Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/2Lr_ZR_e-p16qBitHk60wxnVLcM.roa
File: 2Lr_ZR_e-p16qBitHk60wxnVLcM.roa (raw, json)
Hash identifier: KoCwarH10BHxYg8RbIMXiqqAiRxtEI4gTGnJON/kdEM=
Subject key identifier: D8:BA:FF:65:1F:DE:FA:9D:7A:A8:18:AD:1E:4E:B4:C3:19:D5:2D:C3
Certificate issuer: /CN=5b6fa6690997412e716616c81e4f7c0875ffd976
Certificate serial: 019423D75955527040ECC28B59CD30671C00
Authority key identifier: 5B:6F:A6:69:09:97:41:2E:71:66:16:C8:1E:4F:7C:08:75:FF:D9:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2-maQmXQS5xZhbIHk98CHX_2XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/2Lr_ZR_e-p16qBitHk60wxnVLcM.roa
Signing time: Wed 01 Jan 2025 21:48:23 +0000
ROA not before: Wed 01 Jan 2025 21:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61397
IP address blocks: 195.242.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 16 Jan 2025 20:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:59:55:52:70:40:ec:c2:8b:59:cd:30:67:1c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6fa6690997412e716616c81e4f7c0875ffd976
Validity
Not Before: Jan 1 21:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8baff651fdefa9d7aa818ad1e4eb4c319d52dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4b:76:8c:6e:5f:9f:c0:86:14:7d:6f:a7:6a:
fd:9a:b0:e1:02:ce:c2:17:62:09:ed:ee:f9:9d:97:
84:12:cd:ea:df:50:00:14:99:d7:6b:e3:62:b4:49:
cb:db:a8:d8:ec:1f:bf:f0:a4:c2:bd:c0:69:24:f3:
21:aa:44:81:5c:5e:df:19:6d:29:4f:6e:de:f3:cc:
92:2f:96:45:46:16:8b:aa:29:bd:61:7a:d4:d2:52:
47:64:23:ee:36:46:bd:3b:4b:b4:5d:15:8d:05:ff:
42:8b:b7:57:70:e6:d5:49:d0:43:aa:22:52:ed:87:
77:ae:ef:4d:95:d5:e0:e6:8a:00:81:6a:de:60:8e:
36:78:dd:a8:b8:95:0a:bf:ab:44:a5:99:2d:64:96:
8f:84:0a:0d:b9:5a:29:62:df:58:0b:33:12:07:84:
18:7e:0d:26:54:74:84:85:21:f9:9a:fb:13:ab:28:
d0:96:9c:12:6f:c2:7b:b3:bb:42:2b:3a:e9:9b:ac:
93:cb:79:b2:48:63:10:8f:19:2d:cd:58:93:00:cb:
99:36:f2:3c:49:ba:ff:67:89:b0:c6:f6:82:63:65:
7f:b0:45:5c:9e:17:15:6c:a9:4f:0b:16:ef:68:10:
f1:bf:09:76:5b:d7:d3:56:4d:14:3f:f4:20:15:1c:
90:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BA:FF:65:1F:DE:FA:9D:7A:A8:18:AD:1E:4E:B4:C3:19:D5:2D:C3
X509v3 Authority Key Identifier:
keyid:5B:6F:A6:69:09:97:41:2E:71:66:16:C8:1E:4F:7C:08:75:FF:D9:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2-maQmXQS5xZhbIHk98CHX_2XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/2Lr_ZR_e-p16qBitHk60wxnVLcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/W2-maQmXQS5xZhbIHk98CHX_2XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.192.0/22
