Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/lMlXeLqw45PFwwM9axEeAQDeoRU.roa
File: lMlXeLqw45PFwwM9axEeAQDeoRU.roa (raw, json)
Hash identifier: fxLR7L4WXf9QkCUmD2b0i6xOJHTscWQUGTcDyzmWXu0=
Subject key identifier: 94:C9:57:78:BA:B0:E3:93:C5:C3:03:3D:6B:11:1E:01:00:DE:A1:15
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 018CC348AAB9E5A2DB100DA1B2ED1491A7C3
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/lMlXeLqw45PFwwM9axEeAQDeoRU.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49715
IP address blocks: 94.240.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:aa:b9:e5:a2:db:10:0d:a1:b2:ed:14:91:a7:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94c95778bab0e393c5c3033d6b111e0100dea115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:c5:d9:2d:ab:72:cd:ba:d0:85:1c:1b:ec:
33:34:f8:13:bf:46:9e:91:9c:a2:9b:61:e8:ab:c7:
2c:28:12:4e:e0:cf:78:35:56:1d:46:38:d7:df:01:
07:db:cb:f1:54:8b:7d:25:00:e7:c1:82:0a:c5:3c:
c3:21:46:7c:2e:77:96:ae:6d:96:0c:9b:4f:d8:5a:
a2:9b:10:86:94:60:69:53:97:32:2d:5b:d8:7a:02:
47:f7:28:9a:10:48:71:2d:84:86:f5:3e:bc:7e:71:
44:f8:04:6d:fc:ef:89:c8:d4:de:62:fa:49:12:5f:
02:b0:3a:d6:66:15:f3:eb:90:e5:53:60:6b:e0:fc:
0d:4d:6f:74:86:56:24:f6:d4:2a:09:20:d6:0d:15:
b1:d2:e9:ed:73:87:07:8e:aa:d2:9a:bc:e6:6c:3b:
4b:f7:41:1b:d6:37:69:52:82:df:62:7c:be:d7:47:
73:72:2d:48:bc:29:2c:c9:18:e1:c7:3e:4a:0b:28:
da:81:5d:4e:78:41:d3:78:32:7b:c3:2b:db:03:9d:
8e:64:80:8b:49:a6:dd:9e:d3:80:cd:09:64:07:2a:
83:c7:e3:a1:9b:19:d5:14:a3:19:aa:7c:15:96:67:
69:b4:76:c8:99:08:4c:70:c9:b3:1c:f0:53:f7:4a:
25:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C9:57:78:BA:B0:E3:93:C5:C3:03:3D:6B:11:1E:01:00:DE:A1:15
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/lMlXeLqw45PFwwM9axEeAQDeoRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.8.0/22
Signature Algorithm: sha256WithRSAEncryption
31:78:a7:db:19:37:32:c5:2b:af:f5:7f:47:13:f0:21:d8:cc:
f5:12:a2:6f:41:9d:f7:72:71:20:6b:99:f8:2d:c0:d9:09:fc:
33:88:ab:82:90:fd:58:27:6e:06:d2:90:aa:93:c0:8a:a9:01:
3b:92:3d:34:81:5e:03:63:b9:c5:66:ab:d6:a2:c4:12:90:4f:
9d:11:06:5e:ad:e1:8e:d3:33:dc:a5:5c:f1:11:49:b8:2e:b3:
9e:0a:66:fa:f1:39:3b:a9:e5:d3:11:9a:91:33:46:59:8c:73:
3e:8d:8c:4a:b1:75:23:7e:d1:1a:88:08:88:c4:be:1f:73:ec:
d7:9a:28:be:57:e5:f1:62:59:72:49:ed:7f:d9:12:45:d7:c6:
69:f1:83:5f:6e:be:67:7c:ca:e2:e5:f9:76:87:ee:d5:98:58:
29:66:c5:e6:c2:7d:34:3a:a4:4d:5d:28:e4:85:3e:2f:d1:d4:
42:2a:b5:0e:da:93:17:7f:0f:ae:3d:a3:05:a2:c4:3e:fe:9a:
8d:73:16:ba:30:be:5d:0b:ce:61:e6:71:c1:28:c3:d6:d2:67:
6e:54:73:09:6c:dd:09:b0:03:55:73:d5:76:f8:6a:6f:2d:bc:
ae:12:ac:f4:a1:6c:ad:00:48:01:35:e3:c1:0c:db:c8:65:7f:
1f:82:95:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSKq55aLbEA2hsu0UkafDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGM5NTc3OGJhYjBlMzkzYzVjMzAzM2Q2YjExMWUwMTAwZGVhMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGDF2S2rcs260IUcG+wzNPgTv0ae
kZyim2Hoq8csKBJO4M94NVYdRjjX3wEH28vxVIt9JQDnwYIKxTzDIUZ8LneWrm2W
DJtP2FqimxCGlGBpU5cyLVvYegJH9yiaEEhxLYSG9T68fnFE+ARt/O+JyNTeYvpJ
El8CsDrWZhXz65DlU2Br4PwNTW90hlYk9tQqCSDWDRWx0untc4cHjqrSmrzmbDtL
90Eb1jdpUoLfYny+10dzci1IvCksyRjhxz5KCyjagV1OeEHTeDJ7wyvbA52OZICL
SabdntOAzQlkByqDx+OhmxnVFKMZqnwVlmdptHbImQhMcMmzHPBT90oldQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTJV3i6sOOTxcMDPWsRHgEA3qEVMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvbE1sWGVMcXc0NVBGd3dNOWF4RWVBUURlb1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvAIMA0G
CSqGSIb3DQEBCwUAA4IBAQAxeKfbGTcyxSuv9X9HE/Ah2Mz1EqJvQZ33cnEga5n4
LcDZCfwziKuCkP1YJ24G0pCqk8CKqQE7kj00gV4DY7nFZqvWosQSkE+dEQZereGO
0zPcpVzxEUm4LrOeCmb68Tk7qeXTEZqRM0ZZjHM+jYxKsXUjftEaiAiIxL4fc+zX
mii+V+XxYllySe1/2RJF18Zp8YNfbr5nfMri5fl2h+7VmFgpZsXmwn00OqRNXSjk
hT4v0dRCKrUO2pMXfw+uPaMFosQ+/pqNcxa6ML5dC85h5nHBKMPW0mduVHMJbN0J
sANVc9V2+GpvLbyuEqz0oWytAEgBNePBDNvIZX8fgpWz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:49 2025 by rpki-client