Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LGczVhEtXZLqUL5fNjJcGEcTK7M.roa
File: LGczVhEtXZLqUL5fNjJcGEcTK7M.roa (raw, json)
Hash identifier: /bZSz2jXqWBOLfXjUtJ3oGjhvggR7AmSCIxLZVJdXOE=
Subject key identifier: 2C:67:33:56:11:2D:5D:92:EA:50:BE:5F:36:32:5C:18:47:13:2B:B3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E51B33E8DFB8BD6B8C5C2FAFE8AB82920
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LGczVhEtXZLqUL5fNjJcGEcTK7M.roa
Signing time: Mon 18 Mar 2024 13:14:45 +0000
ROA not before: Mon 18 Mar 2024 13:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.172.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 25 Mar 2024 17:58:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:b3:3e:8d:fb:8b:d6:b8:c5:c2:fa:fe:8a:b8:29:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 18 13:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c673356112d5d92ea50be5f36325c1847132bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:51:d9:71:1e:49:b9:0b:05:a9:44:f5:75:54:
44:ff:a3:ca:ab:3e:88:18:8e:b6:de:c9:2f:c5:fc:
a6:98:9e:e6:9b:06:ae:1f:50:d7:bf:a0:84:46:6a:
e9:49:c0:70:d4:ba:f9:7b:1f:53:e2:30:7f:90:6e:
87:e2:84:48:38:d5:de:2f:e8:b1:ed:64:a5:a4:a9:
e5:0b:94:d9:60:05:55:8c:44:02:df:b0:e0:bd:d6:
69:73:d8:21:6f:fa:0c:76:dd:86:b1:9c:89:93:a3:
5e:ef:95:04:2a:fa:63:01:87:57:b2:0d:b4:ec:86:
69:cd:d0:5a:93:2c:d2:90:2b:b2:1f:ab:f1:18:d6:
80:2c:95:8d:53:91:3e:12:09:8a:a1:ed:dd:85:68:
ed:8e:db:28:69:48:47:de:f3:eb:5c:d2:05:90:64:
2f:d9:e8:6c:a2:d7:78:51:7e:24:55:b7:03:0c:95:
34:2f:32:6d:b2:21:25:9a:49:77:4a:6e:2f:18:e1:
ad:a4:18:10:eb:5a:1b:59:00:4a:08:6f:60:6f:06:
26:a8:78:22:ab:68:21:26:28:01:c5:87:88:77:51:
2c:32:ea:f9:c1:10:c1:21:28:fb:2f:91:0c:28:6f:
3a:df:5b:07:c4:8c:41:d5:dc:f5:41:b4:b5:ee:34:
f6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:67:33:56:11:2D:5D:92:EA:50:BE:5F:36:32:5C:18:47:13:2B:B3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LGczVhEtXZLqUL5fNjJcGEcTK7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
193.124.7.0/24
194.87.168.0/23
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
212.192.208.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
12:dc:12:40:b4:9b:6c:22:97:c3:91:81:3b:7f:59:51:db:3d:
b3:ea:bb:48:96:be:17:45:13:df:e3:84:4a:96:98:35:2d:0b:
36:f8:e6:b9:03:75:86:5c:a0:01:b2:76:0b:16:01:cd:b8:4d:
18:b4:f4:3e:01:23:17:38:7c:41:73:21:45:c9:70:34:03:1f:
2b:67:bf:d7:4d:ec:8f:ed:d3:e0:74:31:f6:b4:13:71:14:55:
82:ec:b9:79:95:93:4f:29:19:0b:eb:36:be:1e:80:2c:93:28:
fa:3a:fc:07:01:43:04:f3:ea:b1:62:05:8b:2c:71:a3:e8:28:
65:0a:35:a7:f1:3d:16:57:9b:23:71:e9:b0:6b:ca:d5:d1:4e:
fe:93:9e:46:a6:54:c6:f9:7f:c0:9b:ec:44:a0:ec:99:ba:80:
7a:59:ee:11:ad:cb:2e:5e:65:d8:cb:ca:ec:61:61:5e:6a:83:
0d:ec:03:62:0b:2c:9a:de:a6:34:43:80:6a:16:4d:33:2a:74:
bb:74:ed:52:21:46:40:34:c2:51:09:ed:fb:bd:df:eb:e5:19:
a2:d8:f5:7c:e5:94:94:9c:d7:f9:24:ff:51:35:e0:88:62:04:
04:f9:7f:13:0d:0a:e3:c6:76:00:4b:bf:90:7a:f5:21:20:aa:
2e:84:ed:c0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY5Rsz6N+4vWuMXC+v6KuCkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzE4MTMxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzY3MzM1NjExMmQ1ZDkyZWE1MGJlNWYzNjMyNWMxODQ3MTMyYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1HZcR5JuQsFqUT1dVRE/6PKqz6I
GI623skvxfymmJ7mmwauH1DXv6CERmrpScBw1Lr5ex9T4jB/kG6H4oRIONXeL+ix
7WSlpKnlC5TZYAVVjEQC37DgvdZpc9ghb/oMdt2GsZyJk6Ne75UEKvpjAYdXsg20
7IZpzdBakyzSkCuyH6vxGNaALJWNU5E+EgmKoe3dhWjtjtsoaUhH3vPrXNIFkGQv
2ehsotd4UX4kVbcDDJU0LzJtsiElmkl3Sm4vGOGtpBgQ61obWQBKCG9gbwYmqHgi
q2ghJigBxYeId1EsMur5wRDBISj7L5EMKG8631sHxIxB1dz1QbS17jT2dwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCxnM1YRLV2S6lC+XzYyXBhHEyuzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTEdjelZoRXRYWkxxVUw1Zk5qSmNHRWNUSzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQAwHysAwQA
wXwHAwQBwleoAwQAwlf1AwQAw4UZAwQA1MABAwQA1MDQMBQEAgACMA4DBQMqAVfA
AwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAEtwSQLSbbCKXw5GBO39ZUds9s+q7
SJa+F0UT3+OESpaYNS0LNvjmuQN1hlygAbJ2CxYBzbhNGLT0PgEjFzh8QXMhRclw
NAMfK2e/103sj+3T4HQx9rQTcRRVguy5eZWTTykZC+s2vh6ALJMo+jr8BwFDBPPq
sWIFiyxxo+goZQo1p/E9FlebI3HpsGvK1dFO/pOeRqZUxvl/wJvsRKDsmbqAelnu
Ea3LLl5l2MvK7GFhXmqDDewDYgssmt6mNEOAahZNMyp0u3TtUiFGQDTCUQnt+73f
6+UZotj1fOWUlJzX+ST/UTXgiGIEBPl/Ew0K48Z2AEu/kHr1ISCqLoTtwA==
-----END CERTIFICATE-----
Generated at Mon Mar 25 21:05:25 2024 by rpki-client on console-fra.rpki-client.org