Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/lzN88BtS1IxY6TWy9sK2MXCw02Q.roa
File: lzN88BtS1IxY6TWy9sK2MXCw02Q.roa (raw, json)
Hash identifier: bQXgtDnHRzd41kGLBjNbF+zgvtbq2Rjfu606xuYQPLU=
Subject key identifier: 97:33:7C:F0:1B:52:D4:8C:58:E9:35:B2:F6:C2:B6:31:70:B0:D3:64
Certificate issuer: /CN=0f9ba06b6d22673f7f7b3d0f889f4720441b6e0c
Certificate serial: 0190016AB20DA6EDB478F08355A60F375070
Authority key identifier: 0F:9B:A0:6B:6D:22:67:3F:7F:7B:3D:0F:88:9F:47:20:44:1B:6E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5uga20iZz9_ez0PiJ9HIEQbbgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/lzN88BtS1IxY6TWy9sK2MXCw02Q.roa
Signing time: Mon 10 Jun 2024 09:11:27 +0000
ROA not before: Mon 10 Jun 2024 09:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200249
IP address blocks: 185.252.140.0/22 maxlen: 22
185.252.140.0/24 maxlen: 24
2a13:7840::/29 maxlen: 29
2a13:7840::/32 maxlen: 32
2a13:7847::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 16 Jun 2024 15:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:6a:b2:0d:a6:ed:b4:78:f0:83:55:a6:0f:37:50:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9ba06b6d22673f7f7b3d0f889f4720441b6e0c
Validity
Not Before: Jun 10 09:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97337cf01b52d48c58e935b2f6c2b63170b0d364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b2:c0:3b:e5:92:3e:92:ef:99:53:59:1a:05:
02:9e:8b:8f:b1:58:7b:e5:f9:44:1a:57:96:98:ff:
af:2c:55:60:98:2d:9c:d7:66:70:96:99:b6:ff:6f:
31:20:ed:57:3b:4b:98:da:d7:22:c0:02:7c:e4:e9:
c5:65:9a:fc:00:3b:02:93:77:21:75:12:41:70:c1:
5a:4e:a6:50:ae:8c:ab:de:b9:34:8c:5b:c2:3d:2e:
28:8a:d4:01:9d:fa:8d:c8:d7:c5:91:36:ab:fe:57:
9c:50:67:66:5b:87:5c:2b:88:1a:16:26:13:b4:e4:
4a:3c:93:18:ff:f4:b7:f1:2c:9d:c4:ae:c2:82:91:
f1:d9:f6:45:5a:b6:26:c4:cc:b8:16:64:86:33:da:
f8:d6:f7:f7:d9:2b:17:0c:af:db:5e:41:7a:dc:40:
28:9e:25:31:93:b1:88:37:f2:f5:55:fc:0a:ee:c8:
59:66:c8:4a:ed:bc:9c:2e:ea:5e:7f:53:7c:d1:01:
bb:d7:e0:62:07:09:3b:60:96:41:00:20:f5:85:c5:
ef:47:3d:e9:58:a5:da:41:ad:b4:dd:37:5b:71:68:
c3:ba:01:30:d3:3a:71:92:32:53:36:45:51:cf:2e:
d2:ff:9f:d1:73:5b:3b:81:a3:72:7b:c5:06:34:27:
e1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:33:7C:F0:1B:52:D4:8C:58:E9:35:B2:F6:C2:B6:31:70:B0:D3:64
X509v3 Authority Key Identifier:
keyid:0F:9B:A0:6B:6D:22:67:3F:7F:7B:3D:0F:88:9F:47:20:44:1B:6E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5uga20iZz9_ez0PiJ9HIEQbbgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/lzN88BtS1IxY6TWy9sK2MXCw02Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/D5uga20iZz9_ez0PiJ9HIEQbbgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.140.0/22
