Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/l-4qAsUCkGFbwteiyRBxdvoP-po.roa
File: l-4qAsUCkGFbwteiyRBxdvoP-po.roa (raw, json)
Hash identifier: dKClKp5j7jx13pZIwUub4jyvJ+85eelDdQGxj9dbOjc=
Subject key identifier: 97:EE:2A:02:C5:02:90:61:5B:C2:D7:A2:C9:10:71:76:FA:0F:FA:9A
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 019470D92580DA220D34E17666FB2D93278D
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/l-4qAsUCkGFbwteiyRBxdvoP-po.roa
Signing time: Thu 16 Jan 2025 20:41:06 +0000
ROA not before: Thu 16 Jan 2025 20:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39900
IP address blocks: 141.98.184.0/22 maxlen: 22
193.169.194.0/23 maxlen: 23
194.9.118.0/24 maxlen: 24
2a13:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 12 Feb 2025 09:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:70:d9:25:80:da:22:0d:34:e1:76:66:fb:2d:93:27:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Jan 16 20:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97ee2a02c50290615bc2d7a2c9107176fa0ffa9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d5:b7:19:bf:fe:96:fd:29:6a:2f:e6:87:8a:
51:78:0c:d2:9b:0b:a3:e3:66:99:46:79:b2:e6:af:
1d:be:6d:76:13:42:05:41:08:ce:b7:88:73:29:4c:
84:b6:08:59:3b:c7:3d:10:5a:34:eb:23:09:01:04:
d6:7b:07:6b:1e:55:22:5a:f0:8b:76:52:51:2c:4c:
d8:13:63:86:9d:56:d6:6a:eb:a1:a4:8e:eb:05:8c:
78:81:76:32:df:7f:07:a7:83:b1:af:fc:86:b1:f7:
eb:95:32:ca:a5:53:35:67:ec:f8:a0:0e:46:0b:8e:
d2:b9:0e:5f:e3:77:39:2d:6b:38:79:1b:93:1c:28:
cd:46:1d:02:05:83:59:47:25:f8:c0:87:70:a3:dd:
d6:4f:80:71:3b:00:b0:39:1d:f4:5c:33:f8:db:d6:
9f:20:f6:0e:9f:db:9e:f6:1d:0b:45:e9:69:f8:d9:
0e:a6:9b:d7:99:d7:88:0e:36:0b:0a:30:f1:5a:15:
30:d3:7e:6f:9c:36:cf:43:d4:fa:68:3e:57:27:e7:
2a:a3:5b:7f:22:b0:32:3c:2d:9e:16:00:d9:f5:fa:
9a:47:b8:e2:ca:f7:a4:38:b0:59:b4:26:11:f0:19:
63:a3:b5:71:66:06:ae:6f:3f:2a:60:28:8d:ac:b3:
e9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EE:2A:02:C5:02:90:61:5B:C2:D7:A2:C9:10:71:76:FA:0F:FA:9A
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/l-4qAsUCkGFbwteiyRBxdvoP-po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.184.0/22
193.169.194.0/23
194.9.118.0/24
IPv6:
2a13:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
10:42:7d:bd:47:21:bb:96:20:cb:dd:70:45:2e:cd:b7:19:70:
9a:db:c5:13:9c:0e:11:37:83:97:b0:26:a1:23:09:57:00:22:
84:cf:05:f0:19:0c:c3:36:83:0a:8a:d2:a5:f9:83:ac:2c:f4:
5c:be:87:43:8d:3f:7f:fe:41:ba:bf:95:67:c7:55:37:b8:64:
75:7f:85:87:d9:23:c3:cb:3b:ec:9d:54:1e:73:7d:3e:36:83:
83:73:0b:9b:34:04:e7:f7:a5:2d:1d:8e:6e:b1:0c:ed:00:50:
b9:cd:77:35:56:5f:6c:a4:1b:d6:ab:f7:2c:69:05:fb:05:f4:
6b:a7:e2:9e:bb:28:af:07:8b:b0:a4:d2:1d:8c:00:b7:b6:61:
a1:4b:fa:e5:e3:97:5f:35:d7:0c:9d:69:56:ed:e0:23:ab:85:
c5:69:76:90:d8:f4:d0:30:bb:6d:65:fa:03:77:ba:fa:86:50:
e6:d7:4b:b0:e5:c4:55:80:82:72:ac:98:89:23:a1:e1:b5:f7:
70:62:b1:75:69:21:c6:4b:17:f7:54:93:77:97:d1:9a:99:96:
7d:2f:25:7f:e6:7f:1d:25:93:bd:9c:83:03:d3:82:cc:54:61:
e5:dd:30:7a:61:32:38:e7:1d:4b:29:44:48:01:84:1c:a3:ff:
0a:2f:bb:1f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZRw2SWA2iINNOF2ZvstkyeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjUwMTE2MjA0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VlMmEwMmM1MDI5MDYxNWJjMmQ3YTJjOTEwNzE3NmZhMGZmYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNW3Gb/+lv0pai/mh4pReAzSmwuj
42aZRnmy5q8dvm12E0IFQQjOt4hzKUyEtghZO8c9EFo06yMJAQTWewdrHlUiWvCL
dlJRLEzYE2OGnVbWauuhpI7rBYx4gXYy338Hp4Oxr/yGsffrlTLKpVM1Z+z4oA5G
C47SuQ5f43c5LWs4eRuTHCjNRh0CBYNZRyX4wIdwo93WT4BxOwCwOR30XDP429af
IPYOn9ue9h0LRelp+NkOppvXmdeIDjYLCjDxWhUw035vnDbPQ9T6aD5XJ+cqo1t/
IrAyPC2eFgDZ9fqaR7jiyvekOLBZtCYR8Bljo7VxZgaubz8qYCiNrLPpTQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJfuKgLFApBhW8LXoskQcXb6D/qaMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvbC00cUFzVUNrR0Zid3RlaXlSQnhkdm9QLXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCjWK4AwQB
wanCAwQAwgl2MA0EAgACMAcDBQMqE2xAMA0GCSqGSIb3DQEBCwUAA4IBAQAQQn29
RyG7liDL3XBFLs23GXCa28UTnA4RN4OXsCahIwlXACKEzwXwGQzDNoMKitKl+YOs
LPRcvodDjT9//kG6v5Vnx1U3uGR1f4WH2SPDyzvsnVQec30+NoODcwubNATn96Ut
HY5usQztAFC5zXc1Vl9spBvWq/csaQX7BfRrp+KeuyivB4uwpNIdjAC3tmGhS/rl
45dfNdcMnWlW7eAjq4XFaXaQ2PTQMLttZfoDd7r6hlDm10uw5cRVgIJyrJiJI6Hh
tfdwYrF1aSHGSxf3VJN3l9GamZZ9LyV/5n8dJZO9nIMD04LMVGHl3TB6YTI45x1L
KURIAYQco/8KL7sf
-----END CERTIFICATE-----
Generated at Thu Apr 24 08:11:41 2025 by rpki-client