Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LvFUcpFWqaiK7-BWZm12je1tkUg.roa
File: LvFUcpFWqaiK7-BWZm12je1tkUg.roa (raw, json)
Hash identifier: A0o9qkRrw24eDOUTQGHsPDHCG9ZwvPtTGv2HPRDkzE8=
Subject key identifier: 2E:F1:54:72:91:56:A9:A8:8A:EF:E0:56:66:6D:76:8D:ED:6D:91:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ABC3CD35D736EA2B963FA464CB87F1BFD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LvFUcpFWqaiK7-BWZm12je1tkUg.roa
Signing time: Fri 22 Sep 2023 09:33:37 +0000
ROA not before: Fri 22 Sep 2023 09:33:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 193.124.5.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.252.0/24 maxlen: 24
212.192.253.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:3c:d3:5d:73:6e:a2:b9:63:fa:46:4c:b8:7f:1b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 22 09:33:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ef154729156a9a88aefe056666d768ded6d9148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c5:93:5a:14:00:2b:4d:3d:10:2f:4a:bc:60:
c9:d5:22:e9:89:4d:98:1c:dc:ef:5c:9a:d2:3c:16:
6a:44:4b:f9:c3:18:ce:b6:5b:cf:01:0f:87:d4:e0:
5c:ec:cb:f7:0f:f2:aa:db:2a:63:c7:de:42:6c:66:
fb:d0:e4:a5:7d:57:99:c2:af:0a:2b:d2:80:5b:9a:
31:1c:76:28:d2:79:fc:cb:e9:75:e7:d6:7f:ca:06:
58:c9:eb:7d:7a:ee:2f:df:55:7b:e2:58:f0:95:ca:
7c:b5:65:96:95:08:a0:9a:52:52:30:d7:11:ac:5d:
91:7d:ba:ee:17:4d:18:d0:80:87:38:69:da:21:5c:
f2:65:fd:55:44:9b:f4:a5:89:90:d9:e9:e3:e0:d2:
0d:06:b6:2b:4b:34:70:b7:d5:fb:26:0f:9e:59:22:
d3:0b:b7:f4:30:5b:71:5a:f9:85:3f:b5:f1:69:c7:
ab:b7:be:db:c0:e7:b9:e9:ea:b5:2c:a0:16:bc:7f:
3e:5c:dc:ec:3f:bb:49:2a:dd:01:10:72:b1:7f:0a:
6a:36:d4:9a:c4:ee:de:2f:d7:31:3a:87:c8:c8:49:
a4:77:f2:8d:81:9a:59:56:dd:1c:1a:ce:e7:a0:d4:
24:80:33:5f:ef:8e:b2:a3:1c:2e:6f:bc:00:83:b2:
cf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F1:54:72:91:56:A9:A8:8A:EF:E0:56:66:6D:76:8D:ED:6D:91:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LvFUcpFWqaiK7-BWZm12je1tkUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
194.87.30.0/24
194.87.142.0/23
194.87.221.0/24
195.133.94.0/24
212.192.212.0/24
212.192.215.0/24
212.192.252.0-212.192.254.255
Signature Algorithm: sha256WithRSAEncryption
5f:67:7b:5b:e0:0a:20:fe:8d:19:88:7b:8a:e4:b9:05:49:90:
e3:ce:a2:32:1c:4b:63:12:0d:10:e3:7d:08:16:db:54:61:d5:
03:83:3d:1e:bf:c9:25:d4:0c:45:78:6c:f3:f1:23:4d:6b:a0:
01:eb:b0:ef:c5:15:7a:f4:45:bd:90:4a:e2:55:8b:7c:17:cc:
1f:51:9c:a0:52:d7:5f:58:5b:77:b0:23:7f:95:35:2d:ab:f7:
24:98:64:0a:33:c8:38:3f:7f:73:7f:28:33:db:f9:a5:82:6d:
29:be:db:91:b2:b9:57:32:b8:5b:40:e2:ba:7a:b2:37:31:fe:
0b:cd:51:9e:6a:b8:1d:f4:75:74:e0:38:2d:d4:4d:de:3a:51:
d6:c2:a6:10:0b:d6:96:b7:0f:cd:fa:c9:e8:e6:ae:14:d7:b1:
02:06:dc:5c:34:cb:ec:69:aa:df:dd:23:f0:b6:a1:96:f2:30:
38:00:de:3c:59:59:fd:70:66:41:f8:fc:6d:1e:be:e3:22:e0:
9e:06:f0:95:cb:e9:b5:3d:18:cd:a3:a5:84:c5:7e:3f:b0:4c:
6c:85:5f:28:cd:fc:62:4f:85:73:f8:01:16:a0:28:00:91:3f:
82:78:28:57:30:c9:0d:cd:2a:f9:88:20:0a:e0:93:59:8d:f1:
fe:4a:59:d9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYq8PNNdc26iuWP6Rky4fxv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTIyMDkzMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWYxNTQ3MjkxNTZhOWE4OGFlZmUwNTY2NjZkNzY4ZGVkNmQ5MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMWTWhQAK009EC9KvGDJ1SLpiU2Y
HNzvXJrSPBZqREv5wxjOtlvPAQ+H1OBc7Mv3D/Kq2ypjx95CbGb70OSlfVeZwq8K
K9KAW5oxHHYo0nn8y+l159Z/ygZYyet9eu4v31V74ljwlcp8tWWWlQigmlJSMNcR
rF2RfbruF00Y0ICHOGnaIVzyZf1VRJv0pYmQ2enj4NINBrYrSzRwt9X7Jg+eWSLT
C7f0MFtxWvmFP7Xxacert77bwOe56eq1LKAWvH8+XNzsP7tJKt0BEHKxfwpqNtSa
xO7eL9cxOofIyEmkd/KNgZpZVt0cGs7noNQkgDNf746yoxwub7wAg7LPoQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFC7xVHKRVqmoiu/gVmZtdo3tbZFIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTHZGVWNwRldxYWlLNy1CV1ptMTJqZTF0a1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAwXwFAwQA
wlceAwQBwleOAwQAwlfdAwQAw4VeAwQA1MDUAwQA1MDXMAwDBALUwPwDBADUwP4w
DQYJKoZIhvcNAQELBQADggEBAF9ne1vgCiD+jRmIe4rkuQVJkOPOojIcS2MSDRDj
fQgW21Rh1QODPR6/ySXUDEV4bPPxI01roAHrsO/FFXr0Rb2QSuJVi3wXzB9RnKBS
119YW3ewI3+VNS2r9ySYZAozyDg/f3N/KDPb+aWCbSm+25GyuVcyuFtA4rp6sjcx
/gvNUZ5quB30dXTgOC3UTd46UdbCphAL1pa3D836yejmrhTXsQIG3Fw0y+xpqt/d
I/C2oZbyMDgA3jxZWf1wZkH4/G0evuMi4J4G8JXL6bU9GM2jpYTFfj+wTGyFXyjN
/GJPhXP4ARagKACRP4J4KFcwyQ3NKvmIIArgk1mN8f5KWdk=
-----END CERTIFICATE-----
Generated at Thu Sep 28 15:16:01 2023 by rpki-client on console-ams.rpki-client.org