Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/c75753-17c2-4324-8264-37c72a7ac8d1/1/lvnkvAk4IcbHl7WPJUw-5R7opA4.roa
File: lvnkvAk4IcbHl7WPJUw-5R7opA4.roa (raw, json)
Hash identifier: sBXAa13E/VPjhQjtV08838jCw+eIScfWcYpqnE8iwrs=
Subject key identifier: 96:F9:E4:BC:09:38:21:C6:C7:97:B5:8F:25:4C:3E:E5:1E:E8:A4:0E
Certificate issuer: /CN=74b03f050c9f946be2b258dc4960ec09085fc157
Certificate serial: 019069105DB2EBF71EACEFF4ECCD4260EC15
Authority key identifier: 74:B0:3F:05:0C:9F:94:6B:E2:B2:58:DC:49:60:EC:09:08:5F:C1:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLA_BQyflGvisljcSWDsCQhfwVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/c75753-17c2-4324-8264-37c72a7ac8d1/1/lvnkvAk4IcbHl7WPJUw-5R7opA4.roa
Signing time: Sun 30 Jun 2024 12:13:18 +0000
ROA not before: Sun 30 Jun 2024 12:13:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49070
IP address blocks: 91.215.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:69:10:5d:b2:eb:f7:1e:ac:ef:f4:ec:cd:42:60:ec:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b03f050c9f946be2b258dc4960ec09085fc157
Validity
Not Before: Jun 30 12:13:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96f9e4bc093821c6c797b58f254c3ee51ee8a40e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c3:82:83:f3:d0:2a:4e:d6:85:fd:29:4d:f1:
2b:2f:7e:71:7c:71:de:52:5a:2d:cc:98:54:18:49:
d1:08:91:f7:13:7f:15:71:c4:10:bc:f8:a6:53:18:
37:6b:9f:25:b9:89:48:f4:de:4c:8c:e9:d5:64:0d:
56:fa:26:a6:55:79:8a:26:b2:42:94:a1:4e:c7:90:
33:06:42:3d:fd:a2:99:98:ad:3b:2f:4d:6d:4f:3a:
7c:87:2a:d7:e3:49:18:6a:f8:3a:c8:27:9b:c1:52:
90:41:cc:f5:7e:2a:6b:68:e8:34:7d:b4:9b:0b:09:
cb:9f:6c:42:31:9f:19:c5:ca:ec:72:3c:9f:11:77:
c9:20:9d:b9:40:4f:7e:8a:74:2e:dc:24:b8:1c:27:
5f:62:bd:96:d9:a0:86:b6:d4:47:ee:3e:f5:1d:d7:
e9:35:24:95:d5:e8:85:c9:97:a2:ab:8d:fe:8c:fe:
ba:91:c3:97:39:fa:46:f8:68:8f:e6:b8:a4:48:6c:
d7:ab:8a:a3:a7:4a:c5:17:7c:27:1a:fb:2f:a7:d9:
0c:c0:01:f8:50:fb:52:97:10:10:30:1e:ae:2e:67:
24:a0:d8:b9:76:51:7c:54:f2:8b:ba:26:a2:ea:f2:
39:32:d4:92:3f:00:9b:43:2a:ac:cf:ff:30:22:8d:
99:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F9:E4:BC:09:38:21:C6:C7:97:B5:8F:25:4C:3E:E5:1E:E8:A4:0E
X509v3 Authority Key Identifier:
keyid:74:B0:3F:05:0C:9F:94:6B:E2:B2:58:DC:49:60:EC:09:08:5F:C1:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLA_BQyflGvisljcSWDsCQhfwVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/c75753-17c2-4324-8264-37c72a7ac8d1/1/lvnkvAk4IcbHl7WPJUw-5R7opA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/c75753-17c2-4324-8264-37c72a7ac8d1/1/dLA_BQyflGvisljcSWDsCQhfwVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.196.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:b7:90:5d:eb:f4:99:5e:90:53:be:1b:af:fc:3a:3c:e5:bb:
