Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/Lak6kRN7M1sJnQsfQUmy3iugpDE.roa
File: Lak6kRN7M1sJnQsfQUmy3iugpDE.roa (raw, json)
Hash identifier: GuhopeN2i8EqHbiK42lmZBUOY+NiFjRCVKn6K0QNVNE=
Subject key identifier: 2D:A9:3A:91:13:7B:33:5B:09:9D:0B:1F:41:49:B2:DE:2B:A0:A4:31
Certificate issuer: /CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Certificate serial: 01856D81B46707E3E95FA863C0A1E5785E8A
Authority key identifier: E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/Lak6kRN7M1sJnQsfQUmy3iugpDE.roa
Signing time: Sun 01 Jan 2023 13:24:54 +0000
ROA not before: Sun 01 Jan 2023 13:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 193.30.161.0/24 maxlen: 24
193.17.68.0/24 maxlen: 24
193.200.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:b4:67:07:e3:e9:5f:a8:63:c0:a1:e5:78:5e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Validity
Not Before: Jan 1 13:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2da93a91137b335b099d0b1f4149b2de2ba0a431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:35:84:80:c5:9c:e2:d0:c3:70:71:e9:d5:f7:
75:49:66:e4:2e:77:43:73:78:81:ee:6f:1d:dc:58:
4a:1b:2e:ae:9a:7e:ea:dc:30:e7:98:c9:f7:b3:4e:
b6:3e:d0:a5:9c:ae:f8:b8:30:83:f4:3e:81:db:e2:
bd:5a:8b:c5:14:a0:84:97:9c:15:be:1c:1b:6b:d4:
33:3e:7d:30:a4:20:9e:e6:56:fd:a8:ae:52:3b:95:
1f:57:e9:7e:72:9a:e6:b5:f4:21:b3:c8:82:94:b4:
15:2f:1c:86:87:81:a0:c0:3a:5d:b5:81:06:75:08:
4a:8d:01:d9:cc:fa:9f:4d:57:d2:a1:73:a0:7f:fb:
99:ba:61:64:f8:e6:e9:62:9d:b6:39:96:4e:89:39:
d2:36:fb:17:62:06:41:9a:da:00:27:0e:0f:d3:83:
9e:19:a5:5b:f3:4e:98:8d:5b:f6:13:86:36:3a:f0:
5d:57:65:03:ba:29:79:d7:ba:d8:58:9a:05:9b:fe:
10:27:d2:fc:38:fa:57:c1:44:7f:a4:24:94:1c:29:
19:c7:d2:46:12:aa:29:4f:b1:2e:8c:a4:38:51:3e:
cd:e1:a6:19:a5:1b:13:56:41:dc:d3:96:b9:c5:bf:
15:48:75:85:c9:7a:2c:5f:f7:cd:a1:25:ab:33:7f:
c7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A9:3A:91:13:7B:33:5B:09:9D:0B:1F:41:49:B2:DE:2B:A0:A4:31
X509v3 Authority Key Identifier:
keyid:E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/Lak6kRN7M1sJnQsfQUmy3iugpDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/5KcU_8WYsVZHu6_ixkYKh-r7z5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.68.0/24
193.30.161.0/24
193.200.30.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:35:00:f1:41:38:a6:18:40:fc:df:fb:82:c7:fc:bd:00:b4:
46:e4:eb:c7:40:4a:9f:04:fb:b1:d5:45:fd:c6:bb:1e:15:03:
40:a0:52:f4:e5:a2:85:13:5b:02:8a:63:94:7b:ed:91:44:b0:
f2:b2:f2:64:da:95:05:37:4e:75:a9:7a:3a:b1:ff:70:4e:5e:
a8:7f:ec:6e:75:87:2c:c3:60:4e:d0:ff:dc:7f:71:5c:bc:b7:
cc:20:03:f4:03:16:67:fd:90:67:1d:e8:07:96:7e:3e:b0:c9:
74:bf:4e:90:ff:60:35:c1:a8:0e:d7:07:9b:ed:f9:09:89:36:
e5:cb:29:fc:8d:a2:68:93:0f:bd:c8:4a:74:b8:ee:10:0a:be:
a7:87:0c:86:0d:16:ff:0f:d5:ad:67:1c:51:be:50:14:50:ec:
11:ae:c7:3c:10:95:26:fa:0e:18:6b:5c:5b:e7:3f:2e:fb:6f:
64:57:4a:a9:b9:12:57:92:7f:63:41:2a:f6:ed:c4:11:df:c7:
62:90:77:e3:bc:3a:0c:62:80:c7:ad:59:27:7c:0f:6a:90:4e:
81:ee:b5:8f:da:7a:79:df:fa:0e:bb:18:d5:42:51:7a:7f:75:
c5:9c:90:90:97:86:1d:b9:c1:2b:78:4d:00:ae:e5:fa:58:28:
f0:50:41:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtgbRnB+PpX6hjwKHleF6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTcxNGZmYzU5OGIxNTY0N2JiYWZlMmM2NDYwYTg3ZWFm
YmNmOTcwHhcNMjMwMTAxMTMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGE5M2E5MTEzN2IzMzViMDk5ZDBiMWY0MTQ5YjJkZTJiYTBhNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTWEgMWc4tDDcHHp1fd1SWbkLndD
c3iB7m8d3FhKGy6umn7q3DDnmMn3s062PtClnK74uDCD9D6B2+K9WovFFKCEl5wV
vhwba9QzPn0wpCCe5lb9qK5SO5UfV+l+cprmtfQhs8iClLQVLxyGh4GgwDpdtYEG
dQhKjQHZzPqfTVfSoXOgf/uZumFk+ObpYp22OZZOiTnSNvsXYgZBmtoAJw4P04Oe
GaVb806YjVv2E4Y2OvBdV2UDuil517rYWJoFm/4QJ9L8OPpXwUR/pCSUHCkZx9JG
EqopT7EujKQ4UT7N4aYZpRsTVkHc05a5xb8VSHWFyXosX/fNoSWrM3/H0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC2pOpETezNbCZ0LH0FJst4roKQxMB8GA1UdIwQY
MBaAFOSnFP/FmLFWR7uv4sZGCofq+8+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTkt
N2NiMzQ1ZTg1NDFhLzEvTGFrNmtSTjdNMXNKblFzZlFVbXkzaXVncERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTktN2NiMzQ1ZTg1NDFh
LzEvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRFEAwQA
wR6hAwQAwcgeMA0GCSqGSIb3DQEBCwUAA4IBAQAeNQDxQTimGED83/uCx/y9ALRG
5OvHQEqfBPux1UX9xrseFQNAoFL05aKFE1sCimOUe+2RRLDysvJk2pUFN051qXo6
sf9wTl6of+xudYcsw2BO0P/cf3FcvLfMIAP0AxZn/ZBnHegHln4+sMl0v06Q/2A1
wagO1web7fkJiTblyyn8jaJokw+9yEp0uO4QCr6nhwyGDRb/D9WtZxxRvlAUUOwR
rsc8EJUm+g4Ya1xb5z8u+29kV0qpuRJXkn9jQSr27cQR38dikHfjvDoMYoDHrVkn
fA9qkE6B7rWP2np53/oOuxjVQlF6f3XFnJCQl4YducEreE0AruX6WCjwUEHn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:48 2024 by rpki-client on console-fra.rpki-client.org