Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/lXpqEvo4aQDuPJE5Snikeo9K1i8.roa
File: lXpqEvo4aQDuPJE5Snikeo9K1i8.roa (raw, json)
Hash identifier: fWVhaRkyap7w2lpDlBDsmmC/W4rdGPskomB3dM+9olw=
Subject key identifier: 95:7A:6A:12:FA:38:69:00:EE:3C:91:39:4A:78:A4:7A:8F:4A:D6:2F
Certificate issuer: /CN=b9762db1282ffd084761232038f81f5d29e640d5
Certificate serial: 01856E26839497EF1D4451A340ECB8D33583
Authority key identifier: B9:76:2D:B1:28:2F:FD:08:47:61:23:20:38:F8:1F:5D:29:E6:40:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXYtsSgv_QhHYSMgOPgfXSnmQNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/lXpqEvo4aQDuPJE5Snikeo9K1i8.roa
Signing time: Sun 01 Jan 2023 16:24:55 +0000
ROA not before: Sun 01 Jan 2023 16:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25795
IP address blocks: 185.139.32.0/23 maxlen: 24
2a07:12c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:83:94:97:ef:1d:44:51:a3:40:ec:b8:d3:35:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9762db1282ffd084761232038f81f5d29e640d5
Validity
Not Before: Jan 1 16:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=957a6a12fa386900ee3c91394a78a47a8f4ad62f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:de:9b:5b:ca:ff:58:a6:61:6f:24:7e:3f:12:
d4:cb:f3:2d:50:d1:5a:36:75:da:13:f7:09:1b:57:
9a:d5:85:9b:bf:1b:ed:61:d9:c4:84:20:5f:2a:4f:
2b:22:cd:b9:20:18:94:20:ad:6f:9e:41:99:82:e1:
7d:0b:18:ab:4b:1d:a3:f7:41:ad:31:cd:08:6b:93:
49:ae:a2:3e:05:6f:95:e7:07:5f:cf:e5:6a:f6:84:
79:1d:08:84:39:a9:95:7b:a3:64:48:7b:3d:4e:89:
a2:37:19:5c:c9:fc:88:5e:67:3a:ad:47:af:36:ef:
0e:fd:55:32:ee:c4:9e:18:7c:80:0a:80:2c:37:07:
30:93:39:71:6b:83:f5:32:28:73:c0:7d:23:f5:1f:
8c:4f:08:6a:e6:b4:62:51:24:95:54:b5:cb:8b:c2:
c2:ce:8e:ed:27:ff:74:5d:48:f0:c0:ee:7c:b9:df:
2b:08:de:a3:ca:b0:48:fb:e0:95:d3:fa:57:f8:a3:
2d:1f:bf:12:9e:80:21:71:17:42:10:09:d9:b7:e5:
7b:dd:be:72:dd:a8:b6:d4:ba:ac:a0:8f:39:09:c1:
08:aa:02:e1:2e:b1:e6:b6:19:28:a2:db:af:9e:1e:
00:0d:fd:e5:e1:e1:31:01:08:a3:3f:1d:c1:47:6e:
6a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7A:6A:12:FA:38:69:00:EE:3C:91:39:4A:78:A4:7A:8F:4A:D6:2F
X509v3 Authority Key Identifier:
keyid:B9:76:2D:B1:28:2F:FD:08:47:61:23:20:38:F8:1F:5D:29:E6:40:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXYtsSgv_QhHYSMgOPgfXSnmQNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/lXpqEvo4aQDuPJE5Snikeo9K1i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/uXYtsSgv_QhHYSMgOPgfXSnmQNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.32.0/23
IPv6:
2a07:12c0::/29
