Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/LdssWBlOyBtz7m3A7FvGlcZbslE.roa
File: LdssWBlOyBtz7m3A7FvGlcZbslE.roa (raw, json)
Hash identifier: LdBK79FF73Gjplb046dveVId+RRI167Jk2vdpxuS5+4=
Subject key identifier: 2D:DB:2C:58:19:4E:C8:1B:73:EE:6D:C0:EC:5B:C6:95:C6:5B:B2:51
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE64A477AA78CC7F28E56384EEC482F
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/LdssWBlOyBtz7m3A7FvGlcZbslE.roa
Signing time: Sun 01 Jan 2023 10:35:09 +0000
ROA not before: Sun 01 Jan 2023 10:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 213.91.168.0/24 maxlen: 24
212.5.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:4a:47:7a:a7:8c:c7:f2:8e:56:38:4e:ec:48:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ddb2c58194ec81b73ee6dc0ec5bc695c65bb251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c5:a5:9b:d5:31:88:4a:02:ba:cc:fc:18:48:
c8:ea:f1:95:85:dc:8e:aa:8b:b8:1a:ac:da:79:57:
36:a7:61:68:f7:f7:31:e6:f0:2e:bc:94:16:80:81:
68:31:de:99:06:76:a2:66:07:5f:03:78:6d:51:f6:
e3:06:97:72:43:5d:d4:24:71:49:97:27:eb:34:6e:
cf:bb:a4:c3:2f:23:4f:77:1e:1f:2b:59:83:81:c3:
58:f8:06:ed:f6:b9:26:14:bc:5f:eb:62:8f:7f:e0:
6f:6c:53:b8:dc:d9:03:66:6b:e2:4a:5f:c2:e4:4d:
a4:02:c5:24:87:6a:3d:7b:ea:ee:a0:b2:8d:97:f7:
b5:53:e2:82:88:b4:54:9c:11:89:4a:13:ad:8b:bf:
3a:1c:7b:89:a6:89:15:ce:ad:0e:58:3a:2f:b3:ad:
02:6b:6c:aa:39:9b:1a:ee:ce:23:40:0c:20:a8:83:
59:18:ea:34:82:02:1c:2f:b7:86:b3:92:26:ed:d7:
b7:b3:45:29:f2:fa:77:5f:69:fa:bc:19:cf:86:0c:
1c:ed:62:ef:88:7d:03:3f:39:db:1c:60:b8:09:d7:
11:59:11:ca:f5:75:5b:8e:a9:66:71:5d:a8:24:bd:
99:a5:c8:ab:e9:24:99:d4:eb:9a:4a:69:71:24:69:
e0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DB:2C:58:19:4E:C8:1B:73:EE:6D:C0:EC:5B:C6:95:C6:5B:B2:51
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/LdssWBlOyBtz7m3A7FvGlcZbslE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.5.156.0/24
213.91.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:07:a4:39:dc:0e:d5:27:1d:17:99:06:aa:05:6a:7c:d6:57:
a9:1d:67:34:05:c7:7c:d0:58:9c:c3:c8:cb:5c:5d:eb:b0:e7:
e0:0e:55:e2:79:58:88:7b:99:06:e5:00:b6:ba:54:97:05:78:
48:26:5a:08:d5:f4:e9:8d:13:62:ae:1a:aa:cd:73:14:bc:fb:
c8:b2:7d:09:1b:a4:ca:25:74:49:9b:31:43:50:b0:93:6f:1d:
6d:18:92:c9:df:da:02:bb:90:b1:ec:d3:3f:c4:d0:a3:73:87:
4b:df:9b:fa:40:49:33:62:41:c4:a7:0e:fe:b5:8e:be:37:22:
ce:d5:ec:e7:db:d3:d9:62:9b:f3:db:07:34:e7:1c:1d:86:d2:
56:1a:2f:5a:3f:b7:c7:2f:b0:70:7a:05:89:66:a5:bc:ae:89:
42:d8:5d:3a:0c:c7:dc:27:10:53:81:1f:2b:e2:59:dd:0c:c6:
21:12:9c:ed:12:f5:01:81:70:12:37:6f:5d:4a:b7:e1:29:5b:
20:dc:f2:b9:e2:96:e1:52:a2:8a:bc:66:f0:cc:13:f4:8f:ed:
07:ff:5d:99:e5:3a:c7:8e:48:df:44:2a:5b:f5:9f:ed:b8:62:
0b:4f:b1:ee:55:00:7f:59:e3:94:2d:b5:14:e0:1d:e3:34:c7:
b2:71:9c:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs5kpHeqeMx/KOVjhO7EgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRiMmM1ODE5NGVjODFiNzNlZTZkYzBlYzViYzY5NWM2NWJiMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocWlm9UxiEoCusz8GEjI6vGVhdyO
qou4GqzaeVc2p2Fo9/cx5vAuvJQWgIFoMd6ZBnaiZgdfA3htUfbjBpdyQ13UJHFJ
lyfrNG7Pu6TDLyNPdx4fK1mDgcNY+Abt9rkmFLxf62KPf+BvbFO43NkDZmviSl/C
5E2kAsUkh2o9e+ruoLKNl/e1U+KCiLRUnBGJShOti786HHuJpokVzq0OWDovs60C
a2yqOZsa7s4jQAwgqINZGOo0ggIcL7eGs5Im7de3s0Up8vp3X2n6vBnPhgwc7WLv
iH0DPznbHGC4CdcRWRHK9XVbjqlmcV2oJL2Zpcir6SSZ1OuaSmlxJGng4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3bLFgZTsgbc+5twOxbxpXGW7JRMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvTGRzc1dCbE95QnR6N20zQTdGdkdsY1pic2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1AWcAwQA
1VuoMA0GCSqGSIb3DQEBCwUAA4IBAQCpB6Q53A7VJx0XmQaqBWp81lepHWc0Bcd8
0Ficw8jLXF3rsOfgDlXieViIe5kG5QC2ulSXBXhIJloI1fTpjRNirhqqzXMUvPvI
sn0JG6TKJXRJmzFDULCTbx1tGJLJ39oCu5Cx7NM/xNCjc4dL35v6QEkzYkHEpw7+
tY6+NyLO1ezn29PZYpvz2wc05xwdhtJWGi9aP7fHL7BwegWJZqW8rolC2F06DMfc
JxBTgR8r4lndDMYhEpztEvUBgXASN29dSrfhKVsg3PK54pbhUqKKvGbwzBP0j+0H
/12Z5TrHjkjfRCpb9Z/tuGILT7HuVQB/WeOULbUU4B3jNMeycZwL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org