Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/l77a2JZ-Lfl_XXupqot_Rh94gjs.roa
File: l77a2JZ-Lfl_XXupqot_Rh94gjs.roa (raw, json)
Hash identifier: hKMj99k1h4DMobFd4VsKu9SoujUix6bayX9uFfnU6Ww=
Subject key identifier: 97:BE:DA:D8:96:7E:2D:F9:7F:5D:7B:A9:AA:8B:7F:46:1F:78:82:3B
Certificate issuer: /CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Certificate serial: 018F105973A0949B7C13EB3124F194D86200
Authority key identifier: 9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/l77a2JZ-Lfl_XXupqot_Rh94gjs.roa
Signing time: Wed 24 Apr 2024 13:44:08 +0000
ROA not before: Wed 24 Apr 2024 13:44:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44712
IP address blocks: 151.249.104.0/21 maxlen: 24
151.249.104.0/23 maxlen: 24
151.249.107.0/24 maxlen: 24
151.249.108.0/22 maxlen: 24
2a01:a8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Apr 2024 14:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:59:73:a0:94:9b:7c:13:eb:31:24:f1:94:d8:62:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Validity
Not Before: Apr 24 13:44:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97bedad8967e2df97f5d7ba9aa8b7f461f78823b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7e:ba:bd:c9:c7:6f:6b:27:c6:53:0a:95:c7:
4b:85:80:98:33:60:91:d1:6d:01:08:fb:22:0b:60:
3a:f1:bd:39:22:3c:f1:19:31:0a:75:fa:67:75:1c:
3a:8b:87:96:ff:df:62:20:b4:c3:be:69:7f:2b:56:
93:0e:46:55:84:07:80:f4:cf:c5:8b:17:25:e8:a6:
ae:8d:04:3a:49:24:ff:cb:b1:b4:8a:51:69:33:6b:
72:a3:99:75:94:36:90:a3:51:29:4f:28:23:fb:52:
d9:4d:4b:c8:f1:e9:71:fb:7b:5d:a2:50:ad:54:f1:
aa:56:64:d9:60:9e:b3:1f:20:44:ae:86:f7:10:b9:
73:5f:01:83:c3:38:48:b4:0a:66:c6:da:9d:dc:d4:
bb:07:08:e5:57:6d:fc:0a:8d:5c:77:71:b9:9c:38:
4f:20:dd:7f:c0:77:e4:64:59:03:7d:75:35:6f:20:
a3:bb:1e:15:c1:24:06:cb:ed:f9:99:98:8d:3c:33:
f4:c3:c6:c0:0e:32:83:55:63:86:ea:77:e8:e0:26:
36:0d:03:f0:b9:16:c2:2a:d5:1c:bd:73:e6:f7:d0:
f5:9c:00:1b:e1:f1:40:da:02:bb:d5:c4:cc:8c:a0:
a7:66:c9:c3:50:96:8f:d5:8a:0c:55:6c:39:59:7b:
1d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BE:DA:D8:96:7E:2D:F9:7F:5D:7B:A9:AA:8B:7F:46:1F:78:82:3B
X509v3 Authority Key Identifier:
keyid:9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/l77a2JZ-Lfl_XXupqot_Rh94gjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.104.0/21
IPv6:
2a01:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:51:bd:31:9e:a5:cc:31:79:8b:b0:1c:bd:82:d7:dc:10:61:
1e:a6:a3:13:8a:18:45:c6:2b:98:05:8d:57:f3:93:e6:d3:72:
fa:0e:a7:32:d2:aa:f7:d9:4b:11:39:11:d0:6a:28:68:11:10:
52:44:83:a6:26:27:92:dd:f9:ad:e9:eb:9c:f8:d1:40:e1:16:
b8:00:bc:e2:23:4c:a9:4a:cf:77:18:54:67:78:35:fb:02:a7:
94:3f:06:63:dc:fb:28:7d:a4:54:b4:bb:f7:44:98:55:00:f3:
d4:18:9f:88:9c:61:3a:c6:8f:38:08:2e:f2:62:8f:59:bd:89:
60:ae:cc:c0:f5:b6:9b:17:ae:4a:83:a0:af:2f:ab:60:bb:dc:
45:84:4a:6f:de:2e:f4:0b:2a:08:0d:5e:5c:16:d4:70:7d:3e:
65:fd:27:73:72:7e:36:2c:5d:11:7a:14:17:18:53:af:39:bf:
39:39:7c:64:5f:5f:96:9d:1f:7b:c8:46:d0:f1:12:ef:3b:d6:
a9:7f:25:80:4d:52:07:50:95:dd:21:f0:12:d3:cf:61:33:33:
9b:38:f3:d5:0b:12:bf:60:d2:16:dd:6d:75:86:84:08:b0:8d:
a1:e3:16:03:67:99:9a:9c:48:c7:02:25:e1:60:69:83:d3:5b:
68:74:a7:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8QWXOglJt8E+sxJPGU2GIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWYwYmY5M2ZjNDM4MWZmZjdlN2FhODZiNDA3NmMwMzMy
NDJmZmEwHhcNMjQwNDI0MTM0NDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JlZGFkODk2N2UyZGY5N2Y1ZDdiYTlhYThiN2Y0NjFmNzg4MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH66vcnHb2snxlMKlcdLhYCYM2CR
0W0BCPsiC2A68b05IjzxGTEKdfpndRw6i4eW/99iILTDvml/K1aTDkZVhAeA9M/F
ixcl6KaujQQ6SST/y7G0ilFpM2tyo5l1lDaQo1EpTygj+1LZTUvI8elx+3tdolCt
VPGqVmTZYJ6zHyBErob3ELlzXwGDwzhItApmxtqd3NS7BwjlV238Co1cd3G5nDhP
IN1/wHfkZFkDfXU1byCjux4VwSQGy+35mZiNPDP0w8bADjKDVWOG6nfo4CY2DQPw
uRbCKtUcvXPm99D1nAAb4fFA2gK71cTMjKCnZsnDUJaP1YoMVWw5WXsdZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJe+2tiWfi35f117qaqLf0YfeII7MB8GA1UdIwQY
MBaAFJ+vC/k/xDgf/356qGtAdsAzJC/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgt
ZjUyMGE3ZDcxZWY1LzEvbDc3YTJKWi1MZmxfWFh1cHFvdF9SaDk0Z2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgtZjUyMGE3ZDcxZWY1
LzEvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDl/loMA0E
AgACMAcDBQMqAajAMA0GCSqGSIb3DQEBCwUAA4IBAQAUUb0xnqXMMXmLsBy9gtfc
EGEepqMTihhFxiuYBY1X85Pm03L6Dqcy0qr32UsRORHQaihoERBSRIOmJieS3fmt
6euc+NFA4Ra4ALziI0ypSs93GFRneDX7AqeUPwZj3PsofaRUtLv3RJhVAPPUGJ+I
nGE6xo84CC7yYo9ZvYlgrszA9babF65Kg6CvL6tgu9xFhEpv3i70CyoIDV5cFtRw
fT5l/Sdzcn42LF0RehQXGFOvOb85OXxkX1+WnR97yEbQ8RLvO9apfyWATVIHUJXd
IfAS089hMzObOPPVCxK/YNIW3W11hoQIsI2h4xYDZ5manEjHAiXhYGmD01todKek
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:27:59 2025 by rpki-client