Signature Algorithm: sha256WithRSAEncryption
70:96:2d:82:5f:70:84:d6:7c:90:dc:84:b8:d9:4c:d9:9e:95:
ea:04:13:22:2c:52:74:83:71:19:b9:51:e2:72:76:7e:52:96:
1e:1d:92:cc:07:51:67:51:b0:af:8c:69:6c:cb:e4:6c:a1:40:
cf:48:83:c7:ea:13:b7:52:6a:f7:22:87:b7:6b:39:53:e0:dc:
cd:a7:3a:49:e3:b6:61:69:02:87:25:df:1a:3b:d8:a7:1b:9e:
7b:ab:32:18:ae:4a:89:86:c1:aa:ba:a9:e8:7e:51:11:f0:63:
e5:cf:39:22:b9:96:cb:39:ff:72:d7:27:90:82:f7:b3:c6:f8:
5c:18:06:04:06:34:a3:66:0a:15:db:d4:9a:98:2d:89:67:cb:
b0:09:33:87:40:46:14:c6:29:3f:59:0f:bf:4d:ec:5d:dc:d4:
b9:4b:ca:35:ee:95:c7:85:37:20:91:49:af:43:7c:a6:ef:d1:
d4:ad:96:91:4f:ba:4c:36:0f:d2:9c:70:59:ef:be:cc:07:a6:
60:6c:7a:e2:11:c3:22:10:39:cd:fa:ad:42:ae:4b:b2:d3:a9:
a2:47:aa:82:ce:52:41:3c:3a:78:77:aa:54:49:56:fa:68:3b:
5f:3b:33:97:85:39:7d:e1:03:01:5b:c5:83:c3:b7:de:69:ef:
ca:60:91:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj11lVUnBA7MKLWc0wZxwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmZhNjY5MDk5NzQxMmU3MTY2MTZjODFlNGY3YzA4NzVm
ZmQ5NzYwHhcNMjUwMTAxMjE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGJhZmY2NTFmZGVmYTlkN2FhODE4YWQxZTRlYjRjMzE5ZDUyZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0t2jG5fn8CGFH1vp2r9mrDhAs7C
F2IJ7e75nZeEEs3q31AAFJnXa+NitEnL26jY7B+/8KTCvcBpJPMhqkSBXF7fGW0p
T27e88ySL5ZFRhaLqim9YXrU0lJHZCPuNka9O0u0XRWNBf9Ci7dXcObVSdBDqiJS
7Yd3ru9NldXg5ooAgWreYI42eN2ouJUKv6tEpZktZJaPhAoNuVopYt9YCzMSB4QY
fg0mVHSEhSH5mvsTqyjQlpwSb8J7s7tCKzrpm6yTy3mySGMQjxktzViTAMuZNvI8
Sbr/Z4mwxvaCY2V/sEVcnhcVbKlPCxbvaBDxvwl2W9fTVk0UP/QgFRyQawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNi6/2Uf3vqdeqgYrR5OtMMZ1S3DMB8GA1UdIwQY
MBaAFFtvpmkJl0EucWYWyB5PfAh1/9l2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzItbWFRbVhRUzV4WmhiSUhrOThDSFhfMlhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8yOTRjNGUtNWEyYi00YmVlLWJjNTct
MTJhZDE0NjY1NWNlLzEvMkxyX1pSX2UtcDE2cUJpdEhrNjB3eG5WTGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8yOTRjNGUtNWEyYi00YmVlLWJjNTctMTJhZDE0NjY1NWNl
LzEvVzItbWFRbVhRUzV4WmhiSUhrOThDSFhfMlhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw/LAMA0G
CSqGSIb3DQEBCwUAA4IBAQBwli2CX3CE1nyQ3IS42UzZnpXqBBMiLFJ0g3EZuVHi
cnZ+UpYeHZLMB1FnUbCvjGlsy+RsoUDPSIPH6hO3Umr3Ioe3azlT4NzNpzpJ47Zh
aQKHJd8aO9inG557qzIYrkqJhsGquqnoflER8GPlzzkiuZbLOf9y1yeQgvezxvhc
GAYEBjSjZgoV29SamC2JZ8uwCTOHQEYUxik/WQ+/Texd3NS5S8o17pXHhTcgkUmv
Q3ym79HUrZaRT7pMNg/SnHBZ777MB6ZgbHriEcMiEDnN+q1Crkuy06miR6qCzlJB
PDp4d6pUSVb6aDtfOzOXhTl94QMBW8WDw7feae/KYJFh
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:53:51 2025 by rpki-client