Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/lqhk6biJphpkGni3g1hKEC0QD-U.roa
File: lqhk6biJphpkGni3g1hKEC0QD-U.roa (raw, json)
Hash identifier: pdIj1ppEFRKV7mT0SvQQiypO7wLFPnX+6vRqTUfmDlo=
Subject key identifier: 96:A8:64:E9:B8:89:A6:1A:64:1A:78:B7:83:58:4A:10:2D:10:0F:E5
Certificate issuer: /CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Certificate serial: 018CC3491BB01B669271526C481606867DD3
Authority key identifier: 5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/lqhk6biJphpkGni3g1hKEC0QD-U.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49409
IP address blocks: 185.81.14.0/23 maxlen: 23
178.22.96.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1b:b0:1b:66:92:71:52:6c:48:16:06:86:7d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96a864e9b889a61a641a78b783584a102d100fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ac:cb:ff:cf:6b:d0:77:d4:f9:31:ee:2b:17:
bf:4a:56:0e:2c:fd:98:c7:58:09:b0:12:dc:33:e2:
a0:8d:58:8f:1c:f8:e1:4c:9a:12:a6:33:3b:54:59:
3d:99:cf:93:53:a1:63:be:47:27:23:4a:da:7b:bd:
47:f6:36:c3:19:b1:b1:ee:7d:d0:5a:f7:fc:53:a9:
78:68:32:b0:bf:50:3f:91:bc:80:43:c2:1d:0e:77:
cc:3a:32:7a:ea:e9:79:f9:44:90:03:d5:b5:70:f0:
e1:cc:ea:8d:73:e0:0b:fd:40:74:bf:8c:b2:bc:35:
a7:bc:26:de:67:0f:d0:75:a3:9c:5c:82:96:36:2c:
13:35:70:be:6b:47:51:56:f2:2e:b2:d6:00:d2:88:
b8:21:ed:11:a3:ea:44:52:9f:be:2d:eb:b0:04:fd:
e6:c1:67:d6:40:02:6c:2a:35:de:07:b6:fb:54:4a:
74:38:13:f2:0a:99:fe:67:4b:d1:f4:09:74:bc:5a:
09:d1:f5:30:11:a3:06:e8:f4:54:01:0d:53:6f:bf:
9f:3b:36:df:25:1a:ba:e8:55:6a:32:f2:02:b9:ff:
45:61:dd:b2:2d:27:1e:ca:77:36:38:60:3e:85:c1:
0f:f5:30:58:0c:74:2b:89:7a:19:06:d5:8c:43:a7:
6c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A8:64:E9:B8:89:A6:1A:64:1A:78:B7:83:58:4A:10:2D:10:0F:E5
X509v3 Authority Key Identifier:
keyid:5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/lqhk6biJphpkGni3g1hKEC0QD-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/X5n94NY7EbXC3YFsD5PC6lg1AzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.96.0/21
185.81.14.0/23
Signature Algorithm: sha256WithRSAEncryption
15:ce:a9:d5:4c:da:42:dd:ee:7b:bb:e5:54:f0:46:e5:5c:44:
aa:59:17:64:7d:cb:f5:9b:31:17:4f:e3:45:7c:f7:2f:3e:50:
ce:9a:1a:8a:15:f1:9f:22:17:ca:74:20:a8:ff:f9:c5:4b:1a:
fc:97:93:c7:82:6e:a0:d1:d8:c3:b9:11:34:1d:92:84:e3:ac:
63:19:20:24:37:8d:c9:ff:54:01:c5:c0:7d:ad:18:d6:81:17:
1c:26:76:80:77:42:56:9f:df:5e:59:88:22:5f:d3:86:a5:ff:
b3:ed:3d:77:a0:9b:e6:dc:48:93:4d:9f:60:e8:89:e9:27:0e:
65:d3:aa:da:eb:16:95:0d:1c:21:84:50:66:76:d2:cd:3f:d9:
13:26:85:ed:17:5e:1c:29:26:ed:68:f6:b0:e7:62:7e:aa:68:
51:c2:31:33:96:dc:9b:03:5e:49:2a:8d:d7:24:25:8c:8b:44:
27:75:93:b4:50:66:d0:29:25:cc:6a:77:1b:9c:33:0e:3f:5e:
16:f7:94:6d:07:f9:a3:40:b9:27:bc:aa:b4:e0:8f:4f:fd:22:
07:ad:60:fd:cb:85:7f:df:8b:d3:c9:2c:9e:3b:90:4c:0d:b9:
a0:5e:4a:87:d2:98:0f:f6:44:f1:90:c0:4f:f7:03:b3:19:a5:
5d:20:53:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSRuwG2aScVJsSBYGhn3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTlmZGUwZDYzYjExYjVjMmRkODE2YzBmOTNjMmVhNTgz
NTAzMzYwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmE4NjRlOWI4ODlhNjFhNjQxYTc4Yjc4MzU4NGExMDJkMTAwZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqzL/89r0HfU+THuKxe/SlYOLP2Y
x1gJsBLcM+KgjViPHPjhTJoSpjM7VFk9mc+TU6FjvkcnI0rae71H9jbDGbGx7n3Q
Wvf8U6l4aDKwv1A/kbyAQ8IdDnfMOjJ66ul5+USQA9W1cPDhzOqNc+AL/UB0v4yy
vDWnvCbeZw/QdaOcXIKWNiwTNXC+a0dRVvIustYA0oi4Ie0Ro+pEUp++LeuwBP3m
wWfWQAJsKjXeB7b7VEp0OBPyCpn+Z0vR9Al0vFoJ0fUwEaMG6PRUAQ1Tb7+fOzbf
JRq66FVqMvICuf9FYd2yLSceync2OGA+hcEP9TBYDHQriXoZBtWMQ6dspQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJaoZOm4iaYaZBp4t4NYShAtEA/lMB8GA1UdIwQY
MBaAFF+Z/eDWOxG1wt2BbA+TwupYNQM2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQt
NGM3N2Q2MDVhZmVjLzEvbHFoazZiaUpwaHBrR25pM2cxaEtFQzBRRC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQtNGM3N2Q2MDVhZmVj
LzEvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDshZgAwQB
uVEOMA0GCSqGSIb3DQEBCwUAA4IBAQAVzqnVTNpC3e57u+VU8EblXESqWRdkfcv1
mzEXT+NFfPcvPlDOmhqKFfGfIhfKdCCo//nFSxr8l5PHgm6g0djDuRE0HZKE46xj
GSAkN43J/1QBxcB9rRjWgRccJnaAd0JWn99eWYgiX9OGpf+z7T13oJvm3EiTTZ9g
6InpJw5l06ra6xaVDRwhhFBmdtLNP9kTJoXtF14cKSbtaPaw52J+qmhRwjEzltyb
A15JKo3XJCWMi0QndZO0UGbQKSXMancbnDMOP14W95RtB/mjQLknvKq04I9P/SIH
rWD9y4V/34vTySyeO5BMDbmgXkqH0pgP9kTxkMBP9wOzGaVdIFOt
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:54:00 2025 by rpki-client