Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/af3da0-af92-41b8-87bf-d58b094df06c/1/LEtOxARKAkLiExrn1P6wZuGsuKk.roa
File: LEtOxARKAkLiExrn1P6wZuGsuKk.roa (raw, json)
Hash identifier: IarksTLDxebJL8RDjfCgogxRzjjJ/OxA+yuDcDxU/N4=
Subject key identifier: 2C:4B:4E:C4:04:4A:02:42:E2:13:1A:E7:D4:FE:B0:66:E1:AC:B8:A9
Certificate issuer: /CN=34e4f60b0e508726dde68c1c255d04bd21a3a183
Certificate serial: 018CC5DC4A183C799CDABF4C4DDCD9567A78
Authority key identifier: 34:E4:F6:0B:0E:50:87:26:DD:E6:8C:1C:25:5D:04:BD:21:A3:A1:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOT2Cw5Qhybd5owcJV0EvSGjoYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/af3da0-af92-41b8-87bf-d58b094df06c/1/LEtOxARKAkLiExrn1P6wZuGsuKk.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62053
IP address blocks: 91.233.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4a:18:3c:79:9c:da:bf:4c:4d:dc:d9:56:7a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e4f60b0e508726dde68c1c255d04bd21a3a183
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c4b4ec4044a0242e2131ae7d4feb066e1acb8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a7:00:26:17:2a:72:06:3d:99:61:d3:8e:07:
db:d8:9d:7c:31:cd:a9:53:65:34:e9:03:b5:9e:28:
55:c7:9b:b6:2d:30:16:3c:49:13:d8:52:ca:8e:6b:
9f:b5:5a:ca:9e:26:01:74:2e:f9:fd:ea:c2:d8:3c:
07:09:a0:4f:86:26:b2:e0:1f:49:46:b1:cf:01:5b:
18:05:03:68:5d:d0:dd:b9:f4:62:0d:bf:ba:34:ef:
0c:89:82:6f:81:b4:ef:52:fb:ed:17:3e:47:a2:9c:
3e:c2:23:b0:57:99:c4:f0:db:91:16:0c:03:f9:ca:
71:f8:3a:5b:36:bf:ce:80:57:ec:a4:13:db:d4:98:
97:4e:ab:35:28:4a:26:33:c1:dd:10:20:5c:03:8e:
a6:2b:ab:4c:19:c6:c8:3e:23:e7:e5:69:4c:4a:8e:
52:67:7d:11:46:8e:0a:91:69:35:17:e3:bc:ca:c2:
12:bd:03:9e:59:94:a2:fe:a9:d1:97:72:77:91:d1:
8c:5c:4d:98:3e:15:9b:85:eb:8a:66:5d:bc:91:6f:
f8:0a:49:7a:cd:e4:aa:88:78:b0:e3:64:ca:27:4b:
3f:37:f9:c9:0a:18:1e:b0:a3:5f:df:65:55:b2:d7:
d3:d1:90:ca:26:c6:66:5d:e3:6b:20:d2:da:22:96:
dd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:4B:4E:C4:04:4A:02:42:E2:13:1A:E7:D4:FE:B0:66:E1:AC:B8:A9
X509v3 Authority Key Identifier:
keyid:34:E4:F6:0B:0E:50:87:26:DD:E6:8C:1C:25:5D:04:BD:21:A3:A1:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOT2Cw5Qhybd5owcJV0EvSGjoYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/af3da0-af92-41b8-87bf-d58b094df06c/1/LEtOxARKAkLiExrn1P6wZuGsuKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/af3da0-af92-41b8-87bf-d58b094df06c/1/NOT2Cw5Qhybd5owcJV0EvSGjoYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.32.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ae:a1:fb:38:e4:1f:73:32:78:92:a6:8c:b6:ff:4f:5e:92:
78:32:3c:75:d9:c1:6d:80:fe:2a:61:2b:f9:d1:0f:e7:db:ee:
7c:53:66:b0:37:d6:88:69:ed:dd:d2:2d:8c:9f:16:a1:be:82:
ac:19:35:a4:f9:6e:54:b1:15:b5:5c:b5:e3:0f:38:80:75:1d:
6b:3c:d1:64:5f:bc:b4:8c:2f:c7:6b:56:cf:2e:e8:c4:ce:bc:
a5:0a:0b:f6:73:22:9f:ce:77:be:25:9d:ef:3c:10:70:c3:f4:
84:e5:88:10:01:24:37:65:b6:fc:ea:53:0c:f5:b9:0c:6c:9f:
44:7a:8a:69:81:ba:27:e8:73:17:6d:24:50:df:eb:a4:1a:c2:
c7:41:f4:9c:7f:99:92:e7:fa:5b:16:b8:eb:1c:ba:66:e8:40:
d9:ae:68:b4:de:00:6e:ea:29:3d:58:fb:f2:43:d4:ce:78:cf:
2c:0c:32:e0:d1:80:a8:3d:a6:4a:78:68:1a:c8:06:45:94:46:
c7:fa:58:e2:96:40:0d:ed:a3:ae:18:af:1b:91:ab:14:3e:14:
d1:eb:0d:5f:23:e5:8e:6a:37:a4:0a:07:a2:8f:e3:19:05:44:
63:3a:d6:60:b6:88:03:48:31:05:d8:5d:83:fc:9c:c3:83:1e:
bc:8f:b9:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3EoYPHmc2r9MTdzZVnp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTRmNjBiMGU1MDg3MjZkZGU2OGMxYzI1NWQwNGJkMjFh
M2ExODMwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzRiNGVjNDA0NGEwMjQyZTIxMzFhZTdkNGZlYjA2NmUxYWNiOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKcAJhcqcgY9mWHTjgfb2J18Mc2p
U2U06QO1nihVx5u2LTAWPEkT2FLKjmuftVrKniYBdC75/erC2DwHCaBPhiay4B9J
RrHPAVsYBQNoXdDdufRiDb+6NO8MiYJvgbTvUvvtFz5Hopw+wiOwV5nE8NuRFgwD
+cpx+DpbNr/OgFfspBPb1JiXTqs1KEomM8HdECBcA46mK6tMGcbIPiPn5WlMSo5S
Z30RRo4KkWk1F+O8ysISvQOeWZSi/qnRl3J3kdGMXE2YPhWbheuKZl28kW/4Ckl6
zeSqiHiw42TKJ0s/N/nJChgesKNf32VVstfT0ZDKJsZmXeNrINLaIpbdyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxLTsQESgJC4hMa59T+sGbhrLipMB8GA1UdIwQY
MBaAFDTk9gsOUIcm3eaMHCVdBL0ho6GDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9UMkN3NVFoeWJkNW93Y0pWMEV2U0dqb1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hZjNkYTAtYWY5Mi00MWI4LTg3YmYt
ZDU4YjA5NGRmMDZjLzEvTEV0T3hBUktBa0xpRXhybjFQNndadUdzdUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hZjNkYTAtYWY5Mi00MWI4LTg3YmYtZDU4YjA5NGRmMDZj
LzEvTk9UMkN3NVFoeWJkNW93Y0pWMEV2U0dqb1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+kgMA0G
CSqGSIb3DQEBCwUAA4IBAQAGrqH7OOQfczJ4kqaMtv9PXpJ4Mjx12cFtgP4qYSv5
0Q/n2+58U2awN9aIae3d0i2MnxahvoKsGTWk+W5UsRW1XLXjDziAdR1rPNFkX7y0
jC/Ha1bPLujEzrylCgv2cyKfzne+JZ3vPBBww/SE5YgQASQ3Zbb86lMM9bkMbJ9E
eoppgbon6HMXbSRQ3+ukGsLHQfScf5mS5/pbFrjrHLpm6EDZrmi03gBu6ik9WPvy
Q9TOeM8sDDLg0YCoPaZKeGgayAZFlEbH+ljilkAN7aOuGK8bkasUPhTR6w1fI+WO
ajekCgeij+MZBURjOtZgtogDSDEF2F2D/JzDgx68j7mm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:24 2025 by rpki-client