Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b8169b-8bfd-40ff-b9ba-403043048118/1/Lb9exMg_YRu6hpRZjQKugNCQq0Q.roa
File: Lb9exMg_YRu6hpRZjQKugNCQq0Q.roa (raw, json)
Hash identifier: sPf8TYWKHxwaEZ5L3eLSedvL0F+vRhQNaJQAMrEboLM=
Subject key identifier: 2D:BF:5E:C4:C8:3F:61:1B:BA:86:94:59:8D:02:AE:80:D0:90:AB:44
Certificate issuer: /CN=66f983138969f8da674f7b5c0133e0c2d029b4c8
Certificate serial: 01856E2F80FDA34E01A10978B413FC9FD5F7
Authority key identifier: 66:F9:83:13:89:69:F8:DA:67:4F:7B:5C:01:33:E0:C2:D0:29:B4:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvmDE4lp-NpnT3tcATPgwtAptMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b8169b-8bfd-40ff-b9ba-403043048118/1/Lb9exMg_YRu6hpRZjQKugNCQq0Q.roa
Signing time: Sun 01 Jan 2023 16:34:44 +0000
ROA not before: Sun 01 Jan 2023 16:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197350
IP address blocks: 185.90.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:80:fd:a3:4e:01:a1:09:78:b4:13:fc:9f:d5:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f983138969f8da674f7b5c0133e0c2d029b4c8
Validity
Not Before: Jan 1 16:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dbf5ec4c83f611bba8694598d02ae80d090ab44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:26:22:57:21:7f:32:44:0c:73:41:67:c2:1e:
b3:16:f8:55:3a:fa:46:21:17:33:fd:5e:e9:a5:d2:
78:c5:d6:74:5c:60:d4:74:27:b5:1a:70:8a:6f:aa:
56:8a:e5:87:52:ed:71:fd:27:f6:41:6f:61:1d:89:
90:cb:01:6b:fc:c2:7d:a9:3e:98:e6:25:f9:ce:1d:
71:c2:df:53:e7:5d:6d:7d:9f:47:a6:d8:12:d3:71:
6b:89:77:dd:d0:2b:9d:4c:8f:fa:af:b1:72:77:6a:
1b:c0:a9:4f:c7:16:c1:9f:c7:35:8f:58:8d:e5:1d:
9a:72:0a:47:0b:4e:4a:b2:8d:3d:7e:16:89:b7:ba:
03:9a:55:e5:56:d9:f6:8f:c3:ce:00:fe:43:66:cc:
ea:2b:f5:ce:90:ed:7c:e6:99:dd:b3:d0:82:1b:a7:
da:01:0b:b0:7f:4e:9e:a5:36:f2:d4:70:a2:00:4f:
af:25:96:94:69:cd:22:b2:50:4b:1e:7a:e5:35:16:
02:e9:8e:c4:c5:b0:52:f4:97:43:51:66:67:94:cd:
e8:e5:de:48:da:7a:51:0f:29:36:fc:08:c2:2a:aa:
34:d4:68:f1:1f:f6:f6:fe:84:fc:4f:40:d9:11:11:
c1:b7:d2:2c:58:64:18:18:63:f7:d3:b7:17:68:d9:
3e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BF:5E:C4:C8:3F:61:1B:BA:86:94:59:8D:02:AE:80:D0:90:AB:44
X509v3 Authority Key Identifier:
keyid:66:F9:83:13:89:69:F8:DA:67:4F:7B:5C:01:33:E0:C2:D0:29:B4:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvmDE4lp-NpnT3tcATPgwtAptMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b8169b-8bfd-40ff-b9ba-403043048118/1/Lb9exMg_YRu6hpRZjQKugNCQq0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b8169b-8bfd-40ff-b9ba-403043048118/1/ZvmDE4lp-NpnT3tcATPgwtAptMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.124.0/22
