Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LdElJRDxHykOr550dyTpl5xelJs.roa
File: LdElJRDxHykOr550dyTpl5xelJs.roa (raw, json)
Hash identifier: cCvGvGIj03SbCwMMR+Doz8xatJNGOxXjoF44EjtPbcw=
Subject key identifier: 2D:D1:25:25:10:F1:1F:29:0E:AF:9E:74:77:24:E9:97:9C:5E:94:9B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01932511E607C122F2759DBD71006442F28A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LdElJRDxHykOr550dyTpl5xelJs.roa
Signing time: Wed 13 Nov 2024 10:29:10 +0000
ROA not before: Wed 13 Nov 2024 10:29:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 82.153.231.0/24 maxlen: 24
109.176.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 12:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:11:e6:07:c1:22:f2:75:9d:bd:71:00:64:42:f2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 13 10:29:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dd1252510f11f290eaf9e747724e9979c5e949b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:af:16:d8:2c:d4:83:7a:2b:48:f5:56:96:16:
cb:0d:2c:7d:2e:fd:88:d0:92:11:7d:f6:0e:95:a8:
02:47:00:46:67:19:c6:80:fc:e6:3c:83:b2:de:65:
db:06:cf:6d:5a:b4:69:e8:c6:b1:a1:6b:28:51:d4:
1d:4d:e5:ea:c7:41:f5:dd:7b:76:c5:4a:19:42:8c:
24:d9:19:f2:02:9b:15:9e:e4:0a:df:32:ab:72:df:
9f:56:03:9e:f8:7a:f5:98:82:b5:4f:b1:2c:df:ee:
55:14:f1:7d:fd:8d:63:f1:3b:b5:60:c2:cf:1b:a8:
1f:c6:6d:86:61:54:58:2d:d3:0a:8c:27:e9:c4:0a:
49:70:c7:88:57:5d:d4:71:c4:15:f3:35:c5:d5:f2:
03:ff:74:60:dc:b3:25:7c:3b:0b:26:5b:78:fc:54:
66:7c:84:1d:bf:a2:4f:02:db:86:95:26:b6:67:d5:
b1:36:94:a5:87:dc:fc:43:f0:bf:c5:d5:3c:6a:f7:
a5:04:07:1e:41:81:b7:29:0f:57:19:f4:1e:8c:94:
5a:45:a3:ee:98:15:11:30:97:7b:09:d8:f1:0a:0b:
88:82:5d:4d:bb:6d:63:6f:c2:41:bc:40:28:90:e9:
64:5c:fe:40:6f:3e:59:47:c8:89:a7:ad:30:47:0e:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D1:25:25:10:F1:1F:29:0E:AF:9E:74:77:24:E9:97:9C:5E:94:9B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LdElJRDxHykOr550dyTpl5xelJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.231.0/24
109.176.15.0/24
Signature Algorithm: sha256WithRSAEncryption
53:38:ee:cb:5a:f7:25:f5:41:55:38:f5:e2:b9:88:1c:eb:3f:
48:30:fa:e1:cb:bc:0d:07:3d:c6:d5:fb:cf:69:40:35:9c:37:
e8:01:b0:60:16:8d:31:79:17:3e:a4:22:54:a9:2e:98:c5:12:
17:93:06:b9:4a:47:b6:f9:e7:86:2f:f5:82:63:5f:a8:24:16:
fa:84:65:f7:b3:88:44:0f:c8:b6:cd:e7:e0:6f:ad:82:78:5c:
33:84:ec:b9:e2:20:90:95:84:9e:6c:a2:9c:33:6b:c4:cb:72:
f0:fd:97:00:f7:89:94:64:57:b9:82:25:62:4d:b1:72:63:06:
1f:ab:db:25:79:3e:05:8a:28:d8:36:2a:77:64:60:af:4b:bf:
26:ed:48:5b:58:3c:d8:f5:5d:71:84:c7:c3:e1:c5:46:95:33:
a4:2b:10:e4:34:23:c7:7b:7e:0a:34:d0:d6:a6:b5:2b:80:5f:
aa:8a:c8:35:6c:64:47:89:7f:15:8c:88:b0:5d:05:8a:84:e3:
dd:30:08:19:ee:ac:b6:fd:58:96:f4:a0:62:c5:a1:03:a1:30:
e9:88:a4:2c:94:86:8b:42:8a:59:22:5a:93:8f:c6:f4:d7:87:
12:55:de:ea:23:2c:fa:12:6a:b6:50:51:85:18:dc:8d:1a:4e:
23:b1:8e:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMlEeYHwSLydZ29cQBkQvKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTEzMTAyOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQxMjUyNTEwZjExZjI5MGVhZjllNzQ3NzI0ZTk5NzljNWU5NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5q8W2CzUg3orSPVWlhbLDSx9Lv2I
0JIRffYOlagCRwBGZxnGgPzmPIOy3mXbBs9tWrRp6MaxoWsoUdQdTeXqx0H13Xt2
xUoZQowk2RnyApsVnuQK3zKrct+fVgOe+Hr1mIK1T7Es3+5VFPF9/Y1j8Tu1YMLP
G6gfxm2GYVRYLdMKjCfpxApJcMeIV13UccQV8zXF1fID/3Rg3LMlfDsLJlt4/FRm
fIQdv6JPAtuGlSa2Z9WxNpSlh9z8Q/C/xdU8avelBAceQYG3KQ9XGfQejJRaRaPu
mBURMJd7CdjxCguIgl1Nu21jb8JBvEAokOlkXP5Abz5ZR8iJp60wRw7h/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3RJSUQ8R8pDq+edHck6ZecXpSbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTGRFbEpSRHhIeWtPcjU1MGR5VHBsNXhlbEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpnnAwQA
bbAPMA0GCSqGSIb3DQEBCwUAA4IBAQBTOO7LWvcl9UFVOPXiuYgc6z9IMPrhy7wN
Bz3G1fvPaUA1nDfoAbBgFo0xeRc+pCJUqS6YxRIXkwa5Ske2+eeGL/WCY1+oJBb6
hGX3s4hED8i2zefgb62CeFwzhOy54iCQlYSebKKcM2vEy3Lw/ZcA94mUZFe5giVi
TbFyYwYfq9sleT4FiijYNip3ZGCvS78m7UhbWDzY9V1xhMfD4cVGlTOkKxDkNCPH
e34KNNDWprUrgF+qisg1bGRHiX8VjIiwXQWKhOPdMAgZ7qy2/ViW9KBixaEDoTDp
iKQslIaLQopZIlqTj8b014cSVd7qIyz6Emq2UFGFGNyNGk4jsY5C
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:35:27 2025 by rpki-client