Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/lW0vge89pkXXoZfx5z4Ox39h2rA.roa
File: lW0vge89pkXXoZfx5z4Ox39h2rA.roa (raw, json)
Hash identifier: RZH6QHdmiRK7wQm8LB9fU8Qzk5wHWRJcOTBROw0KmKE=
Subject key identifier: 95:6D:2F:81:EF:3D:A6:45:D7:A1:97:F1:E7:3E:0E:C7:7F:61:DA:B0
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 01921DB279BA419A46F094E0052F74D26EAC
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/lW0vge89pkXXoZfx5z4Ox39h2rA.roa
Signing time: Mon 23 Sep 2024 07:04:48 +0000
ROA not before: Mon 23 Sep 2024 07:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214729
IP address blocks: 213.108.20.0/22 maxlen: 32
2a00:8740:ff10::/48 maxlen: 64
Validation: Failed, certificate revoked on Wed 02 Oct 2024 11:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1d:b2:79:ba:41:9a:46:f0:94:e0:05:2f:74:d2:6e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Sep 23 07:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=956d2f81ef3da645d7a197f1e73e0ec77f61dab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:93:dd:cb:28:d1:54:51:73:8d:59:f0:0a:d5:
2b:0e:4b:f1:7a:7f:0c:9b:fb:7e:6a:98:d7:57:33:
9a:e4:bc:da:e4:a5:9e:6e:d2:ea:95:56:7d:46:60:
e2:63:e7:cf:a6:4d:b7:c4:7e:de:3f:7d:37:f5:38:
ec:46:97:5e:14:bd:ca:55:48:2e:39:34:dc:68:5d:
3d:47:1d:72:b4:97:ea:f3:9d:90:7d:e4:a3:45:cf:
69:f7:62:14:a4:37:41:50:3a:36:41:2b:97:62:aa:
b9:f9:62:4e:8d:a6:fa:6a:45:04:af:0a:ac:9b:b9:
e6:81:48:7c:c9:a1:c3:b7:2f:ce:d7:b9:95:72:e8:
e0:6a:43:32:f2:24:9c:1b:4e:43:b6:0d:3c:bb:50:
6b:3a:66:ba:84:62:cc:ae:bd:55:83:43:e2:d0:95:
f9:ff:14:26:fb:3c:56:5f:c5:8c:b0:34:44:fe:99:
bd:66:8b:1f:cb:3f:55:86:1e:b5:65:e6:9e:c1:8d:
55:e8:c4:19:59:d7:64:aa:90:47:d6:66:f9:c0:e3:
29:f8:11:6e:e7:30:2e:3f:c1:1a:c2:0f:0e:e5:fb:
fe:04:75:6d:33:de:aa:bf:bc:1b:b0:08:92:4d:0e:
3d:fe:d3:bf:25:10:cc:e4:57:dd:77:18:eb:be:c6:
68:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6D:2F:81:EF:3D:A6:45:D7:A1:97:F1:E7:3E:0E:C7:7F:61:DA:B0
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/lW0vge89pkXXoZfx5z4Ox39h2rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.108.20.0/22
IPv6:
2a00:8740:ff10::/48
Signature Algorithm: sha256WithRSAEncryption
99:0d:a9:07:1f:e9:63:df:fa:b5:4f:29:f1:d1:b0:a4:bb:a3:
56:82:0d:5c:1c:e2:62:42:ec:a8:f4:fe:f5:35:b6:5a:8c:35:
62:06:b2:59:66:f0:bc:aa:1c:a7:96:da:77:c3:15:32:27:db:
44:36:70:f4:a1:86:27:d8:05:fb:95:14:f2:d2:5e:2a:e1:91:
62:73:97:bd:95:f5:b1:3f:c8:77:ee:65:ec:8b:09:fa:74:70:
82:a1:14:55:6c:62:7d:42:fa:4f:7d:6c:7c:df:8a:1e:21:07:
b5:a3:21:4a:27:5a:f9:a2:be:2b:72:a0:74:8a:58:44:c0:65:
73:50:0b:46:cf:a3:6b:0c:92:81:7f:ad:16:6a:45:da:a3:8b:
97:96:b8:dd:9b:e4:66:6d:56:18:81:a9:67:35:1d:26:24:46:
fd:97:0b:06:bb:d6:5c:5d:c9:84:ce:74:fb:9f:55:80:e3:d3:
d3:1d:6b:f8:be:e5:f8:ce:65:6a:05:fc:5a:94:75:cd:2e:1e:
25:d7:ad:2f:ae:07:37:d6:b5:f1:b2:06:69:29:25:c6:d5:ad:
37:57:41:33:6c:08:09:95:e0:0c:b8:3f:80:51:f7:c0:ed:33:
9a:1d:e3:11:88:ea:e4:46:2a:12:12:02:2b:30:1e:50:2f:06:
75:6d:9d:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZIdsnm6QZpG8JTgBS900m6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwOTIzMDcwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZkMmY4MWVmM2RhNjQ1ZDdhMTk3ZjFlNzNlMGVjNzdmNjFkYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5PdyyjRVFFzjVnwCtUrDkvxen8M
m/t+apjXVzOa5Lza5KWebtLqlVZ9RmDiY+fPpk23xH7eP3039TjsRpdeFL3KVUgu
OTTcaF09Rx1ytJfq852QfeSjRc9p92IUpDdBUDo2QSuXYqq5+WJOjab6akUErwqs
m7nmgUh8yaHDty/O17mVcujgakMy8iScG05Dtg08u1BrOma6hGLMrr1Vg0Pi0JX5
/xQm+zxWX8WMsDRE/pm9Zosfyz9Vhh61ZeaewY1V6MQZWddkqpBH1mb5wOMp+BFu
5zAuP8Eawg8O5fv+BHVtM96qv7wbsAiSTQ49/tO/JRDM5FfddxjrvsZorwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJVtL4HvPaZF16GX8ec+Dsd/YdqwMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvbFcwdmdlODlwa1hYb1pmeDV6NE94MzloMnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQC1WwUMA8E
AgACMAkDBwAqAIdA/xAwDQYJKoZIhvcNAQELBQADggEBAJkNqQcf6WPf+rVPKfHR
sKS7o1aCDVwc4mJC7Kj0/vU1tlqMNWIGsllm8LyqHKeW2nfDFTIn20Q2cPShhifY
BfuVFPLSXirhkWJzl72V9bE/yHfuZeyLCfp0cIKhFFVsYn1C+k99bHzfih4hB7Wj
IUonWvmivityoHSKWETAZXNQC0bPo2sMkoF/rRZqRdqji5eWuN2b5GZtVhiBqWc1
HSYkRv2XCwa71lxdyYTOdPufVYDj09Mda/i+5fjOZWoF/FqUdc0uHiXXrS+uBzfW
tfGyBmkpJcbVrTdXQTNsCAmV4Ay4P4BR98DtM5od4xGI6uRGKhISAiswHlAvBnVt
ndA=
-----END CERTIFICATE-----
Generated at Wed Oct 2 15:13:49 2024 by rpki-client on console-fra.rpki-client.org