Signature Algorithm: sha256WithRSAEncryption
56:07:c9:92:d7:21:e7:c2:b0:2b:c4:ed:f9:ac:ae:3a:59:e3:
08:11:f3:b7:6d:42:65:5d:7e:fc:26:80:a6:b7:5a:fd:db:ba:
3e:cb:00:8e:19:15:54:06:e0:fe:26:42:c6:e9:c6:c7:0f:f9:
d1:33:cc:fc:17:49:b5:be:7c:ea:93:ce:2a:13:53:46:6a:3a:
9f:e6:ca:61:1c:2a:44:09:aa:ab:21:ea:fd:13:88:96:c0:a2:
aa:93:51:73:07:6d:56:50:75:b1:be:d8:21:44:4c:b2:5f:60:
9e:2d:2d:af:40:a2:44:bb:dd:ae:63:d6:b2:92:a4:b4:16:69:
4c:67:14:31:9f:64:15:98:dd:6c:59:d4:b4:a9:69:28:31:bc:
ea:8b:d4:5e:0b:a2:3a:fa:c9:a9:74:92:d4:38:27:f2:ab:08:
3d:5b:0c:8e:ca:7a:b1:80:3a:a2:36:86:91:4e:cd:e0:84:e1:
0c:e9:d6:2c:45:f1:fd:cc:e4:d4:5a:85:0a:74:3f:21:fa:bb:
0c:5b:e5:98:41:05:80:46:97:3c:74:83:1f:bc:7f:5d:45:04:
a1:50:46:e1:b7:8b:e1:02:b8:ff:6e:15:c4:60:74:6a:d3:e6:
4e:64:6e:18:e1:82:de:eb:34:5c:b3:0e:15:ba:3a:6e:48:eb:
1e:8d:cd:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuJoOUl+8dRFGjQOy40zWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NzYyZGIxMjgyZmZkMDg0NzYxMjMyMDM4ZjgxZjVkMjll
NjQwZDUwHhcNMjMwMTAxMTYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTdhNmExMmZhMzg2OTAwZWUzYzkxMzk0YTc4YTQ3YThmNGFkNjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt6bW8r/WKZhbyR+PxLUy/MtUNFa
NnXaE/cJG1ea1YWbvxvtYdnEhCBfKk8rIs25IBiUIK1vnkGZguF9CxirSx2j90Gt
Mc0Ia5NJrqI+BW+V5wdfz+Vq9oR5HQiEOamVe6NkSHs9TomiNxlcyfyIXmc6rUev
Nu8O/VUy7sSeGHyACoAsNwcwkzlxa4P1MihzwH0j9R+MTwhq5rRiUSSVVLXLi8LC
zo7tJ/90XUjwwO58ud8rCN6jyrBI++CV0/pX+KMtH78SnoAhcRdCEAnZt+V73b5y
3ai21LqsoI85CcEIqgLhLrHmthkootuvnh4ADf3l4eExAQijPx3BR25qrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJV6ahL6OGkA7jyROUp4pHqPStYvMB8GA1UdIwQY
MBaAFLl2LbEoL/0IR2EjIDj4H10p5kDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhZdHNTZ3ZfUWhIWVNNZ09QZ2ZYU25tUU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mODE5MTUtNDA1ZS00YjU0LTljYjQt
NzBhNTU2YmE4YTExLzEvbFhwcUV2bzRhUUR1UEpFNVNuaWtlbzlLMWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mODE5MTUtNDA1ZS00YjU0LTljYjQtNzBhNTU2YmE4YTEx
LzEvdVhZdHNTZ3ZfUWhIWVNNZ09QZ2ZYU25tUU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuYsgMA0E
AgACMAcDBQMqBxLAMA0GCSqGSIb3DQEBCwUAA4IBAQBWB8mS1yHnwrArxO35rK46
WeMIEfO3bUJlXX78JoCmt1r927o+ywCOGRVUBuD+JkLG6cbHD/nRM8z8F0m1vnzq
k84qE1NGajqf5sphHCpECaqrIer9E4iWwKKqk1FzB21WUHWxvtghREyyX2CeLS2v
QKJEu92uY9aykqS0FmlMZxQxn2QVmN1sWdS0qWkoMbzqi9ReC6I6+smpdJLUOCfy
qwg9WwyOynqxgDqiNoaRTs3ghOEM6dYsRfH9zOTUWoUKdD8h+rsMW+WYQQWARpc8
dIMfvH9dRQShUEbht4vhArj/bhXEYHRq0+ZOZG4Y4YLe6zRcsw4VujpuSOsejc30
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-fra.rpki-client.org