Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/cb5abb-b3f7-4d40-ad36-251168edd3e4/1/LgNZLKQaiU5ObpLumEE9cvdbN-U.roa
File: LgNZLKQaiU5ObpLumEE9cvdbN-U.roa (raw, json)
Hash identifier: ByATwkL/KddDjsiQ6dwswWKIfDnVEBHbj8p476MkazA=
Subject key identifier: 2E:03:59:2C:A4:1A:89:4E:4E:6E:92:EE:98:41:3D:72:F7:5B:37:E5
Certificate issuer: /CN=8b1edf526b1ca5ff0e682ff48aece121d27bc0c3
Certificate serial: 018E0FFF6B3D7B219AC75CA49EE599DC2D10
Authority key identifier: 8B:1E:DF:52:6B:1C:A5:FF:0E:68:2F:F4:8A:EC:E1:21:D2:7B:C0:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ix7fUmscpf8OaC_0iuzhIdJ7wMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/cb5abb-b3f7-4d40-ad36-251168edd3e4/1/LgNZLKQaiU5ObpLumEE9cvdbN-U.roa
Signing time: Tue 05 Mar 2024 19:03:01 +0000
ROA not before: Tue 05 Mar 2024 19:03:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215374
IP address blocks: 212.102.123.0/25 maxlen: 25
Validation: Failed, certificate revoked on Wed 08 May 2024 18:55:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:ff:6b:3d:7b:21:9a:c7:5c:a4:9e:e5:99:dc:2d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b1edf526b1ca5ff0e682ff48aece121d27bc0c3
Validity
Not Before: Mar 5 19:03:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e03592ca41a894e4e6e92ee98413d72f75b37e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bf:ae:b0:9d:15:25:23:0f:cd:04:4f:6c:b7:
b0:47:17:95:dd:5e:e4:ae:76:9b:90:23:38:4e:92:
03:f0:9c:db:47:c1:82:56:0b:e3:04:12:6b:ff:f5:
68:81:cf:bb:74:db:06:cb:e8:6b:cf:fd:81:ae:5e:
54:0c:d0:99:1e:1d:2f:97:65:3f:ba:84:7f:16:14:
1d:2b:df:18:ce:ca:5b:b8:f6:67:7a:bc:fe:fa:8b:
32:16:ec:9f:66:a2:2c:2d:52:ce:21:f3:53:e7:a9:
95:93:aa:c0:99:05:7a:b8:1b:f7:a9:47:98:64:ad:
f6:f0:b9:3a:de:bf:d4:f1:17:e6:9a:54:58:97:93:
89:04:3b:58:55:7e:fa:ea:33:2d:73:5e:5c:7e:f7:
bd:cb:81:71:81:09:33:86:4d:b1:4f:b6:27:5e:6b:
8c:66:48:ef:7d:1c:2d:7d:cf:4d:f5:40:28:22:b6:
0a:12:bb:11:8e:58:69:81:a2:25:f0:22:f7:f5:ce:
96:6c:14:77:2c:8a:f7:76:71:e4:4c:6b:04:fb:a9:
92:5c:42:49:03:10:00:cd:2f:e8:98:89:ff:2d:31:
78:ec:7a:3f:37:40:1c:ec:b3:4b:ae:53:09:8c:e5:
b4:65:d5:01:0b:55:ec:c0:2b:11:68:1b:cd:ac:b2:
bd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:03:59:2C:A4:1A:89:4E:4E:6E:92:EE:98:41:3D:72:F7:5B:37:E5
X509v3 Authority Key Identifier:
keyid:8B:1E:DF:52:6B:1C:A5:FF:0E:68:2F:F4:8A:EC:E1:21:D2:7B:C0:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ix7fUmscpf8OaC_0iuzhIdJ7wMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/cb5abb-b3f7-4d40-ad36-251168edd3e4/1/LgNZLKQaiU5ObpLumEE9cvdbN-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/cb5abb-b3f7-4d40-ad36-251168edd3e4/1/ix7fUmscpf8OaC_0iuzhIdJ7wMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.123.0/25
