Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LYQljYr7As6HqXgH3qHEtuyvkpk.roa
File: LYQljYr7As6HqXgH3qHEtuyvkpk.roa (raw, json)
Hash identifier: 6rvSFKXM4xTPqK4MzORJtSMR3wuLl86UayTTExSSiBA=
Subject key identifier: 2D:84:25:8D:8A:FB:02:CE:87:A9:78:07:DE:A1:C4:B6:EC:AF:92:99
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D9D9BAD627C937A8DF9403866DC2524B2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LYQljYr7As6HqXgH3qHEtuyvkpk.roa
Signing time: Mon 12 Feb 2024 13:57:21 +0000
ROA not before: Mon 12 Feb 2024 13:57:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.90.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 10:21:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:9b:ad:62:7c:93:7a:8d:f9:40:38:66:dc:25:24:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 12 13:57:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d84258d8afb02ce87a97807dea1c4b6ecaf9299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a4:f9:88:0a:7b:f3:da:e7:6f:59:50:0c:12:
91:b6:14:4e:d7:f4:b2:08:ed:0a:36:1a:af:b4:e7:
72:55:30:34:fc:f5:cc:8b:54:c1:92:f2:63:58:2d:
5f:a5:e8:39:0d:f6:b8:66:cd:23:05:e2:1d:87:94:
46:ec:81:aa:b8:8a:b8:d8:24:57:eb:0f:ae:8d:fb:
c4:8e:f2:22:70:48:46:69:88:e6:3f:42:2d:25:e7:
09:24:dd:c5:e4:75:cc:70:b8:9b:32:13:15:d5:46:
44:f3:d6:e9:28:a6:b5:0b:64:a8:c5:cf:57:a1:8a:
58:23:e5:cf:07:c7:74:98:a9:75:8b:97:16:4f:44:
91:af:32:22:e7:60:5a:d6:e4:23:61:6b:13:12:fe:
aa:56:e7:b1:c7:24:de:da:ad:58:0a:94:5e:10:25:
f9:9f:b0:94:05:91:98:d2:cd:b9:82:06:b0:17:65:
9a:bf:0a:bc:83:bb:fd:6c:2b:b4:e3:12:52:6f:ec:
b9:d1:6e:72:a8:c0:0e:9a:2e:84:35:73:90:f5:ea:
ae:c7:23:52:26:f0:8c:91:ff:b9:20:20:21:42:87:
64:89:dd:0b:25:6a:c9:5d:f3:22:a2:30:f0:d0:23:
03:34:c8:b0:0a:ed:2e:99:ab:a5:b7:ff:00:c6:4b:
85:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:84:25:8D:8A:FB:02:CE:87:A9:78:07:DE:A1:C4:B6:EC:AF:92:99
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LYQljYr7As6HqXgH3qHEtuyvkpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.90.0/24
195.133.2.0/24
195.133.6.0/24
Signature Algorithm: sha256WithRSAEncryption
66:bb:cf:55:19:a6:cf:45:59:59:0f:f2:f5:52:88:2e:73:08:
d2:d3:4c:e4:a8:67:64:9e:c3:6c:89:61:ea:df:f0:79:85:d8:
df:c0:b4:3c:99:72:18:a1:41:b0:6a:23:8f:61:5b:3a:89:18:
30:0f:a6:1e:64:25:88:e5:07:53:9d:24:08:3c:9c:95:77:b9:
40:1e:3e:8c:f3:ba:e7:be:92:27:03:0b:9f:10:d0:46:1e:f7:
65:21:d8:ea:ee:5a:90:dd:1b:cf:0f:06:a8:25:b4:22:31:44:
76:41:89:35:03:b5:ee:30:ae:87:a3:6d:54:7a:3c:bc:2b:fa:
fb:19:96:47:21:63:a2:bc:2a:bb:c4:55:17:c2:c9:62:d2:94:
a1:c7:e8:72:24:c5:bc:72:a1:4a:e6:2d:13:e3:27:a2:e3:c0:
2e:3b:70:c4:cd:9e:69:76:4c:ae:bb:ae:7e:e5:f1:cd:7b:c9:
7b:7c:8b:55:60:6f:c9:be:7b:64:f9:53:f4:4f:f5:7d:8c:c7:
6c:99:c6:70:be:09:3e:ab:84:46:51:cd:3c:81:2a:fb:7f:0d:
e0:2d:1e:98:1a:86:d5:f2:4a:01:1d:cd:a5:de:37:c5:89:31:
8a:e9:3a:ba:18:96:7c:79:af:22:02:4c:ee:3b:79:39:dd:4c:
97:4c:aa:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2dm61ifJN6jflAOGbcJSSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjEyMTM1NzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDg0MjU4ZDhhZmIwMmNlODdhOTc4MDdkZWExYzRiNmVjYWY5Mjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6T5iAp789rnb1lQDBKRthRO1/Sy
CO0KNhqvtOdyVTA0/PXMi1TBkvJjWC1fpeg5Dfa4Zs0jBeIdh5RG7IGquIq42CRX
6w+ujfvEjvIicEhGaYjmP0ItJecJJN3F5HXMcLibMhMV1UZE89bpKKa1C2Soxc9X
oYpYI+XPB8d0mKl1i5cWT0SRrzIi52Ba1uQjYWsTEv6qVuexxyTe2q1YCpReECX5
n7CUBZGY0s25ggawF2Wavwq8g7v9bCu04xJSb+y50W5yqMAOmi6ENXOQ9equxyNS
JvCMkf+5ICAhQodkid0LJWrJXfMiojDw0CMDNMiwCu0umault/8AxkuFlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC2EJY2K+wLOh6l4B96hxLbsr5KZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTFlRbGpZcjdBczZIcVhnSDNxSEV0dXl2a3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXxaAwQA
w4UCAwQAw4UGMA0GCSqGSIb3DQEBCwUAA4IBAQBmu89VGabPRVlZD/L1UogucwjS
00zkqGdknsNsiWHq3/B5hdjfwLQ8mXIYoUGwaiOPYVs6iRgwD6YeZCWI5QdTnSQI
PJyVd7lAHj6M87rnvpInAwufENBGHvdlIdjq7lqQ3RvPDwaoJbQiMUR2QYk1A7Xu
MK6Ho21Uejy8K/r7GZZHIWOivCq7xFUXwsli0pShx+hyJMW8cqFK5i0T4yei48Au
O3DEzZ5pdkyuu65+5fHNe8l7fItVYG/Jvntk+VP0T/V9jMdsmcZwvgk+q4RGUc08
gSr7fw3gLR6YGobV8koBHc2l3jfFiTGK6Tq6GJZ8ea8iAkzuO3k53UyXTKp+
-----END CERTIFICATE-----
Generated at Thu Feb 15 13:09:21 2024 by rpki-client on console-fra.rpki-client.org