Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/LMdHABOXeotUAtbyfP5SU_91DPc.roa
File: LMdHABOXeotUAtbyfP5SU_91DPc.roa (raw, json)
Hash identifier: RpwxkvcSzzyQsUTnTHCBwhpo8DiKkqQMcQO72vkIELU=
Subject key identifier: 2C:C7:47:00:13:97:7A:8B:54:02:D6:F2:7C:FE:52:53:FF:75:0C:F7
Certificate issuer: /CN=5990c1553762ac9af57df9b58d9dc50af409c566
Certificate serial: 018CC7272B75674EF8A24647609108D82F7F
Authority key identifier: 59:90:C1:55:37:62:AC:9A:F5:7D:F9:B5:8D:9D:C5:0A:F4:09:C5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WZDBVTdirJr1ffm1jZ3FCvQJxWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/LMdHABOXeotUAtbyfP5SU_91DPc.roa
Signing time: Mon 01 Jan 2024 22:31:22 +0000
ROA not before: Mon 01 Jan 2024 22:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49801
IP address blocks: 193.29.18.0/24 maxlen: 24
193.29.26.0/24 maxlen: 24
2a10:f980::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:2b:75:67:4e:f8:a2:46:47:60:91:08:d8:2f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5990c1553762ac9af57df9b58d9dc50af409c566
Validity
Not Before: Jan 1 22:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cc7470013977a8b5402d6f27cfe5253ff750cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:eb:7a:6b:a2:b9:51:73:b7:39:92:33:56:76:
0f:2b:03:18:28:6d:72:a4:38:f1:b5:b8:d8:80:7a:
d6:51:05:16:ea:d7:c0:c4:da:46:2a:25:c4:2d:b0:
71:76:2e:cb:71:be:8b:b1:16:db:90:fd:6c:ed:78:
8a:76:db:22:b2:f3:1c:6c:7b:bd:95:ea:04:71:1a:
8c:9d:9d:9e:d7:ad:d5:17:1b:c1:c1:43:5a:f1:a7:
d9:e4:c3:40:7e:f5:49:c5:8e:fa:c0:24:b6:be:9d:
da:27:00:cf:08:8d:c1:4d:4f:2d:80:0a:83:f7:aa:
9b:c4:52:a9:1a:7e:91:d1:ca:52:98:22:8a:9e:56:
ee:07:56:bd:7f:85:7e:ce:2b:e7:16:59:dd:73:8c:
36:1b:2d:db:b0:10:32:98:f0:c2:2a:c7:6c:b5:d6:
96:af:4a:7f:48:ad:63:79:c5:d1:84:76:dd:a3:93:
b4:63:29:8e:a7:c3:47:23:63:d4:64:ed:5c:4f:98:
d6:6e:45:5d:4c:99:14:39:c2:6b:de:d3:9b:56:e1:
ae:6c:af:06:dd:f5:27:84:c6:92:6b:28:95:20:15:
da:64:93:53:3e:91:d8:9d:16:46:e3:c6:ee:d8:5b:
af:db:8f:f6:e9:e1:4e:a5:20:20:42:9a:a7:27:25:
65:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C7:47:00:13:97:7A:8B:54:02:D6:F2:7C:FE:52:53:FF:75:0C:F7
X509v3 Authority Key Identifier:
keyid:59:90:C1:55:37:62:AC:9A:F5:7D:F9:B5:8D:9D:C5:0A:F4:09:C5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZDBVTdirJr1ffm1jZ3FCvQJxWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/LMdHABOXeotUAtbyfP5SU_91DPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/WZDBVTdirJr1ffm1jZ3FCvQJxWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.18.0/24
193.29.26.0/24
IPv6:
2a10:f980::/29
