Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/c2a2b1-8657-4cf2-a1a8-c2b61f86b0aa/1/lnwUkdM1gLWyftPThbOk63qV1YE.roa
File: lnwUkdM1gLWyftPThbOk63qV1YE.roa (raw, json)
Hash identifier: 5Yz3ZYrEItUyoEgB96u1UZg1pa+eb3g2C2A6KezAaL0=
Subject key identifier: 96:7C:14:91:D3:35:80:B5:B2:7E:D3:D3:85:B3:A4:EB:7A:95:D5:81
Certificate issuer: /CN=93e9f4bddf4b2df110ac308346f46d9450f13b3a
Certificate serial: 01907DA27AC3383F25F65042BE4843A670E4
Authority key identifier: 93:E9:F4:BD:DF:4B:2D:F1:10:AC:30:83:46:F4:6D:94:50:F1:3B:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-n0vd9LLfEQrDCDRvRtlFDxOzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/c2a2b1-8657-4cf2-a1a8-c2b61f86b0aa/1/lnwUkdM1gLWyftPThbOk63qV1YE.roa
Signing time: Thu 04 Jul 2024 12:05:18 +0000
ROA not before: Thu 04 Jul 2024 12:05:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50595
IP address blocks: 193.164.246.0/23 maxlen: 23
195.72.96.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:a2:7a:c3:38:3f:25:f6:50:42:be:48:43:a6:70:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e9f4bddf4b2df110ac308346f46d9450f13b3a
Validity
Not Before: Jul 4 12:05:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=967c1491d33580b5b27ed3d385b3a4eb7a95d581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:54:52:70:4d:f9:d0:de:5a:ab:ac:85:f0:d9:
98:32:9c:38:6b:e4:75:64:4a:b9:52:c1:06:58:98:
a7:fa:3c:f5:22:26:14:d3:c5:fe:04:6c:d9:9e:92:
10:8c:4b:8e:63:64:6d:0f:7e:a6:f8:48:cb:64:56:
f4:79:ab:12:0b:12:72:f2:87:d5:cb:65:1c:ad:76:
86:00:27:02:07:02:e0:45:d3:2b:13:23:16:f2:46:
27:62:07:c7:b9:f2:6d:66:c5:05:10:be:6e:72:57:
74:50:f0:d7:9d:6c:31:89:15:82:c3:25:df:4c:70:
e5:d1:b9:89:90:6d:72:a8:ee:b5:63:7e:f0:ab:6b:
8f:94:67:fd:c7:16:dc:48:cf:ef:21:4d:b8:18:ee:
7d:85:d6:5a:64:56:4d:84:62:28:15:ab:b4:01:a4:
b7:6d:b6:d1:7e:c4:fe:70:4c:69:ac:a6:22:ff:05:
d8:3c:00:bf:88:a7:9d:13:2a:17:df:a3:7d:20:2d:
eb:84:1b:bc:c9:ca:e4:15:3a:d3:40:6c:6e:fd:80:
0f:cc:11:f3:60:7b:aa:00:de:f7:64:fd:2c:8c:41:
77:26:46:13:a1:3f:d1:5c:c2:d8:58:33:67:40:be:
6d:2d:55:77:c6:e6:d5:a3:94:cc:5e:c5:4e:12:a0:
f5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7C:14:91:D3:35:80:B5:B2:7E:D3:D3:85:B3:A4:EB:7A:95:D5:81
X509v3 Authority Key Identifier:
keyid:93:E9:F4:BD:DF:4B:2D:F1:10:AC:30:83:46:F4:6D:94:50:F1:3B:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-n0vd9LLfEQrDCDRvRtlFDxOzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2a2b1-8657-4cf2-a1a8-c2b61f86b0aa/1/lnwUkdM1gLWyftPThbOk63qV1YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2a2b1-8657-4cf2-a1a8-c2b61f86b0aa/1/k-n0vd9LLfEQrDCDRvRtlFDxOzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.164.246.0/23