Signature Algorithm: sha256WithRSAEncryption
10:97:af:c7:dc:70:c5:ca:1f:81:be:8c:c4:b9:76:d7:40:7f:
91:e6:75:ea:b6:53:54:b3:66:5d:d3:51:ce:57:65:f4:4c:20:
c1:95:ac:c0:02:95:8c:a3:af:95:ff:5e:ff:45:84:cd:ef:39:
92:18:c3:e2:ba:cb:4a:cd:a3:15:66:71:14:1d:51:49:3b:14:
9f:ce:f8:d7:17:67:23:e3:3f:44:e6:2d:b4:bd:b8:15:c7:17:
8e:93:a5:34:29:41:98:62:e7:89:fe:3e:65:16:ee:e6:ed:7f:
93:70:27:ac:0e:65:8f:cc:1a:67:ca:e2:b3:80:71:6a:74:f3:
03:80:15:3e:65:88:d1:83:54:d6:f9:35:2e:05:1d:46:9d:97:
a2:37:ca:cd:e7:61:6d:59:06:d2:63:1b:4f:23:ff:f7:bb:45:
65:49:e0:66:9e:96:09:e1:2a:d9:26:f3:cd:54:2a:9b:45:f3:
c5:02:48:4b:5d:a5:7e:01:ca:d3:0e:29:0b:57:a3:5a:ba:40:
6e:fd:6a:9f:14:cf:04:55:60:1b:61:eb:bf:0d:89:9c:c2:cd:
46:3b:49:93:ef:68:66:bc:ab:6a:48:04:86:1e:64:a2:14:77:
83:b9:b5:79:4a:07:23:c9:3b:2a:f4:5f:61:65:5b:1d:a2:32:
f6:c2:05:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY4P/2s9eyGax1yknuWZ3C0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMWVkZjUyNmIxY2E1ZmYwZTY4MmZmNDhhZWNlMTIxZDI3
YmMwYzMwHhcNMjQwMzA1MTkwMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTAzNTkyY2E0MWE4OTRlNGU2ZTkyZWU5ODQxM2Q3MmY3NWIzN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL+usJ0VJSMPzQRPbLewRxeV3V7k
rnabkCM4TpID8JzbR8GCVgvjBBJr//Vogc+7dNsGy+hrz/2Brl5UDNCZHh0vl2U/
uoR/FhQdK98YzspbuPZnerz++osyFuyfZqIsLVLOIfNT56mVk6rAmQV6uBv3qUeY
ZK328Lk63r/U8RfmmlRYl5OJBDtYVX766jMtc15cfve9y4FxgQkzhk2xT7YnXmuM
ZkjvfRwtfc9N9UAoIrYKErsRjlhpgaIl8CL39c6WbBR3LIr3dnHkTGsE+6mSXEJJ
AxAAzS/omIn/LTF47Ho/N0Ac7LNLrlMJjOW0ZdUBC1XswCsRaBvNrLK9uQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC4DWSykGolOTm6S7phBPXL3WzflMB8GA1UdIwQY
MBaAFIse31JrHKX/Dmgv9Irs4SHSe8DDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXg3ZlVtc2NwZjhPYUNfMGl1emhJZEo3d01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9jYjVhYmItYjNmNy00ZDQwLWFkMzYt
MjUxMTY4ZWRkM2U0LzEvTGdOWkxLUWFpVTVPYnBMdW1FRTljdmRiTi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9jYjVhYmItYjNmNy00ZDQwLWFkMzYtMjUxMTY4ZWRkM2U0
LzEvaXg3ZlVtc2NwZjhPYUNfMGl1emhJZEo3d01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUH1GZ7ADAN
BgkqhkiG9w0BAQsFAAOCAQEAEJevx9xwxcofgb6MxLl210B/keZ16rZTVLNmXdNR
zldl9EwgwZWswAKVjKOvlf9e/0WEze85khjD4rrLSs2jFWZxFB1RSTsUn8741xdn
I+M/ROYttL24FccXjpOlNClBmGLnif4+ZRbu5u1/k3AnrA5lj8waZ8ris4BxanTz
A4AVPmWI0YNU1vk1LgUdRp2XojfKzedhbVkG0mMbTyP/97tFZUngZp6WCeEq2Sbz
zVQqm0XzxQJIS12lfgHK0w4pC1ejWrpAbv1qnxTPBFVgG2Hrvw2JnMLNRjtJk+9o
ZryrakgEhh5kohR3g7m1eUoHI8k7KvRfYWVbHaIy9sIFVg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:29:14 2025 by rpki-client