1f:b0:0c:10:af:df:e0:95:fb:0b:a8:13:73:ec:66:70:f8:23:
1a:47:eb:31:1c:d3:15:01:c3:6b:71:61:98:5f:6a:c1:85:eb:
20:fc:bc:ca:8f:15:9c:a3:a9:b7:45:0f:39:4a:83:33:a4:9d:
89:38:29:e5:81:d3:63:2b:6c:a2:d5:75:91:60:f7:a2:b1:9d:
89:a9:7e:4f:11:40:65:94:38:90:cf:87:30:a1:60:01:79:72:
15:38:77:bc:42:6b:8f:cc:8c:36:a3:ef:ca:63:49:5a:c4:30:
85:28:6c:be:82:27:a5:c5:26:a4:c4:7d:a2:84:58:49:94:d9:
a0:05:66:6d:25:43:27:78:21:f7:a4:f9:a9:9c:ca:f7:85:99:
91:ff:ec:19:d0:91:8c:90:13:85:c1:01:25:b3:d6:cf:73:24:
1e:70:2b:28:43:98:05:ea:79:07:87:81:3e:20:a6:a6:21:e1:
35:92:4a:b2:0f:72:18:b0:cb:5c:a7:63:3d:83:52:64:94:b2:
3c:c5:cb:b2:41:c9:9d:1e:13:2d:8e:fb:22:60:e1:0f:ec:ea:
b7:c4:cb:b9:3a:59:41:d5:a2:d1:42:f9:ec:f0:37:43:20:f2:
3f:04:72:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBpEF2y6/cerO/07M1CYOwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjAzZjA1MGM5Zjk0NmJlMmIyNThkYzQ5NjBlYzA5MDg1
ZmMxNTcwHhcNMjQwNjMwMTIxMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmY5ZTRiYzA5MzgyMWM2Yzc5N2I1OGYyNTRjM2VlNTFlZThhNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8OCg/PQKk7Whf0pTfErL35xfHHe
UlotzJhUGEnRCJH3E38VccQQvPimUxg3a58luYlI9N5MjOnVZA1W+iamVXmKJrJC
lKFOx5AzBkI9/aKZmK07L01tTzp8hyrX40kYavg6yCebwVKQQcz1fipraOg0fbSb
CwnLn2xCMZ8ZxcrscjyfEXfJIJ25QE9+inQu3CS4HCdfYr2W2aCGttRH7j71Hdfp
NSSV1eiFyZeiq43+jP66kcOXOfpG+GiP5rikSGzXq4qjp0rFF3wnGvsvp9kMwAH4
UPtSlxAQMB6uLmckoNi5dlF8VPKLuiai6vI5MtSSPwCbQyqsz/8wIo2Z4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJb55LwJOCHGx5e1jyVMPuUe6KQOMB8GA1UdIwQY
MBaAFHSwPwUMn5Rr4rJY3Elg7AkIX8FXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExBX0JReWZsR3Zpc2xqY1NXRHNDUWhmd1ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jNzU3NTMtMTdjMi00MzI0LTgyNjQt
MzdjNzJhN2FjOGQxLzEvbHZua3ZBazRJY2JIbDdXUEpVdy01UjdvcEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jNzU3NTMtMTdjMi00MzI0LTgyNjQtMzdjNzJhN2FjOGQx
LzEvZExBX0JReWZsR3Zpc2xqY1NXRHNDUWhmd1ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9fEMA0G
CSqGSIb3DQEBCwUAA4IBAQCyt5Bd6/SZXpBTvhuv/Do85bsfsAwQr9/glfsLqBNz
7GZw+CMaR+sxHNMVAcNrcWGYX2rBhesg/LzKjxWco6m3RQ85SoMzpJ2JOCnlgdNj
K2yi1XWRYPeisZ2JqX5PEUBllDiQz4cwoWABeXIVOHe8QmuPzIw2o+/KY0laxDCF
KGy+gielxSakxH2ihFhJlNmgBWZtJUMneCH3pPmpnMr3hZmR/+wZ0JGMkBOFwQEl
s9bPcyQecCsoQ5gF6nkHh4E+IKamIeE1kkqyD3IYsMtcp2M9g1JklLI8xcuyQcmd
HhMtjvsiYOEP7Oq3xMu5OllB1aLRQvns8DdDIPI/BHJr
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:03:13 2025 by rpki-client