Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/LulM4q1b7Y4vZfSBPVeO74LNFP8.roa
File: LulM4q1b7Y4vZfSBPVeO74LNFP8.roa (raw, json)
Hash identifier: LKLSMZDxw5IEhMjsf3z82IITw36gqI9JKqUwKgxT5XY=
Subject key identifier: 2E:E9:4C:E2:AD:5B:ED:8E:2F:65:F4:81:3D:57:8E:EF:82:CD:14:FF
Certificate issuer: /CN=42a6e640198013de12a251f086030cd78c732516
Certificate serial: 018CC26D134CC299E84EF11FC2C5F71FEC3A
Authority key identifier: 42:A6:E6:40:19:80:13:DE:12:A2:51:F0:86:03:0C:D7:8C:73:25:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QqbmQBmAE94SolHwhgMM14xzJRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/LulM4q1b7Y4vZfSBPVeO74LNFP8.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20672
IP address blocks: 185.14.180.0/22 maxlen: 24
2a03:b6c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:13:4c:c2:99:e8:4e:f1:1f:c2:c5:f7:1f:ec:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42a6e640198013de12a251f086030cd78c732516
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ee94ce2ad5bed8e2f65f4813d578eef82cd14ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:da:dd:3c:38:50:1c:4f:33:53:38:5d:a7:5b:
31:d1:78:40:db:bc:9b:4f:fa:82:0b:bb:78:ae:3a:
61:76:2e:ea:bf:91:b8:cc:b3:9f:cf:23:a7:5e:0f:
92:1d:7b:08:d2:4e:6a:53:cd:62:b6:a1:eb:d9:45:
ca:5e:7b:ae:be:cb:e1:f4:66:87:8c:64:2b:0f:84:
10:1a:0b:a8:65:8c:77:01:af:c7:62:82:8b:eb:8b:
65:aa:0e:e1:c7:30:3a:59:56:d3:8f:b4:18:eb:5d:
ce:19:10:9a:c2:22:6f:e8:b0:cd:64:08:62:1a:24:
43:b1:36:49:bf:5f:20:95:b0:26:fe:1b:58:e5:86:
12:5f:1c:58:56:29:3c:78:77:e8:5f:39:34:4b:93:
d1:f9:45:c7:c8:e2:5f:f1:e7:9a:38:ac:1a:d0:b0:
9e:50:a2:24:4e:da:7e:57:24:c3:55:dd:76:4c:a2:
d3:43:ab:a6:8d:cf:33:e7:ea:fa:98:42:e3:50:42:
70:38:ec:18:05:32:e4:94:3c:6b:e1:bb:8e:b1:2f:
3b:dd:84:5c:7a:d7:9b:a7:6d:66:ee:9b:bf:fc:48:
cf:c7:69:aa:cf:f1:86:6c:b3:1d:db:b0:17:e0:46:
07:b2:09:81:75:b3:c4:49:b0:10:b5:ee:b5:b6:53:
ef:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E9:4C:E2:AD:5B:ED:8E:2F:65:F4:81:3D:57:8E:EF:82:CD:14:FF
X509v3 Authority Key Identifier:
keyid:42:A6:E6:40:19:80:13:DE:12:A2:51:F0:86:03:0C:D7:8C:73:25:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqbmQBmAE94SolHwhgMM14xzJRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/LulM4q1b7Y4vZfSBPVeO74LNFP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ba2f3d-6bd2-4f32-81af-c287670cce51/1/QqbmQBmAE94SolHwhgMM14xzJRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.180.0/22
IPv6:
2a03:b6c0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:af:2c:57:c9:83:83:d6:02:fe:dd:0c:54:bb:c3:d2:5b:6c:
a9:7b:54:a7:a9:80:8b:bc:e5:6c:54:1b:07:f4:61:66:05:ff:
c9:35:9a:6f:3e:d2:b6:b5:fb:2c:69:b5:9b:f4:5c:c0:a2:fc:
ff:ac:c2:12:b4:11:6d:70:bd:16:5e:94:01:c6:6a:c0:57:9e:
3f:9c:0e:2c:1e:41:ee:9a:82:fd:d0:e3:23:18:4d:a1:41:30:
02:61:12:ab:48:b9:74:33:31:9e:c5:20:97:4c:e3:40:f5:46:
cf:34:d9:36:6b:8d:66:aa:5f:ac:f4:ff:a5:f3:8c:86:ba:51:
2b:22:d4:df:f4:4c:4a:80:54:a3:87:c6:67:64:b8:b9:72:a3:
64:4b:07:65:f5:ab:f3:a2:01:99:13:9f:ae:27:59:74:32:b4:
66:62:30:62:2c:18:0b:86:25:7e:ac:f5:8c:fc:aa:6b:dc:79:
18:86:57:25:6a:99:06:98:27:66:72:85:77:9f:ef:5e:c9:57:
33:de:b9:1e:88:93:01:50:25:d1:55:49:a7:cb:9d:6d:c0:c2:
be:4c:58:51:46:2a:bc:b2:b3:f5:74:e0:1f:bc:f9:87:ee:ca:
23:56:f4:2f:e4:2e:2d:1c:e2:ac:2b:f8:46:8c:2f:18:ae:7e:
83:9d:73:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbRNMwpnoTvEfwsX3H+w6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYTZlNjQwMTk4MDEzZGUxMmEyNTFmMDg2MDMwY2Q3OGM3
MzI1MTYwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWU5NGNlMmFkNWJlZDhlMmY2NWY0ODEzZDU3OGVlZjgyY2QxNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9rdPDhQHE8zUzhdp1sx0XhA27yb
T/qCC7t4rjphdi7qv5G4zLOfzyOnXg+SHXsI0k5qU81itqHr2UXKXnuuvsvh9GaH
jGQrD4QQGguoZYx3Aa/HYoKL64tlqg7hxzA6WVbTj7QY613OGRCawiJv6LDNZAhi
GiRDsTZJv18glbAm/htY5YYSXxxYVik8eHfoXzk0S5PR+UXHyOJf8eeaOKwa0LCe
UKIkTtp+VyTDVd12TKLTQ6umjc8z5+r6mELjUEJwOOwYBTLklDxr4buOsS873YRc
etebp21m7pu//EjPx2mqz/GGbLMd27AX4EYHsgmBdbPESbAQte61tlPvbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC7pTOKtW+2OL2X0gT1Xju+CzRT/MB8GA1UdIwQY
MBaAFEKm5kAZgBPeEqJR8IYDDNeMcyUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXFibVFCbUFFOTRTb2xId2hnTU0xNHh6SlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iYTJmM2QtNmJkMi00ZjMyLTgxYWYt
YzI4NzY3MGNjZTUxLzEvTHVsTTRxMWI3WTR2WmZTQlBWZU83NExORlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iYTJmM2QtNmJkMi00ZjMyLTgxYWYtYzI4NzY3MGNjZTUx
LzEvUXFibVFCbUFFOTRTb2xId2hnTU0xNHh6SlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ60MA0E
AgACMAcDBQAqA7bAMA0GCSqGSIb3DQEBCwUAA4IBAQBqryxXyYOD1gL+3QxUu8PS
W2ype1SnqYCLvOVsVBsH9GFmBf/JNZpvPtK2tfssabWb9FzAovz/rMIStBFtcL0W
XpQBxmrAV54/nA4sHkHumoL90OMjGE2hQTACYRKrSLl0MzGexSCXTONA9UbPNNk2
a41mql+s9P+l84yGulErItTf9ExKgFSjh8ZnZLi5cqNkSwdl9avzogGZE5+uJ1l0
MrRmYjBiLBgLhiV+rPWM/Kpr3HkYhlclapkGmCdmcoV3n+9eyVcz3rkeiJMBUCXR
VUmny51twMK+TFhRRiq8srP1dOAfvPmH7sojVvQv5C4tHOKsK/hGjC8Yrn6DnXPc
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:28:05 2025 by rpki-client