Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LFiRN3rOHxZI-SxNDCg3F4TWNJ0.roa
File: LFiRN3rOHxZI-SxNDCg3F4TWNJ0.roa (raw, json)
Hash identifier: Zv/snv1aEZtwW18Wqc6me9ptP00ZcgxdGHCsrADmwjQ=
Subject key identifier: 2C:58:91:37:7A:CE:1F:16:48:F9:2C:4D:0C:28:37:17:84:D6:34:9D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AFE1893BCC526F4D5677D8FA7366DD7DC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LFiRN3rOHxZI-SxNDCg3F4TWNJ0.roa
Signing time: Thu 05 Oct 2023 04:28:58 +0000
ROA not before: Thu 05 Oct 2023 04:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 194.135.105.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
195.133.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:18:93:bc:c5:26:f4:d5:67:7d:8f:a7:36:6d:d7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 5 04:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c5891377ace1f1648f92c4d0c28371784d6349d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:24:f8:66:37:a9:17:16:b1:df:42:47:c5:b8:
3f:cb:c7:ea:e5:19:7d:67:b4:1d:59:12:f0:0d:0e:
1a:4f:42:c7:9b:e5:54:08:8f:d7:ad:ce:ee:6d:59:
d6:83:bd:65:e7:2c:9e:5f:60:c0:f2:5c:81:52:55:
67:26:96:21:32:17:4b:ac:62:25:b5:fb:86:f1:bf:
d6:61:b7:ec:59:ee:98:85:56:0d:ba:99:5a:c3:51:
fb:62:66:b6:09:2f:b4:8a:21:80:ac:72:6e:80:c3:
9d:14:89:9d:c3:32:c2:52:65:1e:d3:51:93:9a:ec:
23:45:06:5d:5c:53:d7:2c:8a:45:3b:04:46:6c:b8:
02:01:bd:fa:f8:ab:9f:f9:2f:da:e6:8a:ec:5a:2f:
04:0d:26:59:41:12:95:19:61:9f:7a:24:2b:98:a3:
0c:06:65:b3:10:1c:bf:b8:c4:76:34:15:5e:cb:1a:
e0:f0:0e:6a:c4:4e:bf:d6:84:38:6b:b4:30:41:05:
1c:14:c8:a3:c3:8c:36:55:e7:b8:7d:fe:82:85:7e:
9b:4b:c7:19:3e:02:46:ab:58:10:ea:50:25:dd:b9:
d5:37:a9:40:83:45:e2:9a:20:9b:7b:da:03:13:b9:
00:4a:e8:99:6d:22:0f:7c:44:99:31:b9:e3:e1:a4:
16:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:58:91:37:7A:CE:1F:16:48:F9:2C:4D:0C:28:37:17:84:D6:34:9D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LFiRN3rOHxZI-SxNDCg3F4TWNJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.52.0/24
194.135.105.0/24
195.133.41.0/24
Signature Algorithm: sha256WithRSAEncryption
38:17:7f:ba:f8:59:07:52:9b:9c:6b:96:a4:01:b0:f7:6b:ba:
53:f0:c7:dc:e1:00:a9:0f:23:cc:76:05:1d:cf:d5:34:b3:67:
03:b1:a6:dc:21:8d:c6:47:5e:f9:62:8f:2b:10:1b:13:1a:e9:
6a:ff:d4:10:ef:22:de:b6:6a:d2:40:82:c1:cb:b6:10:59:7a:
9a:ec:c8:b0:17:30:2f:72:f3:1e:04:e5:28:b5:38:72:28:3e:
61:71:d2:c6:4c:32:26:8b:c3:a5:36:62:3e:f7:44:1a:34:b4:
b2:61:3b:2f:33:1f:7a:e5:62:8a:ab:ea:ed:0d:f7:c6:4d:79:
26:e6:4d:4c:0b:24:ae:70:b3:8f:08:f4:bd:46:f8:14:c8:9a:
91:fb:62:e3:68:eb:44:80:06:a7:df:4c:c0:bc:c2:13:10:36:
ef:96:86:47:ca:52:a9:eb:37:07:e4:7d:ed:38:50:9b:03:87:
b8:f3:96:74:ab:3c:44:01:ee:27:8b:0b:0d:a6:5e:cf:e9:05:
df:dc:b3:1b:00:99:c6:32:1c:07:80:44:da:15:d1:0e:f7:65:
12:ea:d6:68:95:c6:f9:58:e8:1e:18:85:df:52:92:c6:ce:37:
ba:d9:31:fe:f5:3f:90:46:e3:12:fc:37:17:e2:c2:48:3d:48:
d0:a6:2a:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr+GJO8xSb01Wd9j6c2bdfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA1MDQyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzU4OTEzNzdhY2UxZjE2NDhmOTJjNGQwYzI4MzcxNzg0ZDYzNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziT4ZjepFxax30JHxbg/y8fq5Rl9
Z7QdWRLwDQ4aT0LHm+VUCI/Xrc7ubVnWg71l5yyeX2DA8lyBUlVnJpYhMhdLrGIl
tfuG8b/WYbfsWe6YhVYNuplaw1H7Yma2CS+0iiGArHJugMOdFImdwzLCUmUe01GT
muwjRQZdXFPXLIpFOwRGbLgCAb36+Kuf+S/a5orsWi8EDSZZQRKVGWGfeiQrmKMM
BmWzEBy/uMR2NBVeyxrg8A5qxE6/1oQ4a7QwQQUcFMijw4w2Vee4ff6ChX6bS8cZ
PgJGq1gQ6lAl3bnVN6lAg0XimiCbe9oDE7kASuiZbSIPfESZMbnj4aQWFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCxYkTd6zh8WSPksTQwoNxeE1jSdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTEZpUk4zck9IeFpJLVN4TkRDZzNGNFRXTkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlc0AwQA
wodpAwQAw4UpMA0GCSqGSIb3DQEBCwUAA4IBAQA4F3+6+FkHUpuca5akAbD3a7pT
8Mfc4QCpDyPMdgUdz9U0s2cDsabcIY3GR175Yo8rEBsTGulq/9QQ7yLetmrSQILB
y7YQWXqa7MiwFzAvcvMeBOUotThyKD5hcdLGTDImi8OlNmI+90QaNLSyYTsvMx96
5WKKq+rtDffGTXkm5k1MCySucLOPCPS9RvgUyJqR+2LjaOtEgAan30zAvMITEDbv
loZHylKp6zcH5H3tOFCbA4e485Z0qzxEAe4niwsNpl7P6QXf3LMbAJnGMhwHgETa
FdEO92US6tZolcb5WOgeGIXfUpLGzje62TH+9T+QRuMS/DcX4sJIPUjQpip4
-----END CERTIFICATE-----
Generated at Mon Oct 9 06:14:26 2023 by rpki-client on console-ams.rpki-client.org