Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/lt5aqxIrU_3kuOraBxSwO9AxnXg.roa
File: lt5aqxIrU_3kuOraBxSwO9AxnXg.roa (raw, json)
Hash identifier: shX+QVMTS5pms7q5XMLUdssOxprxpN7OZGVVMHSFJok=
Subject key identifier: 96:DE:5A:AB:12:2B:53:FD:E4:B8:EA:DA:07:14:B0:3B:D0:31:9D:78
Certificate issuer: /CN=894928a39627cd5ee5f975bd897c2d775ab29940
Certificate serial: 01856C5CA3B667E58E03161C4F402A180272
Authority key identifier: 89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/lt5aqxIrU_3kuOraBxSwO9AxnXg.roa
Signing time: Sun 01 Jan 2023 08:04:48 +0000
ROA not before: Sun 01 Jan 2023 08:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212403
IP address blocks: 149.226.252.0/24 maxlen: 24
2a03:cc00:fc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:a3:b6:67:e5:8e:03:16:1c:4f:40:2a:18:02:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=894928a39627cd5ee5f975bd897c2d775ab29940
Validity
Not Before: Jan 1 08:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96de5aab122b53fde4b8eada0714b03bd0319d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4f:87:24:34:ca:9b:1d:1c:c3:5a:b9:68:43:
d2:0c:13:6f:09:5e:89:28:75:f1:03:f8:2f:c7:ba:
70:1f:0d:0f:c3:96:30:a7:74:89:7b:7f:4f:76:58:
d7:a9:4c:1b:66:32:6f:de:3c:1c:ea:14:94:c3:28:
2c:fe:fe:48:d7:26:80:63:6a:47:57:e8:6e:0a:7c:
65:fb:90:ae:1b:ba:af:ef:da:df:5b:e0:67:94:cf:
24:16:39:06:fb:c0:87:fd:f8:2e:c8:30:c7:b8:b5:
d0:a7:e2:c5:d2:a9:fd:76:f3:3a:56:f3:39:20:cf:
de:cb:3e:8d:17:79:b5:8d:11:43:07:34:9e:9d:77:
85:4d:97:56:f5:19:c6:e0:56:de:52:98:7b:ad:45:
3a:1f:e5:26:4f:96:62:c9:88:c9:8e:e1:cb:c3:78:
ef:c2:92:9e:cc:52:26:39:90:51:04:5c:41:9f:48:
d0:e4:a3:f0:e7:72:5c:0a:94:9f:64:42:ed:c8:25:
10:60:5d:72:05:7d:6d:40:35:bf:bd:e8:e8:e6:40:
8c:c1:cd:1a:f6:d9:92:52:43:45:88:d7:49:e6:af:
83:36:f2:cf:9e:55:8d:57:36:5b:38:aa:81:19:c1:
27:60:b8:c8:3c:2e:8d:09:4b:dc:59:7c:f0:61:94:
bd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DE:5A:AB:12:2B:53:FD:E4:B8:EA:DA:07:14:B0:3B:D0:31:9D:78
X509v3 Authority Key Identifier:
keyid:89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/lt5aqxIrU_3kuOraBxSwO9AxnXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.226.252.0/24
IPv6:
2a03:cc00:fc0::/48
Signature Algorithm: sha256WithRSAEncryption
31:d0:95:86:2d:39:f4:99:38:bd:53:7e:bb:a9:fe:75:da:bc:
05:47:81:51:6d:62:6b:32:07:bf:58:86:4a:1f:7b:e8:d9:bc:
57:f1:c4:8c:c7:7c:93:b2:85:e2:83:d9:4c:bf:43:77:c3:e4:
64:93:d9:c5:03:e3:c7:20:f7:71:b8:a0:2e:e8:63:1d:9e:59:
f3:7b:92:57:98:6a:25:ad:81:fc:bd:17:0f:27:18:97:80:d7:
58:65:b2:85:44:01:6a:3d:1d:c3:54:de:ce:d8:43:45:ab:db:
35:81:9a:26:cb:01:58:a5:34:46:56:db:9a:e2:03:b1:3b:8d:
c6:7d:cf:2e:22:28:0f:64:a8:7d:47:f2:01:fa:e2:8a:4e:c9:
fb:98:50:0f:dc:14:d6:14:fd:e9:14:c0:76:b9:25:2f:31:34:
9b:ab:e9:18:f0:bb:09:7b:bb:ee:a9:1e:af:56:a5:81:a8:13:
0c:b6:6d:07:01:24:08:9c:af:53:82:dc:e8:73:5a:d4:d8:9d:
d2:f1:83:bd:5e:22:b8:80:b2:81:f4:cd:d0:85:1d:b0:83:16:
53:6c:94:c0:80:41:ee:29:5b:7e:11:cf:cd:5e:bc:ce:89:98:
8d:d6:9b:2b:66:14:77:4e:17:ec:08:c1:15:29:f6:fa:ad:9f:
f8:f5:e5:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsXKO2Z+WOAxYcT0AqGAJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NDkyOGEzOTYyN2NkNWVlNWY5NzViZDg5N2MyZDc3NWFi
Mjk5NDAwHhcNMjMwMTAxMDgwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRlNWFhYjEyMmI1M2ZkZTRiOGVhZGEwNzE0YjAzYmQwMzE5ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU+HJDTKmx0cw1q5aEPSDBNvCV6J
KHXxA/gvx7pwHw0Pw5Ywp3SJe39PdljXqUwbZjJv3jwc6hSUwygs/v5I1yaAY2pH
V+huCnxl+5CuG7qv79rfW+BnlM8kFjkG+8CH/fguyDDHuLXQp+LF0qn9dvM6VvM5
IM/eyz6NF3m1jRFDBzSenXeFTZdW9RnG4FbeUph7rUU6H+UmT5ZiyYjJjuHLw3jv
wpKezFImOZBRBFxBn0jQ5KPw53JcCpSfZELtyCUQYF1yBX1tQDW/vejo5kCMwc0a
9tmSUkNFiNdJ5q+DNvLPnlWNVzZbOKqBGcEnYLjIPC6NCUvcWXzwYZS9VwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJbeWqsSK1P95Ljq2gcUsDvQMZ14MB8GA1UdIwQY
MBaAFIlJKKOWJ81e5fl1vYl8LXdasplAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEt
MTU5M2Q0MDQ1Y2JjLzEvbHQ1YXF4SXJVXzNrdU9yYUJ4U3dPOUF4blhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEtMTU5M2Q0MDQ1Y2Jj
LzEvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAleL8MA8E
AgACMAkDBwAqA8wAD8AwDQYJKoZIhvcNAQELBQADggEBADHQlYYtOfSZOL1Tfrup
/nXavAVHgVFtYmsyB79Yhkofe+jZvFfxxIzHfJOyheKD2Uy/Q3fD5GST2cUD48cg
93G4oC7oYx2eWfN7kleYaiWtgfy9Fw8nGJeA11hlsoVEAWo9HcNU3s7YQ0Wr2zWB
mibLAVilNEZW25riA7E7jcZ9zy4iKA9kqH1H8gH64opOyfuYUA/cFNYU/ekUwHa5
JS8xNJur6Rjwuwl7u+6pHq9WpYGoEwy2bQcBJAicr1OC3OhzWtTYndLxg71eIriA
soH0zdCFHbCDFlNslMCAQe4pW34Rz81evM6JmI3WmytmFHdOF+wIwRUp9vqtn/j1
5dQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:05 2024 by rpki-client on console-ams.rpki-client.org