Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/lbeZajyvrvJVTDr-NrOWhktmYFw.roa
File: lbeZajyvrvJVTDr-NrOWhktmYFw.roa (raw, json)
Hash identifier: KAzDSgZGvuMGVHxICCUN53hZ97qbRZPcmb5Za/34REM=
Subject key identifier: 95:B7:99:6A:3C:AF:AE:F2:55:4C:3A:FE:36:B3:96:86:4B:66:60:5C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01918EB922416F58E4712C7CEDA10D3E0570
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/lbeZajyvrvJVTDr-NrOWhktmYFw.roa
Signing time: Mon 26 Aug 2024 12:46:23 +0000
ROA not before: Mon 26 Aug 2024 12:46:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29456
IP address blocks: 82.151.96.0/19 maxlen: 19
82.151.110.0/24 maxlen: 24
95.71.104.0/21 maxlen: 21
109.62.128.0/17 maxlen: 17
Validation: Failed, certificate revoked on Wed 28 Aug 2024 13:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:b9:22:41:6f:58:e4:71:2c:7c:ed:a1:0d:3e:05:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 26 12:46:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95b7996a3cafaef2554c3afe36b396864b66605c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d6:6f:15:2b:11:bc:03:08:d7:66:61:b7:cf:
d9:82:8e:1e:21:43:6f:3e:03:2a:90:c6:d5:ad:d9:
e7:4c:65:1f:56:3a:97:5e:42:24:1f:33:5d:c3:5e:
8f:32:73:bf:3d:2f:32:d5:fe:cc:21:5f:cc:fb:cc:
92:12:f9:56:6c:78:6b:4e:b5:ab:76:0b:7a:43:c3:
2d:86:2e:43:2f:a7:91:a0:8e:5d:18:4c:13:d6:53:
4a:02:c9:e2:0d:03:b2:c6:b0:e4:0f:cf:0c:78:c9:
34:f5:96:fe:86:41:73:77:10:8e:15:5f:9c:89:86:
cc:f0:cd:f7:8a:49:cc:b0:f6:fe:5f:c2:3d:03:66:
08:5e:bf:25:81:23:81:01:ea:c0:26:a7:a4:f6:35:
fb:c2:39:0c:ff:a5:52:98:e0:36:ac:94:33:2f:f8:
c5:a6:6d:5c:aa:24:7e:8d:41:d3:c8:45:e8:82:60:
4b:77:0e:20:ff:e8:88:98:47:4c:99:e6:49:d6:1d:
2b:a9:ee:26:50:0f:db:66:20:a8:c4:7a:0c:2a:46:
15:ac:c7:5a:a0:e0:b0:03:90:96:31:36:67:33:1c:
e3:2d:42:29:0e:b1:8a:ea:01:0c:4e:47:e2:0f:ed:
62:17:50:ee:f2:8b:17:de:db:04:e0:8c:80:40:7f:
97:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B7:99:6A:3C:AF:AE:F2:55:4C:3A:FE:36:B3:96:86:4B:66:60:5C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/lbeZajyvrvJVTDr-NrOWhktmYFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.151.96.0/19
95.71.104.0/21
109.62.128.0/17
Signature Algorithm: sha256WithRSAEncryption
7e:24:d8:91:5c:f0:e0:9d:34:b8:93:af:9d:a5:4a:7c:8b:bd:
1a:0a:d9:1e:f3:a8:0c:d5:f2:f3:bf:79:2b:c1:a7:6c:12:74:
67:cf:e4:b8:ee:b0:d1:31:6d:3c:e9:71:c1:6d:4e:70:0a:e8:
87:88:18:bc:ca:ed:a7:f0:d8:64:6e:94:da:41:a9:82:f6:73:
29:54:c7:f4:39:dc:16:d6:a7:2c:37:20:7d:2f:1f:99:42:3c:
91:42:0f:1c:0d:5b:11:e5:35:bb:f3:ee:97:28:a3:7f:3b:60:
03:1a:d8:4c:e6:b7:39:ee:b3:90:5e:66:bd:d2:3b:37:6d:ff:
49:a0:93:48:03:1b:3b:5b:07:5f:bb:e1:b7:08:b3:e2:92:19:
c6:b2:3b:b1:47:95:e6:21:f2:4e:78:eb:12:63:82:30:bc:a9:
c5:fd:72:a4:c4:5d:bb:af:a9:ec:85:da:37:f2:e1:1c:66:95:
7a:02:13:45:18:ef:1a:c3:6c:ba:c5:ed:e4:cd:4d:61:67:d6:
21:99:05:d6:07:69:71:59:ed:cc:ea:37:a8:ff:e3:8b:24:be:
9b:c0:4a:91:b2:93:0b:06:c9:b5:a8:2e:b2:58:6b:9a:74:6a:
b3:aa:ce:35:61:86:6f:f3:a0:7a:23:7d:43:6b:ad:86:b3:a2:
e1:93:47:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGOuSJBb1jkcSx87aENPgVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI2MTI0NjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI3OTk2YTNjYWZhZWYyNTU0YzNhZmUzNmIzOTY4NjRiNjY2MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudZvFSsRvAMI12Zht8/Zgo4eIUNv
PgMqkMbVrdnnTGUfVjqXXkIkHzNdw16PMnO/PS8y1f7MIV/M+8ySEvlWbHhrTrWr
dgt6Q8Mthi5DL6eRoI5dGEwT1lNKAsniDQOyxrDkD88MeMk09Zb+hkFzdxCOFV+c
iYbM8M33iknMsPb+X8I9A2YIXr8lgSOBAerAJqek9jX7wjkM/6VSmOA2rJQzL/jF
pm1cqiR+jUHTyEXogmBLdw4g/+iImEdMmeZJ1h0rqe4mUA/bZiCoxHoMKkYVrMda
oOCwA5CWMTZnMxzjLUIpDrGK6gEMTkfiD+1iF1Du8osX3tsE4IyAQH+X3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJW3mWo8r67yVUw6/jazloZLZmBcMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbGJlWmFqeXZydkpWVERyLU5yT1doa3RtWUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFUpdgAwQD
X0doAwQHbT6AMA0GCSqGSIb3DQEBCwUAA4IBAQB+JNiRXPDgnTS4k6+dpUp8i70a
Ctke86gM1fLzv3krwadsEnRnz+S47rDRMW086XHBbU5wCuiHiBi8yu2n8NhkbpTa
QamC9nMpVMf0OdwW1qcsNyB9Lx+ZQjyRQg8cDVsR5TW78+6XKKN/O2ADGthM5rc5
7rOQXma90js3bf9JoJNIAxs7Wwdfu+G3CLPikhnGsjuxR5XmIfJOeOsSY4IwvKnF
/XKkxF27r6nshdo38uEcZpV6AhNFGO8aw2y6xe3kzU1hZ9YhmQXWB2lxWe3M6jeo
/+OLJL6bwEqRspMLBsm1qC6yWGuadGqzqs41YYZv86B6I31Da62Gs6Lhk0eJ
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:40:51 2025 by rpki-client