Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/LgiBtt7qVBHPAjKsEAy75JkHjrg.roa
File: LgiBtt7qVBHPAjKsEAy75JkHjrg.roa (raw, json)
Hash identifier: +GewSQXMtDdVPKcCHf/73B2SIST5WdhflHLq2g9Mj08=
Subject key identifier: 2E:08:81:B6:DE:EA:54:11:CF:02:32:AC:10:0C:BB:E4:99:07:8E:B8
Certificate issuer: /CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Certificate serial: 018CC424C60DDEACDA6442B029DCD65E2AE1
Authority key identifier: AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/LgiBtt7qVBHPAjKsEAy75JkHjrg.roa
Signing time: Mon 01 Jan 2024 08:29:53 +0000
ROA not before: Mon 01 Jan 2024 08:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50477
IP address blocks: 178.57.56.0/21 maxlen: 21
194.58.168.0/22 maxlen: 22
194.58.172.0/22 maxlen: 22
194.58.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 06 Sep 2024 06:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:c6:0d:de:ac:da:64:42:b0:29:dc:d6:5e:2a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Validity
Not Before: Jan 1 08:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e0881b6deea5411cf0232ac100cbbe499078eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0f:0a:56:5d:01:1f:c0:6b:7d:96:c3:82:1e:
25:e4:4f:3a:bf:5b:2f:12:61:63:24:38:c9:e1:d8:
38:e2:ab:72:fb:50:00:cc:34:51:e3:07:61:d1:cd:
e1:88:8f:79:1d:51:2d:4d:fd:71:a4:47:d9:72:18:
91:1a:f7:9e:1d:c6:aa:35:64:e8:5e:79:c7:3d:3e:
4b:ac:ea:65:0b:62:0e:4a:10:c2:fc:b5:8f:27:55:
91:ce:bd:43:e7:35:d5:54:dc:06:5f:9f:c1:54:32:
6e:9e:f4:55:80:2e:d9:11:7b:3d:0f:a6:03:d3:1f:
bb:c5:9e:18:97:e2:63:12:7d:e0:ef:03:38:31:fc:
2f:e7:b4:c0:f2:cd:04:85:22:cd:01:b0:da:01:e3:
b5:e2:88:69:5b:df:28:1f:5f:38:9e:55:9e:89:2d:
52:ef:c0:a7:31:b5:ae:a5:61:5b:a7:17:92:f6:89:
ca:db:89:96:df:f2:19:e4:22:4c:7f:d9:ff:fa:1d:
f3:64:f8:7c:d6:75:4a:da:4b:45:a4:8a:1f:87:19:
ea:23:83:e1:91:5f:cd:49:ba:4e:f8:3d:2a:0c:7a:
20:97:56:14:6b:96:62:7c:21:87:22:2c:9e:3a:e0:
79:d0:f4:49:1f:09:71:9a:6e:3a:8a:05:ca:ca:14:
20:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:08:81:B6:DE:EA:54:11:CF:02:32:AC:10:0C:BB:E4:99:07:8E:B8
X509v3 Authority Key Identifier:
keyid:AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/LgiBtt7qVBHPAjKsEAy75JkHjrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/qipYxpehRJl2sNEdbxJgJeFAicY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.57.56.0/21
194.58.168.0/21
194.58.184.0/21
Signature Algorithm: sha256WithRSAEncryption
27:b7:83:05:33:4e:ab:ad:ee:b7:a3:55:a3:30:e1:03:7d:a6:
bf:ca:03:4a:7b:ff:7c:9a:b9:a8:98:51:04:fd:e5:d0:c4:98:
e7:07:ce:45:ca:05:1b:12:24:b7:8b:80:0b:94:f8:64:da:9f:
92:da:b6:46:19:19:2f:17:5c:f7:b6:29:41:8f:61:c5:1a:f8:
64:a6:4d:46:2b:5f:88:ee:91:88:45:ab:6c:95:88:15:d3:6d:
8b:88:27:7d:2f:e6:c4:79:95:bf:55:d5:6c:4c:77:5b:5f:7e:
94:8a:81:dc:55:a1:b6:71:a7:bd:28:19:d9:4c:e9:73:16:99:
3a:6c:26:d7:6d:91:6a:8c:17:fc:b2:46:ae:c5:00:d0:dc:cb:
c5:88:45:98:59:dc:68:28:22:c6:ad:cd:83:48:e8:67:7d:84:
6c:08:a1:9e:0e:97:35:65:35:01:18:0d:a8:fb:0b:b3:f4:66:
cc:7e:d1:26:a5:b5:99:ae:52:d2:73:d2:b9:12:9d:fa:9b:f0:
86:cc:4b:6f:7c:cf:06:87:2a:78:fc:bf:58:d7:b8:67:54:04:
0c:ca:c5:3b:44:7d:26:93:b0:c2:a5:1b:2e:1f:1f:85:48:d9:
d8:c2:a1:09:f1:9a:f0:eb:35:c2:eb:46:7c:ab:28:cc:db:d7:
98:25:ba:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJMYN3qzaZEKwKdzWXirhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMmE1OGM2OTdhMTQ0OTk3NmIwZDExZDZmMTI2MDI1ZTE0
MDg5YzYwHhcNMjQwMTAxMDgyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTA4ODFiNmRlZWE1NDExY2YwMjMyYWMxMDBjYmJlNDk5MDc4ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg8KVl0BH8BrfZbDgh4l5E86v1sv
EmFjJDjJ4dg44qty+1AAzDRR4wdh0c3hiI95HVEtTf1xpEfZchiRGveeHcaqNWTo
XnnHPT5LrOplC2IOShDC/LWPJ1WRzr1D5zXVVNwGX5/BVDJunvRVgC7ZEXs9D6YD
0x+7xZ4Yl+JjEn3g7wM4Mfwv57TA8s0EhSLNAbDaAeO14ohpW98oH184nlWeiS1S
78CnMbWupWFbpxeS9onK24mW3/IZ5CJMf9n/+h3zZPh81nVK2ktFpIofhxnqI4Ph
kV/NSbpO+D0qDHogl1YUa5ZifCGHIiyeOuB50PRJHwlxmm46igXKyhQg7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC4Igbbe6lQRzwIyrBAMu+SZB464MB8GA1UdIwQY
MBaAFKoqWMaXoUSZdrDRHW8SYCXhQInGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlwWXhwZWhSSmwyc05FZGJ4SmdKZUZBaWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8zMTQyYTUtZDkyZC00ZDA2LTgyMjgt
YmU2MjJjMzEzMmRmLzEvTGdpQnR0N3FWQkhQQWpLc0VBeTc1SmtIanJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8zMTQyYTUtZDkyZC00ZDA2LTgyMjgtYmU2MjJjMzEzMmRm
LzEvcWlwWXhwZWhSSmwyc05FZGJ4SmdKZUZBaWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDsjk4AwQD
wjqoAwQDwjq4MA0GCSqGSIb3DQEBCwUAA4IBAQAnt4MFM06rre63o1WjMOEDfaa/
ygNKe/98mrmomFEE/eXQxJjnB85FygUbEiS3i4ALlPhk2p+S2rZGGRkvF1z3tilB
j2HFGvhkpk1GK1+I7pGIRatslYgV022LiCd9L+bEeZW/VdVsTHdbX36UioHcVaG2
cae9KBnZTOlzFpk6bCbXbZFqjBf8skauxQDQ3MvFiEWYWdxoKCLGrc2DSOhnfYRs
CKGeDpc1ZTUBGA2o+wuz9GbMftEmpbWZrlLSc9K5Ep36m/CGzEtvfM8Ghyp4/L9Y
17hnVAQMysU7RH0mk7DCpRsuHx+FSNnYwqEJ8Zrw6zXC60Z8qyjM29eYJbpC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:11 2025 by rpki-client