Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/e5e2d0-f439-45e4-8540-f19600c7ad54/1/LGyRNuKg8rSIF2TwrSd3erVXQJs.roa
File: LGyRNuKg8rSIF2TwrSd3erVXQJs.roa (raw, json)
Hash identifier: Pi9/iZsGLr1oOHFxRM1OF/fvN0IT3tCbFrmH5JhhzuU=
Subject key identifier: 2C:6C:91:36:E2:A0:F2:B4:88:17:64:F0:AD:27:77:7A:B5:57:40:9B
Certificate issuer: /CN=81060a518528e86a8ea77f188a0263790c08f6b9
Certificate serial: 018CC26D73B8C04F7FBD18047A1FDEB93132
Authority key identifier: 81:06:0A:51:85:28:E8:6A:8E:A7:7F:18:8A:02:63:79:0C:08:F6:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQYKUYUo6GqOp38YigJjeQwI9rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/e5e2d0-f439-45e4-8540-f19600c7ad54/1/LGyRNuKg8rSIF2TwrSd3erVXQJs.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5603
IP address blocks: 91.217.127.0/24 maxlen: 24
91.217.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:73:b8:c0:4f:7f:bd:18:04:7a:1f:de:b9:31:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81060a518528e86a8ea77f188a0263790c08f6b9
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c6c9136e2a0f2b4881764f0ad27777ab557409b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5f:f4:bc:67:2f:75:21:39:9c:97:e8:ff:c0:
a2:20:ba:5d:6f:a9:7f:48:63:cb:47:84:b4:22:13:
3c:95:d8:6f:6f:72:92:c8:6e:c5:a7:bd:54:ab:ef:
f5:21:a0:fd:af:83:94:43:bc:85:d2:64:94:d7:af:
15:52:e6:f5:d2:2d:a2:9c:1a:b3:76:61:5c:e6:1f:
a6:69:e5:aa:af:3b:32:54:6f:2d:6b:d4:ef:62:99:
b3:75:b4:4c:06:20:72:13:fe:05:c6:eb:84:2e:30:
0c:dc:f6:b5:33:78:be:f3:14:eb:83:35:cf:c1:84:
2e:a3:11:85:9a:cf:72:78:0c:53:1a:67:fb:e2:17:
77:10:4d:73:02:47:f4:8b:33:05:4f:f6:45:bd:76:
2c:5b:96:5d:5a:ef:fa:6e:b4:94:fa:c4:cd:cc:bc:
ff:42:54:39:4b:d7:d9:37:16:91:4e:0b:3b:6b:57:
04:db:a5:eb:29:7f:bf:9a:99:ba:57:32:4e:86:52:
01:b5:87:14:b3:08:77:f0:be:bd:5a:ad:e0:d0:93:
19:43:f4:11:80:fe:11:51:05:ef:82:1a:36:ee:48:
6e:fc:55:f6:c9:52:c3:5b:d2:96:14:93:5a:e8:e5:
ec:9c:26:78:0d:85:d1:5e:17:07:14:c0:3c:af:23:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:6C:91:36:E2:A0:F2:B4:88:17:64:F0:AD:27:77:7A:B5:57:40:9B
X509v3 Authority Key Identifier:
keyid:81:06:0A:51:85:28:E8:6A:8E:A7:7F:18:8A:02:63:79:0C:08:F6:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQYKUYUo6GqOp38YigJjeQwI9rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/e5e2d0-f439-45e4-8540-f19600c7ad54/1/LGyRNuKg8rSIF2TwrSd3erVXQJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/e5e2d0-f439-45e4-8540-f19600c7ad54/1/gQYKUYUo6GqOp38YigJjeQwI9rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.126.0/23
