Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/LqidLPGG7uZObNRZj2YqsduDAxc.roa
File: LqidLPGG7uZObNRZj2YqsduDAxc.roa (raw, json)
Hash identifier: uDCtCanva5dMcHg8oNyi5hBT5nEGngg/LQyQIwVt53c=
Subject key identifier: 2E:A8:9D:2C:F1:86:EE:E6:4E:6C:D4:59:8F:66:2A:B1:DB:83:03:17
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0190E950CCB9F69324C5D7B80DD737A38BAA
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/LqidLPGG7uZObNRZj2YqsduDAxc.roa
Signing time: Thu 25 Jul 2024 09:55:04 +0000
ROA not before: Thu 25 Jul 2024 09:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 82.140.134.0/24 maxlen: 24
82.140.138.0/24 maxlen: 24
82.140.143.0/24 maxlen: 24
82.140.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 09:57:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:50:cc:b9:f6:93:24:c5:d7:b8:0d:d7:37:a3:8b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jul 25 09:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ea89d2cf186eee64e6cd4598f662ab1db830317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:74:63:0c:06:c7:34:09:57:dc:70:4e:ec:4a:
8b:f7:b3:46:f7:66:63:df:7b:94:bc:15:65:26:1c:
73:69:49:c6:b6:59:bf:2e:6c:cf:e9:2d:3a:34:3a:
dd:35:3c:d4:8a:e1:ed:ee:af:1a:b6:03:be:2d:25:
3e:2d:00:88:e2:22:d9:4c:8b:78:85:93:bc:20:95:
ce:53:44:db:e8:b7:fd:77:b0:63:97:b3:d2:17:f0:
68:f6:14:98:44:02:89:30:73:b0:7a:ac:a7:c0:dd:
7d:63:dc:84:67:fa:24:8d:44:a5:e3:3d:a0:23:12:
70:1f:92:a3:c4:8d:20:ae:79:75:d7:a4:aa:41:00:
a1:79:f4:42:ea:4b:55:b5:6e:ae:00:97:08:66:9a:
16:27:49:b8:a9:49:28:22:53:61:c2:01:d8:b3:bc:
fb:83:3c:ec:26:d5:a8:a7:7b:78:0f:d9:da:94:39:
d4:c0:cc:17:19:16:e6:15:db:91:ac:f2:bc:de:54:
4e:fd:16:d3:a5:4e:9b:2a:b9:a7:c2:03:dd:16:69:
d7:49:24:d6:c5:c7:ed:87:ec:7d:f0:0e:9b:aa:44:
0b:b4:53:56:bb:9f:26:5e:ce:cf:d6:69:6b:29:2a:
1a:0f:70:dc:84:66:f8:26:df:31:b8:45:ae:8d:ce:
50:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A8:9D:2C:F1:86:EE:E6:4E:6C:D4:59:8F:66:2A:B1:DB:83:03:17
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/LqidLPGG7uZObNRZj2YqsduDAxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.134.0/24
82.140.138.0/24
82.140.143.0/24
82.140.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:65:b9:85:c0:9f:27:ac:a7:94:86:3b:98:9c:5d:68:86:84:
b9:ff:a5:a1:18:20:a8:ee:c4:df:b0:38:0f:3e:53:2f:55:ef:
d7:e0:cf:1c:23:67:63:f8:49:11:fe:25:7b:3e:9b:fc:bc:33:
0a:64:ef:af:f0:db:89:c7:ca:8a:a6:11:78:e0:07:7d:ec:9f:
96:e2:f8:a7:be:0e:e3:c4:b9:7c:cc:47:c9:ee:a5:2b:79:4f:
d3:6d:35:8a:4e:c7:dc:17:2f:ce:3e:6b:0c:6e:43:a0:47:14:
a7:51:d5:95:09:4b:95:83:cb:81:4a:ed:68:ae:2a:ca:d7:aa:
dc:d8:5c:94:b4:81:fb:40:71:d4:58:38:a7:31:db:3f:f1:14:
9f:d8:fc:78:11:5a:46:a9:d3:91:37:9c:7a:78:39:28:26:3e:
4c:a8:68:e2:2f:c9:be:53:8c:d7:4c:a1:93:38:9c:06:b8:7c:
9f:c6:67:3f:68:61:1b:72:4b:d4:48:10:42:d5:5c:06:3a:2c:
63:3b:5e:ec:1f:59:25:4c:d5:4f:e0:40:c1:c9:37:d0:b6:64:
a5:80:b2:0f:f9:df:b0:bc:99:61:1e:a8:42:4a:bb:8c:b6:57:
fb:c4:f2:85:1b:9f:27:d1:4e:1d:e9:f4:26:b4:d5:a0:62:1d:
b9:62:37:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDpUMy59pMkxde4Ddc3o4uqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwNzI1MDk1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWE4OWQyY2YxODZlZWU2NGU2Y2Q0NTk4ZjY2MmFiMWRiODMwMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXRjDAbHNAlX3HBO7EqL97NG92Zj
33uUvBVlJhxzaUnGtlm/LmzP6S06NDrdNTzUiuHt7q8atgO+LSU+LQCI4iLZTIt4
hZO8IJXOU0Tb6Lf9d7Bjl7PSF/Bo9hSYRAKJMHOweqynwN19Y9yEZ/okjUSl4z2g
IxJwH5KjxI0grnl116SqQQChefRC6ktVtW6uAJcIZpoWJ0m4qUkoIlNhwgHYs7z7
gzzsJtWop3t4D9nalDnUwMwXGRbmFduRrPK83lRO/RbTpU6bKrmnwgPdFmnXSSTW
xcfth+x98A6bqkQLtFNWu58mXs7P1mlrKSoaD3DchGb4Jt8xuEWujc5Q5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC6onSzxhu7mTmzUWY9mKrHbgwMXMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvTHFpZExQR0c3dVpPYk5SWmoyWXFzZHVEQXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUoyGAwQA
UoyKAwQAUoyPAwQAUoyqMA0GCSqGSIb3DQEBCwUAA4IBAQAMZbmFwJ8nrKeUhjuY
nF1ohoS5/6WhGCCo7sTfsDgPPlMvVe/X4M8cI2dj+EkR/iV7Ppv8vDMKZO+v8NuJ
x8qKphF44Ad97J+W4vinvg7jxLl8zEfJ7qUreU/TbTWKTsfcFy/OPmsMbkOgRxSn
UdWVCUuVg8uBSu1orirK16rc2FyUtIH7QHHUWDinMds/8RSf2Px4EVpGqdORN5x6
eDkoJj5MqGjiL8m+U4zXTKGTOJwGuHyfxmc/aGEbckvUSBBC1VwGOixjO17sH1kl
TNVP4EDByTfQtmSlgLIP+d+wvJlhHqhCSruMtlf7xPKFG58n0U4d6fQmtNWgYh25
Yjdw
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:06 2025 by rpki-client