Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LtsyLPwwAF5Ps8YuR8LmMtfGBhQ.roa
File: LtsyLPwwAF5Ps8YuR8LmMtfGBhQ.roa (raw, json)
Hash identifier: AW0OZyuwRY6JtP8Hr71E2n7YSLS2PTc8v2AHht7zXcU=
Subject key identifier: 2E:DB:32:2C:FC:30:00:5E:4F:B3:C6:2E:47:C2:E6:32:D7:C6:06:14
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019049BAC1DA66B1E366433D24F8291E81DD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LtsyLPwwAF5Ps8YuR8LmMtfGBhQ.roa
Signing time: Mon 24 Jun 2024 10:11:34 +0000
ROA not before: Mon 24 Jun 2024 10:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 11:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:ba:c1:da:66:b1:e3:66:43:3d:24:f8:29:1e:81:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 24 10:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2edb322cfc30005e4fb3c62e47c2e632d7c60614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:d8:80:4c:68:f7:0b:49:a8:00:73:d5:c0:09:
3c:b8:0a:69:1a:ee:80:be:ff:70:93:71:1d:69:b6:
5b:e2:57:5d:d4:15:d5:e9:6e:b8:83:83:d0:2e:9c:
82:7d:ed:67:93:09:46:fe:85:d5:82:62:d0:9c:24:
37:8f:65:64:a5:2e:6b:bc:07:f8:32:6c:61:af:b1:
4b:82:19:24:4a:c9:24:9e:f8:4e:4a:cc:ad:70:6c:
bf:0c:8f:ca:eb:44:e8:6e:66:c0:35:b7:b3:64:d6:
8a:0d:2d:59:f5:24:58:dc:63:0a:bf:8f:60:f2:2f:
ea:3d:2a:ea:35:f5:45:9b:8c:d7:d3:d1:9e:8c:a4:
ed:39:0f:bf:9d:ad:c1:c1:2f:d1:7b:16:62:5e:31:
a2:95:b5:de:2e:51:ff:06:21:37:a9:ce:45:02:d4:
60:96:d5:d0:7a:f6:54:35:05:61:fd:7a:37:f4:8e:
d7:3a:4a:ca:82:58:eb:8a:f9:56:fb:4c:7f:07:4b:
fc:e1:33:eb:7d:e0:b8:3d:a7:1d:75:68:68:57:b9:
6d:84:1c:c2:6e:8c:bc:9a:b3:5e:08:32:69:4e:0f:
cc:36:c1:7d:f9:3a:cc:f2:2b:1d:4f:5c:77:c1:06:
b3:f3:f1:40:ed:57:a0:b1:d3:63:38:35:d1:90:c7:
a3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DB:32:2C:FC:30:00:5E:4F:B3:C6:2E:47:C2:E6:32:D7:C6:06:14
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LtsyLPwwAF5Ps8YuR8LmMtfGBhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:8f:a2:f7:3b:d3:b8:d0:cd:05:ca:e5:a6:63:c8:00:3e:19:
7e:2d:00:8f:94:27:d7:aa:25:04:42:e8:a2:e7:17:b7:e1:95:
32:f2:e0:50:7e:c0:97:0c:99:cb:6d:39:2f:3c:b0:22:81:74:
2f:3e:04:f9:39:73:a9:4e:86:68:a8:01:5b:10:f7:1c:36:39:
4b:9c:5b:bf:d6:9f:0b:ab:80:0e:a2:c3:63:41:bc:67:2b:64:
df:64:82:56:ee:d5:7c:b4:1e:12:01:2d:e2:62:41:73:9f:55:
ba:bc:47:6e:95:04:77:3b:0a:31:6c:48:53:c5:f9:1a:65:46:
95:61:b5:70:4e:4f:b9:9f:21:e5:ba:ee:56:d3:07:84:44:5e:
c0:9f:c8:d0:d7:97:e5:b7:7f:07:0b:6c:1c:81:cf:b0:ef:d6:
52:56:71:2a:50:cb:89:7a:68:a2:91:28:6e:1d:d3:28:b3:89:
ac:7e:6b:0b:2c:b2:00:8e:db:6f:1b:84:9d:e6:e7:00:65:be:
d8:91:73:2e:c8:7a:23:8b:ee:5b:c9:f8:d4:46:b4:78:aa:a9:
4f:68:29:ab:a2:f8:9b:9c:23:7c:ca:e9:08:3e:a4:47:e5:a9:
fc:a5:06:32:70:1f:1f:ed:d7:4b:e8:74:da:53:16:21:d9:4f:
e2:c6:b8:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBJusHaZrHjZkM9JPgpHoHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI0MTAxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWRiMzIyY2ZjMzAwMDVlNGZiM2M2MmU0N2MyZTYzMmQ3YzYwNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+NiATGj3C0moAHPVwAk8uAppGu6A
vv9wk3EdabZb4ldd1BXV6W64g4PQLpyCfe1nkwlG/oXVgmLQnCQ3j2VkpS5rvAf4
Mmxhr7FLghkkSskknvhOSsytcGy/DI/K60TobmbANbezZNaKDS1Z9SRY3GMKv49g
8i/qPSrqNfVFm4zX09GejKTtOQ+/na3BwS/RexZiXjGilbXeLlH/BiE3qc5FAtRg
ltXQevZUNQVh/Xo39I7XOkrKgljrivlW+0x/B0v84TPrfeC4PacddWhoV7lthBzC
boy8mrNeCDJpTg/MNsF9+TrM8isdT1x3wQaz8/FA7VegsdNjODXRkMej7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC7bMiz8MABeT7PGLkfC5jLXxgYUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTHRzeUxQd3dBRjVQczhZdVI4TG1NdGZHQmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIiPovc707jQzQXK5aZj
yAA+GX4tAI+UJ9eqJQRC6KLnF7fhlTLy4FB+wJcMmcttOS88sCKBdC8+BPk5c6lO
hmioAVsQ9xw2OUucW7/WnwurgA6iw2NBvGcrZN9kglbu1Xy0HhIBLeJiQXOfVbq8
R26VBHc7CjFsSFPF+RplRpVhtXBOT7mfIeW67lbTB4REXsCfyNDXl+W3fwcLbByB
z7Dv1lJWcSpQy4l6aKKRKG4d0yiziax+awsssgCO228bhJ3m5wBlvtiRcy7IeiOL
7lvJ+NRGtHiqqU9oKaui+JucI3zK6Qg+pEflqfylBjJwHx/t10vodNpTFiHZT+LG
uCM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:39 2025 by rpki-client