Signature Algorithm: sha256WithRSAEncryption
47:59:02:7e:72:9f:cf:21:6c:7b:e2:6c:db:0f:24:75:cf:b1:
1a:7a:37:a7:e5:f7:a5:40:ea:26:38:91:6f:a5:18:59:e2:ea:
ce:7b:ee:0d:d5:a9:08:10:90:d3:8a:2c:d1:b9:34:dd:71:9d:
3f:09:6f:43:e0:62:2f:7f:05:52:d2:bf:93:6e:90:82:08:f4:
3c:c4:ae:4c:ea:2f:85:06:3d:77:d4:44:08:fe:98:f9:81:7c:
f0:56:7e:29:85:bb:1c:e8:8b:9b:be:73:d8:d0:53:e3:62:e9:
39:0a:e3:9a:b5:d2:0d:49:19:16:68:3b:84:9d:14:9b:dd:e2:
90:80:55:45:63:f6:cc:6c:5a:2d:42:7d:d0:3e:9a:26:0f:1d:
6c:22:95:98:27:36:e6:18:ac:3a:66:f0:0f:ac:09:7b:32:b4:
54:ab:0c:6d:de:6e:0f:5f:f6:96:ff:cf:a6:0a:53:75:35:a8:
f4:7c:88:53:47:d1:9c:7c:0c:50:22:fa:d9:e2:b3:05:aa:0b:
88:56:26:df:ff:ab:aa:87:52:0a:71:2c:f1:55:ed:e3:ee:e5:
9f:ce:6d:a3:d6:bb:51:84:5d:76:fa:7d:e5:26:df:f3:25:fa:
36:42:c9:bc:ea:9c:28:d7:ea:1e:29:e1:93:c4:ca:bb:02:90:
d6:38:6b:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbXO4wE9/vRgEeh/euTEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMDYwYTUxODUyOGU4NmE4ZWE3N2YxODhhMDI2Mzc5MGMw
OGY2YjkwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzZjOTEzNmUyYTBmMmI0ODgxNzY0ZjBhZDI3Nzc3YWI1NTc0MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol/0vGcvdSE5nJfo/8CiILpdb6l/
SGPLR4S0IhM8ldhvb3KSyG7Fp71Uq+/1IaD9r4OUQ7yF0mSU168VUub10i2inBqz
dmFc5h+maeWqrzsyVG8ta9TvYpmzdbRMBiByE/4FxuuELjAM3Pa1M3i+8xTrgzXP
wYQuoxGFms9yeAxTGmf74hd3EE1zAkf0izMFT/ZFvXYsW5ZdWu/6brSU+sTNzLz/
QlQ5S9fZNxaRTgs7a1cE26XrKX+/mpm6VzJOhlIBtYcUswh38L69Wq3g0JMZQ/QR
gP4RUQXvgho27khu/FX2yVLDW9KWFJNa6OXsnCZ4DYXRXhcHFMA8ryMYYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxskTbioPK0iBdk8K0nd3q1V0CbMB8GA1UdIwQY
MBaAFIEGClGFKOhqjqd/GIoCY3kMCPa5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1FZS1VZVW82R3FPcDM4WWlnSmplUXdJOXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lNWUyZDAtZjQzOS00NWU0LTg1NDAt
ZjE5NjAwYzdhZDU0LzEvTEd5Uk51S2c4clNJRjJUd3JTZDNlclZYUUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lNWUyZDAtZjQzOS00NWU0LTg1NDAtZjE5NjAwYzdhZDU0
LzEvZ1FZS1VZVW82R3FPcDM4WWlnSmplUXdJOXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9l+MA0G
CSqGSIb3DQEBCwUAA4IBAQBHWQJ+cp/PIWx74mzbDyR1z7Eaejen5felQOomOJFv
pRhZ4urOe+4N1akIEJDTiizRuTTdcZ0/CW9D4GIvfwVS0r+TbpCCCPQ8xK5M6i+F
Bj131EQI/pj5gXzwVn4phbsc6IubvnPY0FPjYuk5CuOatdINSRkWaDuEnRSb3eKQ
gFVFY/bMbFotQn3QPpomDx1sIpWYJzbmGKw6ZvAPrAl7MrRUqwxt3m4PX/aW/8+m
ClN1Naj0fIhTR9GcfAxQIvrZ4rMFqguIVibf/6uqh1IKcSzxVe3j7uWfzm2j1rtR
hF12+n3lJt/zJfo2Qsm86pwo1+oeKeGTxMq7ApDWOGva
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:32 2025 by rpki-client