Signature Algorithm: sha256WithRSAEncryption
8e:62:1e:b5:dd:7e:4f:49:3a:89:47:1b:31:4b:a5:81:db:af:
40:e8:96:66:42:c6:d2:bc:97:ed:85:6a:45:b8:b4:f4:31:59:
20:7c:07:3e:d7:fb:e0:77:41:00:cd:0e:89:96:f1:dc:0c:e3:
49:59:2f:63:c9:5e:91:b7:fb:67:8f:1b:4d:58:d5:9d:6f:51:
60:d2:08:cd:51:0e:17:f2:56:d3:10:67:e2:44:05:94:76:c9:
4d:25:4b:57:50:77:5a:3f:dd:28:a2:87:02:90:e0:ef:c5:65:
f3:a4:0c:ca:9b:9b:f2:d5:58:72:c6:99:1b:33:6e:84:0e:32:
2d:87:e8:0b:b7:0f:84:7f:e6:b4:c1:f2:ef:e5:3b:11:64:46:
41:cf:83:29:91:40:68:b3:fe:3c:3c:46:ff:c6:57:32:63:ec:
22:0b:ba:9a:63:b4:81:6b:4a:81:0d:d5:3b:5e:fe:83:02:45:
bd:8e:71:c8:29:c8:e8:b5:4a:f2:9b:23:43:21:3d:19:af:b9:
11:53:48:7d:77:c2:d8:d6:06:dc:52:1c:ec:bb:c0:d2:3e:b6:
24:f7:0a:1a:f3:8e:49:31:0e:0c:e7:16:5a:2c:33:07:c2:22:
c7:86:8e:f2:17:49:ca:90:97:22:6d:a5:96:cb:bd:39:59:08:
4e:7b:9d:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJyt1Z074okZHYJEI2C9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OTBjMTU1Mzc2MmFjOWFmNTdkZjliNThkOWRjNTBhZjQw
OWM1NjYwHhcNMjQwMTAxMjIzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M3NDcwMDEzOTc3YThiNTQwMmQ2ZjI3Y2ZlNTI1M2ZmNzUwY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+t6a6K5UXO3OZIzVnYPKwMYKG1y
pDjxtbjYgHrWUQUW6tfAxNpGKiXELbBxdi7Lcb6LsRbbkP1s7XiKdtsisvMcbHu9
leoEcRqMnZ2e163VFxvBwUNa8afZ5MNAfvVJxY76wCS2vp3aJwDPCI3BTU8tgAqD
96qbxFKpGn6R0cpSmCKKnlbuB1a9f4V+zivnFlndc4w2Gy3bsBAymPDCKsdstdaW
r0p/SK1jecXRhHbdo5O0YymOp8NHI2PUZO1cT5jWbkVdTJkUOcJr3tObVuGubK8G
3fUnhMaSayiVIBXaZJNTPpHYnRZG48bu2Fuv24/26eFOpSAgQpqnJyVlhwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCzHRwATl3qLVALW8nz+UlP/dQz3MB8GA1UdIwQY
MBaAFFmQwVU3Yqya9X35tY2dxQr0CcVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1pEQlZUZGlySnIxZmZtMWpaM0ZDdlFKeFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9hOGY4ZTEtZGNlMi00N2VmLTgyNGUt
YmVmMTAzNGVkYmU1LzEvTE1kSEFCT1hlb3RVQXRieWZQNVNVXzkxRFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9hOGY4ZTEtZGNlMi00N2VmLTgyNGUtYmVmMTAzNGVkYmU1
LzEvV1pEQlZUZGlySnIxZmZtMWpaM0ZDdlFKeFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwR0SAwQA
wR0aMA0EAgACMAcDBQMqEPmAMA0GCSqGSIb3DQEBCwUAA4IBAQCOYh613X5PSTqJ
RxsxS6WB269A6JZmQsbSvJfthWpFuLT0MVkgfAc+1/vgd0EAzQ6JlvHcDONJWS9j
yV6Rt/tnjxtNWNWdb1Fg0gjNUQ4X8lbTEGfiRAWUdslNJUtXUHdaP90ooocCkODv
xWXzpAzKm5vy1VhyxpkbM26EDjIth+gLtw+Ef+a0wfLv5TsRZEZBz4MpkUBos/48
PEb/xlcyY+wiC7qaY7SBa0qBDdU7Xv6DAkW9jnHIKcjotUrymyNDIT0Zr7kRU0h9
d8LY1gbcUhzsu8DSPrYk9woa845JMQ4M5xZaLDMHwiLHho7yF0nKkJcibaWWy705
WQhOe50g
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:43 2025 by rpki-client