Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/L2MJZ1UgJaYJyt2RahZvGh9Rqqo.roa
File: L2MJZ1UgJaYJyt2RahZvGh9Rqqo.roa (raw, json)
Hash identifier: lV3Ga6jKckLgrYCb28kZLJm/3ks6wiAFVjfmVlEhjU0=
Subject key identifier: 2F:63:09:67:55:20:25:A6:09:CA:DD:91:6A:16:6F:1A:1F:51:AA:AA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A2EC2E8F33F95A2D4CDF4769EB034
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/L2MJZ1UgJaYJyt2RahZvGh9Rqqo.roa
Signing time: Tue 02 Jan 2024 12:33:31 +0000
ROA not before: Tue 02 Jan 2024 12:33:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62069
IP address blocks: 31.148.5.0/24 maxlen: 24
92.38.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 09:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:2e:c2:e8:f3:3f:95:a2:d4:cd:f4:76:9e:b0:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f630967552025a609cadd916a166f1a1f51aaaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:69:33:79:a2:b9:7e:f4:1b:43:ca:dd:f1:de:
9d:28:2a:6d:6b:3b:ba:d7:0e:9d:89:2d:e3:78:4b:
68:42:94:aa:57:9e:8e:4b:f0:9d:7e:61:4d:cb:b6:
c9:d9:09:29:fe:6b:98:7a:44:3e:43:9d:ab:13:5d:
74:7a:79:f2:da:c9:94:63:4b:c5:2b:26:a0:26:06:
77:00:d0:29:81:03:b4:32:25:f9:56:22:0b:20:05:
6c:07:58:ea:a6:75:23:a6:d6:69:b2:6f:29:ea:56:
be:de:6c:b5:3c:84:b5:b9:c1:68:6a:48:49:a4:83:
e1:6e:82:c6:15:40:b6:f7:03:36:a0:21:81:f4:09:
8e:d5:c3:73:75:eb:cf:4c:d0:00:a3:45:8a:38:c9:
83:01:0c:96:8d:d6:7e:c4:8e:91:06:5f:1b:ff:39:
72:01:16:da:ed:15:a4:70:b0:59:cc:9b:24:d9:74:
f0:69:69:eb:b4:81:db:9d:76:ee:17:81:31:28:17:
d3:45:f7:55:73:06:8d:3e:cb:75:66:25:0d:7c:73:
3d:79:8b:ec:6b:1d:5b:35:3c:9d:98:4a:b1:74:45:
30:bf:c9:85:48:c1:d6:32:f2:5a:72:96:c0:34:49:
31:ce:d4:68:bb:b3:70:2c:5b:1e:1a:40:6a:37:75:
f0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:63:09:67:55:20:25:A6:09:CA:DD:91:6A:16:6F:1A:1F:51:AA:AA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/L2MJZ1UgJaYJyt2RahZvGh9Rqqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.5.0/24
92.38.3.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8b:99:b7:c7:64:1c:a5:6b:65:22:47:ed:8d:ae:7e:dd:89:
a0:9f:0b:79:c1:a2:b3:01:8b:31:e1:13:fb:4f:a4:9d:8e:a8:
14:26:fc:a3:d4:00:0b:ec:a6:08:35:3c:9a:25:d8:ba:c6:70:
45:39:6d:54:e1:99:c0:29:9f:0f:7d:9a:ca:55:93:e8:74:84:
b1:ef:83:45:55:7f:06:74:25:16:63:2f:15:b3:9e:29:d4:1d:
a3:81:2e:16:08:1d:89:42:9e:ca:77:1b:1d:1c:47:00:e4:98:
40:fb:61:da:12:a0:c8:52:5a:07:72:7e:52:4e:4c:1f:85:54:
98:7a:33:38:f1:bf:a2:ab:3a:b8:94:44:ee:58:d8:1c:de:bf:
28:f6:87:e9:65:6d:4c:13:47:02:53:a2:8a:d8:c3:e7:b9:f4:
07:33:61:13:52:3f:59:76:be:51:67:38:0c:c1:2d:d6:74:0e:
26:11:5a:66:32:57:8c:6b:e1:f2:7d:c7:ae:83:bb:06:13:94:
f1:02:ad:76:31:c6:a0:1e:98:1e:14:e5:02:5c:77:e8:fe:7b:
a6:9f:16:e8:3e:ac:52:09:c6:b3:87:4d:ee:0c:f5:c0:aa:bd:
9b:e2:58:c0:51:2c:2d:c4:c9:93:5b:f8:30:47:4e:82:98:fe:
65:df:4a:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKi7C6PM/laLUzfR2nrA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjYzMDk2NzU1MjAyNWE2MDljYWRkOTE2YTE2NmYxYTFmNTFhYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWkzeaK5fvQbQ8rd8d6dKCptazu6
1w6diS3jeEtoQpSqV56OS/CdfmFNy7bJ2Qkp/muYekQ+Q52rE110enny2smUY0vF
KyagJgZ3ANApgQO0MiX5ViILIAVsB1jqpnUjptZpsm8p6la+3my1PIS1ucFoakhJ
pIPhboLGFUC29wM2oCGB9AmO1cNzdevPTNAAo0WKOMmDAQyWjdZ+xI6RBl8b/zly
ARba7RWkcLBZzJsk2XTwaWnrtIHbnXbuF4ExKBfTRfdVcwaNPst1ZiUNfHM9eYvs
ax1bNTydmEqxdEUwv8mFSMHWMvJacpbANEkxztRou7NwLFseGkBqN3Xw+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC9jCWdVICWmCcrdkWoWbxofUaqqMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTDJNSloxVWdKYVlKeXQyUmFoWnZHaDlScXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5QFAwQA
XCYDMA0GCSqGSIb3DQEBCwUAA4IBAQAni5m3x2QcpWtlIkftja5+3Ymgnwt5waKz
AYsx4RP7T6SdjqgUJvyj1AAL7KYINTyaJdi6xnBFOW1U4ZnAKZ8PfZrKVZPodISx
74NFVX8GdCUWYy8Vs54p1B2jgS4WCB2JQp7KdxsdHEcA5JhA+2HaEqDIUloHcn5S
TkwfhVSYejM48b+iqzq4lETuWNgc3r8o9ofpZW1ME0cCU6KK2MPnufQHM2ETUj9Z
dr5RZzgMwS3WdA4mEVpmMleMa+Hyfceug7sGE5TxAq12McagHpgeFOUCXHfo/num
nxboPqxSCcazh03uDPXAqr2b4ljAUSwtxMmTW/gwR06CmP5l30pm
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:29 2025 by rpki-client