Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5992eb-4b82-4fd3-9121-fee137c890bc/1/l06lvLlMyXC6KuVguglmwn2jfSA.roa
File: l06lvLlMyXC6KuVguglmwn2jfSA.roa (raw, json)
Hash identifier: 4bsn20bK8aozBoaAQbZGGKfjmlKDdXJ0a73T2HzSOoY=
Subject key identifier: 97:4E:A5:BC:B9:4C:C9:70:BA:2A:E5:60:BA:09:66:C2:7D:A3:7D:20
Certificate issuer: /CN=b48a289ebb2dd6806d60b8c5ad036c798f66ba06
Certificate serial: 018F54F9521736FDE784027D196D95863DB3
Authority key identifier: B4:8A:28:9E:BB:2D:D6:80:6D:60:B8:C5:AD:03:6C:79:8F:66:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIoonrst1oBtYLjFrQNseY9mugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5992eb-4b82-4fd3-9121-fee137c890bc/1/l06lvLlMyXC6KuVguglmwn2jfSA.roa
Signing time: Tue 07 May 2024 21:32:56 +0000
ROA not before: Tue 07 May 2024 21:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51390
IP address blocks: 178.214.0.0/21 maxlen: 21
178.214.8.0/21 maxlen: 21
178.214.16.0/21 maxlen: 21
178.214.24.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:54:f9:52:17:36:fd:e7:84:02:7d:19:6d:95:86:3d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b48a289ebb2dd6806d60b8c5ad036c798f66ba06
Validity
Not Before: May 7 21:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=974ea5bcb94cc970ba2ae560ba0966c27da37d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:60:de:2e:e2:4f:ec:49:58:d0:25:c3:1d:48:
9f:c1:e2:29:d6:7d:c0:40:3a:89:f5:13:be:6c:f7:
c3:d9:e5:44:40:ca:0a:95:45:e3:47:3f:15:f6:ce:
92:9a:ef:e4:f1:25:bd:fc:2b:3d:b9:5d:71:41:43:
d2:93:5d:6b:15:6a:1d:8a:fc:80:2d:cb:b4:c4:db:
ac:61:9d:c5:da:90:9f:ba:19:93:66:30:15:95:eb:
2b:dc:7b:99:4d:e6:e0:c7:b4:3d:cc:b1:8d:76:43:
5e:09:6e:e1:b7:5a:bf:36:f0:2a:26:fc:e7:e4:c5:
d5:17:33:69:55:9f:8e:f9:c2:26:1b:34:d9:71:3f:
01:82:08:d9:65:e4:67:bd:9c:7c:20:03:5e:51:08:
d2:29:7c:76:ce:f5:5d:d1:e6:1f:52:d2:b1:98:82:
63:09:1b:00:25:62:21:4f:5d:af:6d:6b:ce:5f:9c:
27:71:1d:e9:f7:d4:e1:f8:ed:d1:2a:0d:7d:80:54:
c5:cb:0b:01:61:8f:f3:8c:e6:65:58:28:fb:2c:7e:
c4:bf:ec:90:0e:73:5e:fc:2f:21:79:f0:fb:41:e3:
60:19:ed:ff:86:e0:26:de:c9:69:ea:d7:2c:dc:b6:
36:d6:14:e0:21:e5:0c:36:f4:ed:ce:b0:44:8b:39:
f5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4E:A5:BC:B9:4C:C9:70:BA:2A:E5:60:BA:09:66:C2:7D:A3:7D:20
X509v3 Authority Key Identifier:
keyid:B4:8A:28:9E:BB:2D:D6:80:6D:60:B8:C5:AD:03:6C:79:8F:66:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIoonrst1oBtYLjFrQNseY9mugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5992eb-4b82-4fd3-9121-fee137c890bc/1/l06lvLlMyXC6KuVguglmwn2jfSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5992eb-4b82-4fd3-9121-fee137c890bc/1/tIoonrst1oBtYLjFrQNseY9mugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.214.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:aa:0e:43:c5:15:86:eb:b9:51:fb:b8:7d:b9:01:a6:b8:bd:
