Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/LRc2QztnFnbPpKAFsG4iXkhPTgc.roa
File: LRc2QztnFnbPpKAFsG4iXkhPTgc.roa (raw, json)
Hash identifier: yXt7q0dIOy/j5F07pCcTE/TU1UpvhLF6txMQG1Refdk=
Subject key identifier: 2D:17:36:43:3B:67:16:76:CF:A4:A0:05:B0:6E:22:5E:48:4F:4E:07
Certificate issuer: /CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Certificate serial: 0194236A05A9ED5C474BB930B25BED215F70
Authority key identifier: B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/LRc2QztnFnbPpKAFsG4iXkhPTgc.roa
Signing time: Wed 01 Jan 2025 19:48:58 +0000
ROA not before: Wed 01 Jan 2025 19:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215213
IP address blocks: 185.88.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 10:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:05:a9:ed:5c:47:4b:b9:30:b2:5b:ed:21:5f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Validity
Not Before: Jan 1 19:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d1736433b671676cfa4a005b06e225e484f4e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:46:f4:8c:6d:0f:5e:d8:0d:38:70:44:11:5a:
57:27:57:4d:44:e1:a2:f0:6b:b5:c3:d5:39:7c:38:
1c:f8:54:21:c3:6b:41:c7:67:0a:f2:5f:12:ff:40:
e6:2d:10:a3:7b:1a:d0:61:e4:84:e8:94:65:b6:20:
c5:4d:a2:db:46:13:10:0e:62:93:74:9c:ff:d2:20:
e2:dc:aa:18:1d:76:c8:66:6b:30:db:ea:46:70:1d:
09:67:95:dd:f2:45:d0:69:db:3c:5a:e7:54:1a:de:
1b:e5:ea:cd:ec:bd:29:99:68:50:c3:16:ff:1c:9a:
26:1c:ba:7e:dc:47:06:cc:96:87:c2:24:22:06:18:
aa:83:9b:20:24:9a:ee:ed:af:dc:4d:87:06:32:fe:
87:f3:7d:2a:2b:3a:a3:e1:d2:17:4c:b8:f7:11:f7:
2e:2a:54:2d:9f:30:8a:9d:46:c5:d5:6b:0c:fd:78:
a4:53:d1:5b:23:e2:5f:a5:9b:dd:a3:13:cc:3d:de:
e3:80:e8:95:72:30:4c:e3:53:fa:84:36:20:cb:c9:
a6:11:9b:e4:12:16:77:18:53:67:dc:6a:f8:31:9c:
f1:2c:ef:05:90:37:60:01:58:73:52:63:95:cd:61:
0e:e5:49:7a:87:4f:35:0b:9f:fc:36:00:4a:62:8e:
87:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:17:36:43:3B:67:16:76:CF:A4:A0:05:B0:6E:22:5E:48:4F:4E:07
X509v3 Authority Key Identifier:
keyid:B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/LRc2QztnFnbPpKAFsG4iXkhPTgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.21.0/24
Signature Algorithm: sha256WithRSAEncryption
21:c1:c0:86:58:07:49:9a:26:e0:73:86:d5:9c:3f:10:f1:c3:
79:e3:62:e3:8c:d0:3f:a8:e8:52:0b:43:03:4e:f4:d0:55:56:
f2:ea:31:a8:a1:4c:1d:a3:42:13:61:d0:5f:8d:57:e2:b3:07:
2d:01:54:0a:af:0a:db:a5:d0:3c:67:e5:8e:fa:e3:fd:06:0e:
54:04:f3:87:42:79:cb:c7:98:4a:13:64:ae:40:49:8e:f6:d0:
70:17:16:74:c9:ad:7f:e7:bf:a1:56:3d:82:2e:90:ba:e7:5a:
42:be:8f:c4:8a:85:9d:23:1a:f6:05:be:24:ba:74:81:ac:43:
0e:ff:e2:cd:1c:a5:d5:75:89:16:56:4e:d8:92:45:05:f8:7b:
4c:cc:02:77:bc:b6:08:63:08:27:10:0c:47:42:e1:bd:d0:12:
d2:9e:05:30:c8:b3:94:cb:f6:2e:e0:1f:0c:7d:1d:88:53:79:
23:b8:04:7d:ee:8f:9b:91:20:ab:84:a0:6f:8d:2b:19:09:c7:
f5:54:de:d0:3c:0b:c4:3a:19:1e:dc:66:02:a4:1d:a5:19:cc:
b3:af:c2:59:54:dd:8d:51:76:ad:51:5e:5e:14:5d:fc:7f:1c:
fe:b3:a5:47:f5:02:bc:db:fc:85:ea:ff:54:aa:5f:d8:e8:21:
57:ed:14:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjagWp7VxHS7kwslvtIV9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzUxYjBjMDYzY2ZjMTY5NDNmYzlhNDdlMmM4MDU5OTBm
NmVhYWUwHhcNMjUwMTAxMTk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDE3MzY0MzNiNjcxNjc2Y2ZhNGEwMDViMDZlMjI1ZTQ4NGY0ZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kb0jG0PXtgNOHBEEVpXJ1dNROGi
8Gu1w9U5fDgc+FQhw2tBx2cK8l8S/0DmLRCjexrQYeSE6JRltiDFTaLbRhMQDmKT
dJz/0iDi3KoYHXbIZmsw2+pGcB0JZ5Xd8kXQads8WudUGt4b5erN7L0pmWhQwxb/
HJomHLp+3EcGzJaHwiQiBhiqg5sgJJru7a/cTYcGMv6H830qKzqj4dIXTLj3Efcu
KlQtnzCKnUbF1WsM/XikU9FbI+JfpZvdoxPMPd7jgOiVcjBM41P6hDYgy8mmEZvk
EhZ3GFNn3Gr4MZzxLO8FkDdgAVhzUmOVzWEO5Ul6h081C5/8NgBKYo6HoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0XNkM7ZxZ2z6SgBbBuIl5IT04HMB8GA1UdIwQY
MBaAFLPFGwwGPPwWlD/JpH4sgFmQ9uquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEt
ZmY1ZjFhZDY5MjY2LzEvTFJjMlF6dG5GbmJQcEtBRnNHNGlYa2hQVGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEtZmY1ZjFhZDY5MjY2
LzEvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVgVMA0G
CSqGSIb3DQEBCwUAA4IBAQAhwcCGWAdJmibgc4bVnD8Q8cN542LjjNA/qOhSC0MD
TvTQVVby6jGooUwdo0ITYdBfjVfiswctAVQKrwrbpdA8Z+WO+uP9Bg5UBPOHQnnL
x5hKE2SuQEmO9tBwFxZ0ya1/57+hVj2CLpC651pCvo/EioWdIxr2Bb4kunSBrEMO
/+LNHKXVdYkWVk7YkkUF+HtMzAJ3vLYIYwgnEAxHQuG90BLSngUwyLOUy/Yu4B8M
fR2IU3kjuAR97o+bkSCrhKBvjSsZCcf1VN7QPAvEOhke3GYCpB2lGcyzr8JZVN2N
UXatUV5eFF38fxz+s6VH9QK82/yF6v9Uql/Y6CFX7RTk
-----END CERTIFICATE-----
Generated at Tue Apr 15 17:09:33 2025 by rpki-client