Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/LvZqxXns1VClNljqyqj8AS4BD8w.roa
File: LvZqxXns1VClNljqyqj8AS4BD8w.roa (raw, json)
Hash identifier: 0E+oPVQ0pmiqm8i/GUXHdefBl948SItvV+SIQn/8pHc=
Subject key identifier: 2E:F6:6A:C5:79:EC:D5:50:A5:36:58:EA:CA:A8:FC:01:2E:01:0F:CC
Certificate issuer: /CN=89ae220b4768da6e276e6a62edd6746d8fc3c1fb
Certificate serial: 01856BDC9F0E9A21FABC64B53FB0BC544E0C
Authority key identifier: 89:AE:22:0B:47:68:DA:6E:27:6E:6A:62:ED:D6:74:6D:8F:C3:C1:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/LvZqxXns1VClNljqyqj8AS4BD8w.roa
Signing time: Sun 01 Jan 2023 05:44:58 +0000
ROA not before: Sun 01 Jan 2023 05:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24940
IP address blocks: 94.154.121.0/24 maxlen: 24
2a11:48c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 10 Apr 2023 09:59:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:9f:0e:9a:21:fa:bc:64:b5:3f:b0:bc:54:4e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ae220b4768da6e276e6a62edd6746d8fc3c1fb
Validity
Not Before: Jan 1 05:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ef66ac579ecd550a53658eacaa8fc012e010fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:13:7c:39:70:78:fb:b7:0a:5a:d0:42:7a:63:
4c:e7:5c:a9:0d:53:22:40:32:34:eb:2f:75:9f:83:
2b:87:18:f5:ed:22:13:bb:54:d6:7b:0a:3c:af:66:
e9:f6:1b:c9:39:d3:bb:b3:c6:ce:ca:3a:f6:e9:15:
73:e5:66:15:95:16:e6:41:3e:14:52:9f:46:0a:a9:
85:7d:28:11:20:e3:4b:30:e5:82:3a:12:77:21:82:
96:a8:98:90:5f:c2:07:0f:65:c3:ce:9a:78:73:d1:
e9:87:bc:40:19:cd:93:42:5e:71:83:0e:18:e2:40:
a5:5a:79:97:f1:ca:06:1f:b0:f9:3d:e6:3d:10:59:
4e:49:17:bf:c7:5b:cc:5f:26:10:5c:b9:75:65:0b:
8e:95:a1:16:e1:83:df:cf:2b:6c:dd:7a:62:b7:4b:
a7:85:44:e3:fa:51:12:6f:12:8c:e4:52:7e:94:e9:
02:8e:89:20:fe:d6:69:8f:4c:5c:6c:95:d1:19:74:
bb:b9:dd:9e:d6:49:23:7e:7c:88:fe:2a:36:4a:e6:
c0:2e:73:aa:7a:ca:ce:f8:af:e7:cb:1f:4a:29:de:
99:ae:bf:9b:22:c2:54:b1:77:1e:d4:0a:a2:18:c9:
3c:34:a7:d9:64:26:3d:ae:53:eb:b0:a0:7d:37:64:
3b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F6:6A:C5:79:EC:D5:50:A5:36:58:EA:CA:A8:FC:01:2E:01:0F:CC
X509v3 Authority Key Identifier:
keyid:89:AE:22:0B:47:68:DA:6E:27:6E:6A:62:ED:D6:74:6D:8F:C3:C1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/LvZqxXns1VClNljqyqj8AS4BD8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.121.0/24
IPv6:
2a11:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:27:64:ed:e9:c6:fb:4e:ac:a2:3b:19:5e:df:b2:a7:70:e8:
