Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/LQisaMkNEhGijokPcxS6eW8vtyw.roa
File: LQisaMkNEhGijokPcxS6eW8vtyw.roa (raw, json)
Hash identifier: eYxZpKoi0WwS0B40aJ5eSmOGtPKyyHqa2B+r+86lS6w=
Subject key identifier: 2D:08:AC:68:C9:0D:12:11:A2:8E:89:0F:73:14:BA:79:6F:2F:B7:2C
Certificate issuer: /CN=9d6b9774c94876c98321de3201b11b75a1358d19
Certificate serial: 019344CB896D215BE2279A2AE39847FA37E2
Authority key identifier: 9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/LQisaMkNEhGijokPcxS6eW8vtyw.roa
Signing time: Tue 19 Nov 2024 14:20:09 +0000
ROA not before: Tue 19 Nov 2024 14:20:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211462
IP address blocks: 193.32.87.0/24 maxlen: 24
2a0d:8140::/48 maxlen: 48
2a0d:8140:2fff::/48 maxlen: 48
2a0d:8140:3fff::/48 maxlen: 48
2a0d:8140:4fff::/48 maxlen: 48
2a0d:8141::/48 maxlen: 48
2a0d:8142::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Dec 2024 13:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:cb:89:6d:21:5b:e2:27:9a:2a:e3:98:47:fa:37:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d6b9774c94876c98321de3201b11b75a1358d19
Validity
Not Before: Nov 19 14:20:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d08ac68c90d1211a28e890f7314ba796f2fb72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:eb:d5:5d:d4:47:fd:09:99:86:6a:18:17:f7:
eb:a9:79:87:af:c9:cd:56:7d:f6:fd:6f:9e:3e:21:
2a:ad:d0:86:ff:36:e0:22:11:32:47:f1:29:f4:ae:
51:37:5e:4d:19:f6:ba:01:07:de:85:36:5f:39:8b:
5a:42:ef:34:37:a7:e7:0d:7a:39:5c:b5:41:b0:b8:
ab:3b:37:9a:42:e4:68:8a:92:a6:98:14:09:06:c3:
83:ff:f1:62:1b:1b:d4:39:a8:8b:e3:38:1d:e0:e8:
ac:9e:87:8c:eb:21:61:19:46:d3:d3:fe:d1:f5:78:
99:c5:e6:e2:da:31:43:8b:39:dd:ba:a9:e0:e7:75:
dd:cf:53:b8:eb:42:cd:0f:1f:d9:6e:ab:90:f3:d0:
9e:f4:3d:d3:ca:85:bd:41:19:0d:7c:09:9c:b9:d4:
2d:27:83:91:39:9d:85:b8:f1:c1:ba:61:a1:f2:d2:
7a:94:11:e0:dd:90:11:8c:fc:00:a6:04:a7:4f:97:
62:62:70:f8:ac:19:2b:29:ef:6c:c8:9d:b7:91:86:
57:f8:45:fe:d7:aa:02:e2:7f:3b:a4:69:20:9f:d1:
dd:23:c1:05:85:0e:7a:c6:44:68:09:82:5e:d2:ad:
8f:34:44:7b:a8:76:89:79:75:1d:37:a3:95:31:5b:
9d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:08:AC:68:C9:0D:12:11:A2:8E:89:0F:73:14:BA:79:6F:2F:B7:2C
X509v3 Authority Key Identifier:
keyid:9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/LQisaMkNEhGijokPcxS6eW8vtyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.87.0/24
IPv6:
2a0d:8140::/48
2a0d:8140:2fff::/48
2a0d:8140:3fff::/48
2a0d:8140:4fff::/48
2a0d:8141::/48