IPv6:
2a13:7840::/29
Signature Algorithm: sha256WithRSAEncryption
8e:d7:e7:00:c6:eb:60:4f:91:7c:4a:a6:1c:e8:e2:7d:e8:f6:
e5:ea:76:2d:26:3b:64:e2:38:2d:26:14:b4:7d:ff:39:79:07:
09:cd:67:2c:34:e8:84:7d:92:8d:c4:5c:b9:b2:8f:f9:89:db:
5a:25:2d:55:da:70:b3:10:cc:b4:91:d5:9f:6b:99:fd:8d:92:
54:18:a1:eb:09:f4:f0:0e:a0:60:6e:0f:3d:b5:c0:3b:c0:93:
85:84:bd:5f:7c:2c:7c:4f:2d:c9:67:9a:81:78:88:82:b0:b3:
39:e3:8e:3c:ff:f1:be:5f:c3:dc:95:4e:45:b4:72:2b:34:ca:
9f:2c:44:23:1d:0b:82:83:c8:bb:99:7c:d1:58:da:c3:ff:3c:
8c:c0:fb:31:63:9c:09:f4:b4:11:dd:59:77:17:6a:92:83:ae:
8e:23:45:d1:82:be:70:15:99:02:65:fd:cc:74:a9:35:96:e5:
3c:d7:c9:3f:ec:02:d3:ef:79:c3:b0:13:7e:84:56:cb:b4:3f:
92:3b:13:c3:a4:18:f2:a2:c3:bf:7b:7b:88:b1:c1:84:ca:12:
82:6b:83:dc:91:d2:b2:96:5a:3c:00:03:16:6e:33:a5:7d:28:
28:95:76:7e:06:e6:c5:c8:37:49:ce:e0:76:2d:e2:93:3a:71:
2d:0d:47:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZABarINpu20ePCDVaYPN1BwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWJhMDZiNmQyMjY3M2Y3ZjdiM2QwZjg4OWY0NzIwNDQx
YjZlMGMwHhcNMjQwNjEwMDkxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzMzN2NmMDFiNTJkNDhjNThlOTM1YjJmNmMyYjYzMTcwYjBkMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirLAO+WSPpLvmVNZGgUCnouPsVh7
5flEGleWmP+vLFVgmC2c12Zwlpm2/28xIO1XO0uY2tciwAJ85OnFZZr8ADsCk3ch
dRJBcMFaTqZQroyr3rk0jFvCPS4oitQBnfqNyNfFkTar/lecUGdmW4dcK4gaFiYT
tORKPJMY//S38SydxK7CgpHx2fZFWrYmxMy4FmSGM9r41vf32SsXDK/bXkF63EAo
niUxk7GIN/L1VfwK7shZZshK7bycLupef1N80QG71+BiBwk7YJZBACD1hcXvRz3p
WKXaQa203TdbcWjDugEw0zpxkjJTNkVRzy7S/5/Rc1s7gaNye8UGNCfheQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJczfPAbUtSMWOk1svbCtjFwsNNkMB8GA1UdIwQY
MBaAFA+boGttImc/f3s9D4ifRyBEG24MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV1Z2EyMGlaejlfZXowUGlKOUhJRVFiYmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zN2M4ZmYtMTg3Zi00ZDkxLWI0ZDYt
MTM2NjU2YTNlZGU3LzEvbHpOODhCdFMxSXhZNlRXeTlzSzJNWEN3MDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zN2M4ZmYtMTg3Zi00ZDkxLWI0ZDYtMTM2NjU2YTNlZGU3
LzEvRDV1Z2EyMGlaejlfZXowUGlKOUhJRVFiYmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufyMMA0E
AgACMAcDBQMqE3hAMA0GCSqGSIb3DQEBCwUAA4IBAQCO1+cAxutgT5F8SqYc6OJ9
6Pbl6nYtJjtk4jgtJhS0ff85eQcJzWcsNOiEfZKNxFy5so/5idtaJS1V2nCzEMy0
kdWfa5n9jZJUGKHrCfTwDqBgbg89tcA7wJOFhL1ffCx8Ty3JZ5qBeIiCsLM54448
//G+X8PclU5FtHIrNMqfLEQjHQuCg8i7mXzRWNrD/zyMwPsxY5wJ9LQR3Vl3F2qS
g66OI0XRgr5wFZkCZf3MdKk1luU818k/7ALT73nDsBN+hFbLtD+SOxPDpBjyosO/
e3uIscGEyhKCa4PckdKyllo8AAMWbjOlfSgolXZ+BubFyDdJzuB2LeKTOnEtDUds
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:24 2025 by rpki-client