Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lMCe8vC7vsn9tIKAwLhQfIUNTRw.roa
File: lMCe8vC7vsn9tIKAwLhQfIUNTRw.roa (raw, json)
Hash identifier: DGMWp3zE4mgSzb7HmMOK0MXvEDADUptAF/UgeaKskD0=
Subject key identifier: 94:C0:9E:F2:F0:BB:BE:C9:FD:B4:82:80:C0:B8:50:7C:85:0D:4D:1C
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018F05BC2A8FF79D319B3FCE633E5BFBE725
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lMCe8vC7vsn9tIKAwLhQfIUNTRw.roa
Signing time: Mon 22 Apr 2024 12:16:08 +0000
ROA not before: Mon 22 Apr 2024 12:16:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:52c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 22 Nov 2024 09:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:bc:2a:8f:f7:9d:31:9b:3f:ce:63:3e:5b:fb:e7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Apr 22 12:16:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94c09ef2f0bbbec9fdb48280c0b8507c850d4d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ac:31:d2:ef:2f:e5:36:fb:bb:da:36:af:12:
47:5c:86:0a:d1:07:ef:28:6a:91:02:e8:76:1f:90:
77:ff:9b:21:f1:e1:49:d5:cf:62:e5:b5:64:63:f7:
19:77:61:31:82:91:b9:c8:ec:6f:f6:b5:60:69:e4:
94:3b:aa:e4:0d:49:4d:b9:24:5f:b1:cf:14:d9:a3:
1c:d1:18:d7:47:b1:86:88:60:9f:e6:64:b3:6c:2a:
32:2a:05:98:fb:f7:fc:bd:de:6a:ce:59:2f:a9:e4:
34:62:ce:af:c8:a1:de:fb:33:ef:a8:2f:b1:55:97:
dc:29:05:fd:4a:6c:6f:a8:35:ad:1e:ba:b2:49:b3:
c4:2f:45:4b:8c:07:15:dc:5f:3f:f0:68:91:7f:b7:
b1:55:da:c5:fe:b8:fa:9c:b1:42:86:9d:3e:12:36:
51:f7:60:d6:86:8f:44:f8:97:98:fe:d4:9a:7f:2d:
84:6f:8b:7f:e2:78:be:4c:be:31:7b:22:37:2a:7f:
a5:31:c1:8a:86:c5:c3:37:ea:f4:57:82:c4:15:a5:
aa:16:93:7f:f2:78:2d:e7:2b:e3:8e:3d:f0:8f:20:
5b:3d:69:52:d5:9a:34:00:d7:8a:f2:6f:81:53:d1:
0d:f8:fe:59:6c:ac:29:c4:87:d3:7a:43:c0:e0:f7:
33:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C0:9E:F2:F0:BB:BE:C9:FD:B4:82:80:C0:B8:50:7C:85:0D:4D:1C
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lMCe8vC7vsn9tIKAwLhQfIUNTRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:52c7::/32
Signature Algorithm: sha256WithRSAEncryption
42:b7:93:2c:ac:d1:c4:78:11:65:41:29:f4:1d:39:45:c9:0c:
84:3a:e2:1d:40:b3:0f:a7:e6:a8:4c:45:77:46:b2:a2:67:98:
26:f5:90:c2:e1:53:0c:c0:f4:c8:75:da:c1:ed:36:be:8b:2a:
3d:11:d3:df:fb:13:3a:c0:79:0d:ec:b8:2f:1c:f4:44:20:21:
4c:ed:69:6b:f8:e8:13:c4:f5:6d:14:c5:57:f9:a2:e6:bc:e2:
68:3e:a1:44:95:dc:c0:c1:5e:eb:63:c0:41:07:6f:86:89:12:
92:f9:34:64:da:31:51:4a:db:07:4f:20:26:0e:3e:c0:8c:e8:
58:28:48:5f:88:a5:ed:4f:ad:84:ee:e6:b6:18:da:5b:f2:96:
8f:f7:bc:a3:15:e7:21:3b:10:c6:42:3f:f1:50:7c:d5:a3:1d:
f2:c0:44:82:1a:58:b2:47:f8:08:db:58:62:7e:86:7d:d3:6c:
f3:10:08:73:0d:78:50:69:cd:80:ad:94:38:d8:05:e4:d6:ba:
0f:d9:1b:57:c7:23:f4:41:05:fb:ec:dd:c8:2f:4c:6b:21:e4:
67:48:04:20:5c:23:bd:0d:a4:73:a6:16:f2:6b:58:58:0a:7a:
61:02:2c:b3:4a:90:d9:82:17:ff:41:1f:c7:ec:0f:2d:ee:41:
7f:77:d5:71
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8FvCqP950xmz/OYz5b++clMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNDIyMTIxNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGMwOWVmMmYwYmJiZWM5ZmRiNDgyODBjMGI4NTA3Yzg1MGQ0ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6wx0u8v5Tb7u9o2rxJHXIYK0Qfv
KGqRAuh2H5B3/5sh8eFJ1c9i5bVkY/cZd2ExgpG5yOxv9rVgaeSUO6rkDUlNuSRf
sc8U2aMc0RjXR7GGiGCf5mSzbCoyKgWY+/f8vd5qzlkvqeQ0Ys6vyKHe+zPvqC+x
VZfcKQX9SmxvqDWtHrqySbPEL0VLjAcV3F8/8GiRf7exVdrF/rj6nLFChp0+EjZR
92DWho9E+JeY/tSafy2Eb4t/4ni+TL4xeyI3Kn+lMcGKhsXDN+r0V4LEFaWqFpN/
8ngt5yvjjj3wjyBbPWlS1Zo0ANeK8m+BU9EN+P5ZbKwpxIfTekPA4PczJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJTAnvLwu77J/bSCgMC4UHyFDU0cMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbE1DZTh2Qzd2c245dElLQXdMaFFmSVVOVFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5SxzAN
BgkqhkiG9w0BAQsFAAOCAQEAQreTLKzRxHgRZUEp9B05RckMhDriHUCzD6fmqExF
d0ayomeYJvWQwuFTDMD0yHXawe02vosqPRHT3/sTOsB5Dey4Lxz0RCAhTO1pa/jo
E8T1bRTFV/mi5rziaD6hRJXcwMFe62PAQQdvhokSkvk0ZNoxUUrbB08gJg4+wIzo
WChIX4il7U+thO7mthjaW/KWj/e8oxXnITsQxkI/8VB81aMd8sBEghpYskf4CNtY
Yn6GfdNs8xAIcw14UGnNgK2UONgF5Na6D9kbV8cj9EEF++zdyC9MayHkZ0gEIFwj
vQ2kc6YW8mtYWAp6YQIss0qQ2YIX/0Efx+wPLe5Bf3fVcQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:09:01 2025 by rpki-client