2a0d:8142::/48
Signature Algorithm: sha256WithRSAEncryption
0e:c4:8b:7f:19:07:8b:ae:15:9e:e0:14:f3:13:71:5e:68:19:
9b:8b:70:6e:d0:13:67:7f:50:24:cb:65:7a:b3:8c:19:d5:09:
c3:2d:63:5b:53:19:b0:79:7e:e2:db:59:f7:6a:1e:8e:81:57:
1c:5f:76:c8:d8:77:f0:c2:cb:db:1c:48:9e:49:cd:a8:da:2c:
8f:28:73:56:09:84:8e:6b:ef:99:b4:91:d5:68:ea:aa:34:28:
fb:e9:c3:7f:76:42:e9:5c:30:f2:17:7e:9b:1b:5a:32:f4:76:
3e:a2:7a:2a:23:49:93:08:a9:e1:91:b1:b7:83:8e:1f:24:da:
8a:f2:75:c8:49:3a:6e:83:68:14:63:6b:b3:60:cb:89:7a:b0:
a8:76:35:32:fc:cf:83:e5:db:18:3d:d8:25:ce:8f:d3:c0:b6:
ae:f9:15:d8:f6:8a:4d:60:9e:1e:3f:dc:fa:62:c7:c5:52:43:
bc:4e:60:68:8f:5b:99:27:92:15:e4:9f:26:e7:41:25:d1:90:
ee:83:b0:e7:47:60:5c:a7:cc:e5:50:20:e8:a4:06:40:77:b5:
1e:62:1d:63:81:b3:84:5f:53:6f:44:9b:be:a9:59:3b:c4:f6:
0c:03:6c:88:6a:bb:35:4c:ba:90:00:d4:73:67:69:1c:d6:92:
2f:e2:ef:0f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZNEy4ltIVviJ5oq45hH+jfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNmI5Nzc0Yzk0ODc2Yzk4MzIxZGUzMjAxYjExYjc1YTEz
NThkMTkwHhcNMjQxMTE5MTQyMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA4YWM2OGM5MGQxMjExYTI4ZTg5MGY3MzE0YmE3OTZmMmZiNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5evVXdRH/QmZhmoYF/frqXmHr8nN
Vn32/W+ePiEqrdCG/zbgIhEyR/Ep9K5RN15NGfa6AQfehTZfOYtaQu80N6fnDXo5
XLVBsLirOzeaQuRoipKmmBQJBsOD//FiGxvUOaiL4zgd4OisnoeM6yFhGUbT0/7R
9XiZxebi2jFDiznduqng53Xdz1O460LNDx/ZbquQ89Ce9D3TyoW9QRkNfAmcudQt
J4OROZ2FuPHBumGh8tJ6lBHg3ZARjPwApgSnT5diYnD4rBkrKe9syJ23kYZX+EX+
16oC4n87pGkgn9HdI8EFhQ56xkRoCYJe0q2PNER7qHaJeXUdN6OVMVudHQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFC0IrGjJDRIRoo6JD3MUunlvL7csMB8GA1UdIwQY
MBaAFJ1rl3TJSHbJgyHeMgGxG3WhNY0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5Njgt
YTU2YmRmYWRiODFlLzEvTFFpc2FNa05FaEdpam9rUGN4UzZlVzh2dHl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5NjgtYTU2YmRmYWRiODFl
LzEvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAMBAIAATAGAwQAwSBXMDwE
AgACMDYDBwAqDYFAAAADBwAqDYFAL/8DBwAqDYFAP/8DBwAqDYFAT/8DBwAqDYFB
AAADBwAqDYFCAAAwDQYJKoZIhvcNAQELBQADggEBAA7Ei38ZB4uuFZ7gFPMTcV5o
GZuLcG7QE2d/UCTLZXqzjBnVCcMtY1tTGbB5fuLbWfdqHo6BVxxfdsjYd/DCy9sc
SJ5JzajaLI8oc1YJhI5r75m0kdVo6qo0KPvpw392QulcMPIXfpsbWjL0dj6ieioj
SZMIqeGRsbeDjh8k2orydchJOm6DaBRja7Ngy4l6sKh2NTL8z4Pl2xg92CXOj9PA
tq75Fdj2ik1gnh4/3Ppix8VSQ7xOYGiPW5knkhXknybnQSXRkO6DsOdHYFynzOVQ
IOikBkB3tR5iHWOBs4RfU29Em76pWTvE9gwDbIhquzVMupAA1HNnaRzWki/i7w8=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:58:48 2025 by rpki-client