b:1c:3d:87:7c:e2:26:50:6a:af:e4:8f:56:fc:d7:86:cf:f7:
ea:b6:bd:29:bf:62:c0:a3:d7:3a:12:b9:8e:b2:9e:47:d3:6d:
ad:20:68:0d:4c:a2:1a:d1:15:d6:dd:d4:0f:fc:81:14:eb:12:
00:ea:ab:23:e7:67:0c:f7:79:31:39:8c:ae:dc:d6:1e:c5:d3:
0d:89:a9:25:55:80:0b:3e:05:65:6b:36:c4:d2:b3:75:a8:87:
c6:9d:87:ea:de:bf:b5:ff:d6:33:73:87:7b:2e:e3:af:c3:fa:
17:2f:9a:88:02:96:21:b5:4c:4c:c9:db:05:88:1e:e7:2c:4e:
b6:2f:57:2a:86:9b:8f:f4:d7:c5:e0:d9:8e:95:97:fb:ea:2c:
fd:14:23:ee:93:3c:67:97:5a:ef:7f:05:68:43:6f:f2:b7:e8:
20:a0:f6:16:8b:bd:9a:18:3a:12:e8:14:e5:63:b0:4f:6d:6f:
eb:f3:32:18:f5:c3:e9:b4:eb:4c:fc:cf:b6:ce:cd:1c:10:1f:
ff:0a:da:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkipU2xJU8A/0plCYQDIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNzE4MTBmZWM4ZTdiMGI1ZWMyNjI5ZTk5Yzg5NjM1OTI2
YzYyNTEwHhcNMjQwMTAxMTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNiOTQ5NDZhZTEyMTc3OWVmYWM4MGQyNDNmYmFjNTI1NDhjNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8Xh4hnB5ogcq5XBC7Oobm3A0/lM
aayyZg6qFxCAM4gSB4TS9yV60q9ygOD1+CvUwwe2CHJGSrCqDHXplRFVZxAfe05u
oyKNdsNUd0iG0r+NnRWJzZzxG1AW/7siRStRWAcFsijApWIxOmbKdKZy1TVshqi2
L3rGy0PAO9miXA+K9sH9EQxJwiUi3u//pMYL8Ynk1ll17NqiVhzH81gxpORt9X+m
KeVjbRp5QXx96YCnrbnCAtBp2hqWIcxYVOGtZZWeF4lXkR11w82v0m6TObuvCVPE
bPXgyilFSbLic64CabI+c41MnieNNP3RazbMBXbDu9AIkU46ERJT3QQfYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC3LlJRq4SF3nvrIDSQ/usUlSMaqMB8GA1UdIwQY
MBaAFBpxgQ/sjnsLXsJinpnIljWSbGJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR25HQkQteU9ld3Rld21LZW1jaVdOWkpzWWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jYzI0YjktNTkxOC00NTU3LWE4MzIt
NDAxN2NlZjViY2E5LzEvTGN1VWxHcmhJWGVlLXNnTkpELTZ4U1ZJeHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jYzI0YjktNTkxOC00NTU3LWE4MzItNDAxN2NlZjViY2E5
LzEvR25HQkQteU9ld3Rld21LZW1jaVdOWkpzWWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRn4MA0E
AgACMAcDBQAqAH8gMA0GCSqGSIb3DQEBCwUAA4IBAQBEKWHhV1w53ndcrgh2bT5T
jOMIfEsKBeE4EHg3e42PSdRDU/ZozeRqhd38jZxwdl0ReGGTErxLHD2HfOImUGqv
5I9W/NeGz/fqtr0pv2LAo9c6ErmOsp5H022tIGgNTKIa0RXW3dQP/IEU6xIA6qsj
52cM93kxOYyu3NYexdMNiaklVYALPgVlazbE0rN1qIfGnYfq3r+1/9Yzc4d7LuOv
w/oXL5qIApYhtUxMydsFiB7nLE62L1cqhpuP9NfF4NmOlZf76iz9FCPukzxnl1rv
fwVoQ2/yt+ggoPYWi72aGDoS6BTlY7BPbW/r8zIY9cPptOtM/M+2zs0cEB//Ctos
-----END CERTIFICATE-----
Generated at Fri Apr 18 11:21:46 2025 by rpki-client