Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lzJmptyzptV0EvynhYL-w7YDWYY.roa
File: lzJmptyzptV0EvynhYL-w7YDWYY.roa (raw, json)
Hash identifier: BincOsV3Ckkr7ib55+rAFdiMEPvBtYZBDd8QiyIKDvE=
Subject key identifier: 97:32:66:A6:DC:B3:A6:D5:74:12:FC:A7:85:82:FE:C3:B6:03:59:86
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01949921A5E5A1CF4C29250289988E057348
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lzJmptyzptV0EvynhYL-w7YDWYY.roa
Signing time: Fri 24 Jan 2025 16:25:06 +0000
ROA not before: Fri 24 Jan 2025 16:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137897
IP address blocks: 93.114.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 07:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:21:a5:e5:a1:cf:4c:29:25:02:89:98:8e:05:73:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 24 16:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=973266a6dcb3a6d57412fca78582fec3b6035986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:02:f8:5d:0a:56:8d:7a:68:5b:aa:db:0e:50:
32:95:6b:89:cb:0c:50:30:41:1f:2a:9f:1a:d5:a5:
22:05:50:46:6d:1e:d5:ce:a1:42:bf:78:00:09:31:
f1:b4:45:70:ee:96:39:74:1b:52:0b:92:41:1c:ee:
ec:33:11:18:d4:1e:87:98:9b:ee:c1:0f:b1:7a:63:
fc:52:e1:5f:be:4a:36:4d:4c:b0:ae:6d:69:de:df:
77:00:85:ae:96:6f:d3:98:d2:53:e4:07:2f:93:5f:
69:53:e9:75:6a:02:51:33:b9:a2:8f:5c:1c:4a:42:
69:fc:01:3e:6a:98:e0:2a:09:8a:2a:bd:8d:51:08:
36:b2:2d:bd:9f:a9:fd:51:b7:70:c4:3e:aa:4d:7c:
41:5f:70:69:e3:ff:ee:b0:d4:56:88:a0:5d:a2:16:
9d:27:3b:84:66:96:3e:6d:c6:b5:de:11:83:7c:a7:
9e:91:bf:4e:14:1b:dd:4a:8a:6c:e8:64:96:42:2d:
7c:df:56:42:49:44:fc:21:a1:24:cf:c7:45:d6:67:
3b:08:93:a6:fe:d5:c5:4e:0c:32:3c:59:79:28:81:
3e:f6:8a:61:0a:a8:c0:08:1e:b3:30:91:b1:fc:43:
43:84:79:e7:cd:81:43:e3:a2:55:e7:52:24:c4:8f:
eb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:32:66:A6:DC:B3:A6:D5:74:12:FC:A7:85:82:FE:C3:B6:03:59:86
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lzJmptyzptV0EvynhYL-w7YDWYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.88.0/24
Signature Algorithm: sha256WithRSAEncryption
32:4c:3a:c0:37:bc:68:09:20:31:ca:44:ad:55:ba:d6:0b:f9:
91:89:30:11:c0:5b:5d:7f:6b:c8:83:1e:b7:49:0f:36:66:7d:
d4:e7:14:55:1c:3c:51:a1:54:47:11:ba:44:56:96:a3:9d:ea:
02:bc:5b:70:2f:08:d2:af:ab:98:6b:59:7c:e9:de:7e:29:38:
9e:37:05:0b:44:93:fa:83:8a:74:ea:e3:b7:fa:81:68:ec:e0:
6a:dd:b1:6d:ff:e7:cc:ad:55:4d:c2:61:29:d9:8e:64:c6:6e:
3f:0f:58:a7:27:7c:b7:49:ad:f9:0d:17:59:3b:95:69:b3:5f:
de:a1:6f:fb:c0:55:a2:7e:11:10:42:17:5d:62:c7:73:0a:83:
69:2f:ff:f2:08:66:b7:da:15:43:1d:c9:33:b3:6a:59:00:d6:
e8:72:ce:9c:75:7a:eb:a4:8e:c3:99:9f:e2:91:c0:ef:19:6c:
c4:90:05:6c:be:cf:f9:ce:14:29:e8:aa:55:61:da:26:81:45:
0f:a8:26:52:9f:c3:c4:dd:d7:2c:4f:81:aa:3a:0c:f7:22:b6:
b6:65:85:d3:16:52:4a:70:e5:7a:6c:8c:fd:39:4f:18:bf:07:
27:3a:8d:6c:db:87:70:37:f3:8b:c2:c0:78:e8:d1:3a:c0:b8:
00:0e:86:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSZIaXloc9MKSUCiZiOBXNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTI0MTYyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzMyNjZhNmRjYjNhNmQ1NzQxMmZjYTc4NTgyZmVjM2I2MDM1OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywL4XQpWjXpoW6rbDlAylWuJywxQ
MEEfKp8a1aUiBVBGbR7VzqFCv3gACTHxtEVw7pY5dBtSC5JBHO7sMxEY1B6HmJvu
wQ+xemP8UuFfvko2TUywrm1p3t93AIWulm/TmNJT5Acvk19pU+l1agJRM7mij1wc
SkJp/AE+apjgKgmKKr2NUQg2si29n6n9UbdwxD6qTXxBX3Bp4//usNRWiKBdohad
JzuEZpY+bca13hGDfKeekb9OFBvdSops6GSWQi1831ZCSUT8IaEkz8dF1mc7CJOm
/tXFTgwyPFl5KIE+9ophCqjACB6zMJGx/ENDhHnnzYFD46JV51IkxI/r1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcyZqbcs6bVdBL8p4WC/sO2A1mGMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvbHpKbXB0eXpwdFYwRXZ5bmhZTC13N1lEV1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXJYMA0G
CSqGSIb3DQEBCwUAA4IBAQAyTDrAN7xoCSAxykStVbrWC/mRiTARwFtdf2vIgx63
SQ82Zn3U5xRVHDxRoVRHEbpEVpajneoCvFtwLwjSr6uYa1l86d5+KTieNwULRJP6
g4p06uO3+oFo7OBq3bFt/+fMrVVNwmEp2Y5kxm4/D1inJ3y3Sa35DRdZO5Vps1/e
oW/7wFWifhEQQhddYsdzCoNpL//yCGa32hVDHckzs2pZANbocs6cdXrrpI7DmZ/i
kcDvGWzEkAVsvs/5zhQp6KpVYdomgUUPqCZSn8PE3dcsT4GqOgz3Ira2ZYXTFlJK
cOV6bIz9OU8YvwcnOo1s24dwN/OLwsB46NE6wLgADob6
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:05:50 2025 by rpki-client