Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/5bd26c-bbce-40c0-89d7-ef78a8a7606c/1/LxdR0ay93voHyK2dZ2o2Vy88n6k.roa
File: LxdR0ay93voHyK2dZ2o2Vy88n6k.roa (raw, json)
Hash identifier: jUu99hJQUNWDAXXDed98Rz0lamLhQPiTmkilBxr436U=
Subject key identifier: 2F:17:51:D1:AC:BD:DE:FA:07:C8:AD:9D:67:6A:36:57:2F:3C:9F:A9
Certificate issuer: /CN=1c6fd297f95531feb82c964fd67f6c94320938f6
Certificate serial: 018CC56E51C24D52E0E95F2B7550B849038D
Authority key identifier: 1C:6F:D2:97:F9:55:31:FE:B8:2C:96:4F:D6:7F:6C:94:32:09:38:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HG_Sl_lVMf64LJZP1n9slDIJOPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/5bd26c-bbce-40c0-89d7-ef78a8a7606c/1/LxdR0ay93voHyK2dZ2o2Vy88n6k.roa
Signing time: Mon 01 Jan 2024 14:29:50 +0000
ROA not before: Mon 01 Jan 2024 14:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206123
IP address blocks: 91.213.19.0/24 maxlen: 24
91.235.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:51:c2:4d:52:e0:e9:5f:2b:75:50:b8:49:03:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c6fd297f95531feb82c964fd67f6c94320938f6
Validity
Not Before: Jan 1 14:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f1751d1acbddefa07c8ad9d676a36572f3c9fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:13:64:64:a8:e7:e0:8e:43:38:d8:86:38:82:
ff:48:12:be:d6:62:51:ae:40:ea:a4:bd:b9:25:b0:
ca:98:0e:74:ab:2b:d8:05:9e:29:91:60:0c:cb:17:
17:15:7d:5e:22:4c:13:fe:2b:d7:2e:cc:10:3b:c1:
44:b1:2c:61:23:27:47:18:df:00:14:6d:35:fc:64:
80:8b:80:d3:5c:1e:b5:07:59:df:3b:23:0a:34:17:
e1:f5:3c:ea:9f:a2:6a:88:79:91:ee:16:ef:09:5b:
c8:91:f0:65:ad:71:2d:23:7c:8d:2d:15:4f:1e:2c:
97:22:f8:24:9a:47:4d:9a:3d:26:6f:72:c2:f9:7c:
21:e8:4e:7e:f6:4f:52:ed:d6:e1:15:b7:3d:f6:dc:
ac:1b:5a:d4:13:d3:6c:e6:1b:57:06:22:08:73:5a:
08:55:19:77:3b:1d:a8:a7:dd:de:73:79:c7:8e:b8:
3b:34:cc:8e:3f:a0:26:d2:a5:d1:ed:68:9f:0d:2b:
a9:55:66:54:49:78:96:fd:a8:27:d1:19:58:34:1b:
78:ad:ed:8a:ae:cf:44:3b:32:ee:74:dc:b6:f0:80:
92:55:ce:62:78:d8:06:58:f6:03:38:86:32:36:68:
8a:05:b5:17:b8:4b:06:c4:c7:37:bb:9f:3c:32:af:
e1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:17:51:D1:AC:BD:DE:FA:07:C8:AD:9D:67:6A:36:57:2F:3C:9F:A9
X509v3 Authority Key Identifier:
keyid:1C:6F:D2:97:F9:55:31:FE:B8:2C:96:4F:D6:7F:6C:94:32:09:38:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HG_Sl_lVMf64LJZP1n9slDIJOPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/5bd26c-bbce-40c0-89d7-ef78a8a7606c/1/LxdR0ay93voHyK2dZ2o2Vy88n6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/5bd26c-bbce-40c0-89d7-ef78a8a7606c/1/HG_Sl_lVMf64LJZP1n9slDIJOPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.19.0/24