6f:f8:de:91:cc:bd:c2:57:a1:9a:b0:c2:2c:8b:c5:5e:46:07:
5e:20:f1:00:a6:b7:0d:71:dd:f0:d1:b2:79:28:c5:82:d7:77:
c7:e8:db:ed:ef:14:5f:83:ae:1c:77:b9:d8:be:4b:fb:04:b4:
22:c3:f3:a0:f8:71:7d:51:5e:bf:2e:ec:7d:32:3f:d8:9e:b2:
b5:f4:6c:0c:1d:c8:77:df:ae:75:a1:bb:7b:a9:6e:15:ad:03:
c4:b6:17:3b:33:87:94:39:52:3b:f8:d3:44:ed:a7:52:61:4c:
88:76:1c:f8:e5:a7:d8:3b:2b:81:84:61:5a:d3:ad:c2:3e:34:
f6:ba:69:b6:d7:5d:06:35:43:71:98:28:52:18:3d:62:98:28:
84:27:06:6a:15:b8:1f:df:01:05:d2:29:a6:0a:60:b2:b3:e5:
09:51:5f:ee:fd:14:f2:7b:42:4b:c2:ff:16:52:74:39:d9:19:
5a:67:fc:4c:e4:9f:1e:17:ab:92:32:8c:91:dd:a3:79:9b:ef:
93:c6:9a:cd:9f:08:9b:b6:0e:82:f0:b0:2f:a9:a2:64:5f:0a:
39:39:96:35:60:96:89:09:b4:6f:20:f4:60:20:66:20:b8:a2:
7c:c7:6c:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9U+VIXNv3nhAJ9GW2Vhj2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OGEyODllYmIyZGQ2ODA2ZDYwYjhjNWFkMDM2Yzc5OGY2
NmJhMDYwHhcNMjQwNTA3MjEzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzRlYTViY2I5NGNjOTcwYmEyYWU1NjBiYTA5NjZjMjdkYTM3ZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62DeLuJP7ElY0CXDHUifweIp1n3A
QDqJ9RO+bPfD2eVEQMoKlUXjRz8V9s6Smu/k8SW9/Cs9uV1xQUPSk11rFWodivyA
Lcu0xNusYZ3F2pCfuhmTZjAVlesr3HuZTebgx7Q9zLGNdkNeCW7ht1q/NvAqJvzn
5MXVFzNpVZ+O+cImGzTZcT8BggjZZeRnvZx8IANeUQjSKXx2zvVd0eYfUtKxmIJj
CRsAJWIhT12vbWvOX5wncR3p99Th+O3RKg19gFTFywsBYY/zjOZlWCj7LH7Ev+yQ
DnNe/C8hefD7QeNgGe3/huAm3slp6tcs3LY21hTgIeUMNvTtzrBEizn1hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdOpby5TMlwuirlYLoJZsJ9o30gMB8GA1UdIwQY
MBaAFLSKKJ67LdaAbWC4xa0DbHmPZroGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElvb25yc3Qxb0J0WUxqRnJRTnNlWTltdWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81OTkyZWItNGI4Mi00ZmQzLTkxMjEt
ZmVlMTM3Yzg5MGJjLzEvbDA2bHZMbE15WEM2S3VWZ3VnbG13bjJqZlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81OTkyZWItNGI4Mi00ZmQzLTkxMjEtZmVlMTM3Yzg5MGJj
LzEvdElvb25yc3Qxb0J0WUxqRnJRTnNlWTltdWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFstYAMA0G
CSqGSIb3DQEBCwUAA4IBAQB7qg5DxRWG67lR+7h9uQGmuL1v+N6RzL3CV6GasMIs
i8VeRgdeIPEAprcNcd3w0bJ5KMWC13fH6Nvt7xRfg64cd7nYvkv7BLQiw/Og+HF9
UV6/Lux9Mj/YnrK19GwMHch33651obt7qW4VrQPEthc7M4eUOVI7+NNE7adSYUyI
dhz45afYOyuBhGFa063CPjT2umm2110GNUNxmChSGD1imCiEJwZqFbgf3wEF0imm
CmCys+UJUV/u/RTye0JLwv8WUnQ52RlaZ/xM5J8eF6uSMoyR3aN5m++TxprNnwib
tg6C8LAvqaJkXwo5OZY1YJaJCbRvIPRgIGYguKJ8x2zC
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:21:28 2025 by rpki-client