Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/lrwmnA4RSlMhHwj7y5cVrmuR1qU.roa
File: lrwmnA4RSlMhHwj7y5cVrmuR1qU.roa (raw, json)
Hash identifier: LRIK+OTKqHt/RW71QLJl79zO2K09EEpy3JZhykMifQI=
Subject key identifier: 96:BC:26:9C:0E:11:4A:53:21:1F:08:FB:CB:97:15:AE:6B:91:D6:A5
Certificate issuer: /CN=d654436ed3242bddb96fdf139a1253deb986dfd0
Certificate serial: 019228728D76A3F1477F3A148E98269D92BF
Authority key identifier: D6:54:43:6E:D3:24:2B:DD:B9:6F:DF:13:9A:12:53:DE:B9:86:DF:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/lrwmnA4RSlMhHwj7y5cVrmuR1qU.roa
Signing time: Wed 25 Sep 2024 09:10:48 +0000
ROA not before: Wed 25 Sep 2024 09:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28753
IP address blocks: 37.58.48.0/20 maxlen: 20
46.165.192.0/18 maxlen: 18
78.159.96.0/19 maxlen: 19
84.16.224.0/19 maxlen: 19
91.109.16.0/20 maxlen: 20
178.162.192.0/18 maxlen: 18
185.17.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 27 Sep 2024 07:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:72:8d:76:a3:f1:47:7f:3a:14:8e:98:26:9d:92:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d654436ed3242bddb96fdf139a1253deb986dfd0
Validity
Not Before: Sep 25 09:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96bc269c0e114a53211f08fbcb9715ae6b91d6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:69:0c:1e:5c:40:a5:2f:f9:a2:fb:b8:d3:be:
fd:51:40:91:db:fc:89:29:f7:a0:61:46:41:9f:48:
77:c7:a8:b0:4f:63:c5:5e:c5:5c:2e:4c:fe:bb:a4:
34:9e:02:7b:cc:ab:17:ae:71:99:51:24:11:ea:89:
9d:79:83:07:21:dc:c9:35:45:2f:8b:34:cc:1d:67:
b3:53:45:3c:33:33:0c:7b:2e:6a:96:ab:2b:b6:c0:
0d:d0:e9:05:be:a1:08:a8:2e:2e:0b:d5:a3:93:ae:
55:50:db:ac:71:91:85:29:10:e8:f8:7b:56:d0:97:
5c:28:91:84:de:68:ce:cf:60:8d:13:9b:29:c6:44:
a0:f5:96:1d:0c:fd:0a:a2:15:02:16:2f:46:52:8e:
f3:a2:d5:7b:30:71:36:d3:fc:ea:76:e8:cf:44:c5:
25:f9:bb:75:33:66:fa:d0:17:f2:b3:26:41:b6:3d:
db:82:b3:54:41:63:44:e1:4f:21:54:83:a2:3e:9b:
3b:ec:70:8c:c8:44:74:ff:58:95:45:ff:82:a7:aa:
81:a7:ef:33:a8:35:6c:20:8d:1d:39:fd:83:90:a8:
23:f4:3b:ec:d4:cc:76:e7:a2:40:8a:65:b3:02:f0:
90:7a:68:f5:c8:57:49:b2:26:15:4b:41:2a:0c:b9:
db:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BC:26:9C:0E:11:4A:53:21:1F:08:FB:CB:97:15:AE:6B:91:D6:A5
X509v3 Authority Key Identifier:
keyid:D6:54:43:6E:D3:24:2B:DD:B9:6F:DF:13:9A:12:53:DE:B9:86:DF:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/lrwmnA4RSlMhHwj7y5cVrmuR1qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/1lRDbtMkK925b98TmhJT3rmG39A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.48.0/20
46.165.192.0/18
78.159.96.0/19
84.16.224.0/19
91.109.16.0/20
