Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lpbM9CLDfI92JIMMsWogZbPa3VA.roa
File: lpbM9CLDfI92JIMMsWogZbPa3VA.roa (raw, json)
Hash identifier: d6A3Xkt0GW7YgrZVxSu299GBUPCSeGYW5wmZ8WHx3CY=
Subject key identifier: 96:96:CC:F4:22:C3:7C:8F:76:24:83:0C:B1:6A:20:65:B3:DA:DD:50
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01946FCFA815FA7E5123129EE8B19AF8C2A3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lpbM9CLDfI92JIMMsWogZbPa3VA.roa
Signing time: Thu 16 Jan 2025 15:51:07 +0000
ROA not before: Thu 16 Jan 2025 15:51:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216300
IP address blocks: 45.12.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 12:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:cf:a8:15:fa:7e:51:23:12:9e:e8:b1:9a:f8:c2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 16 15:51:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9696ccf422c37c8f7624830cb16a2065b3dadd50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:b2:3d:3f:c5:c6:a6:e9:c6:4f:86:8d:90:
54:15:be:43:5f:78:d5:58:9b:4c:51:04:22:2a:78:
b4:41:46:0f:2b:54:ea:92:38:a2:35:ac:80:e9:85:
07:14:9f:0c:8c:2a:2a:06:79:b5:46:de:60:20:bf:
a6:99:79:9f:02:76:08:3d:ed:91:0d:f9:5c:b3:b1:
67:6e:23:44:48:9f:2a:ac:16:b1:0a:11:ab:65:c1:
5d:16:69:13:a4:c4:77:d8:ec:c1:1a:e2:b1:a6:36:
84:01:82:0e:32:36:05:70:5a:5b:2b:49:0b:ae:51:
10:21:31:41:29:5b:9b:5f:47:81:fb:ce:ab:76:12:
6a:11:6e:5c:12:35:27:b5:67:30:e6:d9:b4:75:9a:
99:dc:78:a3:b1:70:70:55:2e:af:60:ab:67:6b:10:
40:00:21:0b:d3:2f:d6:b2:0f:0c:27:f4:3d:29:7e:
2c:14:03:93:af:7e:a7:02:b7:55:e9:e5:ff:c7:eb:
ce:f8:b4:d5:69:be:fb:40:17:2a:3b:0e:f8:8e:2f:
b0:9d:b3:d3:6f:45:0c:aa:30:40:16:15:b7:23:aa:
42:b0:91:8d:41:8e:57:2c:f3:66:26:03:18:c0:6e:
a6:3c:15:4a:d6:0a:24:24:80:72:c3:62:17:99:4a:
00:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:96:CC:F4:22:C3:7C:8F:76:24:83:0C:B1:6A:20:65:B3:DA:DD:50
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lpbM9CLDfI92JIMMsWogZbPa3VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/24
Signature Algorithm: sha256WithRSAEncryption
98:15:34:66:fd:cb:27:7c:8a:ee:69:64:77:92:64:41:e7:d2:
aa:df:dc:55:11:94:d9:f1:7e:81:25:87:73:22:d2:27:c6:91:
44:96:ac:96:19:0d:ca:66:e8:f7:b4:7f:86:1b:d4:8b:cf:83:
c1:aa:2c:79:7d:2a:50:e6:85:14:75:fb:03:2e:85:fc:0d:59:
46:33:48:c3:a3:ba:10:b8:6d:02:c3:7a:45:d3:d0:37:2e:89:
26:ab:15:b4:57:8b:8b:19:77:a6:11:08:ce:8e:c2:8a:63:82:
07:72:00:9d:ba:8b:4d:06:a3:48:26:0d:b6:5d:e5:42:99:d2:
dd:29:48:4c:9a:50:94:a6:58:a6:69:26:bc:51:9c:37:95:26:
32:f5:f5:bf:ae:00:64:83:fa:1b:3e:6a:50:97:66:9e:2d:15:
aa:7c:77:05:e8:af:7d:59:4f:89:b1:8f:d2:ae:c5:de:2e:2d:
12:26:23:0b:c1:77:c8:f7:e3:7a:a2:a4:2f:91:ce:db:f6:43:
89:90:cb:7e:cf:5a:96:c9:cb:25:dc:20:4d:f3:23:ae:23:6c:
cb:b5:8e:47:da:7f:1f:c3:8c:3e:ae:fa:ad:57:9d:a5:c0:96:
7b:22:ac:f3:cd:fe:14:b9:93:b5:06:88:ee:54:4e:e6:73:ab:
c1:7d:5c:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRvz6gV+n5RIxKe6LGa+MKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTE2MTU1MTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njk2Y2NmNDIyYzM3YzhmNzYyNDgzMGNiMTZhMjA2NWIzZGFkZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGqyPT/Fxqbpxk+GjZBUFb5DX3jV
WJtMUQQiKni0QUYPK1TqkjiiNayA6YUHFJ8MjCoqBnm1Rt5gIL+mmXmfAnYIPe2R
Dflcs7FnbiNESJ8qrBaxChGrZcFdFmkTpMR32OzBGuKxpjaEAYIOMjYFcFpbK0kL
rlEQITFBKVubX0eB+86rdhJqEW5cEjUntWcw5tm0dZqZ3HijsXBwVS6vYKtnaxBA
ACEL0y/Wsg8MJ/Q9KX4sFAOTr36nArdV6eX/x+vO+LTVab77QBcqOw74ji+wnbPT
b0UMqjBAFhW3I6pCsJGNQY5XLPNmJgMYwG6mPBVK1gokJIByw2IXmUoACwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJaWzPQiw3yPdiSDDLFqIGWz2t1QMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbHBiTTlDTERmSTkySklNTXNXb2daYlBhM1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQxEMA0G
CSqGSIb3DQEBCwUAA4IBAQCYFTRm/csnfIruaWR3kmRB59Kq39xVEZTZ8X6BJYdz
ItInxpFElqyWGQ3KZuj3tH+GG9SLz4PBqix5fSpQ5oUUdfsDLoX8DVlGM0jDo7oQ
uG0Cw3pF09A3LokmqxW0V4uLGXemEQjOjsKKY4IHcgCduotNBqNIJg22XeVCmdLd
KUhMmlCUplimaSa8UZw3lSYy9fW/rgBkg/obPmpQl2aeLRWqfHcF6K99WU+JsY/S
rsXeLi0SJiMLwXfI9+N6oqQvkc7b9kOJkMt+z1qWycsl3CBN8yOuI2zLtY5H2n8f
w4w+rvqtV52lwJZ7Iqzzzf4UuZO1BojuVE7mc6vBfVzA
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:14:09 2025 by rpki-client