Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/56ae15-1ca5-4d69-9a3a-837b10c2c636/1/x-b_ZYhTxL6R19fSq4I23R9Lupo.roa
File: x-b_ZYhTxL6R19fSq4I23R9Lupo.roa (raw, json)
Hash identifier: vuBViK3SZcv8l62ZYkniVSMd3hUtgklsLU76ZfYEfVs=
Subject key identifier: C7:E6:FF:65:88:53:C4:BE:91:D7:D7:D2:AB:82:36:DD:1F:4B:BA:9A
Certificate issuer: /CN=70f78b681b6617fed70ce867fb9a8c6f25cfda55
Certificate serial: 018CC3B72236F1C923A21D0E3241F57ACC80
Authority key identifier: 70:F7:8B:68:1B:66:17:FE:D7:0C:E8:67:FB:9A:8C:6F:25:CF:DA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPeLaBtmF_7XDOhn-5qMbyXP2lU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/56ae15-1ca5-4d69-9a3a-837b10c2c636/1/x-b_ZYhTxL6R19fSq4I23R9Lupo.roa
Signing time: Mon 01 Jan 2024 06:30:08 +0000
ROA not before: Mon 01 Jan 2024 06:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49890
IP address blocks: 95.140.240.0/20 maxlen: 24
2a0c:aac0::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:22:36:f1:c9:23:a2:1d:0e:32:41:f5:7a:cc:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f78b681b6617fed70ce867fb9a8c6f25cfda55
Validity
Not Before: Jan 1 06:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7e6ff658853c4be91d7d7d2ab8236dd1f4bba9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a6:f3:0d:e7:56:78:f5:d9:03:5a:6f:74:92:
cd:14:6c:38:47:db:54:b7:39:e3:37:b8:c9:28:dd:
3b:54:f2:f9:c7:96:cf:57:4f:42:fe:28:2d:16:bc:
52:99:1f:ee:84:63:e7:db:eb:00:d3:e9:c1:ff:b9:
92:6c:f7:c8:ba:f4:c6:40:dc:dc:c9:65:46:23:38:
9d:27:10:cf:d1:3b:eb:f4:65:53:a9:4f:a9:a7:b9:
de:17:99:ce:a4:cd:41:15:fe:18:9a:3a:cb:34:e7:
8f:b5:d6:b3:1c:c1:30:60:41:07:eb:9b:82:b0:dc:
e6:46:eb:7e:b2:f6:e3:62:fb:f9:bc:b3:46:1d:ec:
ef:39:b9:b2:e4:36:98:6b:34:1b:31:65:02:c9:10:
6a:4d:44:f2:90:1d:01:4e:62:a1:22:2d:db:9c:dc:
d7:76:84:2d:e1:df:97:99:1f:80:44:82:f6:da:d7:
89:31:d0:69:d5:35:ab:ed:4b:00:7a:68:96:02:31:
0d:2f:d5:17:52:63:26:4c:f0:94:12:1f:44:5d:4a:
42:28:fc:23:cb:8d:4c:6c:69:d9:f8:74:dd:84:04:
03:92:a8:58:87:92:2f:8a:9b:c3:5c:55:30:94:21:
b6:e8:19:f9:94:a3:90:4e:52:59:b2:d6:57:20:26:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E6:FF:65:88:53:C4:BE:91:D7:D7:D2:AB:82:36:DD:1F:4B:BA:9A
X509v3 Authority Key Identifier:
keyid:70:F7:8B:68:1B:66:17:FE:D7:0C:E8:67:FB:9A:8C:6F:25:CF:DA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPeLaBtmF_7XDOhn-5qMbyXP2lU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/56ae15-1ca5-4d69-9a3a-837b10c2c636/1/x-b_ZYhTxL6R19fSq4I23R9Lupo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/56ae15-1ca5-4d69-9a3a-837b10c2c636/1/cPeLaBtmF_7XDOhn-5qMbyXP2lU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.240.0/20
