Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/63c344-b50e-4af0-9e9e-fcd4f797d356/1/LhNJKq63i3c8VHbabax3p3blMrU.roa
File: LhNJKq63i3c8VHbabax3p3blMrU.roa (raw, json)
Hash identifier: VXkaTB+RJ88DhsQ7Id9YTYOOIWxBRSRw8QF3SYHP5X8=
Subject key identifier: 2E:13:49:2A:AE:B7:8B:77:3C:54:76:DA:6D:AC:77:A7:76:E5:32:B5
Certificate issuer: /CN=265873ae2350d0e3e8c3553bf90646112764e1c0
Certificate serial: 01856FC28E01ACEBAADBE69C68BC7F90020D
Authority key identifier: 26:58:73:AE:23:50:D0:E3:E8:C3:55:3B:F9:06:46:11:27:64:E1:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JlhzriNQ0OPow1U7-QZGESdk4cA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/63c344-b50e-4af0-9e9e-fcd4f797d356/1/LhNJKq63i3c8VHbabax3p3blMrU.roa
Signing time: Sun 01 Jan 2023 23:54:59 +0000
ROA not before: Sun 01 Jan 2023 23:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52177
IP address blocks: 194.26.208.0/24 maxlen: 24
2a12:5800::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:8e:01:ac:eb:aa:db:e6:9c:68:bc:7f:90:02:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=265873ae2350d0e3e8c3553bf90646112764e1c0
Validity
Not Before: Jan 1 23:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e13492aaeb78b773c5476da6dac77a776e532b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1d:56:dd:ff:f0:51:bf:bd:03:30:33:3e:e2:
c0:1d:7c:bb:7b:d5:30:fa:0f:a3:bf:fe:81:65:d7:
df:ca:02:fb:a4:05:df:fa:2e:bd:3e:4b:7d:51:d2:
a0:5d:68:a0:76:d4:91:ae:28:dc:90:22:cb:66:a5:
10:ae:7d:91:08:91:92:88:22:20:79:61:dc:71:c8:
65:17:8a:79:a6:8c:75:e9:87:1e:fc:11:98:3d:66:
4d:95:86:9c:67:6d:d9:a1:31:81:e1:14:e8:c0:e8:
a0:26:2d:89:00:67:6b:26:67:23:99:61:56:ca:87:
d2:0c:3f:7b:6f:ce:df:e1:88:c7:1a:51:a9:92:a7:
f3:d3:25:91:81:93:0d:78:cb:dd:6d:46:54:b8:a3:
58:95:68:d2:82:d2:85:17:52:0a:c9:1d:64:ca:f7:
6e:ac:f9:2f:f5:4e:09:56:fa:09:58:24:3a:42:24:
54:82:f7:79:d9:7c:67:90:7f:49:82:b0:e8:07:3d:
6a:6c:38:76:89:07:32:ac:4b:52:5e:a4:81:35:f7:
20:a9:b4:b1:4e:8c:51:6b:71:04:2f:af:2b:48:be:
ca:b0:8a:85:5c:e6:93:58:3c:b1:e6:ec:0f:bf:54:
60:68:fa:86:d9:c7:b7:b8:40:81:c8:8b:f7:d4:a5:
0a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:13:49:2A:AE:B7:8B:77:3C:54:76:DA:6D:AC:77:A7:76:E5:32:B5
X509v3 Authority Key Identifier:
keyid:26:58:73:AE:23:50:D0:E3:E8:C3:55:3B:F9:06:46:11:27:64:E1:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JlhzriNQ0OPow1U7-QZGESdk4cA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/63c344-b50e-4af0-9e9e-fcd4f797d356/1/LhNJKq63i3c8VHbabax3p3blMrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/63c344-b50e-4af0-9e9e-fcd4f797d356/1/JlhzriNQ0OPow1U7-QZGESdk4cA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.208.0/24
