Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/LMkWxY1kXGTRpqbaUhhhsW1FZVQ.roa
File: LMkWxY1kXGTRpqbaUhhhsW1FZVQ.roa (raw, json)
Hash identifier: ho7jF/TGAZuYpIXSijUNLK0a7EA+SVzjPKtww9pJM+8=
Subject key identifier: 2C:C9:16:C5:8D:64:5C:64:D1:A6:A6:DA:52:18:61:B1:6D:45:65:54
Certificate issuer: /CN=bda61043542485096b0df4351cc0da977f3770dd
Certificate serial: 019147D8D99AE7CDB0410D7891ADA8C24575
Authority key identifier: BD:A6:10:43:54:24:85:09:6B:0D:F4:35:1C:C0:DA:97:7F:37:70:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/LMkWxY1kXGTRpqbaUhhhsW1FZVQ.roa
Signing time: Mon 12 Aug 2024 18:27:59 +0000
ROA not before: Mon 12 Aug 2024 18:27:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2852
IP address blocks: 147.32.0.0/16 maxlen: 24
193.84.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:47:d8:d9:9a:e7:cd:b0:41:0d:78:91:ad:a8:c2:45:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda61043542485096b0df4351cc0da977f3770dd
Validity
Not Before: Aug 12 18:27:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cc916c58d645c64d1a6a6da521861b16d456554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:21:bb:95:d1:b6:6d:cc:ad:29:53:f1:7e:76:
27:a6:6d:00:29:c1:6e:34:61:1a:54:71:bc:b5:52:
74:d3:34:b3:d4:ed:0d:7a:11:88:74:6b:16:69:73:
fc:29:ba:f7:b4:9a:80:cf:80:12:db:dc:82:05:c1:
24:14:a2:a8:4b:04:5f:b8:42:4d:93:12:50:ac:8c:
09:93:11:70:79:55:f4:71:b3:bf:21:95:f6:4a:3e:
0a:02:b4:f2:61:c5:e2:46:93:70:42:a4:53:49:5f:
c0:02:4e:88:89:e0:f7:e9:22:11:19:26:e5:a5:c2:
92:ca:c5:7e:6c:bf:b6:6b:19:3c:88:c2:15:9c:1c:
cb:07:db:5c:1c:49:cd:96:04:28:bf:f6:72:c4:4c:
71:fe:31:55:86:61:49:76:cd:d5:66:bd:d6:56:34:
1c:d5:49:37:8a:b7:d3:2a:bd:3c:5e:b2:02:ad:05:
a6:5f:ef:57:7a:4c:24:e2:25:cc:04:b8:a6:05:73:
af:c7:06:aa:28:81:99:cd:85:80:fd:26:91:56:e0:
b2:dd:86:86:9b:9b:05:2b:b7:3c:df:28:d6:cc:c3:
7d:73:42:9e:23:bd:3f:82:9a:78:e9:90:35:10:59:
a5:aa:40:62:7c:7f:d6:30:fb:27:ba:1d:8c:82:22:
57:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C9:16:C5:8D:64:5C:64:D1:A6:A6:DA:52:18:61:B1:6D:45:65:54
X509v3 Authority Key Identifier:
keyid:BD:A6:10:43:54:24:85:09:6B:0D:F4:35:1C:C0:DA:97:7F:37:70:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/LMkWxY1kXGTRpqbaUhhhsW1FZVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.32.0.0/16
193.84.104.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:a4:cd:14:9f:ac:34:a7:a5:f0:b6:bb:28:02:b9:c4:f4:2d:
f9:49:38:e8:47:7f:69:4d:e4:62:c0:e0:dc:66:15:d0:db:25:
e7:e4:9c:04:53:85:66:43:cf:e2:24:57:78:51:d3:32:f5:04:
12:b4:61:f6:bb:3f:a8:e7:4d:57:7e:23:9b:d1:e6:aa:da:6e:
3b:d6:95:0e:e7:e2:68:4d:98:5f:5a:09:fa:62:bf:ef:bd:c5:
88:f1:50:11:7e:46:74:41:ad:11:e1:de:b9:70:51:14:c3:94:
7c:f0:69:7f:02:10:0d:3f:9c:fb:2b:25:33:30:c0:ce:2f:95:
a4:53:5d:e1:36:f1:dd:44:4e:5c:ea:ff:3b:42:9c:a2:bf:32:
43:86:d7:d9:a3:01:03:96:41:9c:70:12:33:c2:05:38:93:3d:
b3:70:e7:f5:73:33:42:b7:ae:e7:bc:6a:b2:1e:2f:eb:17:0b:
a6:d9:a0:1b:72:32:04:6e:aa:74:68:8d:0e:6c:f5:aa:1b:57:
84:19:02:4b:df:f8:0d:61:c1:21:d4:7c:14:ad:0e:25:32:dc:
b8:69:e0:b7:1c:b1:10:ac:11:1f:cb:f9:9c:52:c2:d7:49:ce:
ca:06:ca:b1:d9:5c:ed:be:bf:18:ee:e1:03:60:08:a0:87:b7:
49:35:b1:44
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZFH2Nma582wQQ14ka2owkV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTYxMDQzNTQyNDg1MDk2YjBkZjQzNTFjYzBkYTk3N2Yz
NzcwZGQwHhcNMjQwODEyMTgyNzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M5MTZjNThkNjQ1YzY0ZDFhNmE2ZGE1MjE4NjFiMTZkNDU2NTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCG7ldG2bcytKVPxfnYnpm0AKcFu
NGEaVHG8tVJ00zSz1O0NehGIdGsWaXP8Kbr3tJqAz4AS29yCBcEkFKKoSwRfuEJN
kxJQrIwJkxFweVX0cbO/IZX2Sj4KArTyYcXiRpNwQqRTSV/AAk6IieD36SIRGSbl
pcKSysV+bL+2axk8iMIVnBzLB9tcHEnNlgQov/ZyxExx/jFVhmFJds3VZr3WVjQc
1Uk3irfTKr08XrICrQWmX+9Xekwk4iXMBLimBXOvxwaqKIGZzYWA/SaRVuCy3YaG
m5sFK7c83yjWzMN9c0KeI70/gpp46ZA1EFmlqkBifH/WMPsnuh2MgiJX/wIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFCzJFsWNZFxk0aam2lIYYbFtRWVUMB8GA1UdIwQY
MBaAFL2mEENUJIUJaw30NRzA2pd/N3DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8xOTY2ODktMmRiNy00ZTgwLWI5MmMt
M2EyYWQ4OGRlYWRlLzEvTE1rV3hZMWtYR1RScHFiYVVoaGhzVzFGWlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8xOTY2ODktMmRiNy00ZTgwLWI5MmMtM2EyYWQ4OGRlYWRl
LzEvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAkyADBALB
VGgwDQYJKoZIhvcNAQELBQADggEBAH+kzRSfrDSnpfC2uygCucT0LflJOOhHf2lN
5GLA4NxmFdDbJefknARThWZDz+IkV3hR0zL1BBK0Yfa7P6jnTVd+I5vR5qrabjvW
lQ7n4mhNmF9aCfpiv++9xYjxUBF+RnRBrRHh3rlwURTDlHzwaX8CEA0/nPsrJTMw
wM4vlaRTXeE28d1ETlzq/ztCnKK/MkOG19mjAQOWQZxwEjPCBTiTPbNw5/VzM0K3
rue8arIeL+sXC6bZoBtyMgRuqnRojQ5s9aobV4QZAkvf+A1hwSHUfBStDiUy3Lhp
4LccsRCsER/L+ZxSwtdJzsoGyrHZXO2+vxju4QNgCKCHt0k1sUQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:08:17 2025 by rpki-client