Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/LytQ_dd9ACPZmy-GJjYofeImINA.roa
File: LytQ_dd9ACPZmy-GJjYofeImINA.roa (raw, json)
Hash identifier: ZoAsRHK1w8M1eZWRllHHlD5aGY5yW8GGrIaiJ1jYR1k=
Subject key identifier: 2F:2B:50:FD:D7:7D:00:23:D9:9B:2F:86:26:36:28:7D:E2:26:20:D0
Certificate issuer: /CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Certificate serial: 019205CEC1E3BE1FC709FA7BD5574A8DD1E6
Authority key identifier: 5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/LytQ_dd9ACPZmy-GJjYofeImINA.roa
Signing time: Wed 18 Sep 2024 15:44:48 +0000
ROA not before: Wed 18 Sep 2024 15:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39011
IP address blocks: 194.102.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 06:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:ce:c1:e3:be:1f:c7:09:fa:7b:d5:57:4a:8d:d1:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Validity
Not Before: Sep 18 15:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f2b50fdd77d0023d99b2f862636287de22620d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:03:82:4c:76:68:e2:84:b3:0b:ac:09:04:58:
ff:ac:2b:88:35:6e:b4:81:9e:8e:39:82:9d:41:de:
59:7f:95:fe:25:1d:ed:61:09:c7:7f:f0:38:c4:55:
3c:06:ab:ee:e9:63:d6:32:74:86:b4:96:4d:ce:78:
0c:cd:ab:00:6c:bd:5e:ad:1b:95:74:91:0d:28:a4:
bf:a5:0a:5d:bd:a3:74:53:20:52:f9:a5:ff:93:8a:
77:45:02:53:85:70:0f:70:a5:59:60:58:fb:36:52:
0e:ff:5f:be:0b:af:12:73:ec:cc:73:c7:12:ce:6b:
ed:d3:05:d7:ef:d3:58:67:ee:d8:38:71:86:7d:8e:
f4:b2:0a:6b:c2:96:ad:a9:e6:55:63:b8:ff:26:3f:
5c:77:55:5b:01:d5:8f:4f:f7:90:df:ee:8e:34:d6:
dc:b7:11:98:59:51:eb:12:6d:97:27:6d:5e:2d:bf:
ec:99:d9:c1:02:21:74:fc:d2:17:89:9b:bf:12:1c:
7e:39:e8:bd:7e:d0:f8:39:6e:5d:2f:e1:61:d2:ce:
f9:fa:a8:a2:a2:be:47:9b:86:97:15:65:3c:df:58:
d5:93:3d:de:d2:80:59:3b:f3:1b:8a:f5:ad:00:cd:
7e:4d:e4:65:39:cb:29:8c:4b:31:6a:81:1f:b8:91:
72:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2B:50:FD:D7:7D:00:23:D9:9B:2F:86:26:36:28:7D:E2:26:20:D0
X509v3 Authority Key Identifier:
keyid:5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/LytQ_dd9ACPZmy-GJjYofeImINA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.204.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:c0:36:51:3f:47:06:a4:fa:bd:30:d5:94:c7:27:84:13:4f:
90:29:90:9a:96:bc:75:c0:91:32:83:b0:db:4a:e9:f4:9d:20:
fa:19:28:4c:f0:62:50:52:96:a7:3e:a6:ab:10:bd:b2:3d:47:
07:4b:09:3e:a9:3a:6f:59:e9:29:f6:b7:38:0a:15:d4:6e:26:
f3:8c:ef:29:ee:cf:ff:17:a4:f0:c1:6e:0d:6d:b6:79:e4:89:
b9:e5:37:ed:c1:8d:b7:98:e3:a2:07:e8:17:b9:89:3d:24:2b:
35:a6:68:72:a4:ac:1f:48:00:13:3c:db:14:6b:e9:6f:e4:c3:
ea:f9:f8:d8:89:e1:63:e9:a2:a0:4e:7c:2e:64:1c:1f:e3:dd:
f0:dd:89:e0:73:bd:dc:31:2b:6b:a8:7a:00:aa:55:fd:22:7d:
d3:8f:b2:e8:7d:64:fe:17:37:72:b6:98:14:6a:c5:05:cd:f3:
af:9f:dc:91:2c:71:b4:47:f7:68:08:80:07:2e:9d:72:5e:d7:
43:c0:c8:9a:c9:a5:38:c4:eb:7c:ef:ac:2a:40:af:dd:d7:ec:
73:39:80:c8:3f:05:a7:e6:f7:7c:7c:4d:36:4b:0f:57:fc:d0:
24:94:0e:ed:50:49:7f:d5:00:f8:97:54:09:25:66:71:a3:78:
cb:a5:44:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIFzsHjvh/HCfp71VdKjdHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODZjNDdkYTZkOTA3OTM0N2I2MGYwNGVkNWM1NTU3ZmU5
ODNlYjgwHhcNMjQwOTE4MTU0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjJiNTBmZGQ3N2QwMDIzZDk5YjJmODYyNjM2Mjg3ZGUyMjYyMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQOCTHZo4oSzC6wJBFj/rCuINW60
gZ6OOYKdQd5Zf5X+JR3tYQnHf/A4xFU8Bqvu6WPWMnSGtJZNzngMzasAbL1erRuV
dJENKKS/pQpdvaN0UyBS+aX/k4p3RQJThXAPcKVZYFj7NlIO/1++C68Sc+zMc8cS
zmvt0wXX79NYZ+7YOHGGfY70sgprwpatqeZVY7j/Jj9cd1VbAdWPT/eQ3+6ONNbc
txGYWVHrEm2XJ21eLb/smdnBAiF0/NIXiZu/Ehx+Oei9ftD4OW5dL+Fh0s75+qii
or5Hm4aXFWU831jVkz3e0oBZO/MbivWtAM1+TeRlOcspjEsxaoEfuJFyrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8rUP3XfQAj2ZsvhiY2KH3iJiDQMB8GA1UdIwQY
MBaAFF2GxH2m2QeTR7YPBO1cVVf+mD64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYt
ZmM2MzI4NDFiYTNlLzEvTHl0UV9kZDlBQ1BabXktR0pqWW9mZUltSU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYtZmM2MzI4NDFiYTNl
LzEvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmbMMA0G
CSqGSIb3DQEBCwUAA4IBAQBuwDZRP0cGpPq9MNWUxyeEE0+QKZCalrx1wJEyg7Db
Sun0nSD6GShM8GJQUpanPqarEL2yPUcHSwk+qTpvWekp9rc4ChXUbibzjO8p7s//
F6TwwW4NbbZ55Im55TftwY23mOOiB+gXuYk9JCs1pmhypKwfSAATPNsUa+lv5MPq
+fjYieFj6aKgTnwuZBwf493w3Yngc73cMStrqHoAqlX9In3Tj7LofWT+FzdytpgU
asUFzfOvn9yRLHG0R/doCIAHLp1yXtdDwMiayaU4xOt876wqQK/d1+xzOYDIPwWn
5vd8fE02Sw9X/NAklA7tUEl/1QD4l1QJJWZxo3jLpURN
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:34 2025 by rpki-client