Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/LtgD5MjaHFcxV-6u5hwuuAaPoIk.roa
File: LtgD5MjaHFcxV-6u5hwuuAaPoIk.roa (raw, json)
Hash identifier: GXc0FYybPtB9oPDQKfsB0Hqvx7aZPvJJvbwGc6V3dbE=
Subject key identifier: 2E:D8:03:E4:C8:DA:1C:57:31:57:EE:AE:E6:1C:2E:B8:06:8F:A0:89
Certificate issuer: /CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba
Certificate serial: 018CC50087BF9D89F6935868E9D1D878BA6A
Authority key identifier: 2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/LtgD5MjaHFcxV-6u5hwuuAaPoIk.roa
Signing time: Mon 01 Jan 2024 12:29:55 +0000
ROA not before: Mon 01 Jan 2024 12:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206065
IP address blocks: 91.239.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 22 Mar 2024 05:50:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:87:bf:9d:89:f6:93:58:68:e9:d1:d8:78:ba:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba
Validity
Not Before: Jan 1 12:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ed803e4c8da1c573157eeaee61c2eb8068fa089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:01:f6:64:f6:98:50:d1:a2:68:86:73:25:f6:
c6:cb:72:25:c2:ae:55:f9:fe:47:f0:66:25:17:e5:
d8:a6:31:58:af:75:06:e8:31:68:b9:50:75:b4:1f:
83:ec:c1:f3:f1:b0:4c:eb:08:52:99:41:87:f6:ca:
a3:84:5a:e5:b4:29:dd:9a:0f:30:b9:5e:79:c0:a4:
09:bd:d8:b4:65:87:67:09:87:f9:c0:3a:e7:94:19:
8d:76:b0:af:c5:21:eb:57:cb:c7:90:fa:50:27:99:
b7:01:23:c5:e1:e0:6e:f2:6c:b1:28:e4:58:fd:33:
3e:23:7e:25:2b:f2:14:18:41:24:31:32:0f:ad:0d:
22:7f:ce:7b:26:99:1b:ff:76:ea:10:e8:59:a1:c0:
b0:2a:fb:3f:1d:b0:48:af:0d:31:40:65:5d:2d:9b:
f1:1b:9e:6f:cf:16:69:12:49:ae:bf:d3:39:93:a6:
ae:d4:35:55:75:4f:8a:07:02:91:7f:13:91:50:08:
d4:f4:4c:67:62:df:49:b6:1c:c9:d5:db:2e:e5:a4:
a2:1a:a9:27:cf:bf:8f:90:b7:a6:04:5b:ff:bb:77:
92:53:4a:3f:8e:bb:b6:b0:7b:39:62:d7:66:90:17:
b8:c7:1f:05:8f:0c:1f:11:02:14:69:c0:8a:0b:47:
7d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D8:03:E4:C8:DA:1C:57:31:57:EE:AE:E6:1C:2E:B8:06:8F:A0:89
X509v3 Authority Key Identifier:
keyid:2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/LtgD5MjaHFcxV-6u5hwuuAaPoIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.108.0/22
Signature Algorithm: sha256WithRSAEncryption
44:eb:cc:36:98:df:24:63:24:63:bf:88:31:3d:53:a1:f6:fa:
d3:6d:f0:11:9d:e0:73:88:95:f6:73:9e:40:5d:d2:78:d0:a4:
31:ab:45:74:c7:3a:a1:e6:74:0c:44:8f:4b:62:b0:7d:c6:d0:
94:68:ce:0c:70:11:7f:a9:f4:42:af:89:99:0f:99:59:7b:29:
57:48:53:6a:ef:f6:37:9e:9b:69:67:c3:dc:48:cf:74:48:9c:
49:2a:f0:01:2a:29:80:df:c8:4f:8e:b3:5f:08:59:f5:a6:d2:
ec:92:23:73:10:9c:7b:e2:2c:c8:90:24:1b:b5:25:7f:61:10:
84:be:31:8a:a0:bb:3f:ac:c5:1a:2f:33:86:1b:f8:17:39:14:
37:6a:68:d8:1c:ec:91:de:c5:8a:f6:67:1f:43:1c:af:61:ff:
3d:0c:1e:27:44:81:95:8f:0e:c6:a4:88:40:27:a5:b6:d9:da:
f4:de:4b:dc:b4:f8:79:36:7b:05:3b:8f:5d:4d:f1:03:d3:f5:
20:c7:a3:a5:71:0e:ce:11:ee:7a:5f:2e:01:42:23:58:4c:2f:
d9:81:e0:f6:9d:b3:0f:38:b6:43:9f:48:d4:76:de:c9:92:53:
54:9a:14:62:83:f5:07:8a:f0:dc:9e:38:e4:93:1e:1b:07:5c:
11:14:65:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAIe/nYn2k1ho6dHYeLpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDU5OTk0ZjJhZjc5NTk5Y2ZiM2ZmMmUzZTk4ZTUxOGY5
MTRmYmEwHhcNMjQwMTAxMTIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQ4MDNlNGM4ZGExYzU3MzE1N2VlYWVlNjFjMmViODA2OGZhMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAH2ZPaYUNGiaIZzJfbGy3Ilwq5V
+f5H8GYlF+XYpjFYr3UG6DFouVB1tB+D7MHz8bBM6whSmUGH9sqjhFrltCndmg8w
uV55wKQJvdi0ZYdnCYf5wDrnlBmNdrCvxSHrV8vHkPpQJ5m3ASPF4eBu8myxKORY
/TM+I34lK/IUGEEkMTIPrQ0if857Jpkb/3bqEOhZocCwKvs/HbBIrw0xQGVdLZvx
G55vzxZpEkmuv9M5k6au1DVVdU+KBwKRfxORUAjU9ExnYt9JthzJ1dsu5aSiGqkn
z7+PkLemBFv/u3eSU0o/jru2sHs5YtdmkBe4xx8FjwwfEQIUacCKC0d9tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7YA+TI2hxXMVfuruYcLrgGj6CJMB8GA1UdIwQY
MBaAFCrVmZTyr3lZnPs/8uPpjlGPkU+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDct
YmJlMmM0ZDg4YzJmLzEvTHRnRDVNamFIRmN4Vi02dTVod3V1QWFQb0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDctYmJlMmM0ZDg4YzJm
LzEvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+9sMA0G
CSqGSIb3DQEBCwUAA4IBAQBE68w2mN8kYyRjv4gxPVOh9vrTbfARneBziJX2c55A
XdJ40KQxq0V0xzqh5nQMRI9LYrB9xtCUaM4McBF/qfRCr4mZD5lZeylXSFNq7/Y3
nptpZ8PcSM90SJxJKvABKimA38hPjrNfCFn1ptLskiNzEJx74izIkCQbtSV/YRCE
vjGKoLs/rMUaLzOGG/gXORQ3amjYHOyR3sWK9mcfQxyvYf89DB4nRIGVjw7GpIhA
J6W22dr03kvctPh5NnsFO49dTfED0/Ugx6OlcQ7OEe56Xy4BQiNYTC/ZgeD2nbMP
OLZDn0jUdt7JklNUmhRig/UHivDcnjjkkx4bB1wRFGWn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:26 2025 by rpki-client