Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/lgOr4vdVfV5WHAKkFQ-5OmKxPmo.roa
File: lgOr4vdVfV5WHAKkFQ-5OmKxPmo.roa (raw, json)
Hash identifier: 00bNuBF3ZRZPqdhK27Z/AbAOu8m6zrpRLc2QePE6d+0=
Subject key identifier: 96:03:AB:E2:F7:55:7D:5E:56:1C:02:A4:15:0F:B9:3A:62:B1:3E:6A
Certificate issuer: /CN=9b62648e913a3640f031b63a6bd92b0e28e139fb
Certificate serial: 0195373EE23DD60218E9CC000DD9550CDA86
Authority key identifier: 9B:62:64:8E:91:3A:36:40:F0:31:B6:3A:6B:D9:2B:0E:28:E1:39:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2JkjpE6NkDwMbY6a9krDijhOfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/lgOr4vdVfV5WHAKkFQ-5OmKxPmo.roa
Signing time: Mon 24 Feb 2025 09:17:02 +0000
ROA not before: Mon 24 Feb 2025 09:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210615
IP address blocks: 87.236.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 09:40:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:3e:e2:3d:d6:02:18:e9:cc:00:0d:d9:55:0c:da:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b62648e913a3640f031b63a6bd92b0e28e139fb
Validity
Not Before: Feb 24 09:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9603abe2f7557d5e561c02a4150fb93a62b13e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1b:6c:25:b1:1c:72:87:82:48:e5:95:dd:eb:
a5:1e:bf:f0:51:1d:96:ae:d4:9c:ae:e5:3c:5c:a0:
2c:52:92:33:67:5e:61:df:a9:4c:42:8d:38:79:4e:
33:65:22:b7:2e:90:1c:1c:26:16:57:12:30:89:ec:
54:38:c2:04:ae:cd:fd:56:68:7c:d3:2b:2e:2d:b0:
c5:7f:e9:40:62:aa:b8:d0:96:ad:e1:55:70:e4:b6:
6b:68:c6:0d:d1:85:08:59:eb:f9:9b:ab:7d:9a:ba:
a8:01:4c:70:1f:48:3b:dd:21:dc:e7:5e:14:00:f7:
2a:a5:43:91:31:bc:69:2d:2c:37:e9:34:d3:33:b1:
59:3b:86:ae:64:01:5a:96:9f:b4:5a:41:d8:ae:c6:
10:31:36:96:93:91:e4:81:ad:d7:de:6c:61:bf:d8:
6b:b2:45:43:6a:89:06:ec:ee:ef:49:6f:89:b7:b8:
78:af:f4:0b:27:16:f5:92:2d:04:90:96:31:2c:cc:
48:2a:18:ba:88:d2:b9:83:a5:6d:a1:3c:70:8c:b2:
93:7d:5f:7f:6d:05:14:e2:1b:d2:cf:c0:94:e7:41:
2f:5f:e6:a6:f1:22:48:52:5b:48:6d:61:a5:65:d8:
60:46:b4:40:61:c7:13:e9:d7:9c:81:5b:b4:8a:da:
43:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:03:AB:E2:F7:55:7D:5E:56:1C:02:A4:15:0F:B9:3A:62:B1:3E:6A
X509v3 Authority Key Identifier:
keyid:9B:62:64:8E:91:3A:36:40:F0:31:B6:3A:6B:D9:2B:0E:28:E1:39:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2JkjpE6NkDwMbY6a9krDijhOfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/lgOr4vdVfV5WHAKkFQ-5OmKxPmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/m2JkjpE6NkDwMbY6a9krDijhOfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.145.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:5b:19:bc:8c:0b:9e:e8:13:f5:7e:da:d0:75:0c:76:13:ae:
eb:e9:90:15:3c:6f:e9:b6:e9:25:08:ab:61:85:2f:4c:5f:19:
fa:03:3a:03:70:d3:02:55:17:a9:91:bf:14:eb:17:57:68:8b:
00:5b:4d:96:2c:af:9d:5a:d4:36:cd:87:60:25:53:fb:0a:38:
31:90:e9:56:dc:32:61:47:26:36:bd:e4:da:54:54:e3:ea:25:
1d:87:89:7f:a9:44:32:87:50:6b:19:c2:23:8f:a2:5e:2e:34:
c1:60:49:85:43:ca:12:5a:f0:e0:75:62:a8:05:4b:38:51:52:
6a:e6:9b:d0:79:01:9b:aa:eb:78:a3:e5:91:31:bb:7f:85:7f:
0f:25:a2:d3:01:3d:fc:3a:28:9e:83:2c:d2:d4:d8:5f:9c:10:
65:4c:cd:b1:0b:a2:12:a6:84:d4:d6:9d:e6:e7:8f:60:6c:61:
20:9c:d8:2d:0f:cd:7d:4e:f8:31:70:c7:c4:74:de:c8:43:ee:
91:43:a4:59:ca:99:ba:7e:b5:b1:9a:36:40:79:ef:86:18:32:
7b:78:e1:10:7b:69:eb:3c:f9:68:e0:6c:c8:bf:92:94:ec:97:
40:d6:ba:ae:11:91:10:d0:ee:b7:d3:a9:d5:0e:f2:97:ed:f5:
b3:29:1c:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU3PuI91gIY6cwADdlVDNqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNjI2NDhlOTEzYTM2NDBmMDMxYjYzYTZiZDkyYjBlMjhl
MTM5ZmIwHhcNMjUwMjI0MDkxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjAzYWJlMmY3NTU3ZDVlNTYxYzAyYTQxNTBmYjkzYTYyYjEzZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRtsJbEccoeCSOWV3eulHr/wUR2W
rtScruU8XKAsUpIzZ15h36lMQo04eU4zZSK3LpAcHCYWVxIwiexUOMIErs39Vmh8
0ysuLbDFf+lAYqq40Jat4VVw5LZraMYN0YUIWev5m6t9mrqoAUxwH0g73SHc514U
APcqpUORMbxpLSw36TTTM7FZO4auZAFalp+0WkHYrsYQMTaWk5Hkga3X3mxhv9hr
skVDaokG7O7vSW+Jt7h4r/QLJxb1ki0EkJYxLMxIKhi6iNK5g6VtoTxwjLKTfV9/
bQUU4hvSz8CU50EvX+am8SJIUltIbWGlZdhgRrRAYccT6decgVu0itpDbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYDq+L3VX1eVhwCpBUPuTpisT5qMB8GA1UdIwQY
MBaAFJtiZI6ROjZA8DG2OmvZKw4o4Tn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJKa2pwRTZOa0R3TWJZNmE5a3JEaWpoT2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ODY1ZDctOWZlYS00N2Y2LWEzZmMt
OThiZDE1NjAyOWMwLzEvbGdPcjR2ZFZmVjVXSEFLa0ZRLTVPbUt4UG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ODY1ZDctOWZlYS00N2Y2LWEzZmMtOThiZDE1NjAyOWMw
LzEvbTJKa2pwRTZOa0R3TWJZNmE5a3JEaWpoT2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+yRMA0G
CSqGSIb3DQEBCwUAA4IBAQBLWxm8jAue6BP1ftrQdQx2E67r6ZAVPG/ptuklCKth
hS9MXxn6AzoDcNMCVRepkb8U6xdXaIsAW02WLK+dWtQ2zYdgJVP7CjgxkOlW3DJh
RyY2veTaVFTj6iUdh4l/qUQyh1BrGcIjj6JeLjTBYEmFQ8oSWvDgdWKoBUs4UVJq
5pvQeQGbqut4o+WRMbt/hX8PJaLTAT38OiiegyzS1NhfnBBlTM2xC6ISpoTU1p3m
549gbGEgnNgtD819TvgxcMfEdN7IQ+6RQ6RZypm6frWxmjZAee+GGDJ7eOEQe2nr
PPlo4GzIv5KU7JdA1rquEZEQ0O6306nVDvKX7fWzKRw4
-----END CERTIFICATE-----
Generated at Tue May 6 03:50:52 2025 by rpki-client