Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/lblxmx67DknyCvOWt_MBn_TaZAE.roa
File: lblxmx67DknyCvOWt_MBn_TaZAE.roa (raw, json)
Hash identifier: edw9vZ4rpznNDj7od9wSQIj+u+/L+ymvnFXN3MIvXzw=
Subject key identifier: 95:B9:71:9B:1E:BB:0E:49:F2:0A:F3:96:B7:F3:01:9F:F4:DA:64:01
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 019387E36D642A04F0766D5B5116899E8BDD
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/lblxmx67DknyCvOWt_MBn_TaZAE.roa
Signing time: Mon 02 Dec 2024 15:00:48 +0000
ROA not before: Mon 02 Dec 2024 15:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36352
IP address blocks: 74.122.24.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 03 Dec 2024 05:45:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:e3:6d:64:2a:04:f0:76:6d:5b:51:16:89:9e:8b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Dec 2 15:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95b9719b1ebb0e49f20af396b7f3019ff4da6401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0b:8d:15:10:8d:ab:a4:3e:2a:b9:07:d5:d4:
b1:af:b8:bd:6a:50:55:fd:18:66:47:d4:43:88:9a:
44:f0:35:03:bb:f8:3a:f9:6d:8a:4c:cd:29:72:e5:
97:34:5c:d0:de:d7:34:af:ce:02:51:2d:a4:9c:96:
2e:69:fc:9a:21:55:5a:65:2e:04:7e:ea:1f:68:66:
a9:51:af:2a:15:1d:34:8d:6a:b3:0f:eb:83:94:d9:
74:38:9f:ea:37:4e:17:77:8f:cd:be:90:29:07:09:
d3:bc:29:29:0e:b4:e9:4b:54:b8:27:01:5f:25:40:
4a:ce:80:48:88:71:31:0a:89:99:fe:64:ea:0c:03:
52:6a:81:9a:c7:03:39:e1:60:52:e2:1f:fc:19:4f:
2c:65:1a:4a:2e:dc:d7:41:77:2e:70:68:ce:60:13:
3b:fd:43:02:8b:8b:bd:28:a6:94:97:2a:d8:77:a2:
16:ac:a8:60:2a:54:cc:c2:6a:f1:7d:34:5a:ec:ad:
2f:22:bb:64:49:85:bc:3c:20:8b:92:30:b8:34:29:
cd:d6:a5:5d:5f:40:a1:2c:5b:03:03:81:4f:1c:5a:
b4:8c:be:18:68:0a:c9:b1:90:f5:4c:6f:d1:1b:fe:
65:08:0b:71:4b:db:87:c6:31:07:d3:6a:88:4e:84:
d7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B9:71:9B:1E:BB:0E:49:F2:0A:F3:96:B7:F3:01:9F:F4:DA:64:01
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/lblxmx67DknyCvOWt_MBn_TaZAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.122.24.0/22
Signature Algorithm: sha256WithRSAEncryption
64:cd:ad:e8:3d:92:67:ab:00:cd:46:cd:7b:e3:cb:62:f0:d5:
d9:be:7e:b5:88:8d:c4:1b:a7:6f:ee:87:17:d9:10:67:08:a8:
76:1c:40:ae:d6:e5:be:18:6d:bc:fb:f4:40:07:ed:e4:96:d9:
a8:ad:f9:a2:a2:f7:3f:f3:25:aa:b6:f7:c1:94:87:db:2e:93:
d8:21:b3:44:19:9a:93:a4:dd:e2:ef:b2:b1:3a:a7:1a:5a:6f:
f1:a8:50:8c:b2:0a:d9:4b:2c:b0:89:0e:e3:c4:4f:7b:f7:b9:
fc:18:44:ec:9a:c0:e0:2d:af:69:8d:33:d2:15:90:25:7b:6b:
b4:d9:97:9a:2e:0a:a3:aa:c0:8a:4e:69:eb:cd:ba:2e:8d:85:
f5:1f:51:7e:4a:9a:ef:d5:98:da:21:1a:ae:d7:68:84:bb:67:
cd:58:74:5c:47:8e:e4:ba:d3:a6:ef:f6:fc:b1:be:bc:9f:4c:
41:52:76:d8:63:15:25:c8:77:50:70:22:a3:c5:b0:cc:6f:7c:
aa:8e:89:da:fd:a1:1b:c9:ed:a9:b4:b0:3b:8b:d8:7a:39:6c:
e5:c1:af:89:ee:38:0c:97:a9:05:02:0f:32:c0:a5:88:9f:c6:
04:84:a0:0e:84:2f:74:07:5b:8f:dc:a0:a3:c7:ce:d2:82:69:
c3:50:77:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOH421kKgTwdm1bURaJnovdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjQxMjAyMTUwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI5NzE5YjFlYmIwZTQ5ZjIwYWYzOTZiN2YzMDE5ZmY0ZGE2NDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAuNFRCNq6Q+KrkH1dSxr7i9alBV
/RhmR9RDiJpE8DUDu/g6+W2KTM0pcuWXNFzQ3tc0r84CUS2knJYuafyaIVVaZS4E
fuofaGapUa8qFR00jWqzD+uDlNl0OJ/qN04Xd4/NvpApBwnTvCkpDrTpS1S4JwFf
JUBKzoBIiHExComZ/mTqDANSaoGaxwM54WBS4h/8GU8sZRpKLtzXQXcucGjOYBM7
/UMCi4u9KKaUlyrYd6IWrKhgKlTMwmrxfTRa7K0vIrtkSYW8PCCLkjC4NCnN1qVd
X0ChLFsDA4FPHFq0jL4YaArJsZD1TG/RG/5lCAtxS9uHxjEH02qIToTXZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJW5cZseuw5J8grzlrfzAZ/02mQBMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvbGJseG14NjdEa255Q3ZPV3RfTUJuX1RhWkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCSnoYMA0G
CSqGSIb3DQEBCwUAA4IBAQBkza3oPZJnqwDNRs1748ti8NXZvn61iI3EG6dv7ocX
2RBnCKh2HECu1uW+GG28+/RAB+3kltmorfmiovc/8yWqtvfBlIfbLpPYIbNEGZqT
pN3i77KxOqcaWm/xqFCMsgrZSyywiQ7jxE9797n8GETsmsDgLa9pjTPSFZAle2u0
2ZeaLgqjqsCKTmnrzboujYX1H1F+Sprv1ZjaIRqu12iEu2fNWHRcR47kutOm7/b8
sb68n0xBUnbYYxUlyHdQcCKjxbDMb3yqjona/aEbye2ptLA7i9h6OWzlwa+J7jgM
l6kFAg8ywKWIn8YEhKAOhC90B1uP3KCjx87SgmnDUHe+
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:24 2025 by rpki-client