Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/LXz8msE04uGYlHQoHbAB6YEoWiY.roa
File: LXz8msE04uGYlHQoHbAB6YEoWiY.roa (raw, json)
Hash identifier: KHs0VKjeEZq9BKMKtS72Iuq+fQ98gZJMoZWGzZwZdRM=
Subject key identifier: 2D:7C:FC:9A:C1:34:E2:E1:98:94:74:28:1D:B0:01:E9:81:28:5A:26
Certificate issuer: /CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6
Certificate serial: 018CC794BF25E8E708581EB7086D56065F41
Authority key identifier: 3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/LXz8msE04uGYlHQoHbAB6YEoWiY.roa
Signing time: Tue 02 Jan 2024 00:31:03 +0000
ROA not before: Tue 02 Jan 2024 00:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199296
IP address blocks: 91.233.136.0/22 maxlen: 22
2a13:60c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Jun 2024 13:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:bf:25:e8:e7:08:58:1e:b7:08:6d:56:06:5f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6
Validity
Not Before: Jan 2 00:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d7cfc9ac134e2e1989474281db001e981285a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b7:77:25:c9:59:7f:93:8d:4a:5f:0d:83:9f:
0a:4c:5a:0e:aa:95:e3:f7:73:f0:61:8c:e4:d6:ec:
f0:50:9a:0f:1a:22:63:38:ab:ff:8d:c3:4e:2f:e5:
56:d5:d0:d9:d8:a8:0e:bf:cc:58:51:ca:8f:ae:57:
59:e7:36:06:73:e6:e1:a2:e5:ea:b2:7f:f0:ce:cb:
61:c6:d9:a4:41:ae:3c:49:02:f1:7c:0b:d9:0d:5b:
24:b9:cb:43:7e:de:bc:cf:bc:bc:a4:f7:8b:68:39:
1e:09:3f:aa:ac:4a:c4:3a:c7:c5:27:5e:62:fe:1e:
1b:3d:e0:85:93:69:b1:4d:ca:c9:7d:0c:33:fa:6b:
2d:47:c3:c6:11:ab:1d:42:93:3a:82:16:f7:6a:66:
19:84:16:37:67:b1:14:99:d2:80:8c:c6:0c:52:ff:
88:73:40:58:c4:2c:62:8a:8d:d9:74:f8:ee:25:e2:
09:2a:89:0b:f1:3a:be:8a:64:d9:a0:a1:68:07:3b:
71:a6:d9:8d:3e:8d:17:cb:fb:80:3f:3b:04:ff:ac:
c3:5d:4c:4f:13:5c:c2:43:7a:1a:c7:00:bf:bd:b8:
06:75:05:2b:3d:55:ad:07:8e:e0:d2:13:86:58:6b:
49:d5:27:40:18:92:51:71:61:05:97:39:9d:0f:c1:
11:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7C:FC:9A:C1:34:E2:E1:98:94:74:28:1D:B0:01:E9:81:28:5A:26
X509v3 Authority Key Identifier:
keyid:3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/LXz8msE04uGYlHQoHbAB6YEoWiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.136.0/22
IPv6:
2a13:60c0::/32
Signature Algorithm: sha256WithRSAEncryption
31:c1:25:a5:05:d4:7a:d0:e1:ee:49:9e:49:98:14:61:89:1c:
d2:98:43:6c:3e:df:fe:94:f5:fd:5c:25:0e:c3:21:6e:23:89:
c1:63:8e:35:32:e9:5a:ea:8e:49:25:d6:40:72:19:c3:19:c5:
cf:6a:6a:f0:ac:3d:97:27:fa:b4:86:b3:28:b8:be:3a:36:ef:
da:e9:a4:fc:ad:1f:18:40:d8:80:6c:b4:39:c0:b8:06:30:56:
86:49:82:12:b1:a9:9b:70:5c:d7:8d:df:70:4c:a1:32:9c:07:
4e:41:cd:eb:b1:cd:5f:d3:a3:59:3e:19:42:dd:5e:b4:ec:05:
18:77:bf:5d:e4:7c:22:04:d2:72:d5:e0:8f:96:a2:a5:0b:15:
70:df:7f:ea:28:b4:f5:41:a6:72:a8:8b:f1:21:9b:ea:37:4b:
79:d2:1e:ad:f1:a4:32:4f:63:47:39:cb:40:2d:8a:b9:cb:55:
76:79:3e:b1:f1:83:bb:93:1a:96:c1:2f:e4:3a:16:fa:b4:db:
3c:87:03:6e:8d:53:c8:07:f6:cc:09:7c:3b:c9:c9:4a:66:43:
cd:f7:9c:1a:8a:d4:41:0f:70:6b:40:17:f0:30:b0:31:02:60:
2c:b6:d4:ee:9a:85:3d:8a:3a:0f:76:9e:17:13:8e:96:8f:7f:
2b:e2:c6:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlL8l6OcIWB63CG1WBl9BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZjQ2OGQxNTE1YWQ2ZjE0Y2E2OWNmOWM3NzJlNWNiNTdk
Mjc3ZDYwHhcNMjQwMTAyMDAzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdjZmM5YWMxMzRlMmUxOTg5NDc0MjgxZGIwMDFlOTgxMjg1YTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrd3JclZf5ONSl8Ng58KTFoOqpXj
93PwYYzk1uzwUJoPGiJjOKv/jcNOL+VW1dDZ2KgOv8xYUcqPrldZ5zYGc+bhouXq
sn/wzsthxtmkQa48SQLxfAvZDVskuctDft68z7y8pPeLaDkeCT+qrErEOsfFJ15i
/h4bPeCFk2mxTcrJfQwz+mstR8PGEasdQpM6ghb3amYZhBY3Z7EUmdKAjMYMUv+I
c0BYxCxiio3ZdPjuJeIJKokL8Tq+imTZoKFoBztxptmNPo0Xy/uAPzsE/6zDXUxP
E1zCQ3oaxwC/vbgGdQUrPVWtB47g0hOGWGtJ1SdAGJJRcWEFlzmdD8ERdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC18/JrBNOLhmJR0KB2wAemBKFomMB8GA1UdIwQY
MBaAFDv0aNFRWtbxTKac+cdy5ctX0nfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAt
NDYxMTA0NmYxYTRlLzEvTFh6OG1zRTA0dUdZbEhRb0hiQUI2WUVvV2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAtNDYxMTA0NmYxYTRl
LzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW+mIMA0E
AgACMAcDBQAqE2DAMA0GCSqGSIb3DQEBCwUAA4IBAQAxwSWlBdR60OHuSZ5JmBRh
iRzSmENsPt/+lPX9XCUOwyFuI4nBY441Mula6o5JJdZAchnDGcXPamrwrD2XJ/q0
hrMouL46Nu/a6aT8rR8YQNiAbLQ5wLgGMFaGSYISsambcFzXjd9wTKEynAdOQc3r
sc1f06NZPhlC3V607AUYd79d5HwiBNJy1eCPlqKlCxVw33/qKLT1QaZyqIvxIZvq
N0t50h6t8aQyT2NHOctALYq5y1V2eT6x8YO7kxqWwS/kOhb6tNs8hwNujVPIB/bM
CXw7yclKZkPN95waitRBD3BrQBfwMLAxAmAsttTumoU9ijoPdp4XE46Wj38r4sbk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:54 2025 by rpki-client