Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1e06be-4511-45fc-8949-7431d689a8e8/1/LpFybWRhgeuuGZEv2f3btjcl0W4.roa
File: LpFybWRhgeuuGZEv2f3btjcl0W4.roa (raw, json)
Hash identifier: v7RyaFRua65GzkorrD3OMcURBhaB+QVFYU7Blh+c0Eg=
Subject key identifier: 2E:91:72:6D:64:61:81:EB:AE:19:91:2F:D9:FD:DB:B6:37:25:D1:6E
Certificate issuer: /CN=7657211f8a66561b5770ff19b471aef511e83778
Certificate serial: 018F2F59C1762927F6400F1E02F35B6CCE04
Authority key identifier: 76:57:21:1F:8A:66:56:1B:57:70:FF:19:B4:71:AE:F5:11:E8:37:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dlchH4pmVhtXcP8ZtHGu9RHoN3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1e06be-4511-45fc-8949-7431d689a8e8/1/LpFybWRhgeuuGZEv2f3btjcl0W4.roa
Signing time: Tue 30 Apr 2024 14:12:42 +0000
ROA not before: Tue 30 Apr 2024 14:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214998
IP address blocks: 2001:67c:e8c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 May 2024 09:44:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:59:c1:76:29:27:f6:40:0f:1e:02:f3:5b:6c:ce:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7657211f8a66561b5770ff19b471aef511e83778
Validity
Not Before: Apr 30 14:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e91726d646181ebae19912fd9fddbb63725d16e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:87:ea:13:8d:71:b8:47:f4:1c:16:34:69:
96:ec:81:8b:06:c5:00:12:3a:b4:a7:73:1d:20:d5:
a3:be:33:86:8f:29:ec:68:0a:cf:1a:64:c6:9a:1d:
f6:61:67:fb:bf:58:4a:c1:1a:33:fd:67:e0:2f:31:
0a:eb:15:75:c3:9b:57:46:39:ba:37:b6:6e:2f:21:
fd:53:13:3b:c4:fa:38:62:be:85:cc:01:1f:0e:ee:
55:02:71:fd:dc:27:ca:bc:f5:48:47:bb:b3:a7:6f:
2d:65:13:50:b6:25:29:3f:2d:21:c7:29:dd:25:20:
df:ae:6c:0b:fc:8c:28:90:43:e5:ab:41:3c:75:a0:
3f:5e:69:3d:b4:f9:b9:e9:62:b3:d1:0e:c7:ba:85:
44:67:4c:03:ca:f4:5d:24:f9:3f:07:99:8b:36:b7:
50:1f:9d:14:24:b8:e8:1c:58:d9:04:c0:32:3f:f0:
52:d1:c2:85:e9:b1:1d:35:06:b5:85:41:16:46:54:
a0:cb:1b:55:e6:bc:2d:96:21:d5:79:76:57:42:ab:
6f:e8:72:b5:d7:9d:50:9f:67:7a:e4:1c:eb:cb:83:
02:19:81:ea:fa:df:96:06:81:8d:6c:68:7c:f0:42:
87:fa:e1:23:d3:28:af:2a:fc:ce:8e:4b:d8:14:0e:
18:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:91:72:6D:64:61:81:EB:AE:19:91:2F:D9:FD:DB:B6:37:25:D1:6E
X509v3 Authority Key Identifier:
keyid:76:57:21:1F:8A:66:56:1B:57:70:FF:19:B4:71:AE:F5:11:E8:37:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlchH4pmVhtXcP8ZtHGu9RHoN3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1e06be-4511-45fc-8949-7431d689a8e8/1/LpFybWRhgeuuGZEv2f3btjcl0W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1e06be-4511-45fc-8949-7431d689a8e8/1/dlchH4pmVhtXcP8ZtHGu9RHoN3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e8c::/48
