Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/Lnx4mXOB6_nsUUxANX_tTgZCqYk.roa
File: Lnx4mXOB6_nsUUxANX_tTgZCqYk.roa (raw, json)
Hash identifier: 2MaEXXdf6Ncbo4H5FGy7wh5oY42KDMupGT7sJumgYIo=
Subject key identifier: 2E:7C:78:99:73:81:EB:F9:EC:51:4C:40:35:7F:ED:4E:06:42:A9:89
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019518CDE9B6ECC6AE172E102396C378F4E0
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/Lnx4mXOB6_nsUUxANX_tTgZCqYk.roa
Signing time: Tue 18 Feb 2025 11:25:02 +0000
ROA not before: Tue 18 Feb 2025 11:25:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13852
IP address blocks: 2a0d:d940:50::/44 maxlen: 44
Validation: Failed, certificate revoked on Tue 18 Feb 2025 12:07:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:18:cd:e9:b6:ec:c6:ae:17:2e:10:23:96:c3:78:f4:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Feb 18 11:25:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e7c78997381ebf9ec514c40357fed4e0642a989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:76:99:cf:2b:67:27:b4:02:d4:6b:9f:86:f3:
27:d4:e3:b5:6a:0d:7a:d2:82:ce:c1:26:cc:73:d4:
0a:3e:66:ac:87:a0:cf:ee:45:9c:43:22:fb:de:01:
42:20:f5:0f:78:b6:7b:2b:0e:f8:92:35:64:46:ba:
e7:17:08:4a:ce:8e:2b:fc:ac:f4:dc:07:05:a4:81:
28:24:a2:12:34:f7:f7:0f:3a:90:7d:1e:88:e3:c9:
08:d0:ba:08:dd:b4:19:88:5d:80:c2:cb:06:1f:ef:
cb:8a:f6:55:ef:15:da:73:00:80:02:98:f5:97:d2:
f9:b6:d9:d5:d0:c4:ac:1c:bb:25:78:2e:bd:14:e2:
37:c3:1f:a3:31:6b:a7:99:b7:e5:5a:99:47:6b:7e:
8b:e5:60:1d:0e:ed:1a:bc:29:43:5b:c9:7d:2e:fd:
09:d1:ac:e3:52:bb:09:90:7b:7a:35:21:13:d1:ff:
d0:b2:d1:a9:ed:c5:3c:68:e7:1a:ae:13:73:b5:44:
28:c7:4d:5f:41:07:8d:ce:f9:8f:8b:9a:49:ad:cb:
0a:81:29:e2:de:4f:c7:40:ab:bf:a4:a6:2b:c5:f5:
82:ad:e4:9f:79:d2:39:9d:37:2f:0e:d7:14:33:65:
64:b0:46:27:4e:b5:d0:f8:0e:03:f5:68:a7:50:6b:
b2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:7C:78:99:73:81:EB:F9:EC:51:4C:40:35:7F:ED:4E:06:42:A9:89
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/Lnx4mXOB6_nsUUxANX_tTgZCqYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:50::/44
Signature Algorithm: sha256WithRSAEncryption
7c:d1:6a:6b:34:e5:00:0d:a6:43:64:4d:95:4f:18:9b:94:8a:
71:18:91:be:d4:5f:f2:de:a6:9a:c6:e6:f9:a5:23:1d:2b:7c:
bd:3e:d0:5d:e0:ae:e1:66:f7:b6:ee:12:fc:49:f7:21:8b:90:
70:87:2c:63:d9:4c:cb:a4:53:da:82:57:2c:d0:b8:40:c7:6c:
1c:9f:7e:87:f6:54:d9:16:c2:98:fe:1e:da:fb:df:7f:b6:ca:
e4:74:42:2b:d4:0e:88:eb:42:d3:e9:17:8d:33:e0:a4:5e:9a:
fb:bc:3c:be:2e:be:5c:e3:0e:29:51:ef:82:36:6b:81:fd:18:
84:d1:22:c4:fc:34:ea:3b:91:41:00:9d:d8:10:97:46:40:59:
13:af:85:18:51:74:63:4b:71:38:61:32:8a:41:46:9f:48:8b:
83:ef:cc:36:f9:15:e8:69:bd:70:a2:8c:4b:33:3d:84:82:8c:
ad:18:78:4b:a6:c8:33:7f:74:c1:66:56:4c:1d:58:c8:77:ce:
b0:ec:44:8d:7b:42:a8:4e:f3:67:40:30:e5:d6:90:c7:d0:d4:
fb:1b:68:f6:1d:64:1a:0f:47:2b:24:8b:9c:ce:6d:92:e5:9d:
bb:a3:20:79:05:59:ab:dc:8e:ec:58:45:f6:b9:47:48:6d:24:
35:da:5e:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZUYzem27MauFy4QI5bDePTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwMjE4MTEyNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTdjNzg5OTczODFlYmY5ZWM1MTRjNDAzNTdmZWQ0ZTA2NDJhOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnaZzytnJ7QC1GufhvMn1OO1ag16
0oLOwSbMc9QKPmash6DP7kWcQyL73gFCIPUPeLZ7Kw74kjVkRrrnFwhKzo4r/Kz0
3AcFpIEoJKISNPf3DzqQfR6I48kI0LoI3bQZiF2AwssGH+/LivZV7xXacwCAApj1
l9L5ttnV0MSsHLsleC69FOI3wx+jMWunmbflWplHa36L5WAdDu0avClDW8l9Lv0J
0azjUrsJkHt6NSET0f/QstGp7cU8aOcarhNztUQox01fQQeNzvmPi5pJrcsKgSni
3k/HQKu/pKYrxfWCreSfedI5nTcvDtcUM2VksEYnTrXQ+A4D9WinUGuyFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC58eJlzgev57FFMQDV/7U4GQqmJMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvTG54NG1YT0I2X25zVVV4QU5YX3RUZ1pDcVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg3ZQABQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB80WprNOUADaZDZE2VTxiblIpxGJG+1F/y3qaa
xub5pSMdK3y9PtBd4K7hZve27hL8Sfchi5Bwhyxj2UzLpFPaglcs0LhAx2wcn36H
9lTZFsKY/h7a+99/tsrkdEIr1A6I60LT6ReNM+CkXpr7vDy+Lr5c4w4pUe+CNmuB
/RiE0SLE/DTqO5FBAJ3YEJdGQFkTr4UYUXRjS3E4YTKKQUafSIuD78w2+RXoab1w
ooxLMz2EgoytGHhLpsgzf3TBZlZMHVjId86w7ESNe0KoTvNnQDDl1pDH0NT7G2j2
HWQaD0crJIuczm2S5Z27oyB5BVmr3I7sWEX2uUdIbSQ12l7A
-----END CERTIFICATE-----
Generated at Sun May 11 22:53:31 2025 by rpki-client