Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/lbtA2a99PpCU0upokccGADxMR54.roa
File: lbtA2a99PpCU0upokccGADxMR54.roa (raw, json)
Hash identifier: xlM3iiYaqVoHp0U+6Sjswk4w0f6tQeV3xBzx8q1OzFs=
Subject key identifier: 95:BB:40:D9:AF:7D:3E:90:94:D2:EA:68:91:C7:06:00:3C:4C:47:9E
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F7437372D4D6DEAEE949F4DCB0EB5DB6
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/lbtA2a99PpCU0upokccGADxMR54.roa
Signing time: Thu 22 May 2025 09:11:54 +0000
ROA not before: Thu 22 May 2025 09:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 22 May 2025 10:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:43:73:72:d4:d6:de:ae:e9:49:f4:dc:b0:eb:5d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 22 09:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95bb40d9af7d3e9094d2ea6891c706003c4c479e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:44:cb:c0:55:41:d6:f7:e6:93:ab:82:83:80:
74:53:d2:7e:4a:06:e1:ae:7d:40:e1:47:12:07:a2:
74:50:e4:bf:11:c4:fa:69:d3:68:f1:e7:03:d6:bc:
b2:0d:5b:42:61:20:d3:3c:c3:c5:74:c0:c7:a3:14:
a3:03:35:d6:57:e8:4c:7b:29:42:78:1c:67:52:fa:
07:de:33:0b:5d:44:e5:cd:ca:01:b1:d0:8c:37:02:
41:fd:cc:0a:9d:19:d2:44:f7:fb:b1:7e:a9:e3:09:
67:b0:59:09:ea:ea:4b:89:99:79:e0:d2:19:8b:20:
9f:83:b7:4b:2e:79:6a:96:bc:d1:ed:43:a0:c6:20:
c1:d6:0b:40:05:3a:a1:7f:79:81:7d:5c:1e:aa:4c:
d5:ef:17:65:05:79:7f:3f:14:eb:a5:bf:7d:e4:13:
cd:24:8a:eb:9e:bf:03:94:0a:2f:94:2f:ee:cf:5f:
11:20:2a:04:89:25:e1:a6:8b:5c:b2:e2:4b:0c:16:
ff:78:fe:2f:ce:ec:33:3f:89:f2:11:db:73:89:13:
9e:da:cc:24:f1:6f:ab:c0:6b:76:ac:f2:93:47:33:
85:16:7b:fe:e7:08:ed:74:04:b1:7d:b1:5a:3c:75:
2e:95:1b:56:63:7b:3c:d6:b6:bd:03:f5:7a:f9:08:
40:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BB:40:D9:AF:7D:3E:90:94:D2:EA:68:91:C7:06:00:3C:4C:47:9E
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/lbtA2a99PpCU0upokccGADxMR54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
4b:62:5b:01:cb:61:15:d0:2d:64:83:92:d8:4b:23:58:0f:d1:
b6:23:72:aa:ab:28:bc:3c:8a:6c:2a:63:05:eb:22:51:9e:30:
67:30:b8:95:54:d4:b1:6c:18:f8:3f:52:31:68:75:ce:72:f9:
b6:00:13:eb:97:d2:ea:0e:5d:06:4b:04:7a:a3:c1:4d:8d:8a:
f6:84:a6:7d:43:db:2a:5a:ef:11:1a:48:70:fe:f5:88:65:64:
d9:73:52:ec:97:ea:fb:83:a7:1f:70:1d:c9:30:19:12:b9:95:
e9:d2:ca:7e:bc:c5:4d:fe:b4:4d:0c:cb:cc:c0:9a:88:02:d3:
a1:96:fc:65:36:47:8d:b2:9e:db:ba:0a:60:89:70:e2:f1:12:
b9:9d:0b:a3:83:df:db:c6:42:a5:6e:17:7e:d3:71:d9:e2:d3:
05:3a:41:12:47:69:89:64:9d:c0:ec:47:ee:d1:8d:e6:c9:a9:
10:be:6f:e9:a8:ce:c1:b7:50:f3:9e:42:71:2e:11:18:3e:06:
62:99:0d:cc:95:32:65:60:5f:62:5b:e3:f7:c7:48:7d:4f:2c:
90:90:0b:f6:91:61:c3:f9:f3:b9:5e:02:de:9d:94:61:6f:7f:
b3:ca:2f:1b:52:7c:28:e1:32:19:8a:13:c3:ef:58:58:db:2d:
da:65:3c:fc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb3Q3Ny1NberulJ9Nyw6122MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIyMDkxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJiNDBkOWFmN2QzZTkwOTRkMmVhNjg5MWM3MDYwMDNjNGM0NzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kTLwFVB1vfmk6uCg4B0U9J+Sgbh
rn1A4UcSB6J0UOS/EcT6adNo8ecD1ryyDVtCYSDTPMPFdMDHoxSjAzXWV+hMeylC
eBxnUvoH3jMLXUTlzcoBsdCMNwJB/cwKnRnSRPf7sX6p4wlnsFkJ6upLiZl54NIZ
iyCfg7dLLnlqlrzR7UOgxiDB1gtABTqhf3mBfVweqkzV7xdlBXl/PxTrpb995BPN
JIrrnr8DlAovlC/uz18RICoEiSXhpotcsuJLDBb/eP4vzuwzP4nyEdtziROe2swk
8W+rwGt2rPKTRzOFFnv+5wjtdASxfbFaPHUulRtWY3s81ra9A/V6+QhAWQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJW7QNmvfT6QlNLqaJHHBgA8TEeeMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvbGJ0QTJhOTlQcENVMHVwb2tjY0dBRHhNUjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAS2JbActhFdAtZIOS2EsjWA/R
tiNyqqsovDyKbCpjBesiUZ4wZzC4lVTUsWwY+D9SMWh1znL5tgAT65fS6g5dBksE
eqPBTY2K9oSmfUPbKlrvERpIcP71iGVk2XNS7Jfq+4OnH3AdyTAZErmV6dLKfrzF
Tf60TQzLzMCaiALToZb8ZTZHjbKe27oKYIlw4vESuZ0Lo4Pf28ZCpW4XftNx2eLT
BTpBEkdpiWSdwOxH7tGN5smpEL5v6ajOwbdQ855CcS4RGD4GYpkNzJUyZWBfYlvj
98dIfU8skJAL9pFhw/nzuV4C3p2UYW9/s8ovG1J8KOEyGYoTw+9YWNst2mU8/A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:19:47 2025 by rpki-client