Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/LQJmIv9SKWmugqD--Kh4rOEOk_I.roa
File: LQJmIv9SKWmugqD--Kh4rOEOk_I.roa (raw, json)
Hash identifier: 4XseE+LSxnuFj9fA4jUe4h4VRPyBfcF4U0C72XyvpJ8=
Subject key identifier: 2D:02:66:22:FF:52:29:69:AE:82:A0:FE:F8:A8:78:AC:E1:0E:93:F2
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521DB3AF55C626EE13840FBCF49BE04
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/LQJmIv9SKWmugqD--Kh4rOEOk_I.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150249
IP address blocks: 2a0a:280:2a00::/40 maxlen: 48
2a0a:280:2e00::/39 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 09:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:db:3a:f5:5c:62:6e:e1:38:40:fb:cf:49:be:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d026622ff522969ae82a0fef8a878ace10e93f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:59:ce:e6:93:c9:5e:3c:16:26:ef:5f:9a:13:
7d:cb:cd:ef:cc:45:61:ab:e0:33:03:69:6b:eb:de:
84:8c:b9:2c:d3:f0:a7:5e:ca:6e:1a:3a:a6:f3:cb:
ea:ee:a4:de:c3:5e:8c:63:c7:f4:50:74:e1:30:4c:
d2:98:37:84:8b:98:a4:38:f6:22:a0:d1:64:7f:42:
95:c7:5e:31:12:7b:91:78:00:29:b4:e1:d2:66:b6:
89:6c:47:82:26:fe:9e:c6:bb:b4:fe:ea:5b:73:c3:
af:21:42:ee:e7:34:f7:fc:7c:a9:f5:b1:e0:bf:31:
67:e5:ad:a8:88:e9:e4:fe:70:59:7b:43:3c:01:9f:
8e:3f:2d:49:82:3b:00:31:0a:a7:1f:c7:f3:db:f8:
34:72:e0:ba:f3:7d:6f:ed:75:b4:49:42:64:f7:e2:
cc:89:5c:5f:4a:f3:6b:e1:f7:87:04:44:c5:99:a9:
4c:cc:9e:9c:a0:c1:e4:d6:a0:c3:b9:12:d2:a3:6d:
45:65:62:8a:f1:df:bc:e1:9c:97:75:17:2f:c7:1b:
47:fd:21:dd:c3:01:c9:81:b7:57:57:51:1b:fc:9f:
81:c2:77:ee:e7:2b:32:3f:9f:5a:1b:08:ef:08:fd:
4d:76:d9:5a:c8:53:0d:95:a9:70:65:5b:e5:2a:68:
0b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:02:66:22:FF:52:29:69:AE:82:A0:FE:F8:A8:78:AC:E1:0E:93:F2
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/LQJmIv9SKWmugqD--Kh4rOEOk_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2a00::/40
2a0a:280:2e00::/39
Signature Algorithm: sha256WithRSAEncryption
67:90:4f:70:8a:69:92:63:fd:39:99:71:d4:e0:5e:08:c6:db:
f1:08:4d:e8:92:77:a1:9c:20:db:6c:49:07:99:fb:ff:93:d5:
a4:c9:f5:6d:28:23:a5:10:48:0c:4f:94:59:1d:7d:1a:99:f1:
83:64:93:79:43:0c:c0:22:85:11:3e:fd:d7:39:29:22:ca:bd:
b6:a3:ba:ba:c4:62:3a:1f:b4:8b:b4:82:b4:14:1f:1c:13:30:
18:72:8e:97:8a:5a:87:21:09:c1:17:9d:8e:39:3e:e8:92:00:
fd:f8:9e:fd:66:b6:d8:4d:0c:3b:1a:d0:58:1b:9d:58:0a:2e:
b5:87:25:c9:31:57:d0:e8:0d:e1:b5:30:6d:f4:ee:00:90:2e:
04:1c:a4:96:ee:90:30:a9:1b:d3:01:50:4f:1d:9d:8c:73:72:
4f:e3:01:42:1a:10:f7:ad:82:46:19:d7:03:e6:8e:92:8f:1f:
2c:6e:19:b0:83:f6:22:2e:00:4d:2a:ea:ca:05:d2:ac:cd:f7:
ae:a0:a7:ba:49:d9:71:d3:af:10:d4:d2:53:ef:cc:97:6d:ea:
77:f6:3b:b5:3b:38:9e:fb:d7:60:a6:90:6d:52:52:1c:df:dd:
81:37:96:b6:9e:b6:e7:6b:b0:b4:65:bc:e2:16:4a:23:02:e0:
de:30:85:a7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQlIds69VxibuE4QPvPSb4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDAyNjYyMmZmNTIyOTY5YWU4MmEwZmVmOGE4NzhhY2UxMGU5M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1nO5pPJXjwWJu9fmhN9y83vzEVh
q+AzA2lr696EjLks0/CnXspuGjqm88vq7qTew16MY8f0UHThMEzSmDeEi5ikOPYi
oNFkf0KVx14xEnuReAAptOHSZraJbEeCJv6exru0/upbc8OvIULu5zT3/Hyp9bHg
vzFn5a2oiOnk/nBZe0M8AZ+OPy1JgjsAMQqnH8fz2/g0cuC6831v7XW0SUJk9+LM
iVxfSvNr4feHBETFmalMzJ6coMHk1qDDuRLSo21FZWKK8d+84ZyXdRcvxxtH/SHd
wwHJgbdXV1Eb/J+Bwnfu5ysyP59aGwjvCP1NdtlayFMNlalwZVvlKmgLIQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFC0CZiL/UilproKg/vioeKzhDpPyMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvTFFKbUl2OVNLV211Z3FELS1LaDRyT0VPa19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgoCgCoD
BgEqCgKALjANBgkqhkiG9w0BAQsFAAOCAQEAZ5BPcIppkmP9OZlx1OBeCMbb8QhN
6JJ3oZwg22xJB5n7/5PVpMn1bSgjpRBIDE+UWR19Gpnxg2STeUMMwCKFET791zkp
Isq9tqO6usRiOh+0i7SCtBQfHBMwGHKOl4pahyEJwRedjjk+6JIA/fie/Wa22E0M
OxrQWBudWAoutYclyTFX0OgN4bUwbfTuAJAuBByklu6QMKkb0wFQTx2djHNyT+MB
QhoQ962CRhnXA+aOko8fLG4ZsIP2Ii4ATSrqygXSrM33rqCnuknZcdOvENTSU+/M
l23qd/Y7tTs4nvvXYKaQbVJSHN/dgTeWtp6252uwtGW84hZKIwLg3jCFpw==
-----END CERTIFICATE-----
Generated at Sun May 11 14:41:01 2025 by rpki-client