Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/lVPPDQ5WlfDikXdS1VHa_lPESPk.roa
File: lVPPDQ5WlfDikXdS1VHa_lPESPk.roa (raw, json)
Hash identifier: 7k8zrFxU7Lm7349+qZeW2RnHjdg4Ew6owtC7I7Rnx1I=
Subject key identifier: 95:53:CF:0D:0E:56:95:F0:E2:91:77:52:D5:51:DA:FE:53:C4:48:F9
Certificate issuer: /CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Certificate serial: 01930AEB6E440A117EB8AFEB500F30A5CEF1
Authority key identifier: 5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/lVPPDQ5WlfDikXdS1VHa_lPESPk.roa
Signing time: Fri 08 Nov 2024 08:37:01 +0000
ROA not before: Fri 08 Nov 2024 08:37:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57829
IP address blocks: 178.22.96.0/21 maxlen: 21
185.81.12.0/22 maxlen: 22
185.81.14.0/23 maxlen: 23
2a00:ce60::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0a:eb:6e:44:0a:11:7e:b8:af:eb:50:0f:30:a5:ce:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Validity
Not Before: Nov 8 08:37:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9553cf0d0e5695f0e2917752d551dafe53c448f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d9:5e:dc:31:b0:86:37:b4:88:65:cf:7f:5b:
5d:df:80:26:1a:2f:bd:bd:39:c3:1a:4f:be:8f:f5:
cb:27:1f:00:b4:93:f7:d7:cd:94:52:8f:cf:fe:97:
c8:eb:34:61:31:f9:0f:e2:07:05:d7:b7:66:37:40:
d2:99:e6:5c:f8:cd:a3:7b:3c:d8:af:c5:4d:e4:f4:
1b:3e:a3:0d:27:e6:82:52:ad:cd:5a:6b:c5:5f:66:
7b:a3:55:44:cf:71:2a:2e:0d:8b:2a:a0:e9:2d:93:
41:18:c2:03:be:54:ba:09:9c:d0:0d:8c:77:1a:5c:
63:dd:01:21:3d:75:ea:a7:d2:05:96:4a:80:a1:9f:
5f:59:99:24:b8:0f:62:c3:11:d1:4b:13:f7:bb:de:
33:c3:84:a7:41:54:06:ed:0f:11:cd:25:95:f6:db:
08:71:88:a6:ee:4c:17:2b:e4:6f:52:f8:e9:4d:ff:
13:35:62:36:55:83:46:15:b3:d9:ab:21:a9:79:a4:
6a:db:a9:99:fb:29:b1:d3:45:a0:44:b4:b5:73:cb:
81:f7:3d:cf:7d:a3:ae:f9:b9:7e:16:5d:d5:f2:78:
17:af:d5:70:f7:95:ac:a5:ed:0a:6b:4a:a0:3d:15:
ae:1a:41:18:1a:58:99:a0:97:e9:f4:5c:d9:4e:ab:
54:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:53:CF:0D:0E:56:95:F0:E2:91:77:52:D5:51:DA:FE:53:C4:48:F9
X509v3 Authority Key Identifier:
keyid:5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/lVPPDQ5WlfDikXdS1VHa_lPESPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/X5n94NY7EbXC3YFsD5PC6lg1AzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.96.0/21
185.81.12.0/22
IPv6:
2a00:ce60::/32
Signature Algorithm: sha256WithRSAEncryption
86:dc:f0:bf:f2:77:c5:e2:8b:25:0f:02:d7:09:21:c6:b7:21:
bd:bc:24:54:8e:6a:a0:24:f9:12:30:55:3a:29:28:6e:fb:c6:
eb:f9:c9:82:93:89:2a:6c:52:6f:07:95:1d:6f:39:cb:44:e7:
7e:f4:69:b9:92:c2:c5:99:c3:09:4a:a8:e9:b9:41:b8:01:b5:
c8:74:5e:69:3e:1c:83:2e:b5:39:60:b6:9f:06:e6:fb:49:3d:
80:6f:c5:f1:38:6a:c9:35:39:f2:f1:2c:ca:de:0c:62:01:ea:
69:56:e0:f0:97:92:bd:a4:5d:d6:2e:c0:4e:df:19:5c:d5:1d:
ad:a4:8e:24:5b:47:ed:b9:11:cf:fa:45:5a:91:8e:6a:e1:c0:
12:c5:dc:31:80:25:bf:bf:97:39:dc:d0:ca:65:e2:2d:99:2d:
fa:84:4a:9d:80:1c:8b:df:2a:fa:50:7e:b8:36:60:98:6f:19:
ec:89:6e:a3:48:6e:47:85:63:df:0e:45:22:e7:06:b7:2a:99:
f3:dc:86:70:f8:12:47:75:99:6d:52:1f:17:f1:7f:37:80:e8:
d1:78:bb:8d:0d:7b:9c:ab:08:ad:97:90:3b:f4:78:11:89:44:
b6:5f:68:97:f0:4d:48:65:ff:cf:84:aa:98:8f:b9:06:36:68:
e0:1e:4e:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMK625EChF+uK/rUA8wpc7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTlmZGUwZDYzYjExYjVjMmRkODE2YzBmOTNjMmVhNTgz
NTAzMzYwHhcNMjQxMTA4MDgzNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTUzY2YwZDBlNTY5NWYwZTI5MTc3NTJkNTUxZGFmZTUzYzQ0OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstle3DGwhje0iGXPf1td34AmGi+9
vTnDGk++j/XLJx8AtJP3182UUo/P/pfI6zRhMfkP4gcF17dmN0DSmeZc+M2jezzY
r8VN5PQbPqMNJ+aCUq3NWmvFX2Z7o1VEz3EqLg2LKqDpLZNBGMIDvlS6CZzQDYx3
Glxj3QEhPXXqp9IFlkqAoZ9fWZkkuA9iwxHRSxP3u94zw4SnQVQG7Q8RzSWV9tsI
cYim7kwXK+RvUvjpTf8TNWI2VYNGFbPZqyGpeaRq26mZ+ymx00WgRLS1c8uB9z3P
faOu+bl+Fl3V8ngXr9Vw95Wspe0Ka0qgPRWuGkEYGliZoJfp9FzZTqtUBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJVTzw0OVpXw4pF3UtVR2v5TxEj5MB8GA1UdIwQY
MBaAFF+Z/eDWOxG1wt2BbA+TwupYNQM2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQt
NGM3N2Q2MDVhZmVjLzEvbFZQUERRNVdsZkRpa1hkUzFWSGFfbFBFU1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQtNGM3N2Q2MDVhZmVj
LzEvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDshZgAwQC
uVEMMA0EAgACMAcDBQAqAM5gMA0GCSqGSIb3DQEBCwUAA4IBAQCG3PC/8nfF4osl
DwLXCSHGtyG9vCRUjmqgJPkSMFU6KShu+8br+cmCk4kqbFJvB5UdbznLROd+9Gm5
ksLFmcMJSqjpuUG4AbXIdF5pPhyDLrU5YLafBub7ST2Ab8XxOGrJNTny8SzK3gxi
AeppVuDwl5K9pF3WLsBO3xlc1R2tpI4kW0ftuRHP+kVakY5q4cASxdwxgCW/v5c5
3NDKZeItmS36hEqdgByL3yr6UH64NmCYbxnsiW6jSG5HhWPfDkUi5wa3Kpnz3IZw
+BJHdZltUh8X8X83gOjReLuNDXucqwitl5A79HgRiUS2X2iX8E1IZf/PhKqYj7kG
NmjgHk6j
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:15 2025 by rpki-client