Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/lKVpny3YRf0ky2eFiQ8csw8RdKc.roa
File: lKVpny3YRf0ky2eFiQ8csw8RdKc.roa (raw, json)
Hash identifier: QrPgJHYyGEPu6kuT+IC7YDRAaN6EIa1h9aC5hFVWYKM=
Subject key identifier: 94:A5:69:9F:2D:D8:45:FD:24:CB:67:85:89:0F:1C:B3:0F:11:74:A7
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0189C11CD181BF26CDA747B37635377D97E9
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/lKVpny3YRf0ky2eFiQ8csw8RdKc.roa
Signing time: Fri 04 Aug 2023 15:13:58 +0000
ROA not before: Fri 04 Aug 2023 15:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.80.0/22 maxlen: 22
176.117.88.0/21 maxlen: 22
Validation: Failed, certificate revoked on Thu 14 Sep 2023 15:53:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c1:1c:d1:81:bf:26:cd:a7:47:b3:76:35:37:7d:97:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Aug 4 15:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94a5699f2dd845fd24cb6785890f1cb30f1174a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:e7:54:0e:97:a1:7f:5f:84:7e:a1:bf:ab:
7a:1b:41:b1:1e:8d:40:4f:3b:0d:7c:18:33:7f:4a:
a7:c9:82:88:a3:93:d2:4b:22:7b:2d:8e:d9:a4:53:
8e:41:80:a6:c6:78:01:c5:16:d3:f8:51:ed:ef:00:
e3:b6:f5:e0:b1:ae:71:c7:dc:a9:0e:0e:c2:5b:7b:
1b:96:36:df:9c:90:d1:81:ca:6a:8c:f6:85:74:de:
93:dc:a4:3d:21:a6:37:56:9b:48:e1:a2:c4:8f:59:
58:1a:f0:42:00:94:f5:d9:fa:8a:c3:dd:67:1c:88:
bf:2a:b0:a6:b3:ca:97:97:af:aa:9f:35:a7:0a:26:
44:17:21:c8:30:52:9d:c0:cd:69:c5:10:39:a9:89:
9b:2a:d3:31:18:f6:c6:07:8e:1a:66:d2:f7:21:d6:
27:ac:2c:2b:af:c8:b9:da:3a:ee:42:ed:62:aa:b2:
89:da:c0:a9:0e:29:56:22:9b:37:51:fb:0c:8e:69:
7a:51:ec:c3:b1:54:d4:e5:cd:bd:d2:61:21:0c:a1:
c5:6f:af:1e:ce:f5:7a:c1:86:73:5e:6e:1b:e5:4d:
ee:e2:aa:39:84:4a:9d:86:cc:d0:42:68:86:92:ac:
c2:42:b8:b6:f6:86:fa:81:b6:19:4f:08:0c:46:15:
5c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A5:69:9F:2D:D8:45:FD:24:CB:67:85:89:0F:1C:B3:0F:11:74:A7
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/lKVpny3YRf0ky2eFiQ8csw8RdKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.80.0/22
176.117.88.0/21
Signature Algorithm: sha256WithRSAEncryption
24:99:18:8b:91:ef:eb:db:99:1c:6f:50:62:d2:47:cb:7a:0f:
5a:0c:b5:ea:1b:ac:07:78:3c:03:b9:e3:2a:8d:ce:12:9e:9c:
01:e0:0d:5b:12:5d:9b:b2:70:a9:de:ce:00:76:44:18:63:28:
01:64:63:ab:8a:73:bf:b1:5e:e4:0e:91:22:a8:07:21:c5:0e:
b2:81:c4:35:c2:ae:32:f2:81:e1:8b:9d:ac:8c:32:fd:88:a2:
c0:7d:68:2e:63:fb:fb:e9:bb:68:a3:f2:97:b7:07:d2:af:eb:
69:b1:22:31:b1:8f:bc:68:2e:af:ca:34:31:82:eb:12:07:87:
0e:5c:08:7a:e3:8f:00:f6:e7:bd:bf:6a:0d:c8:44:eb:68:14:
3d:04:6c:56:68:5f:0d:2b:4c:3d:be:4f:71:89:70:27:bf:a9:
72:9d:c6:71:d1:9c:1d:56:ae:75:11:f1:c8:38:82:6d:e4:44:
9c:73:2b:f7:7e:c6:39:5c:cc:2a:65:20:c0:69:19:90:22:54:
13:b6:78:47:18:e7:61:30:b9:ea:c5:bb:92:6f:e6:58:7c:57:
37:5b:f3:75:d9:1c:59:97:d4:cc:8d:04:15:23:04:72:4b:51:
00:fc:a4:44:d7:11:7e:d3:24:85:a5:7b:08:e4:4d:c5:4e:54:
17:5f:aa:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnBHNGBvybNp0ezdjU3fZfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjMwODA0MTUxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGE1Njk5ZjJkZDg0NWZkMjRjYjY3ODU4OTBmMWNiMzBmMTE3NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkrnVA6XoX9fhH6hv6t6G0GxHo1A
TzsNfBgzf0qnyYKIo5PSSyJ7LY7ZpFOOQYCmxngBxRbT+FHt7wDjtvXgsa5xx9yp
Dg7CW3sbljbfnJDRgcpqjPaFdN6T3KQ9IaY3VptI4aLEj1lYGvBCAJT12fqKw91n
HIi/KrCms8qXl6+qnzWnCiZEFyHIMFKdwM1pxRA5qYmbKtMxGPbGB44aZtL3IdYn
rCwrr8i52jruQu1iqrKJ2sCpDilWIps3UfsMjml6UezDsVTU5c290mEhDKHFb68e
zvV6wYZzXm4b5U3u4qo5hEqdhszQQmiGkqzCQri29ob6gbYZTwgMRhVc2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJSlaZ8t2EX9JMtnhYkPHLMPEXSnMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvbEtWcG55M1lSZjBreTJlRmlROGNzdzhSZEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHVQAwQD
sHVYMA0GCSqGSIb3DQEBCwUAA4IBAQAkmRiLke/r25kcb1Bi0kfLeg9aDLXqG6wH
eDwDueMqjc4SnpwB4A1bEl2bsnCp3s4AdkQYYygBZGOrinO/sV7kDpEiqAchxQ6y
gcQ1wq4y8oHhi52sjDL9iKLAfWguY/v76btoo/KXtwfSr+tpsSIxsY+8aC6vyjQx
gusSB4cOXAh6448A9ue9v2oNyETraBQ9BGxWaF8NK0w9vk9xiXAnv6lyncZx0Zwd
Vq51EfHIOIJt5ESccyv3fsY5XMwqZSDAaRmQIlQTtnhHGOdhMLnqxbuSb+ZYfFc3
W/N12RxZl9TMjQQVIwRyS1EA/KRE1xF+0ySFpXsI5E3FTlQXX6r/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org