Signature Algorithm: sha256WithRSAEncryption
92:fc:e8:c8:97:f9:fa:07:8b:91:19:4b:63:60:c9:3f:05:32:
d6:c5:81:7d:b7:9d:65:75:ff:7f:40:d7:2a:6c:d9:9f:6a:b6:
fd:00:98:c7:be:82:fb:9b:6b:11:e2:14:7a:4b:25:36:74:10:
20:2e:15:70:37:b5:c8:4f:f4:96:1b:51:30:a2:f3:2e:81:bf:
25:59:d5:e8:7b:fc:a3:0d:1b:09:bc:94:57:2b:f9:f8:7f:59:
e6:bd:8f:02:f8:82:52:41:13:d6:4f:ae:2c:56:5e:1a:4b:08:
f4:70:90:0a:43:ff:1d:d7:90:dc:16:56:01:91:70:5c:eb:ae:
8e:61:2b:0a:c4:fa:68:8e:31:86:14:5b:d2:5c:b7:9f:76:d5:
90:f3:42:68:a1:df:7e:d7:5e:92:14:ae:aa:67:53:5c:39:6f:
ea:fd:f1:c8:57:48:59:36:5f:c7:73:bf:a5:9f:86:20:3a:9c:
d5:67:d1:12:7c:c8:4c:8a:0c:c1:6b:ba:ae:9e:d7:93:15:0a:
c5:79:cc:8e:3d:40:47:d2:d0:88:3e:a2:8b:60:32:3f:93:89:
70:9a:65:c2:f6:6a:6b:3b:0f:26:df:26:ae:12:d2:e4:90:26:
43:e4:a1:25:6a:5f:85:32:8e:6f:17:91:e1:fd:40:3c:8b:6c:
d2:75:e1:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL4D9o04BoQl4tBP8n9X3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2Zjk4MzEzODk2OWY4ZGE2NzRmN2I1YzAxMzNlMGMyZDAy
OWI0YzgwHhcNMjMwMTAxMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGJmNWVjNGM4M2Y2MTFiYmE4Njk0NTk4ZDAyYWU4MGQwOTBhYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyYiVyF/MkQMc0Fnwh6zFvhVOvpG
IRcz/V7ppdJ4xdZ0XGDUdCe1GnCKb6pWiuWHUu1x/Sf2QW9hHYmQywFr/MJ9qT6Y
5iX5zh1xwt9T511tfZ9HptgS03FriXfd0CudTI/6r7Fyd2obwKlPxxbBn8c1j1iN
5R2acgpHC05Kso09fhaJt7oDmlXlVtn2j8POAP5DZszqK/XOkO185pnds9CCG6fa
AQuwf06epTby1HCiAE+vJZaUac0islBLHnrlNRYC6Y7ExbBS9JdDUWZnlM3o5d5I
2npRDyk2/AjCKqo01GjxH/b2/oT8T0DZERHBt9IsWGQYGGP307cXaNk+BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2/XsTIP2EbuoaUWY0CroDQkKtEMB8GA1UdIwQY
MBaAFGb5gxOJafjaZ097XAEz4MLQKbTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZtREU0bHAtTnBuVDN0Y0FUUGd3dEFwdE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iODE2OWItOGJmZC00MGZmLWI5YmEt
NDAzMDQzMDQ4MTE4LzEvTGI5ZXhNZ19ZUnU2aHBSWmpRS3VnTkNRcTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iODE2OWItOGJmZC00MGZmLWI5YmEtNDAzMDQzMDQ4MTE4
LzEvWnZtREU0bHAtTnBuVDN0Y0FUUGd3dEFwdE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVp8MA0G
CSqGSIb3DQEBCwUAA4IBAQCS/OjIl/n6B4uRGUtjYMk/BTLWxYF9t51ldf9/QNcq
bNmfarb9AJjHvoL7m2sR4hR6SyU2dBAgLhVwN7XIT/SWG1EwovMugb8lWdXoe/yj
DRsJvJRXK/n4f1nmvY8C+IJSQRPWT64sVl4aSwj0cJAKQ/8d15DcFlYBkXBc666O
YSsKxPpojjGGFFvSXLefdtWQ80Jood9+116SFK6qZ1NcOW/q/fHIV0hZNl/Hc7+l
n4YgOpzVZ9ESfMhMigzBa7qunteTFQrFecyOPUBH0tCIPqKLYDI/k4lwmmXC9mpr
Ow8m3yauEtLkkCZD5KElal+FMo5vF5Hh/UA8i2zSdeE/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org