Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/uzLa9y9zLecV415SxlkIBVhtmEI.roa
File: uzLa9y9zLecV415SxlkIBVhtmEI.roa (raw, json)
Hash identifier: lbBSHZtZ8TWUV+TyUXe3pxLCrw71HzDAbSSKZWpZ7Uw=
Subject key identifier: BB:32:DA:F7:2F:73:2D:E7:15:E3:5E:52:C6:59:08:05:58:6D:98:42
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 0193B71367B651A51563A935B05CACE3E451
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/uzLa9y9zLecV415SxlkIBVhtmEI.roa
Signing time: Wed 11 Dec 2024 18:55:22 +0000
ROA not before: Wed 11 Dec 2024 18:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 92.246.140.0/22 maxlen: 32
93.185.157.0/24 maxlen: 32
94.141.100.0/22 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b7:13:67:b6:51:a5:15:63:a9:35:b0:5c:ac:e3:e4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Dec 11 18:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb32daf72f732de715e35e52c6590805586d9842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:47:e2:72:78:03:c2:4d:76:7b:83:b9:67:f0:
c3:44:72:c9:d7:13:56:c6:d7:03:28:64:25:d2:2c:
c8:a0:fc:cb:5b:34:36:9d:c9:db:e2:83:93:98:99:
89:4a:f6:71:cf:e0:ed:2f:81:16:5f:53:4f:b1:92:
c2:cc:b3:6a:91:16:f0:49:3c:80:60:3d:92:e0:48:
e4:28:2e:dd:54:57:e9:28:0d:c6:84:9d:7a:82:ad:
2c:fa:d1:34:d3:e1:cc:7c:9b:d6:0b:c3:2a:7f:06:
f2:d8:f9:3c:9b:0c:97:bc:a0:01:1d:5b:76:eb:f3:
6c:cb:48:6f:83:4b:6f:6f:4a:ed:7a:7c:96:ae:61:
5f:e0:a3:94:6f:ff:52:a6:ec:fe:b0:94:5e:81:8d:
8d:2c:6c:d9:f4:ff:b1:fa:1b:8f:5e:ac:d9:41:5d:
c4:b7:08:1f:e5:62:73:ef:45:57:a0:c8:8e:1e:f4:
40:49:df:49:c4:27:9c:cc:b2:da:02:6c:dc:ee:aa:
15:cb:b9:8c:d0:55:2c:fe:b4:67:98:d8:a9:0b:be:
bd:05:a4:23:bf:2b:eb:75:49:32:d2:99:96:a2:5a:
07:dc:7d:6c:6a:16:31:68:21:4f:7e:a1:62:eb:1a:
f6:d0:c1:a7:99:bd:99:a4:d4:ad:fd:c0:d1:6e:1e:
41:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:32:DA:F7:2F:73:2D:E7:15:E3:5E:52:C6:59:08:05:58:6D:98:42
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/uzLa9y9zLecV415SxlkIBVhtmEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.246.140.0/22
93.185.157.0/24
94.141.100.0/22
Signature Algorithm: sha256WithRSAEncryption
96:dc:85:d8:53:4e:c5:54:af:ba:07:29:ed:df:09:45:ac:e7:
5a:db:47:ac:94:f9:a6:8b:5a:d6:61:75:6a:09:02:1c:f2:07:
b1:29:d6:09:29:3b:a4:53:69:12:5f:a8:68:35:cc:60:f7:a8:
60:70:32:64:7d:a7:29:75:83:c4:8d:d0:32:1e:40:b0:39:26:
69:bb:40:69:74:19:9d:c3:7c:4a:32:58:39:94:a7:0b:d5:f3:
d4:e7:f4:05:ca:81:1d:4a:00:89:38:18:a0:89:53:cf:c1:34:
ad:29:22:81:98:e4:08:e8:6f:71:5c:a2:d6:c6:ff:68:4b:dd:
f8:ad:2e:8c:0f:b1:81:f0:c2:7b:15:e0:77:54:98:06:0a:cd:
ed:1e:23:b2:ad:09:07:d6:e3:95:44:33:0e:17:26:7f:de:7b:
07:7e:17:e3:2d:b9:cb:de:98:9f:12:b3:ee:55:07:d2:6e:7a:
51:d2:a9:18:b5:75:e6:b8:1d:0a:9c:71:5c:58:ea:71:8a:ec:
e0:e3:7e:d4:6f:7f:a2:26:6d:f9:c4:9b:3d:c1:24:dc:b9:45:
d3:90:59:76:67:46:d3:4c:28:4e:53:33:f2:0c:e7:4e:e5:81:
d1:8e:87:75:92:52:03:ed:59:08:53:7d:95:67:8e:f4:d2:dd:
d6:51:14:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZO3E2e2UaUVY6k1sFys4+RRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQxMjExMTg1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjMyZGFmNzJmNzMyZGU3MTVlMzVlNTJjNjU5MDgwNTU4NmQ5ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEficngDwk12e4O5Z/DDRHLJ1xNW
xtcDKGQl0izIoPzLWzQ2ncnb4oOTmJmJSvZxz+DtL4EWX1NPsZLCzLNqkRbwSTyA
YD2S4EjkKC7dVFfpKA3GhJ16gq0s+tE00+HMfJvWC8Mqfwby2Pk8mwyXvKABHVt2
6/Nsy0hvg0tvb0rtenyWrmFf4KOUb/9Spuz+sJRegY2NLGzZ9P+x+huPXqzZQV3E
twgf5WJz70VXoMiOHvRASd9JxCeczLLaAmzc7qoVy7mM0FUs/rRnmNipC769BaQj
vyvrdUky0pmWoloH3H1sahYxaCFPfqFi6xr20MGnmb2ZpNSt/cDRbh5BTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLsy2vcvcy3nFeNeUsZZCAVYbZhCMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvdXpMYTl5OXpMZWNWNDE1U3hsa0lCVmh0bUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXPaMAwQA
XbmdAwQCXo1kMA0GCSqGSIb3DQEBCwUAA4IBAQCW3IXYU07FVK+6Bynt3wlFrOda
20eslPmmi1rWYXVqCQIc8gexKdYJKTukU2kSX6hoNcxg96hgcDJkfacpdYPEjdAy
HkCwOSZpu0BpdBmdw3xKMlg5lKcL1fPU5/QFyoEdSgCJOBigiVPPwTStKSKBmOQI
6G9xXKLWxv9oS934rS6MD7GB8MJ7FeB3VJgGCs3tHiOyrQkH1uOVRDMOFyZ/3nsH
fhfjLbnL3pifErPuVQfSbnpR0qkYtXXmuB0KnHFcWOpxiuzg437Ub3+iJm35xJs9
wSTcuUXTkFl2Z0bTTChOUzPyDOdO5YHRjod1klID7VkIU32VZ4700t3WURRX
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:01:28 2025 by rpki-client