178.162.192.0/18
185.17.144.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:dc:8b:c6:61:94:e1:29:53:2f:d0:43:a4:88:f0:47:6e:19:
59:af:3e:49:5d:49:6b:90:2d:fd:ba:76:2f:93:56:19:45:db:
c2:e9:65:37:b3:75:b1:1d:72:33:78:77:06:5c:31:ec:2f:17:
79:50:04:cf:6d:f5:01:56:6f:88:26:65:87:ea:23:60:85:86:
d8:b1:5f:ce:70:89:a5:2f:fc:07:70:88:cd:1d:43:87:db:19:
ad:00:f5:4c:d1:e4:24:a0:4c:c4:79:63:ac:d3:2d:81:c4:fb:
dc:2f:f1:f9:d4:2c:a2:67:ba:70:0f:33:38:57:dc:de:95:f2:
81:b9:0b:22:b2:ff:50:5f:2e:e1:66:b6:fb:46:3e:4b:ac:6e:
65:6b:9e:a8:a3:8d:af:bb:91:d1:ed:d2:a5:0a:72:64:5d:bb:
44:3a:7c:de:62:3e:f8:54:15:e2:8f:08:4d:2d:da:19:08:4c:
01:d5:ed:26:9a:c1:97:07:97:f6:2c:15:1e:53:1b:d6:1e:63:
97:12:87:cf:fe:3b:0c:17:92:e5:79:11:9f:fb:e4:73:b3:db:
f8:18:f8:53:93:6e:78:d5:3c:ee:65:2c:63:9f:ad:20:d7:73:
b7:be:fd:d7:ab:c3:ad:2d:dc:ac:ae:f9:22:f8:69:fd:49:01:
09:54:49:ec
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZIoco12o/FHfzoUjpgmnZK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTQ0MzZlZDMyNDJiZGRiOTZmZGYxMzlhMTI1M2RlYjk4
NmRmZDAwHhcNMjQwOTI1MDkxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmJjMjY5YzBlMTE0YTUzMjExZjA4ZmJjYjk3MTVhZTZiOTFkNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymkMHlxApS/5ovu40779UUCR2/yJ
KfegYUZBn0h3x6iwT2PFXsVcLkz+u6Q0ngJ7zKsXrnGZUSQR6omdeYMHIdzJNUUv
izTMHWezU0U8MzMMey5qlqsrtsAN0OkFvqEIqC4uC9Wjk65VUNuscZGFKRDo+HtW
0JdcKJGE3mjOz2CNE5spxkSg9ZYdDP0KohUCFi9GUo7zotV7MHE20/zqdujPRMUl
+bt1M2b60BfysyZBtj3bgrNUQWNE4U8hVIOiPps77HCMyER0/1iVRf+Cp6qBp+8z
qDVsII0dOf2DkKgj9Dvs1Mx256JAimWzAvCQemj1yFdJsiYVS0EqDLnbNQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJa8JpwOEUpTIR8I+8uXFa5rkdalMB8GA1UdIwQY
MBaAFNZUQ27TJCvduW/fE5oSU965ht/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxSRGJ0TWtLOTI1Yjk4VG1oSlQzcm1HMzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZGU5NGEtMWU2MC00ZWI4LTlhNWUt
YTE0MjA4N2NlODkwLzEvbHJ3bW5BNFJTbE1oSHdqN3k1Y1ZybXVSMXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZGU5NGEtMWU2MC00ZWI4LTlhNWUtYTE0MjA4N2NlODkw
LzEvMWxSRGJ0TWtLOTI1Yjk4VG1oSlQzcm1HMzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQEJTowAwQG
LqXAAwQFTp9gAwQFVBDgAwQEW20QAwQGsqLAAwQCuRGQMA0GCSqGSIb3DQEBCwUA
A4IBAQBs3IvGYZThKVMv0EOkiPBHbhlZrz5JXUlrkC39unYvk1YZRdvC6WU3s3Wx
HXIzeHcGXDHsLxd5UATPbfUBVm+IJmWH6iNghYbYsV/OcImlL/wHcIjNHUOH2xmt
APVM0eQkoEzEeWOs0y2BxPvcL/H51CyiZ7pwDzM4V9zelfKBuQsisv9QXy7hZrb7
Rj5LrG5la56oo42vu5HR7dKlCnJkXbtEOnzeYj74VBXijwhNLdoZCEwB1e0mmsGX
B5f2LBUeUxvWHmOXEofP/jsMF5LleRGf++Rzs9v4GPhTk2541TzuZSxjn60g13O3
vv3Xq8OtLdysrvki+Gn9SQEJVEns
-----END CERTIFICATE-----
Generated at Fri Apr 18 08:07:39 2025 by rpki-client