91:b5:11:c7:11:14:90:2e:11:8c:68:00:31:5e:99:2b:50:91:
c8:e6:43:26:e4:c5:f8:42:2b:ac:ff:31:e4:1f:99:20:1f:f1:
40:31:32:66:84:55:2a:74:4d:b2:f3:00:0a:03:93:74:4b:ae:
c5:d4:5e:db:2d:7a:95:39:fa:70:36:d3:f8:e3:40:c3:0f:ef:
5d:07:32:4a:5c:0d:e3:dd:6e:04:dc:54:ac:44:2e:38:a7:6a:
8e:9e:a2:8c:2e:87:3e:29:a2:1e:1b:21:31:bc:a4:e4:f7:c8:
a0:53:b1:95:d6:54:ff:25:ae:e2:71:e8:15:d8:d2:e3:38:aa:
8f:69:38:b7:2e:c0:b0:d4:59:09:52:15:6c:50:cc:05:2b:b3:
24:0d:6b:40:32:8c:a3:d9:4e:42:c8:1d:b8:73:8f:5e:2b:df:
8f:10:be:5f:cd:f0:b8:ab:3b:fe:70:f8:09:7c:c5:e1:c6:11:
2f:a0:2f:9d:38:36:c8:d9:6c:84:26:e2:eb:c3:6d:82:71:e8:
9b:31:19:91:85:0e:a0:b7:0c:e6:53:65:04:e5:1a:fc:e0:01:
e3:b6:98:74:4a:7d:09:e7:98:ef:64:32:df:60:4e:35:5d:d0:
76:90:b0:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr3J8OmiH6vGS1P7C8VE4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWUyMjBiNDc2OGRhNmUyNzZlNmE2MmVkZDY3NDZkOGZj
M2MxZmIwHhcNMjMwMTAxMDU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWY2NmFjNTc5ZWNkNTUwYTUzNjU4ZWFjYWE4ZmMwMTJlMDEwZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRN8OXB4+7cKWtBCemNM51ypDVMi
QDI06y91n4Mrhxj17SITu1TWewo8r2bp9hvJOdO7s8bOyjr26RVz5WYVlRbmQT4U
Up9GCqmFfSgRIONLMOWCOhJ3IYKWqJiQX8IHD2XDzpp4c9Hph7xAGc2TQl5xgw4Y
4kClWnmX8coGH7D5PeY9EFlOSRe/x1vMXyYQXLl1ZQuOlaEW4YPfzyts3Xpit0un
hUTj+lESbxKM5FJ+lOkCjokg/tZpj0xcbJXRGXS7ud2e1kkjfnyI/io2SubALnOq
esrO+K/nyx9KKd6Zrr+bIsJUsXce1AqiGMk8NKfZZCY9rlPrsKB9N2Q7cwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC72asV57NVQpTZY6sqo/AEuAQ/MMB8GA1UdIwQY
MBaAFImuIgtHaNpuJ25qYu3WdG2Pw8H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zYjhhNDAtNzYxMC00ZTRkLTliMzct
NzQxZmE0ZTEwZTM2LzEvTHZacXhYbnMxVkNsTmxqcXlxajhBUzRCRDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zYjhhNDAtNzYxMC00ZTRkLTliMzctNzQxZmE0ZTEwZTM2
LzEvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXpp5MA0E
AgACMAcDBQMqEUjAMA0GCSqGSIb3DQEBCwUAA4IBAQCRJ2Tt6cb7TqyiOxle37Kn
cOiRtRHHERSQLhGMaAAxXpkrUJHI5kMm5MX4Qius/zHkH5kgH/FAMTJmhFUqdE2y
8wAKA5N0S67F1F7bLXqVOfpwNtP440DDD+9dBzJKXA3j3W4E3FSsRC44p2qOnqKM
Loc+KaIeGyExvKTk98igU7GV1lT/Ja7icegV2NLjOKqPaTi3LsCw1FkJUhVsUMwF
K7MkDWtAMoyj2U5CyB24c49eK9+PEL5fzfC4qzv+cPgJfMXhxhEvoC+dODbI2WyE
JuLrw22CceibMRmRhQ6gtwzmU2UE5Rr84AHjtph0Sn0J55jvZDLfYE41XdB2kLAP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:44 2024 by rpki-client on console-ams.rpki-client.org