Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/L5bME5LBkFdTGADKNWWvLjt9YoM.roa
File: L5bME5LBkFdTGADKNWWvLjt9YoM.roa (raw, json)
Hash identifier: r53hk/sYI4CjUlZdD7syYrYCHHBP/GjtWtsfY0KnR8s=
Subject key identifier: 2F:96:CC:13:92:C1:90:57:53:18:00:CA:35:65:AF:2E:3B:7D:62:83
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 018CC49310E782D822A68BE383C5CB99EF0B
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/L5bME5LBkFdTGADKNWWvLjt9YoM.roa
Signing time: Mon 01 Jan 2024 10:30:21 +0000
ROA not before: Mon 01 Jan 2024 10:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211895
IP address blocks: 193.36.132.0/24 maxlen: 24
91.218.20.0/24 maxlen: 24
188.239.191.0/24 maxlen: 24
2a07:e040::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 15 Mar 2024 21:37:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:10:e7:82:d8:22:a6:8b:e3:83:c5:cb:99:ef:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Jan 1 10:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f96cc1392c19057531800ca3565af2e3b7d6283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ea:e5:89:00:cc:2c:58:6f:a3:0c:91:29:a6:
d2:78:d4:92:d6:95:ca:ad:76:92:d8:13:e6:b9:90:
63:ba:98:d6:19:95:67:c1:dc:3e:24:c9:f4:79:80:
36:df:af:00:2a:9c:5c:c2:c6:17:3c:90:cb:86:ae:
ac:63:6e:79:e6:82:d3:2f:e8:24:b5:76:0e:fd:a9:
39:65:f9:6b:b1:7a:00:03:dc:f6:76:b7:5b:1f:ea:
28:3b:d4:eb:47:e7:c7:92:6b:b7:0f:d9:96:d9:31:
80:d9:5d:ff:a4:43:b4:be:26:6d:88:09:04:b2:6c:
58:cc:f2:95:4f:b9:00:38:82:eb:a4:c5:c2:a1:cc:
7e:07:1b:0f:eb:87:3d:19:a4:73:42:44:3e:27:fa:
0a:a9:b2:14:49:dd:fa:52:69:bc:dc:3b:ec:c6:00:
c7:3f:28:52:af:85:a0:86:44:ab:5f:f3:c9:af:a6:
40:69:08:e1:b8:a1:a6:7b:d9:71:c3:b1:5a:7c:c7:
83:de:ce:d4:13:6a:32:45:a5:ca:97:c7:78:52:4f:
57:e1:1f:15:f3:84:6a:f7:92:0e:df:99:6e:e9:9e:
95:85:b2:aa:f7:b8:a7:36:47:6a:33:40:5f:ba:fa:
68:59:48:5b:d6:61:cc:e6:de:4a:73:8a:b1:3c:56:
61:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:96:CC:13:92:C1:90:57:53:18:00:CA:35:65:AF:2E:3B:7D:62:83
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/L5bME5LBkFdTGADKNWWvLjt9YoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.20.0/24
188.239.191.0/24
193.36.132.0/24
IPv6:
2a07:e040::/32
Signature Algorithm: sha256WithRSAEncryption
26:60:46:64:12:51:cc:cf:9b:02:fd:74:6d:e7:a7:33:99:b8:
f3:8a:ef:aa:fa:e6:9e:77:2d:b4:88:1c:b5:58:fa:e9:a8:41:
24:69:67:7c:34:b6:82:64:0f:80:ec:73:4e:67:ce:9e:c3:cd:
6c:33:e3:78:5b:5f:2e:e1:91:d5:4a:89:d4:8b:cb:93:b0:cc:
e6:9d:e4:be:36:2c:9a:b7:68:4c:71:e1:72:82:30:04:dd:9c:
60:b7:5c:77:d9:31:25:fd:74:7d:74:8b:99:f6:f7:fe:b7:2c:
be:00:64:99:cf:13:f2:d0:d6:54:9c:4d:11:d4:33:62:d5:92:
b3:76:54:c5:3f:96:5d:53:03:1e:bf:ad:f2:90:39:b5:cc:4f:
21:65:c4:b4:07:b4:e6:72:3b:30:36:fb:ab:9f:65:9a:65:9f:
03:80:44:7a:e6:4c:c3:ba:19:81:a3:a8:4f:9d:8f:06:c7:aa:
63:f1:f4:0b:26:65:92:fd:f4:08:6d:e4:25:a5:1a:07:8e:7c:
1c:87:b7:45:e9:8f:89:22:99:14:3c:27:cc:93:0d:fa:9d:98:
80:28:98:9a:05:95:7a:46:78:4f:ed:d5:c5:1b:49:42:e2:c2:
93:d2:96:ca:52:23:62:30:9d:d4:d5:5d:9e:90:83:ca:2a:97:
45:53:e8:21
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkxDngtgipovjg8XLme8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjQwMTAxMTAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk2Y2MxMzkyYzE5MDU3NTMxODAwY2EzNTY1YWYyZTNiN2Q2MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4erliQDMLFhvowyRKabSeNSS1pXK
rXaS2BPmuZBjupjWGZVnwdw+JMn0eYA2368AKpxcwsYXPJDLhq6sY2555oLTL+gk
tXYO/ak5ZflrsXoAA9z2drdbH+ooO9TrR+fHkmu3D9mW2TGA2V3/pEO0viZtiAkE
smxYzPKVT7kAOILrpMXCocx+BxsP64c9GaRzQkQ+J/oKqbIUSd36Umm83DvsxgDH
PyhSr4WghkSrX/PJr6ZAaQjhuKGme9lxw7FafMeD3s7UE2oyRaXKl8d4Uk9X4R8V
84Rq95IO35lu6Z6VhbKq97inNkdqM0BfuvpoWUhb1mHM5t5Kc4qxPFZhyQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC+WzBOSwZBXUxgAyjVlry47fWKDMB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvTDViTUU1TEJrRmRUR0FES05XV3ZManQ5WW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9oUAwQA
vO+/AwQAwSSEMA0EAgACMAcDBQAqB+BAMA0GCSqGSIb3DQEBCwUAA4IBAQAmYEZk
ElHMz5sC/XRt56czmbjziu+q+uaedy20iBy1WPrpqEEkaWd8NLaCZA+A7HNOZ86e
w81sM+N4W18u4ZHVSonUi8uTsMzmneS+Niyat2hMceFygjAE3Zxgt1x32TEl/XR9
dIuZ9vf+tyy+AGSZzxPy0NZUnE0R1DNi1ZKzdlTFP5ZdUwMev63ykDm1zE8hZcS0
B7TmcjswNvurn2WaZZ8DgER65kzDuhmBo6hPnY8Gx6pj8fQLJmWS/fQIbeQlpRoH
jnwch7dF6Y+JIpkUPCfMkw36nZiAKJiaBZV6RnhP7dXFG0lC4sKT0pbKUiNiMJ3U
1V2ekIPKKpdFU+gh
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:38 2025 by rpki-client