Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LrgrV98LbtivHSR-LQ7GLLXtg8g.roa
File: LrgrV98LbtivHSR-LQ7GLLXtg8g.roa (raw, json)
Hash identifier: 0sjfpXGxVQ7N0Ds24QdkdNqxtpo5NCKFOfrSnaneYdc=
Subject key identifier: 2E:B8:2B:57:DF:0B:6E:D8:AF:1D:24:7E:2D:0E:C6:2C:B5:ED:83:C8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194EA7939006534FA9239CE6D7723157665
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LrgrV98LbtivHSR-LQ7GLLXtg8g.roa
Signing time: Sun 09 Feb 2025 11:30:00 +0000
ROA not before: Sun 09 Feb 2025 11:30:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:e00::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:c400::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Feb 2025 14:10:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ea:79:39:00:65:34:fa:92:39:ce:6d:77:23:15:76:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 9 11:30:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2eb82b57df0b6ed8af1d247e2d0ec62cb5ed83c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ae:c7:e1:96:6f:52:e8:19:64:04:03:fc:bc:
cf:3b:b0:e4:02:56:af:a3:b0:2d:02:b9:84:bf:09:
f1:f2:e8:9f:0e:82:21:28:51:d4:d2:f7:2c:df:f9:
cf:f5:df:38:5f:79:db:59:e7:bb:45:ae:6f:48:2e:
9b:68:97:55:36:ac:e0:2f:29:f9:8e:b5:09:89:73:
82:4d:5a:d1:3d:b5:91:ef:e6:64:3e:0a:a1:58:d4:
93:86:7c:15:a7:ea:2d:ed:3c:f5:2f:f7:d7:6c:ec:
19:a7:2c:56:09:a2:ef:ad:07:42:53:e6:a8:ff:33:
62:40:3b:fb:e0:48:94:33:2a:0a:f8:4a:3f:b0:34:
cc:99:80:62:53:48:f5:f1:4f:19:b2:6c:63:ae:68:
47:46:2f:88:08:de:ea:49:75:af:97:96:26:22:d3:
d0:61:a0:cb:cd:1f:32:29:a8:87:27:be:df:c0:04:
6e:f9:b6:b1:22:0a:be:23:c6:24:7e:bd:f7:a0:fc:
74:21:70:06:ae:86:d1:fe:16:a0:7e:4f:d7:dd:d8:
8c:33:f7:5b:49:88:b6:84:88:fb:23:e7:d1:7b:00:
76:87:28:6a:43:cd:6f:15:65:36:30:19:9e:b7:b8:
e1:bc:f6:7a:1f:6b:4e:76:d3:fa:59:c2:96:12:b6:
e7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B8:2B:57:DF:0B:6E:D8:AF:1D:24:7E:2D:0E:C6:2C:B5:ED:83:C8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LrgrV98LbtivHSR-LQ7GLLXtg8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e00::/29
2a0f:1fc0::/29
2a0f:29c0::/29
2a0f:2f80::/29
2a0f:c400::/29
2a11:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
28:b2:03:ed:eb:4c:4a:ed:27:1c:8f:df:d0:a2:49:67:ee:94:
0d:fa:f3:5b:27:31:57:e7:0a:bd:0c:5c:49:9d:2b:78:24:62:
5a:c0:ea:2b:da:70:4b:44:76:14:cd:3e:24:57:bd:23:6c:e9:
05:86:37:50:af:da:0a:8b:b6:aa:07:f5:bc:cd:2e:13:c0:14:
cc:bb:b1:c0:ec:f9:42:2c:40:bc:c0:89:df:c9:ce:eb:50:46:
a7:14:b3:05:2c:82:46:5c:ff:aa:18:43:82:b5:6c:96:9d:e1:
1f:d3:c4:5b:d4:b0:b7:ea:66:5c:d4:b6:db:d0:b7:74:12:10:
62:95:af:27:05:62:86:35:71:f3:02:f2:cd:d8:77:9e:6e:77:
02:d8:24:f1:dc:dc:5e:a9:9a:29:83:a9:b6:5e:e9:79:6f:3a:
bd:6b:91:fd:cc:d2:39:b0:ca:6e:19:86:81:f3:19:f5:86:ff:
36:03:ac:68:f3:27:3a:07:d2:50:5f:54:4d:0b:55:27:eb:25:
84:39:33:e7:75:71:50:29:48:51:fa:e6:88:39:ea:e4:6e:22:
9a:63:ef:d3:c6:e0:28:c2:7d:40:4f:62:74:b8:4a:07:b1:c7:
5b:0c:0c:4a:02:a3:fd:75:22:1b:4d:3d:b0:62:ff:98:84:ab:
9f:c6:4b:1b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZTqeTkAZTT6kjnObXcjFXZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjA5MTEzMDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI4MmI1N2RmMGI2ZWQ4YWYxZDI0N2UyZDBlYzYyY2I1ZWQ4M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA267H4ZZvUugZZAQD/LzPO7DkAlav
o7AtArmEvwnx8uifDoIhKFHU0vcs3/nP9d84X3nbWee7Ra5vSC6baJdVNqzgLyn5
jrUJiXOCTVrRPbWR7+ZkPgqhWNSThnwVp+ot7Tz1L/fXbOwZpyxWCaLvrQdCU+ao
/zNiQDv74EiUMyoK+Eo/sDTMmYBiU0j18U8ZsmxjrmhHRi+ICN7qSXWvl5YmItPQ
YaDLzR8yKaiHJ77fwARu+baxIgq+I8Ykfr33oPx0IXAGrobR/hagfk/X3diMM/db
SYi2hIj7I+fRewB2hyhqQ81vFWU2MBmet7jhvPZ6H2tOdtP6WcKWErbnDwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC64K1ffC27Yrx0kfi0Oxiy17YPIMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTHJnclY5OExidGl2SFNSLUxRN0dMTFh0ZzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg8OAAMF
AyoPH8ADBQMqDynAAwUDKg8vgAMFAyoPxAADBQMqET+AMA0GCSqGSIb3DQEBCwUA
A4IBAQAosgPt60xK7Sccj9/Qokln7pQN+vNbJzFX5wq9DFxJnSt4JGJawOor2nBL
RHYUzT4kV70jbOkFhjdQr9oKi7aqB/W8zS4TwBTMu7HA7PlCLEC8wInfyc7rUEan
FLMFLIJGXP+qGEOCtWyWneEf08Rb1LC36mZc1Lbb0Ld0EhBila8nBWKGNXHzAvLN
2HeebncC2CTx3NxeqZopg6m2Xul5bzq9a5H9zNI5sMpuGYaB8xn1hv82A6xo8yc6
B9JQX1RNC1Un6yWEOTPndXFQKUhR+uaIOerkbiKaY+/TxuAown1AT2J0uEoHscdb
DAxKAqP9dSIbTT2wYv+YhKufxksb
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:34 2025 by rpki-client