Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Lcs1N70DicH30p1qneXwSpm6CCM.roa
File: Lcs1N70DicH30p1qneXwSpm6CCM.roa (raw, json)
Hash identifier: aR/akXGEQGJDiUA58EvnGwzt8k0i4R70wzqAd0dHeYI=
Subject key identifier: 2D:CB:35:37:BD:03:89:C1:F7:D2:9D:6A:9D:E5:F0:4A:99:BA:08:23
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0193A7CF53DC48B486EED40D4DCBDCEE243E
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Lcs1N70DicH30p1qneXwSpm6CCM.roa
Signing time: Sun 08 Dec 2024 19:46:42 +0000
ROA not before: Sun 08 Dec 2024 19:46:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 2.59.212.0/24 maxlen: 24
193.38.50.0/24 maxlen: 24
193.38.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a7:cf:53:dc:48:b4:86:ee:d4:0d:4d:cb:dc:ee:24:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Dec 8 19:46:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dcb3537bd0389c1f7d29d6a9de5f04a99ba0823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ec:62:72:8a:94:39:b1:eb:2c:c8:ea:0f:3d:
e6:6a:79:e9:43:a8:d3:a6:a5:b4:69:97:85:3a:2c:
27:4e:d4:82:f9:76:b9:5e:a0:20:ec:c3:fc:e5:8d:
7a:ef:81:fe:e5:ab:c9:71:4d:ab:51:f5:db:6c:3b:
21:bc:13:1f:c7:c4:7b:3b:39:ff:50:69:41:92:dd:
39:21:b7:0e:fa:e3:85:9e:2a:39:c1:ab:f2:09:99:
40:63:65:43:a3:10:66:dc:5d:83:1b:da:13:5d:68:
89:5c:0d:2d:f8:8b:da:d8:e7:48:5b:67:99:89:60:
bd:89:6a:99:30:f6:31:d9:ce:f8:70:88:66:cf:1c:
96:62:f9:48:68:fd:86:c6:6f:39:6d:26:70:4b:0b:
a8:2a:b0:8c:25:3e:54:e7:b7:6d:fa:1a:42:4e:c0:
b0:e4:be:5c:3b:54:cf:73:5d:ef:ae:1e:4e:05:c6:
4a:06:04:c7:08:ec:ff:b1:27:69:9b:32:eb:09:84:
41:79:d1:2e:9d:93:91:79:2e:cd:4a:06:ff:2a:98:
3a:d9:7e:74:34:40:66:0e:ab:b4:7b:1d:28:1f:b8:
d5:1d:30:2e:2e:80:c0:de:cc:fb:fc:b5:47:6e:fb:
e5:c9:a4:81:07:0f:98:cc:b8:af:b5:90:89:8b:99:
f6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CB:35:37:BD:03:89:C1:F7:D2:9D:6A:9D:E5:F0:4A:99:BA:08:23
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Lcs1N70DicH30p1qneXwSpm6CCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.212.0/24
193.38.50.0/23
Signature Algorithm: sha256WithRSAEncryption
97:7a:31:f5:a6:a8:c5:b4:0b:49:41:b5:c6:ed:30:27:13:19:
23:c4:16:c6:ac:66:85:9d:4d:6c:64:9a:49:5d:73:cc:be:bb:
aa:d9:7e:46:a8:2b:0f:2e:b6:ee:36:56:c3:08:04:28:60:59:
92:77:2e:0e:92:f4:d2:ec:f1:b6:44:30:a5:4c:84:e2:de:ad:
8d:53:25:14:fb:19:07:14:76:b3:47:93:49:ee:f0:8b:aa:88:
0b:08:6f:68:57:7d:b3:4b:02:c3:e0:1a:6e:2b:b2:fc:0a:95:
2f:f4:a5:1b:ef:ab:d9:55:c5:88:6c:86:6f:c7:2f:6c:e4:d1:
68:b9:da:7a:50:42:f7:21:ee:04:4f:b3:20:4b:ee:78:fe:bf:
7e:09:41:6d:f4:bf:77:e3:bd:b2:93:8d:ac:f2:28:be:a1:57:
e7:44:79:e5:d9:59:06:d0:c2:29:35:ff:26:b7:d0:31:16:43:
f0:6f:5c:6c:ba:da:50:49:19:8e:65:11:de:a4:55:a3:79:6a:
eb:a7:92:e3:1c:02:5b:17:9d:0c:31:07:01:35:d5:f2:50:c5:
ba:2c:36:2f:0c:5d:74:0e:09:99:a5:2f:23:92:fe:cb:60:7f:
85:0c:bc:7a:b9:59:f8:63:7c:19:96:9a:c8:86:7c:87:6a:43:
a2:7b:d4:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOnz1PcSLSG7tQNTcvc7iQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQxMjA4MTk0NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNiMzUzN2JkMDM4OWMxZjdkMjlkNmE5ZGU1ZjA0YTk5YmEwODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uxicoqUObHrLMjqDz3mannpQ6jT
pqW0aZeFOiwnTtSC+Xa5XqAg7MP85Y1674H+5avJcU2rUfXbbDshvBMfx8R7Ozn/
UGlBkt05IbcO+uOFnio5wavyCZlAY2VDoxBm3F2DG9oTXWiJXA0t+Iva2OdIW2eZ
iWC9iWqZMPYx2c74cIhmzxyWYvlIaP2Gxm85bSZwSwuoKrCMJT5U57dt+hpCTsCw
5L5cO1TPc13vrh5OBcZKBgTHCOz/sSdpmzLrCYRBedEunZOReS7NSgb/Kpg62X50
NEBmDqu0ex0oH7jVHTAuLoDA3sz7/LVHbvvlyaSBBw+YzLivtZCJi5n2CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3LNTe9A4nB99Kdap3l8EqZuggjMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvTGNzMU43MERpY0gzMHAxcW5lWHdTcG02Q0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjvUAwQB
wSYyMA0GCSqGSIb3DQEBCwUAA4IBAQCXejH1pqjFtAtJQbXG7TAnExkjxBbGrGaF
nU1sZJpJXXPMvruq2X5GqCsPLrbuNlbDCAQoYFmSdy4OkvTS7PG2RDClTITi3q2N
UyUU+xkHFHazR5NJ7vCLqogLCG9oV32zSwLD4BpuK7L8CpUv9KUb76vZVcWIbIZv
xy9s5NFoudp6UEL3Ie4ET7MgS+54/r9+CUFt9L93472yk42s8ii+oVfnRHnl2VkG
0MIpNf8mt9AxFkPwb1xsutpQSRmOZRHepFWjeWrrp5LjHAJbF50MMQcBNdXyUMW6
LDYvDF10DgmZpS8jkv7LYH+FDLx6uVn4Y3wZlprIhnyHakOie9TP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:20 2025 by rpki-client