Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/LAjfpipwgGsg9gapbGsMjEqiLP0.roa
File: LAjfpipwgGsg9gapbGsMjEqiLP0.roa (raw, json)
Hash identifier: sYPLQsh/p9+TNdvq3yTCDigyR67DJ8zDPx3HgRMonm4=
Subject key identifier: 2C:08:DF:A6:2A:70:80:6B:20:F6:06:A9:6C:6B:0C:8C:4A:A2:2C:FD
Certificate issuer: /CN=f0d9cbbefde612e61e0cd0ff0b871961cbf797e3
Certificate serial: 0194608362506C2F1B8A674FD0EF5331CA07
Authority key identifier: F0:D9:CB:BE:FD:E6:12:E6:1E:0C:D0:FF:0B:87:19:61:CB:F7:97:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8NnLvv3mEuYeDND_C4cZYcv3l-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/LAjfpipwgGsg9gapbGsMjEqiLP0.roa
Signing time: Mon 13 Jan 2025 16:33:30 +0000
ROA not before: Mon 13 Jan 2025 16:33:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214673
IP address blocks: 193.143.69.0/24 maxlen: 24
2a11:4880::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 Jan 2025 15:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:83:62:50:6c:2f:1b:8a:67:4f:d0:ef:53:31:ca:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0d9cbbefde612e61e0cd0ff0b871961cbf797e3
Validity
Not Before: Jan 13 16:33:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c08dfa62a70806b20f606a96c6b0c8c4aa22cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1d:52:7d:14:06:75:32:29:f1:da:c6:84:16:
55:ce:7b:1f:87:59:d0:c0:86:18:18:70:1d:e0:a2:
da:3c:ed:cc:63:f3:1c:d2:3c:38:b4:72:41:b7:d6:
f8:98:24:5c:e0:ff:4e:63:41:b5:cf:14:a1:06:a2:
74:8f:d4:21:27:d6:5b:2d:c7:24:b4:37:95:39:40:
c6:aa:0d:03:49:99:67:c1:8d:a3:9d:3b:1f:64:5e:
cb:54:a4:01:f0:e2:09:79:6a:98:57:84:2a:66:b8:
c3:8c:06:b8:60:a9:58:8c:d1:63:89:d3:97:87:c5:
7c:5f:f5:de:fd:3e:a8:fb:af:87:c1:e7:fb:f5:60:
ad:a3:c4:93:6b:1b:4d:ca:8b:f6:23:3c:de:14:98:
c9:cb:2a:ed:27:61:f7:a9:6e:d3:d6:69:3f:03:14:
f7:b3:83:4c:56:19:8c:59:6e:49:ae:a8:80:c7:44:
ee:7d:00:3d:22:06:bc:a4:50:bb:28:b3:71:fd:7e:
31:9f:53:b9:76:9b:0d:75:18:91:80:af:95:5b:f7:
57:24:07:5f:93:e1:28:a9:d3:80:40:bc:1f:83:71:
98:55:15:c1:ad:73:79:24:d9:bb:de:28:1f:ea:28:
3b:bf:75:40:89:f9:d2:a1:5a:c7:70:15:0a:dc:ec:
b7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:08:DF:A6:2A:70:80:6B:20:F6:06:A9:6C:6B:0C:8C:4A:A2:2C:FD
X509v3 Authority Key Identifier:
keyid:F0:D9:CB:BE:FD:E6:12:E6:1E:0C:D0:FF:0B:87:19:61:CB:F7:97:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8NnLvv3mEuYeDND_C4cZYcv3l-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/LAjfpipwgGsg9gapbGsMjEqiLP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/8NnLvv3mEuYeDND_C4cZYcv3l-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.69.0/24
