Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Lbkv-DNfFT_11UIXw3kMefQXJ4E.roa
File: Lbkv-DNfFT_11UIXw3kMefQXJ4E.roa (raw, json)
Hash identifier: xLFRgTqSnCZbqFCVt5ISmL5Xn4eJKQFoLKiDvTotzfU=
Subject key identifier: 2D:B9:2F:F8:33:5F:15:3F:F5:D5:42:17:C3:79:0C:79:F4:17:27:81
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01931F4140FBC152E2D8E7F744C801F21A57
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Lbkv-DNfFT_11UIXw3kMefQXJ4E.roa
Signing time: Tue 12 Nov 2024 07:23:10 +0000
ROA not before: Tue 12 Nov 2024 07:23:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:35c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 14 Nov 2024 11:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:41:40:fb:c1:52:e2:d8:e7:f7:44:c8:01:f2:1a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 12 07:23:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2db92ff8335f153ff5d54217c3790c79f4172781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:4e:42:d7:e8:1d:a5:6e:f6:16:1e:90:16:
99:ad:74:b2:d6:2a:b8:4c:41:1c:18:1f:5b:21:34:
b8:a4:6c:cf:ec:5c:8b:66:ce:2d:73:44:47:5f:8a:
2f:c4:ae:3b:16:f4:4d:a5:dc:18:fe:11:7d:c2:bb:
95:c0:06:64:79:b0:b6:ab:c5:64:7c:bb:30:84:a5:
6b:81:b4:09:9a:b3:0b:11:dc:70:a4:f0:31:a3:e0:
7c:f9:7a:ff:e1:6a:e4:21:1f:e1:c8:fe:33:72:7a:
fa:03:21:b1:23:bc:4e:c0:2e:e9:16:33:99:f2:46:
17:f7:50:15:66:fa:d4:d6:c5:a6:29:a9:31:c7:fa:
95:a0:36:e8:ec:f5:5b:60:19:47:99:7e:cf:1d:78:
ac:4b:e7:ad:5d:39:d2:1e:ae:26:0e:d8:ad:e1:f8:
ed:1d:58:76:9f:be:c7:20:73:fc:a9:7b:8e:5e:6a:
78:14:d0:4d:8c:75:f6:8a:76:77:c3:5d:7d:b4:80:
c5:99:60:ff:20:1e:81:ca:4d:6f:55:41:c1:22:bf:
df:13:99:de:12:19:ff:34:e0:5d:32:a4:73:90:3f:
78:97:98:39:eb:18:63:3d:5a:a0:84:45:c0:b0:2d:
4f:b0:39:65:84:86:79:b2:8c:3f:cf:e1:af:8d:e5:
db:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B9:2F:F8:33:5F:15:3F:F5:D5:42:17:C3:79:0C:79:F4:17:27:81
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Lbkv-DNfFT_11UIXw3kMefQXJ4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:35c0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:88:69:10:f9:8c:31:bd:72:cf:65:6e:ac:58:0c:e3:66:4d:
50:2d:e1:d0:cf:7d:68:67:66:cb:cc:0b:ed:fc:22:ef:4a:84:
2c:42:7d:44:85:97:38:5e:04:14:27:1f:2e:98:5a:a2:6d:92:
50:98:94:0a:eb:d1:f8:37:98:1d:f9:9a:88:cd:08:c6:ed:0a:
35:7c:60:1c:1e:df:9f:bf:da:29:69:a2:a1:9b:f3:ad:76:11:
d8:bf:61:2c:90:bb:c6:30:f3:6e:95:49:e6:19:5f:08:7e:84:
5b:7e:5f:bf:dc:76:13:85:34:c2:1e:88:2b:c7:8f:ed:44:a8:
23:37:e9:15:cf:9f:06:bb:1d:a3:bd:7d:58:0e:ff:d1:3c:f9:
b3:8b:a0:6c:db:98:21:cc:fe:2b:25:71:a7:ce:77:84:31:3e:
ea:c4:66:4a:f8:ff:a7:0c:8a:57:c7:f1:08:22:f6:f3:88:b1:
d4:f1:aa:dc:7c:74:df:ca:c1:a7:55:56:ee:42:2b:29:46:1b:
bb:fe:a9:64:d2:2b:0e:bf:ac:b1:c0:ab:d9:5b:37:c1:f7:8a:
16:b7:96:24:1b:69:32:86:75:39:53:ab:71:d4:eb:27:e3:a3:
b5:d1:cf:69:ae:a6:03:e0:ec:fe:69:34:52:db:30:86:00:75:
5f:66:ac:d5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMfQUD7wVLi2Of3RMgB8hpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTEyMDcyMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGI5MmZmODMzNWYxNTNmZjVkNTQyMTdjMzc5MGM3OWY0MTcyNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh9OQtfoHaVu9hYekBaZrXSy1iq4
TEEcGB9bITS4pGzP7FyLZs4tc0RHX4ovxK47FvRNpdwY/hF9wruVwAZkebC2q8Vk
fLswhKVrgbQJmrMLEdxwpPAxo+B8+Xr/4WrkIR/hyP4zcnr6AyGxI7xOwC7pFjOZ
8kYX91AVZvrU1sWmKakxx/qVoDbo7PVbYBlHmX7PHXisS+etXTnSHq4mDtit4fjt
HVh2n77HIHP8qXuOXmp4FNBNjHX2inZ3w119tIDFmWD/IB6Byk1vVUHBIr/fE5ne
Ehn/NOBdMqRzkD94l5g56xhjPVqghEXAsC1PsDllhIZ5sow/z+GvjeXbzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC25L/gzXxU/9dVCF8N5DHn0FyeBMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTGJrdi1ETmZGVF8xMVVJWHcza01lZlFYSjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg81wDAN
BgkqhkiG9w0BAQsFAAOCAQEAnYhpEPmMMb1yz2VurFgM42ZNUC3h0M99aGdmy8wL
7fwi70qELEJ9RIWXOF4EFCcfLphaom2SUJiUCuvR+DeYHfmaiM0Ixu0KNXxgHB7f
n7/aKWmioZvzrXYR2L9hLJC7xjDzbpVJ5hlfCH6EW35fv9x2E4U0wh6IK8eP7USo
IzfpFc+fBrsdo719WA7/0Tz5s4ugbNuYIcz+KyVxp853hDE+6sRmSvj/pwyKV8fx
CCL284ix1PGq3Hx038rBp1VW7kIrKUYbu/6pZNIrDr+sscCr2Vs3wfeKFreWJBtp
MoZ1OVOrcdTrJ+OjtdHPaa6mA+Ds/mk0UtswhgB1X2as1Q==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:33:18 2025 by rpki-client