Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/lmh6hr0llnICTdPJqLo3qmd1z5o.roa
File: lmh6hr0llnICTdPJqLo3qmd1z5o.roa (raw, json)
Hash identifier: mO1WS9PqvlWzLomLaGcirueXzgWnFmLN7RCiZFHAjTs=
Subject key identifier: 96:68:7A:86:BD:25:96:72:02:4D:D3:C9:A8:BA:37:AA:67:75:CF:9A
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 01920EFCEAB1B0DD9CC72396A98D70FE5243
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/lmh6hr0llnICTdPJqLo3qmd1z5o.roa
Signing time: Fri 20 Sep 2024 10:31:49 +0000
ROA not before: Fri 20 Sep 2024 10:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200040
IP address blocks: 188.124.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:fc:ea:b1:b0:dd:9c:c7:23:96:a9:8d:70:fe:52:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Sep 20 10:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96687a86bd259672024dd3c9a8ba37aa6775cf9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:26:d5:cb:6b:ff:0c:a9:d7:6d:fc:2a:f4:49:
81:db:dd:63:88:c1:b4:f1:0d:d5:05:6b:cd:36:dc:
a1:ba:a5:f9:38:56:43:b1:36:ec:2d:95:50:24:7c:
e7:19:3a:0b:03:b6:ed:db:a7:22:13:48:b0:23:38:
44:f9:f9:26:6a:15:9c:1f:f8:1e:81:a4:88:0b:9a:
ef:31:b0:d1:db:32:eb:b3:1c:9e:e1:14:e0:77:b0:
cd:30:b0:83:bd:b6:59:7c:2c:d2:3c:d8:f9:0a:f9:
21:2c:27:c6:35:50:aa:e9:73:45:b0:5c:0f:49:2b:
2d:4d:7a:49:d1:42:87:27:7b:b6:56:ba:31:47:77:
a3:cb:ab:71:f2:ae:0e:54:e7:f4:d2:c4:98:ea:60:
93:21:28:98:83:89:0b:09:66:51:ce:bf:a7:af:1a:
0e:7e:cd:e4:5f:a3:a6:0b:50:f8:60:98:67:a4:bc:
18:d9:0c:19:fa:47:61:31:53:bf:9c:c1:f8:56:cf:
e7:f6:62:cc:46:20:01:6a:f6:fe:39:e6:6e:e1:0a:
9a:1a:92:b6:37:5f:5d:27:89:39:52:1a:ae:1a:b9:
c6:1b:0c:7e:31:60:b5:7e:9f:34:de:33:68:b6:4b:
f1:4a:78:01:3c:ba:5f:4f:b4:f4:78:a9:d7:7c:9a:
75:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:68:7A:86:BD:25:96:72:02:4D:D3:C9:A8:BA:37:AA:67:75:CF:9A
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/lmh6hr0llnICTdPJqLo3qmd1z5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.124.0.0/24
Signature Algorithm: sha256WithRSAEncryption
55:b4:4d:94:2d:46:5f:47:c7:ab:82:f4:a7:92:15:c8:0f:6b:
25:9b:eb:9c:92:07:7f:c6:f9:22:74:90:dd:e2:a9:c4:86:f7:
bb:bc:fc:d5:07:f7:4d:09:09:2a:ae:89:78:e2:f9:23:9b:07:
32:e0:e2:3b:cf:81:36:85:f2:9d:ce:e4:f6:ed:a7:c2:57:a0:
94:1c:a4:78:0f:34:e9:9d:aa:60:38:3c:02:ed:59:f0:24:b1:
f6:16:df:bc:3a:28:d3:f3:27:92:77:b0:81:49:8c:97:5b:70:
1d:3e:cf:62:fd:72:a4:7f:d8:83:9d:00:2c:f2:15:d5:32:c3:
27:06:17:6f:23:5b:ba:2f:30:8e:c0:1b:85:c3:e9:d0:38:22:
d3:15:48:ac:a6:5a:b7:05:d1:d3:8e:2a:8e:1a:9b:8a:38:27:
cc:4d:bb:2c:aa:9f:a8:e0:b8:07:74:06:1d:64:66:74:dd:e9:
44:56:bb:fe:55:81:41:c7:4a:19:6a:c7:0a:75:50:68:53:31:
8b:dc:ae:a0:9e:31:79:7b:e4:e6:71:8b:ef:f6:72:87:20:8f:
69:d9:d6:12:7a:87:9f:d0:a2:a9:82:5c:32:48:86:6e:03:20:
a4:ea:c2:12:1b:51:c0:ca:fd:3a:5f:69:fe:50:ca:a9:65:2e:
c6:be:ce:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIO/OqxsN2cxyOWqY1w/lJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjQwOTIwMTAzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY4N2E4NmJkMjU5NjcyMDI0ZGQzYzlhOGJhMzdhYTY3NzVjZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCbVy2v/DKnXbfwq9EmB291jiMG0
8Q3VBWvNNtyhuqX5OFZDsTbsLZVQJHznGToLA7bt26ciE0iwIzhE+fkmahWcH/ge
gaSIC5rvMbDR2zLrsxye4RTgd7DNMLCDvbZZfCzSPNj5CvkhLCfGNVCq6XNFsFwP
SSstTXpJ0UKHJ3u2VroxR3ejy6tx8q4OVOf00sSY6mCTISiYg4kLCWZRzr+nrxoO
fs3kX6OmC1D4YJhnpLwY2QwZ+kdhMVO/nMH4Vs/n9mLMRiABavb+OeZu4QqaGpK2
N19dJ4k5UhquGrnGGwx+MWC1fp803jNotkvxSngBPLpfT7T0eKnXfJp1YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZoeoa9JZZyAk3Tyai6N6pndc+aMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvbG1oNmhyMGxsbklDVGRQSnFMbzNxbWQxejVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHwAMA0G
CSqGSIb3DQEBCwUAA4IBAQBVtE2ULUZfR8ergvSnkhXID2slm+uckgd/xvkidJDd
4qnEhve7vPzVB/dNCQkqrol44vkjmwcy4OI7z4E2hfKdzuT27afCV6CUHKR4DzTp
napgODwC7VnwJLH2Ft+8OijT8yeSd7CBSYyXW3AdPs9i/XKkf9iDnQAs8hXVMsMn
BhdvI1u6LzCOwBuFw+nQOCLTFUisplq3BdHTjiqOGpuKOCfMTbssqp+o4LgHdAYd
ZGZ03elEVrv+VYFBx0oZascKdVBoUzGL3K6gnjF5e+TmcYvv9nKHII9p2dYSeoef
0KKpglwySIZuAyCk6sISG1HAyv06X2n+UMqpZS7Gvs4y
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:05:24 2025 by rpki-client