IPv6:
2a11:4880::/32
Signature Algorithm: sha256WithRSAEncryption
4f:f3:c1:01:8c:65:c1:a5:30:6d:12:d0:36:de:b6:c5:9b:a2:
e8:4e:6c:b1:30:94:e1:d2:83:cf:c2:58:1e:82:89:6c:a6:32:
3f:f8:10:6a:ab:ac:b5:1a:90:e1:09:de:84:fd:66:5e:01:e5:
f5:6a:b0:fb:ef:57:f7:6c:31:c8:f4:77:0c:2e:3d:b5:1e:ed:
7f:3d:29:ed:8f:90:8a:5a:46:da:7d:51:46:dc:3d:f7:e5:42:
7d:c8:9c:42:9b:cc:8e:b2:cb:e1:d1:2c:37:0b:c6:37:b3:64:
c3:a7:d2:50:c4:5e:99:e3:11:4c:f5:15:f0:ea:d4:53:45:7a:
08:07:85:4c:f5:e7:cc:4b:0b:1e:ca:44:27:70:01:f4:81:c5:
13:b3:ab:b1:9a:ce:a6:de:c3:33:a4:50:51:f8:68:1e:ef:5c:
49:06:55:fe:ed:5c:5c:cc:08:54:0b:c7:93:cc:c2:f4:78:16:
f7:7e:00:95:7a:66:66:0a:f5:3b:8f:48:14:d0:c7:7a:8b:05:
8f:ed:76:69:54:2d:a3:73:65:e9:5f:a9:a8:a6:50:d3:47:9f:
1d:c8:2b:fb:9d:08:50:b6:2e:85:8a:7a:13:b2:d9:df:f4:b1:
9e:1a:18:dc:f3:f7:d9:8c:69:d8:ff:1b:eb:5e:c4:bf:5d:3f:
2d:84:31:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRgg2JQbC8bimdP0O9TMcoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZDljYmJlZmRlNjEyZTYxZTBjZDBmZjBiODcxOTYxY2Jm
Nzk3ZTMwHhcNMjUwMTEzMTYzMzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA4ZGZhNjJhNzA4MDZiMjBmNjA2YTk2YzZiMGM4YzRhYTIyY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB1SfRQGdTIp8drGhBZVznsfh1nQ
wIYYGHAd4KLaPO3MY/Mc0jw4tHJBt9b4mCRc4P9OY0G1zxShBqJ0j9QhJ9ZbLcck
tDeVOUDGqg0DSZlnwY2jnTsfZF7LVKQB8OIJeWqYV4QqZrjDjAa4YKlYjNFjidOX
h8V8X/Xe/T6o+6+Hwef79WCto8STaxtNyov2IzzeFJjJyyrtJ2H3qW7T1mk/AxT3
s4NMVhmMWW5JrqiAx0TufQA9Iga8pFC7KLNx/X4xn1O5dpsNdRiRgK+VW/dXJAdf
k+EoqdOAQLwfg3GYVRXBrXN5JNm73igf6ig7v3VAifnSoVrHcBUK3Oy3zwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCwI36YqcIBrIPYGqWxrDIxKoiz9MB8GA1UdIwQY
MBaAFPDZy7795hLmHgzQ/wuHGWHL95fjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE5uTHZ2M21FdVllRE5EX0M0Y1pZY3YzbC1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80OTk2OWUtNTQ2Yy00M2U1LThkYmQt
ZjkyOTE1YTk2OGJjLzEvTEFqZnBpcHdnR3NnOWdhcGJHc01qRXFpTFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80OTk2OWUtNTQ2Yy00M2U1LThkYmQtZjkyOTE1YTk2OGJj
LzEvOE5uTHZ2M21FdVllRE5EX0M0Y1pZY3YzbC1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwY9FMA0E
AgACMAcDBQAqEUiAMA0GCSqGSIb3DQEBCwUAA4IBAQBP88EBjGXBpTBtEtA23rbF
m6LoTmyxMJTh0oPPwlgegolspjI/+BBqq6y1GpDhCd6E/WZeAeX1arD771f3bDHI
9HcMLj21Hu1/PSntj5CKWkbafVFG3D335UJ9yJxCm8yOssvh0Sw3C8Y3s2TDp9JQ
xF6Z4xFM9RXw6tRTRXoIB4VM9efMSwseykQncAH0gcUTs6uxms6m3sMzpFBR+Gge
71xJBlX+7VxczAhUC8eTzML0eBb3fgCVemZmCvU7j0gU0Md6iwWP7XZpVC2jc2Xp
X6moplDTR58dyCv7nQhQti6FinoTstnf9LGeGhjc8/fZjGnY/xvrXsS/XT8thDG2
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:02:41 2025 by rpki-client