Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/lHhZ1qeTOt4mXHfEmaTqrhpsn8U.roa
File: lHhZ1qeTOt4mXHfEmaTqrhpsn8U.roa (raw, json)
Hash identifier: fcoAu0xmLt5ajBOBdbSEgbxKkEGrExi0Xk8xJpgLscU=
Subject key identifier: 94:78:59:D6:A7:93:3A:DE:26:5C:77:C4:99:A4:EA:AE:1A:6C:9F:C5
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 018CC86F2EE6E9AFA2DE38334618DB01B3A1
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/lHhZ1qeTOt4mXHfEmaTqrhpsn8U.roa
Signing time: Tue 02 Jan 2024 04:29:38 +0000
ROA not before: Tue 02 Jan 2024 04:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42836
IP address blocks: 195.66.90.0/24 maxlen: 24
2001:67c:20c8::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 04 Jun 2024 12:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:2e:e6:e9:af:a2:de:38:33:46:18:db:01:b3:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 2 04:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=947859d6a7933ade265c77c499a4eaae1a6c9fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1d:0f:b2:e7:1f:83:bd:e9:5c:02:b9:04:d9:
bb:81:d4:5c:ad:6c:72:45:a1:a8:91:b4:a9:a0:82:
43:ec:f6:ff:21:de:17:a0:8f:72:7e:0b:dc:f3:67:
8b:8d:6d:ff:0b:73:43:c4:94:9e:30:fb:fc:15:9e:
9f:ef:da:4a:04:44:ec:66:9f:07:b9:d7:fc:9d:b1:
3a:13:9c:19:49:b1:48:6d:33:23:14:d4:02:01:07:
36:67:e2:e9:f6:da:de:7d:9b:23:88:00:19:d1:b0:
71:c6:99:35:e1:34:c1:c6:2a:26:2e:de:4b:62:34:
a5:a9:d2:7c:2c:ff:f1:ea:01:59:5c:aa:7a:94:56:
9c:ba:96:2a:7d:53:aa:48:e1:9f:44:a6:78:1a:6b:
7a:13:9f:ba:1a:b4:cf:c6:5f:5b:c7:b4:e4:ac:64:
f9:9b:66:b4:a1:27:03:f5:45:67:56:2e:f3:5c:0d:
b3:7f:90:80:7d:e2:f2:8e:11:ad:ad:d5:d3:8b:3e:
f1:5c:f1:09:40:89:a1:37:3e:c8:d9:ab:94:b1:a3:
72:b6:26:4f:ab:e8:23:4f:a5:98:ef:5f:fe:0d:b1:
b6:0b:9d:74:be:2d:23:62:67:ff:61:ba:d0:41:0f:
80:59:2b:14:a1:42:24:a9:6f:05:ba:04:4f:18:76:
52:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:78:59:D6:A7:93:3A:DE:26:5C:77:C4:99:A4:EA:AE:1A:6C:9F:C5
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/lHhZ1qeTOt4mXHfEmaTqrhpsn8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.90.0/24
IPv6:
2001:67c:20c8::/48
Signature Algorithm: sha256WithRSAEncryption
7a:3b:a7:5d:2c:de:e8:f4:bb:aa:a3:3a:24:3d:5f:6e:af:c4:
e9:04:4d:29:e0:6a:ca:a9:c7:91:aa:ee:33:1e:3e:16:16:da:
e3:70:a0:69:20:1c:a7:e5:fb:90:11:ac:e9:a4:8b:d9:88:ea:
10:a9:41:23:3a:52:fc:70:2a:b6:cb:a1:62:f4:ec:5d:a3:20:
55:f2:8b:db:3d:26:b0:53:de:33:65:f2:d8:b0:1e:fd:4a:ff:
cc:c6:c8:f3:62:cd:f9:64:8f:72:77:0b:5b:fd:a6:2a:bf:b7:
95:19:3b:21:6e:3a:8b:89:eb:a8:9e:c5:12:f1:df:82:a9:63:
f1:8a:c5:a9:7a:08:e3:9d:6c:86:e1:1d:38:1d:38:5a:0d:32:
21:f3:e0:17:b4:6d:cf:ab:29:c7:05:05:b2:72:41:96:f2:20:
89:d2:ba:6d:fa:55:d5:5d:14:b8:fe:bc:3b:4a:6f:3e:f4:ed:
61:48:91:67:01:fd:36:97:56:af:17:04:8f:66:92:3f:73:6c:
7a:ed:94:e6:68:de:db:89:5b:24:cc:b7:7b:79:ae:b6:21:e2:
4b:2f:4a:77:c3:cc:5e:6f:c6:7c:d0:84:7b:6d:11:c5:68:be:
fc:00:d4:31:4e:48:9f:de:bb:65:92:59:c0:6a:1a:14:49:3b:
a3:94:34:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIby7m6a+i3jgzRhjbAbOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjQwMTAyMDQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDc4NTlkNmE3OTMzYWRlMjY1Yzc3YzQ5OWE0ZWFhZTFhNmM5ZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB0Psucfg73pXAK5BNm7gdRcrWxy
RaGokbSpoIJD7Pb/Id4XoI9yfgvc82eLjW3/C3NDxJSeMPv8FZ6f79pKBETsZp8H
udf8nbE6E5wZSbFIbTMjFNQCAQc2Z+Lp9trefZsjiAAZ0bBxxpk14TTBxiomLt5L
YjSlqdJ8LP/x6gFZXKp6lFacupYqfVOqSOGfRKZ4Gmt6E5+6GrTPxl9bx7TkrGT5
m2a0oScD9UVnVi7zXA2zf5CAfeLyjhGtrdXTiz7xXPEJQImhNz7I2auUsaNytiZP
q+gjT6WY71/+DbG2C510vi0jYmf/YbrQQQ+AWSsUoUIkqW8FugRPGHZSwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJR4WdankzreJlx3xJmk6q4abJ/FMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvbEhoWjFxZVRPdDRtWEhmRW1hVHFyaHBzbjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw0JaMA8E
AgACMAkDBwAgAQZ8IMgwDQYJKoZIhvcNAQELBQADggEBAHo7p10s3uj0u6qjOiQ9
X26vxOkETSngasqpx5Gq7jMePhYW2uNwoGkgHKfl+5ARrOmki9mI6hCpQSM6Uvxw
KrbLoWL07F2jIFXyi9s9JrBT3jNl8tiwHv1K/8zGyPNizflkj3J3C1v9piq/t5UZ
OyFuOouJ66iexRLx34KpY/GKxal6COOdbIbhHTgdOFoNMiHz4Be0bc+rKccFBbJy
QZbyIInSum36VdVdFLj+vDtKbz707WFIkWcB/TaXVq8XBI9mkj9zbHrtlOZo3tuJ
WyTMt3t5rrYh4ksvSnfDzF5vxnzQhHttEcVovvwA1DFOSJ/eu2WSWcBqGhRJO6OU
NGI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:22:38 2025 by rpki-client