Signature Algorithm: sha256WithRSAEncryption
30:26:8a:1f:3e:05:8a:2c:b2:1a:48:7e:55:66:b6:d1:df:59:
83:89:c8:56:89:cd:bb:73:79:a4:10:46:b9:97:6f:41:98:36:
cc:59:27:7f:12:25:b7:fa:db:4b:d0:8b:b3:bd:67:5c:ae:62:
d1:bb:c2:f9:96:24:b9:6f:f4:55:a0:a9:ec:fe:a8:5e:c3:32:
4d:83:16:74:9f:f3:d5:26:ad:ae:7d:8b:52:09:23:f1:03:99:
03:63:cc:ff:54:18:0a:30:bc:f4:cc:bd:83:59:9e:89:4c:07:
20:13:c1:58:24:1d:79:0c:81:25:09:fc:45:88:14:5c:e1:f5:
53:91:de:6f:2e:cc:e3:32:e7:66:47:bc:1a:20:15:93:a0:2c:
61:37:e8:62:9f:8a:be:3f:9f:b4:73:62:a2:1f:d0:b7:46:25:
5a:44:72:65:c4:ea:39:75:a2:9e:54:54:97:33:cd:27:27:15:
66:cc:0e:ed:04:a9:7a:43:c9:53:ca:a9:08:5c:44:c2:18:d3:
fa:04:f5:af:35:56:c8:63:a1:bd:81:3e:15:96:91:5f:4f:49:
eb:3f:b2:98:3b:b0:d0:cc:37:35:5a:e8:a5:5c:f2:a8:f6:25:
f2:32:a6:00:95:65:bf:82:67:5a:63:78:6a:91:59:19:12:bd:
9b:37:7f:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY8vWcF2KSf2QA8eAvNbbM4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NTcyMTFmOGE2NjU2MWI1NzcwZmYxOWI0NzFhZWY1MTFl
ODM3NzgwHhcNMjQwNDMwMTQxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTkxNzI2ZDY0NjE4MWViYWUxOTkxMmZkOWZkZGJiNjM3MjVkMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBqH6hONcbhH9BwWNGmW7IGLBsUA
Ejq0p3MdINWjvjOGjynsaArPGmTGmh32YWf7v1hKwRoz/WfgLzEK6xV1w5tXRjm6
N7ZuLyH9UxM7xPo4Yr6FzAEfDu5VAnH93CfKvPVIR7uzp28tZRNQtiUpPy0hxynd
JSDfrmwL/IwokEPlq0E8daA/Xmk9tPm56WKz0Q7HuoVEZ0wDyvRdJPk/B5mLNrdQ
H50UJLjoHFjZBMAyP/BS0cKF6bEdNQa1hUEWRlSgyxtV5rwtliHVeXZXQqtv6HK1
151Qn2d65Bzry4MCGYHq+t+WBoGNbGh88EKH+uEj0yivKvzOjkvYFA4YIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC6Rcm1kYYHrrhmRL9n927Y3JdFuMB8GA1UdIwQY
MBaAFHZXIR+KZlYbV3D/GbRxrvUR6Dd4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGxjaEg0cG1WaHRYY1A4WnRIR3U5UkhvTjNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xZTA2YmUtNDUxMS00NWZjLTg5NDkt
NzQzMWQ2ODlhOGU4LzEvTHBGeWJXUmhnZXV1R1pFdjJmM2J0amNsMFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xZTA2YmUtNDUxMS00NWZjLTg5NDktNzQzMWQ2ODlhOGU4
LzEvZGxjaEg0cG1WaHRYY1A4WnRIR3U5UkhvTjNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA6M
MA0GCSqGSIb3DQEBCwUAA4IBAQAwJoofPgWKLLIaSH5VZrbR31mDichWic27c3mk
EEa5l29BmDbMWSd/EiW3+ttL0IuzvWdcrmLRu8L5liS5b/RVoKns/qhewzJNgxZ0
n/PVJq2ufYtSCSPxA5kDY8z/VBgKMLz0zL2DWZ6JTAcgE8FYJB15DIElCfxFiBRc
4fVTkd5vLszjMudmR7waIBWToCxhN+hin4q+P5+0c2KiH9C3RiVaRHJlxOo5daKe
VFSXM80nJxVmzA7tBKl6Q8lTyqkIXETCGNP6BPWvNVbIY6G9gT4VlpFfT0nrP7KY
O7DQzDc1WuilXPKo9iXyMqYAlWW/gmdaY3hqkVkZEr2bN3/y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:59 2024 by rpki-client on console-ams.rpki-client.org