195.72.96.0/20
Signature Algorithm: sha256WithRSAEncryption
67:cb:bb:cf:56:dd:c2:1d:53:54:df:9b:49:7f:54:16:33:93:
10:9f:67:5c:a1:d9:3e:45:da:01:ff:b4:3a:1f:92:71:d1:39:
e7:70:af:7c:d9:d4:d8:d0:37:d1:23:23:d7:ca:d0:0b:52:f1:
aa:39:d2:14:cf:ab:b6:b6:12:2b:39:b6:35:7f:9a:29:6d:b7:
50:54:bb:33:0e:e0:9e:ac:f3:2c:fc:a2:71:d6:4a:e4:41:c7:
38:b9:d6:1b:fd:7e:24:9e:fa:28:4f:1e:ff:94:01:bb:55:e4:
a9:14:15:3e:65:42:b0:a1:5b:ab:74:9f:13:09:30:0d:da:5e:
d8:20:34:35:5a:26:9c:6e:a2:eb:2a:d0:83:3e:b2:a7:99:19:
ed:83:d5:fa:7e:ab:d6:9b:e1:6f:43:0b:1b:1f:3a:d0:7a:dd:
72:75:05:cf:47:1e:2c:f5:e9:f3:dc:16:43:5d:e9:7d:e2:ae:
3c:b0:b9:98:c0:f7:41:a1:fa:ff:96:b9:a0:7f:6b:3b:17:8d:
72:18:ca:ce:e8:ef:20:22:9e:39:47:59:6e:3e:09:3c:e9:13:
b6:89:66:f1:ae:42:53:cc:5c:21:06:4c:fe:00:47:f3:4a:62:
22:ef:95:ca:7a:5b:c7:12:31:10:9e:17:d4:b1:fc:65:aa:11:
1c:1e:9c:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZB9onrDOD8l9lBCvkhDpnDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZTlmNGJkZGY0YjJkZjExMGFjMzA4MzQ2ZjQ2ZDk0NTBm
MTNiM2EwHhcNMjQwNzA0MTIwNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjdjMTQ5MWQzMzU4MGI1YjI3ZWQzZDM4NWIzYTRlYjdhOTVkNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFRScE350N5aq6yF8NmYMpw4a+R1
ZEq5UsEGWJin+jz1IiYU08X+BGzZnpIQjEuOY2RtD36m+EjLZFb0easSCxJy8ofV
y2UcrXaGACcCBwLgRdMrEyMW8kYnYgfHufJtZsUFEL5ucld0UPDXnWwxiRWCwyXf
THDl0bmJkG1yqO61Y37wq2uPlGf9xxbcSM/vIU24GO59hdZaZFZNhGIoFau0AaS3
bbbRfsT+cExprKYi/wXYPAC/iKedEyoX36N9IC3rhBu8ycrkFTrTQGxu/YAPzBHz
YHuqAN73ZP0sjEF3JkYToT/RXMLYWDNnQL5tLVV3xubVo5TMXsVOEqD1swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJZ8FJHTNYC1sn7T04WzpOt6ldWBMB8GA1UdIwQY
MBaAFJPp9L3fSy3xEKwwg0b0bZRQ8Ts6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1uMHZkOUxMZkVRckRDRFJ2UnRsRkR4T3pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9jMmEyYjEtODY1Ny00Y2YyLWExYTgt
YzJiNjFmODZiMGFhLzEvbG53VWtkTTFnTFd5ZnRQVGhiT2s2M3FWMVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9jMmEyYjEtODY1Ny00Y2YyLWExYTgtYzJiNjFmODZiMGFh
LzEvay1uMHZkOUxMZkVRckRDRFJ2UnRsRkR4T3pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwaT2AwQE
w0hgMA0GCSqGSIb3DQEBCwUAA4IBAQBny7vPVt3CHVNU35tJf1QWM5MQn2dcodk+
RdoB/7Q6H5Jx0TnncK982dTY0DfRIyPXytALUvGqOdIUz6u2thIrObY1f5opbbdQ
VLszDuCerPMs/KJx1krkQcc4udYb/X4knvooTx7/lAG7VeSpFBU+ZUKwoVurdJ8T
CTAN2l7YIDQ1WiacbqLrKtCDPrKnmRntg9X6fqvWm+FvQwsbHzrQet1ydQXPRx4s
9enz3BZDXel94q48sLmYwPdBofr/lrmgf2s7F41yGMrO6O8gIp45R1luPgk86RO2
iWbxrkJTzFwhBkz+AEfzSmIi75XKelvHEjEQnhfUsfxlqhEcHpxI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:50 2025 by rpki-client