Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/lrgDkvTRHlO7SWjlktYmUKYDNks.roa
File: lrgDkvTRHlO7SWjlktYmUKYDNks.roa (raw, json)
Hash identifier: CGSiRDda64i8tbq8ROTJLTnmdg7RAJy0NR7QWDXGsno=
Subject key identifier: 96:B8:03:92:F4:D1:1E:53:BB:49:68:E5:92:D6:26:50:A6:03:36:4B
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 0194606E08C699E6A75090D39D2BB752EB6F
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/lrgDkvTRHlO7SWjlktYmUKYDNks.roa
Signing time: Mon 13 Jan 2025 16:10:11 +0000
ROA not before: Mon 13 Jan 2025 16:10:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 31 Jan 2025 16:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:6e:08:c6:99:e6:a7:50:90:d3:9d:2b:b7:52:eb:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Jan 13 16:10:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96b80392f4d11e53bb4968e592d62650a603364b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0e:47:44:6f:03:13:be:26:3d:c0:d5:7b:9c:
79:81:01:f5:9c:0b:2d:fb:14:f3:4c:de:53:f7:77:
6d:3c:79:7d:0f:cc:b9:3b:90:e1:9a:67:03:18:87:
e6:8f:7b:e1:63:f9:42:c7:13:07:6f:36:8d:f6:3c:
e1:3e:b0:cd:46:e8:43:cf:cc:c4:0d:f6:68:6d:7d:
8e:b5:ff:82:bc:ef:9f:2a:ea:d9:2c:a3:e4:dc:84:
a3:9c:fb:88:80:f5:01:7e:84:8a:e4:a6:a0:87:df:
9b:12:58:65:01:b0:72:75:a5:8b:ac:8f:6a:d5:fd:
d1:c2:35:82:1a:f1:a2:52:e2:f6:63:b1:ec:ac:de:
84:e9:cf:04:7c:c2:35:62:9a:1d:a3:9e:50:89:aa:
57:d4:05:dd:1b:ff:87:60:96:67:40:2d:5c:6e:17:
46:86:03:68:f6:16:9a:77:f0:3f:c5:1c:0d:ad:d9:
f9:12:1d:0e:12:e9:a4:e3:6c:c5:8e:03:fb:e4:68:
f5:76:b4:7b:5d:95:b8:75:31:13:b2:fb:e3:95:e1:
cb:d7:66:71:b2:9c:51:e9:6a:73:11:28:3d:4e:79:
81:79:88:62:4e:d1:5e:e5:dd:d4:94:75:16:0c:b5:
a1:cc:99:92:56:da:b4:1f:87:0c:db:de:25:ed:94:
5c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B8:03:92:F4:D1:1E:53:BB:49:68:E5:92:D6:26:50:A6:03:36:4B
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/lrgDkvTRHlO7SWjlktYmUKYDNks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
18:dc:20:9e:06:41:12:6e:8e:66:d4:89:f7:ee:f8:d9:2e:97:
25:ab:d4:e8:d7:2e:37:7f:88:97:33:d5:cc:9a:36:40:7d:b0:
44:0a:d8:6c:6b:53:9f:3d:f4:d3:94:59:46:40:6f:65:ff:03:
6e:bc:96:39:ae:87:0d:14:37:b1:95:38:75:4a:b5:35:4e:03:
0e:52:61:fc:c7:11:47:c8:ca:93:b6:5a:f1:5c:c0:2e:7b:4a:
ae:b4:ad:52:c9:25:af:c5:3c:ca:3a:04:12:14:44:e3:ad:0f:
9a:d7:3b:2f:d5:74:db:2c:43:a3:fc:2f:be:db:a2:6c:78:bd:
33:d0:75:78:73:9e:62:48:f4:b7:39:55:53:27:da:cb:0f:85:
ce:06:30:05:1d:bf:cf:21:49:3a:93:3c:3a:d1:85:3d:8f:53:
51:e2:3a:36:0c:a5:6b:39:c7:a8:ae:56:a5:ac:01:13:36:ee:
72:18:9a:14:96:b5:5d:38:cf:47:95:65:de:0c:f7:f0:ff:16:
c8:10:40:5f:23:f7:45:6f:f5:f1:8d:33:be:17:9f:67:c2:e8:
dc:65:0f:92:c8:c2:ac:82:01:2b:1e:35:50:e8:73:f2:26:32:
25:2c:b7:37:21:28:34:c7:d1:cb:0f:0f:00:f4:5e:24:df:77:
2f:27:3f:f9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZRgbgjGmeanUJDTnSu3UutvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjUwMTEzMTYxMDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmI4MDM5MmY0ZDExZTUzYmI0OTY4ZTU5MmQ2MjY1MGE2MDMzNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw5HRG8DE74mPcDVe5x5gQH1nAst
+xTzTN5T93dtPHl9D8y5O5DhmmcDGIfmj3vhY/lCxxMHbzaN9jzhPrDNRuhDz8zE
DfZobX2Otf+CvO+fKurZLKPk3ISjnPuIgPUBfoSK5Kagh9+bElhlAbBydaWLrI9q
1f3RwjWCGvGiUuL2Y7HsrN6E6c8EfMI1Ypodo55QiapX1AXdG/+HYJZnQC1cbhdG
hgNo9haad/A/xRwNrdn5Eh0OEumk42zFjgP75Gj1drR7XZW4dTETsvvjleHL12Zx
spxR6WpzESg9TnmBeYhiTtFe5d3UlHUWDLWhzJmSVtq0H4cM294l7ZRcVwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJa4A5L00R5Tu0lo5ZLWJlCmAzZLMB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvbHJnRGt2VFJIbE83U1dqbGt0WW1VS1lETmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2
LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgWxABAw
DQYJKoZIhvcNAQELBQADggEBABjcIJ4GQRJujmbUiffu+NkulyWr1OjXLjd/iJcz
1cyaNkB9sEQK2GxrU5899NOUWUZAb2X/A268ljmuhw0UN7GVOHVKtTVOAw5SYfzH
EUfIypO2WvFcwC57Sq60rVLJJa/FPMo6BBIUROOtD5rXOy/VdNssQ6P8L77bomx4
vTPQdXhznmJI9Lc5VVMn2ssPhc4GMAUdv88hSTqTPDrRhT2PU1HiOjYMpWs5x6iu
VqWsARM27nIYmhSWtV04z0eVZd4M9/D/FsgQQF8j90Vv9fGNM74Xn2fC6NxlD5LI
wqyCASseNVDoc/ImMiUstzchKDTH0csPDwD0XiTfdy8nP/k=
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:36:25 2025 by rpki-client