Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/lvPp7_ZwkCz31yN4QcElFGac42w.roa
File: lvPp7_ZwkCz31yN4QcElFGac42w.roa (raw, json)
Hash identifier: NnvIwElRJz1DckADm6Bsz0qlIFoYyAx6qUIZzhAf6Xw=
Subject key identifier: 96:F3:E9:EF:F6:70:90:2C:F7:D7:23:78:41:C1:25:14:66:9C:E3:6C
Certificate issuer: /CN=0dd441c3ffae829842249e944b03851081f4d9e0
Certificate serial: 019172B5CD745CBD8B1C28C5BFF6FC5239B8
Authority key identifier: 0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/lvPp7_ZwkCz31yN4QcElFGac42w.roa
Signing time: Wed 21 Aug 2024 02:13:22 +0000
ROA not before: Wed 21 Aug 2024 02:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15020
IP address blocks: 91.235.168.0/24 maxlen: 24
185.82.73.0/24 maxlen: 24
193.23.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 19:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:72:b5:cd:74:5c:bd:8b:1c:28:c5:bf:f6:fc:52:39:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd441c3ffae829842249e944b03851081f4d9e0
Validity
Not Before: Aug 21 02:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96f3e9eff670902cf7d7237841c12514669ce36c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:ef:de:86:84:0f:37:ce:25:44:d7:25:75:
a6:53:26:6d:49:34:e3:2e:83:87:ac:46:82:32:87:
c5:7b:9d:c5:2b:f8:9e:9f:7c:d3:53:97:40:7a:cc:
33:ee:b1:63:8e:fa:17:40:3a:bb:96:15:a2:ab:f6:
c5:0a:94:eb:2a:c3:9b:e4:e9:62:a2:3d:99:41:c5:
f2:f5:25:e8:a4:30:79:8c:8f:d1:38:d2:2b:c5:59:
be:6f:73:f0:a4:05:68:42:fa:99:bb:c0:63:7c:1b:
21:47:ec:63:7c:c2:96:01:e8:3c:de:34:32:c0:b8:
d4:06:ce:17:aa:a1:76:c2:70:5b:93:50:f6:5e:a7:
0e:d4:bf:c1:cb:12:ee:68:41:94:ab:9d:7a:3a:cb:
a5:cd:0a:2d:f4:a6:3f:64:d6:5b:99:64:11:bc:ff:
4b:19:3c:80:f5:d9:88:9c:27:b4:5d:50:ba:91:c9:
4d:9c:1e:35:9a:90:a8:85:fc:1e:8c:c2:3e:44:d9:
14:4d:49:09:47:36:8b:b5:73:d3:93:4d:3f:f0:0d:
67:cc:a5:33:4d:9a:6c:d4:23:21:b9:b1:c8:2d:57:
c7:1d:e9:62:e7:10:83:5a:49:93:92:2c:c6:61:c5:
87:49:8a:0b:cd:3e:61:b6:0a:82:b8:68:e2:ef:18:
28:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F3:E9:EF:F6:70:90:2C:F7:D7:23:78:41:C1:25:14:66:9C:E3:6C
X509v3 Authority Key Identifier:
keyid:0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/lvPp7_ZwkCz31yN4QcElFGac42w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.168.0/24
185.82.73.0/24
193.23.60.0/24
Signature Algorithm: sha256WithRSAEncryption
08:00:c1:e6:b3:0f:06:f7:9b:79:00:36:d0:42:91:9c:3d:10:
f6:a8:58:3f:04:fe:db:6b:3f:6c:c2:01:67:62:69:ec:0a:a4:
8b:af:e7:4f:3b:76:fe:22:f0:95:a7:bf:85:79:2a:71:a1:55:
f4:19:9b:a7:fc:a4:4d:5c:42:4d:7d:28:d8:76:04:0a:06:fa:
b8:a3:b4:54:ee:df:55:34:ba:f1:a6:cf:1c:0e:66:b6:c6:1a:
dd:af:81:34:4e:23:e6:61:50:d3:6e:f8:df:b4:29:9f:ad:7e:
f7:25:96:1d:7d:1c:38:c0:eb:de:92:e0:b0:a4:ae:f2:4d:5f:
ac:fc:bd:9f:1d:57:16:a0:4e:0b:5c:7f:94:21:b4:79:16:ca:
c3:9d:a2:86:43:36:e5:61:38:65:4d:1d:45:70:ce:1d:9a:cb:
3a:ab:29:66:73:2b:80:1f:1f:f6:d1:c1:01:96:29:95:e1:e0:
15:06:bc:da:9b:be:00:f5:10:f7:36:6c:0b:b9:bf:c0:06:18:
b6:1e:93:a6:ee:0c:c5:3c:76:7a:75:11:0d:49:c2:2a:af:7f:
1e:6d:9e:67:2b:cf:da:5e:3b:6f:44:3f:64:2c:67:79:03:a3:
75:e1:88:0c:65:cf:08:98:61:9c:87:f3:f7:fa:70:81:01:40:
50:29:bb:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFytc10XL2LHCjFv/b8Ujm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDQ0MWMzZmZhZTgyOTg0MjI0OWU5NDRiMDM4NTEwODFm
NGQ5ZTAwHhcNMjQwODIxMDIxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmYzZTllZmY2NzA5MDJjZjdkNzIzNzg0MWMxMjUxNDY2OWNlMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+vv3oaEDzfOJUTXJXWmUyZtSTTj
LoOHrEaCMofFe53FK/ien3zTU5dAeswz7rFjjvoXQDq7lhWiq/bFCpTrKsOb5Oli
oj2ZQcXy9SXopDB5jI/RONIrxVm+b3PwpAVoQvqZu8BjfBshR+xjfMKWAeg83jQy
wLjUBs4XqqF2wnBbk1D2XqcO1L/ByxLuaEGUq516OsulzQot9KY/ZNZbmWQRvP9L
GTyA9dmInCe0XVC6kclNnB41mpCohfwejMI+RNkUTUkJRzaLtXPTk00/8A1nzKUz
TZps1CMhubHILVfHHeli5xCDWkmTkizGYcWHSYoLzT5htgqCuGji7xgoOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJbz6e/2cJAs99cjeEHBJRRmnONsMB8GA1UdIwQY
MBaAFA3UQcP/roKYQiSelEsDhRCB9NngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMt
ZTljOTEzMjgzNmZmLzEvbHZQcDdfWndrQ3ozMXlONFFjRWxGR2FjNDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMtZTljOTEzMjgzNmZm
LzEvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+uoAwQA
uVJJAwQAwRc8MA0GCSqGSIb3DQEBCwUAA4IBAQAIAMHmsw8G95t5ADbQQpGcPRD2
qFg/BP7baz9swgFnYmnsCqSLr+dPO3b+IvCVp7+FeSpxoVX0GZun/KRNXEJNfSjY
dgQKBvq4o7RU7t9VNLrxps8cDma2xhrdr4E0TiPmYVDTbvjftCmfrX73JZYdfRw4
wOvekuCwpK7yTV+s/L2fHVcWoE4LXH+UIbR5FsrDnaKGQzblYThlTR1FcM4dmss6
qylmcyuAHx/20cEBlimV4eAVBrzam74A9RD3NmwLub/ABhi2HpOm7gzFPHZ6dREN
ScIqr38ebZ5nK8/aXjtvRD9kLGd5A6N14YgMZc8ImGGch/P3+nCBAUBQKbuv
-----END CERTIFICATE-----
Generated at Tue Sep 17 20:45:53 2024 by rpki-client on console-fra.rpki-client.org