IPv6:
2a0c:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
61:f9:30:a4:a7:2c:37:31:1a:5a:eb:9e:71:9b:05:96:ac:16:
09:80:18:9d:b6:da:0e:4d:6e:cf:f4:bb:05:41:22:5e:ec:35:
5d:1a:dc:ed:9d:50:31:c2:f1:09:ed:5a:1c:64:db:87:4d:b4:
50:96:25:98:6b:83:9a:6d:da:92:19:ac:ff:6f:41:d1:80:6f:
53:b3:f8:6a:52:0c:28:70:2e:87:ae:99:2b:4d:af:46:98:b3:
0d:1e:6f:d8:9e:96:43:2b:b0:86:74:2c:fd:4c:7a:cb:76:b8:
15:6f:eb:d8:34:68:21:8c:ec:b2:88:b5:c8:d4:1d:17:1c:86:
11:0a:a8:f1:0b:cb:49:05:d0:70:92:52:c0:b4:a3:ae:aa:35:
28:b3:fa:d5:5e:a7:4d:2c:69:06:32:00:b9:f9:52:04:f5:16:
1b:44:04:46:d9:ab:8f:04:74:97:d5:5e:1e:21:da:40:d4:f8:
dd:a5:cc:09:0a:10:c8:b8:5f:de:11:31:53:c9:a6:bf:28:72:
9a:6e:88:f2:fd:a4:50:d0:77:77:85:c2:23:00:1a:1b:e6:c2:
6b:67:cc:8c:3b:fa:ad:e1:d1:35:f3:67:1e:af:7a:88:a9:c6:
d9:c2:ff:17:aa:53:6e:b9:b2:d3:67:04:ab:6e:d0:ac:61:81:
ff:29:5a:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtyI28ckjoh0OMkH1esyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjc4YjY4MWI2NjE3ZmVkNzBjZTg2N2ZiOWE4YzZmMjVj
ZmRhNTUwHhcNMjQwMTAxMDYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2U2ZmY2NTg4NTNjNGJlOTFkN2Q3ZDJhYjgyMzZkZDFmNGJiYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyabzDedWePXZA1pvdJLNFGw4R9tU
tznjN7jJKN07VPL5x5bPV09C/igtFrxSmR/uhGPn2+sA0+nB/7mSbPfIuvTGQNzc
yWVGIzidJxDP0Tvr9GVTqU+pp7neF5nOpM1BFf4YmjrLNOePtdazHMEwYEEH65uC
sNzmRut+svbjYvv5vLNGHezvObmy5DaYazQbMWUCyRBqTUTykB0BTmKhIi3bnNzX
doQt4d+XmR+ARIL22teJMdBp1TWr7UsAemiWAjENL9UXUmMmTPCUEh9EXUpCKPwj
y41MbGnZ+HTdhAQDkqhYh5IvipvDXFUwlCG26Bn5lKOQTlJZstZXICZb4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMfm/2WIU8S+kdfX0quCNt0fS7qaMB8GA1UdIwQY
MBaAFHD3i2gbZhf+1wzoZ/uajG8lz9pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BlTGFCdG1GXzdYRE9obi01cU1ieVhQMmxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NmFlMTUtMWNhNS00ZDY5LTlhM2Et
ODM3YjEwYzJjNjM2LzEveC1iX1pZaFR4TDZSMTlmU3E0STIzUjlMdXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NmFlMTUtMWNhNS00ZDY5LTlhM2EtODM3YjEwYzJjNjM2
LzEvY1BlTGFCdG1GXzdYRE9obi01cU1ieVhQMmxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEX4zwMA0E
AgACMAcDBQMqDKrAMA0GCSqGSIb3DQEBCwUAA4IBAQBh+TCkpyw3MRpa655xmwWW
rBYJgBidttoOTW7P9LsFQSJe7DVdGtztnVAxwvEJ7VocZNuHTbRQliWYa4OabdqS
Gaz/b0HRgG9Ts/hqUgwocC6HrpkrTa9GmLMNHm/YnpZDK7CGdCz9THrLdrgVb+vY
NGghjOyyiLXI1B0XHIYRCqjxC8tJBdBwklLAtKOuqjUos/rVXqdNLGkGMgC5+VIE
9RYbRARG2auPBHSX1V4eIdpA1PjdpcwJChDIuF/eETFTyaa/KHKabojy/aRQ0Hd3
hcIjABob5sJrZ8yMO/qt4dE182cer3qIqcbZwv8XqlNuubLTZwSrbtCsYYH/KVph
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:38:22 2025 by rpki-client