IPv6:
2a12:5800::/29
Signature Algorithm: sha256WithRSAEncryption
74:b0:11:fe:0d:00:95:95:e6:3d:1a:49:a5:6d:5d:dc:04:ea:
5b:b8:cb:6f:37:f7:6f:fb:55:c0:34:d1:3b:a9:63:4e:d9:d6:
c5:57:39:13:5b:ad:93:80:48:0c:0b:4e:e1:fe:f9:ae:1d:18:
68:7e:57:52:4f:63:61:43:bc:7b:71:1c:bf:f4:a1:6e:62:82:
04:36:3e:cc:ca:88:98:2b:30:d5:d4:3d:5a:ec:c3:d8:ec:98:
45:f9:37:f3:44:8d:e2:59:88:71:03:68:51:55:df:48:f7:65:
79:f6:4a:e3:0e:f9:19:7e:65:5b:f9:6a:a1:c2:27:b0:bd:7f:
85:70:72:f1:1f:4c:ad:40:3d:7c:6d:87:48:1a:77:69:20:b3:
06:a7:24:9f:2d:85:bb:e3:41:ab:32:ed:7f:41:0e:d4:46:71:
d7:87:35:45:fe:53:6b:f4:78:fd:74:ef:95:5a:ad:67:10:9d:
e7:41:14:ad:9e:b9:07:16:96:1d:ad:45:45:2a:a4:65:bd:31:
d7:07:02:4d:da:2e:81:d8:1d:a0:c7:3c:d3:a0:29:93:c2:63:
a9:ed:82:f2:19:4e:8a:13:8a:a0:15:d7:05:75:4b:4d:d0:22:
f6:73:89:4d:2c:d7:25:38:6c:83:a1:84:3e:49:00:97:10:bc:
c4:7c:18:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwo4BrOuq2+acaLx/kAINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NTg3M2FlMjM1MGQwZTNlOGMzNTUzYmY5MDY0NjExMjc2
NGUxYzAwHhcNMjMwMTAxMjM1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTEzNDkyYWFlYjc4Yjc3M2M1NDc2ZGE2ZGFjNzdhNzc2ZTUzMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh1W3f/wUb+9AzAzPuLAHXy7e9Uw
+g+jv/6BZdffygL7pAXf+i69Pkt9UdKgXWigdtSRrijckCLLZqUQrn2RCJGSiCIg
eWHccchlF4p5pox16Yce/BGYPWZNlYacZ23ZoTGB4RTowOigJi2JAGdrJmcjmWFW
yofSDD97b87f4YjHGlGpkqfz0yWRgZMNeMvdbUZUuKNYlWjSgtKFF1IKyR1kyvdu
rPkv9U4JVvoJWCQ6QiRUgvd52XxnkH9JgrDoBz1qbDh2iQcyrEtSXqSBNfcgqbSx
ToxRa3EEL68rSL7KsIqFXOaTWDyx5uwPv1RgaPqG2ce3uECByIv31KUKUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC4TSSqut4t3PFR22m2sd6d25TK1MB8GA1UdIwQY
MBaAFCZYc64jUNDj6MNVO/kGRhEnZOHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmxoenJpTlEwT1BvdzFVNy1RWkdFU2RrNGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82M2MzNDQtYjUwZS00YWYwLTllOWUt
ZmNkNGY3OTdkMzU2LzEvTGhOSktxNjNpM2M4VkhiYWJheDNwM2JsTXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82M2MzNDQtYjUwZS00YWYwLTllOWUtZmNkNGY3OTdkMzU2
LzEvSmxoenJpTlEwT1BvdzFVNy1RWkdFU2RrNGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwhrQMA0E
AgACMAcDBQMqElgAMA0GCSqGSIb3DQEBCwUAA4IBAQB0sBH+DQCVleY9GkmlbV3c
BOpbuMtvN/dv+1XANNE7qWNO2dbFVzkTW62TgEgMC07h/vmuHRhofldST2NhQ7x7
cRy/9KFuYoIENj7MyoiYKzDV1D1a7MPY7JhF+TfzRI3iWYhxA2hRVd9I92V59krj
DvkZfmVb+WqhwiewvX+FcHLxH0ytQD18bYdIGndpILMGpySfLYW740GrMu1/QQ7U
RnHXhzVF/lNr9Hj9dO+VWq1nEJ3nQRStnrkHFpYdrUVFKqRlvTHXBwJN2i6B2B2g
xzzToCmTwmOp7YLyGU6KE4qgFdcFdUtN0CL2c4lNLNclOGyDoYQ+SQCXELzEfBh/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:28 2024 by rpki-client on console-fra.rpki-client.org