91.235.212.0/24
Signature Algorithm: sha256WithRSAEncryption
73:71:ec:e5:e6:80:8c:fd:9f:7c:b2:3b:39:d1:81:04:57:dd:
40:f1:9e:0e:74:1d:23:ff:c8:bf:6c:65:ed:05:c3:f0:14:d8:
aa:1d:08:0d:4a:64:0e:a7:41:c0:37:ff:33:41:1c:f5:e3:c4:
bb:fe:c4:35:cf:bf:65:35:e3:59:ab:50:4d:7e:24:35:92:b1:
88:ff:26:d2:1f:ec:c7:04:17:4e:77:fc:dd:fc:80:57:52:8b:
47:a3:18:28:d8:3d:60:b3:10:bc:5a:29:0e:45:81:81:96:bc:
35:50:86:61:e1:28:4e:3e:0f:89:8d:d2:c0:eb:d9:40:7c:51:
07:f7:f1:4a:d8:e1:f5:02:c8:03:73:4c:4f:0d:57:9e:fe:f1:
b2:16:a7:b9:58:75:42:30:c3:e5:9e:e3:e4:81:93:c7:3c:75:
af:7f:2b:6a:00:ef:d0:b9:28:5d:a9:17:8d:12:c1:e3:d1:92:
9f:55:43:55:05:a9:ca:3d:91:4b:a8:f8:c2:c9:b4:02:ee:ce:
74:4c:87:8b:d6:88:fe:62:5e:57:b3:9b:9f:4e:fb:d6:0c:f5:
54:1e:01:66:56:fa:3c:a2:e4:c5:75:a6:e8:ac:33:b5:aa:5a:
ae:77:d7:8d:eb:41:6c:1d:6b:21:99:ff:f2:1b:56:f1:bf:5b:
36:4a:83:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFblHCTVLg6V8rdVC4SQONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNmZkMjk3Zjk1NTMxZmViODJjOTY0ZmQ2N2Y2Yzk0MzIw
OTM4ZjYwHhcNMjQwMTAxMTQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE3NTFkMWFjYmRkZWZhMDdjOGFkOWQ2NzZhMzY1NzJmM2M5ZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBNkZKjn4I5DONiGOIL/SBK+1mJR
rkDqpL25JbDKmA50qyvYBZ4pkWAMyxcXFX1eIkwT/ivXLswQO8FEsSxhIydHGN8A
FG01/GSAi4DTXB61B1nfOyMKNBfh9Tzqn6JqiHmR7hbvCVvIkfBlrXEtI3yNLRVP
HiyXIvgkmkdNmj0mb3LC+Xwh6E5+9k9S7dbhFbc99tysG1rUE9Ns5htXBiIIc1oI
VRl3Ox2op93ec3nHjrg7NMyOP6Am0qXR7WifDSupVWZUSXiW/agn0RlYNBt4re2K
rs9EOzLudNy28ICSVc5ieNgGWPYDOIYyNmiKBbUXuEsGxMc3u588Mq/hDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC8XUdGsvd76B8itnWdqNlcvPJ+pMB8GA1UdIwQY
MBaAFBxv0pf5VTH+uCyWT9Z/bJQyCTj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEdfU2xfbFZNZjY0TEpaUDFuOXNsRElKT1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi81YmQyNmMtYmJjZS00MGMwLTg5ZDct
ZWY3OGE4YTc2MDZjLzEvTHhkUjBheTkzdm9IeUsyZFoybzJWeTg4bjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi81YmQyNmMtYmJjZS00MGMwLTg5ZDctZWY3OGE4YTc2MDZj
LzEvSEdfU2xfbFZNZjY0TEpaUDFuOXNsRElKT1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9UTAwQA
W+vUMA0GCSqGSIb3DQEBCwUAA4IBAQBzcezl5oCM/Z98sjs50YEEV91A8Z4OdB0j
/8i/bGXtBcPwFNiqHQgNSmQOp0HAN/8zQRz148S7/sQ1z79lNeNZq1BNfiQ1krGI
/ybSH+zHBBdOd/zd/IBXUotHoxgo2D1gsxC8WikORYGBlrw1UIZh4ShOPg+JjdLA
69lAfFEH9/FK2OH1AsgDc0xPDVee/vGyFqe5WHVCMMPlnuPkgZPHPHWvfytqAO/Q
uShdqReNEsHj0ZKfVUNVBanKPZFLqPjCybQC7s50TIeL1oj+Yl5Xs5ufTvvWDPVU
HgFmVvo8ouTFdaborDO1qlqud9eN60FsHWshmf/yG1bxv1s2SoPp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:10 2025 by rpki-client