Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/LfT0C0dAVbx5xnyGJquSP7QTNgI.roa
File: LfT0C0dAVbx5xnyGJquSP7QTNgI.roa (raw, json)
Hash identifier: h0atVbdj3l6ARQ/yZBhuhJdTkPx48r9dIxBC3F4pjBk=
Subject key identifier: 2D:F4:F4:0B:47:40:55:BC:79:C6:7C:86:26:AB:92:3F:B4:13:36:02
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018DEA6CB218ABD57A4176EF9F71EBD00D5A
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/LfT0C0dAVbx5xnyGJquSP7QTNgI.roa
Signing time: Tue 27 Feb 2024 11:56:48 +0000
ROA not before: Tue 27 Feb 2024 11:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9583
IP address blocks: 193.38.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 17:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:6c:b2:18:ab:d5:7a:41:76:ef:9f:71:eb:d0:0d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Feb 27 11:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2df4f40b474055bc79c67c8626ab923fb4133602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3d:b7:31:b9:4d:18:72:ea:1b:aa:eb:b1:8c:
06:71:e4:01:94:c3:c1:ca:f2:6a:0d:a5:f9:5a:70:
1f:b6:46:02:9a:0c:c3:03:8b:1a:f6:27:2d:13:ab:
7b:15:f4:43:b0:1d:a8:5c:68:dc:d0:88:1c:bf:0f:
86:c4:0a:c1:f6:e5:0f:69:2c:7e:b3:54:11:0d:4d:
67:1d:84:7e:c8:c7:e6:19:75:47:9a:73:9b:3d:74:
e6:b6:22:c0:63:8a:4c:9c:d7:28:6c:ea:82:5d:47:
47:10:a2:e8:7f:09:28:05:10:28:34:b1:35:27:8c:
f5:a0:e3:b0:cc:8f:63:0e:17:08:5b:bb:b2:c1:61:
fc:1d:16:4d:fc:78:f9:46:eb:8e:8b:a7:f0:f8:73:
b9:cf:e4:f7:35:87:f8:41:5f:c3:57:1c:28:c8:fe:
1f:cf:0f:da:88:5f:68:ad:dd:83:ad:99:15:e0:12:
ea:b3:8b:40:60:f7:19:8d:76:83:71:f9:3c:23:d1:
79:c7:3f:55:ad:4a:70:d3:82:32:79:d0:cd:e0:47:
ad:96:0d:4b:63:cb:e7:ec:4b:a2:dd:4f:8c:28:39:
dd:bd:45:71:69:fc:26:52:0f:c9:d3:34:8b:de:ff:
0c:b8:47:0b:56:ed:73:d5:7a:16:12:36:43:b9:e9:
3a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F4:F4:0B:47:40:55:BC:79:C6:7C:86:26:AB:92:3F:B4:13:36:02
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/LfT0C0dAVbx5xnyGJquSP7QTNgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.249.0/24
Signature Algorithm: sha256WithRSAEncryption
32:b5:86:b3:57:85:3e:12:21:05:d7:3c:50:f8:9e:f9:9a:a6:
bd:cd:25:0a:c1:1c:7b:da:18:c7:e2:6a:1f:f4:aa:6e:a1:25:
7b:14:83:f3:8e:df:20:28:f4:59:45:26:98:73:e9:6d:2d:d3:
78:6f:8a:34:80:0f:68:8e:e8:dd:f8:49:5b:3b:59:fe:08:81:
a5:d7:d7:1f:8f:cb:36:e5:74:e8:7e:6c:44:02:d3:49:eb:79:
37:7b:58:d3:48:a2:d8:18:ff:8b:9a:0c:04:ee:c3:bb:a2:4f:
42:ba:94:06:d9:34:a3:41:16:64:4a:e1:e0:e6:ff:72:3b:d4:
12:5b:91:fc:7e:ec:e3:4c:24:7d:c4:20:0e:d3:5b:22:db:56:
9c:42:65:97:fd:fb:9c:3b:0f:c7:cf:78:fa:be:a0:59:ac:99:
fc:c5:40:09:65:7c:9f:e1:24:86:dd:c8:23:20:3c:8d:40:8f:
ae:40:88:ea:b1:63:dc:2f:f9:38:14:9d:39:62:c3:38:7e:3d:
9b:6e:e0:e0:c7:ca:38:ff:83:06:18:eb:12:21:ab:7d:cc:1d:
e4:ae:5a:91:4a:12:94:73:95:ba:76:af:aa:86:22:ff:8d:93:
9e:cb:d1:a0:b6:02:e3:f9:d2:4c:cc:5e:b0:60:ff:66:1a:aa:
46:e0:30:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3qbLIYq9V6QXbvn3Hr0A1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMjI3MTE1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGY0ZjQwYjQ3NDA1NWJjNzljNjdjODYyNmFiOTIzZmI0MTMzNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD23MblNGHLqG6rrsYwGceQBlMPB
yvJqDaX5WnAftkYCmgzDA4sa9ictE6t7FfRDsB2oXGjc0Igcvw+GxArB9uUPaSx+
s1QRDU1nHYR+yMfmGXVHmnObPXTmtiLAY4pMnNcobOqCXUdHEKLofwkoBRAoNLE1
J4z1oOOwzI9jDhcIW7uywWH8HRZN/Hj5RuuOi6fw+HO5z+T3NYf4QV/DVxwoyP4f
zw/aiF9ord2DrZkV4BLqs4tAYPcZjXaDcfk8I9F5xz9VrUpw04IyedDN4Eetlg1L
Y8vn7Eui3U+MKDndvUVxafwmUg/J0zSL3v8MuEcLVu1z1XoWEjZDuek6TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC309AtHQFW8ecZ8hiarkj+0EzYCMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvTGZUMEMwZEFWYng1eG55R0pxdVNQN1FUTmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSb5MA0G
CSqGSIb3DQEBCwUAA4IBAQAytYazV4U+EiEF1zxQ+J75mqa9zSUKwRx72hjH4mof
9KpuoSV7FIPzjt8gKPRZRSaYc+ltLdN4b4o0gA9ojujd+ElbO1n+CIGl19cfj8s2
5XTofmxEAtNJ63k3e1jTSKLYGP+LmgwE7sO7ok9CupQG2TSjQRZkSuHg5v9yO9QS
W5H8fuzjTCR9xCAO01si21acQmWX/fucOw/Hz3j6vqBZrJn8xUAJZXyf4SSG3cgj
IDyNQI+uQIjqsWPcL/k4FJ05YsM4fj2bbuDgx8o4/4MGGOsSIat9zB3krlqRShKU
c5W6dq+qhiL/jZOey9GgtgLj+dJMzF6wYP9mGqpG4DCI
-----END CERTIFICATE-----
Generated at Sat Apr 13 18:03:16 2024 by rpki-client on console-ams.rpki-client.org