Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/Lx3ZO9YPxQUpRmI99H2nOBaEgJs.roa
File: Lx3ZO9YPxQUpRmI99H2nOBaEgJs.roa (raw, json)
Hash identifier: oBlxoNsnNa4rYXiwfo8j8oVekIAdYSBb5TWhVGIvO34=
Subject key identifier: 2F:1D:D9:3B:D6:0F:C5:05:29:46:62:3D:F4:7D:A7:38:16:84:80:9B
Certificate issuer: /CN=85db83a8365a604476f282d24d327ad1ef0fde52
Certificate serial: 018570FBB084174803539975B48D18116E34
Authority key identifier: 85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/Lx3ZO9YPxQUpRmI99H2nOBaEgJs.roa
Signing time: Mon 02 Jan 2023 05:37:00 +0000
ROA not before: Mon 02 Jan 2023 05:37:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41153
IP address blocks: 91.215.4.0/22 maxlen: 24
194.140.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:b0:84:17:48:03:53:99:75:b4:8d:18:11:6e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85db83a8365a604476f282d24d327ad1ef0fde52
Validity
Not Before: Jan 2 05:37:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f1dd93bd60fc5052946623df47da7381684809b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8e:66:23:4b:d9:85:db:14:a0:b3:e4:81:09:
5b:5f:2c:06:af:aa:26:f6:61:90:1e:3c:5f:39:ec:
15:d7:a9:a5:41:93:62:ee:a7:9d:46:61:8b:2d:fe:
62:21:9b:1c:b7:47:63:4c:85:01:7f:c4:4f:c8:1b:
d3:10:c9:02:d9:a6:2f:dd:ac:af:f8:40:37:a4:0a:
3d:6c:2e:3c:0f:55:33:b7:11:12:c2:30:ec:c6:e4:
cb:c6:e7:24:17:e5:82:3f:ba:fc:77:6d:38:d7:3d:
2d:e0:ab:53:34:1a:7a:5d:66:fd:10:1a:d2:1f:6c:
74:98:7e:3b:ca:f3:a7:c8:6d:21:50:36:d3:9e:1e:
6f:e0:ec:02:31:bc:0d:b6:a9:38:29:b3:9d:82:20:
a2:a9:ab:ae:56:7f:90:a0:77:02:88:35:5f:92:72:
91:f9:f0:07:f0:04:60:47:03:9a:35:c8:fb:78:f2:
31:03:92:7d:9e:c5:a1:50:9b:35:9a:35:64:20:23:
43:06:50:7b:11:28:6b:e2:13:1d:dd:7d:84:f8:28:
b8:05:3a:9b:89:b6:73:ab:14:54:99:be:91:9f:c3:
99:62:39:3f:85:68:3b:c3:92:a5:35:be:9f:ca:59:
e9:df:58:1a:41:c1:43:1f:42:98:33:7e:48:35:9d:
d0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1D:D9:3B:D6:0F:C5:05:29:46:62:3D:F4:7D:A7:38:16:84:80:9B
X509v3 Authority Key Identifier:
keyid:85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/Lx3ZO9YPxQUpRmI99H2nOBaEgJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/hduDqDZaYER28oLSTTJ60e8P3lI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.4.0/22
194.140.246.0/24
Signature Algorithm: sha256WithRSAEncryption
22:6c:13:7d:40:f6:bc:49:5d:97:9a:35:e6:92:46:67:8f:7f:
df:e9:96:1e:16:e9:a7:37:35:f2:d0:e8:e7:d9:fa:ba:34:a4:
1d:12:f3:ab:91:9e:cd:2b:ca:33:72:5f:3b:02:75:ec:44:af:
cf:9c:2b:ef:d0:c1:2a:fe:79:3e:a9:72:c2:7f:61:33:47:b0:
10:08:50:38:d2:67:34:53:d1:76:32:f3:1a:79:9f:36:33:d9:
d6:91:54:d5:b4:a1:ce:0b:b2:65:82:24:53:95:f9:63:49:d7:
e8:2b:68:43:68:47:b4:73:16:33:24:e8:69:93:93:fd:c5:01:
6c:85:e6:a6:9e:7e:67:fa:23:df:5a:69:ad:5e:ab:d4:25:f3:
a3:35:dd:f3:f8:11:00:96:4e:5f:b0:5d:79:8b:1f:63:a5:70:
f7:e0:50:dd:3b:06:01:d7:cd:1d:e1:7d:3b:2d:3d:06:23:14:
94:08:03:48:ab:70:e8:b5:88:5d:b8:7f:4d:f3:99:a2:25:29:
80:ee:89:b0:07:cd:a9:e1:b9:0b:a8:85:30:ab:bb:27:c3:33:
00:18:9d:03:db:45:66:c2:90:f7:81:97:24:4a:a4:26:0f:27:
ee:e4:06:a4:b8:53:78:39:5d:37:31:92:ba:d5:b9:61:72:df:
f7:b3:1e:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw+7CEF0gDU5l1tI0YEW40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGI4M2E4MzY1YTYwNDQ3NmYyODJkMjRkMzI3YWQxZWYw
ZmRlNTIwHhcNMjMwMTAyMDUzNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFkZDkzYmQ2MGZjNTA1Mjk0NjYyM2RmNDdkYTczODE2ODQ4MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio5mI0vZhdsUoLPkgQlbXywGr6om
9mGQHjxfOewV16mlQZNi7qedRmGLLf5iIZsct0djTIUBf8RPyBvTEMkC2aYv3ayv
+EA3pAo9bC48D1UztxESwjDsxuTLxuckF+WCP7r8d2041z0t4KtTNBp6XWb9EBrS
H2x0mH47yvOnyG0hUDbTnh5v4OwCMbwNtqk4KbOdgiCiqauuVn+QoHcCiDVfknKR
+fAH8ARgRwOaNcj7ePIxA5J9nsWhUJs1mjVkICNDBlB7EShr4hMd3X2E+Ci4BTqb
ibZzqxRUmb6Rn8OZYjk/hWg7w5KlNb6fylnp31gaQcFDH0KYM35INZ3Q9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC8d2TvWD8UFKUZiPfR9pzgWhICbMB8GA1UdIwQY
MBaAFIXbg6g2WmBEdvKC0k0yetHvD95SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR1RHFEWmFZRVIyOG9MU1RUSjYwZThQM2xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yYzhmMDgtZTU5OS00NGYzLWJiYzEt
OGNiZWY5MTNlMzQyLzEvTHgzWk85WVB4UVVwUm1JOTlIMm5PQmFFZ0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yYzhmMDgtZTU5OS00NGYzLWJiYzEtOGNiZWY5MTNlMzQy
LzEvaGR1RHFEWmFZRVIyOG9MU1RUSjYwZThQM2xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9cEAwQA
woz2MA0GCSqGSIb3DQEBCwUAA4IBAQAibBN9QPa8SV2XmjXmkkZnj3/f6ZYeFumn
NzXy0Ojn2fq6NKQdEvOrkZ7NK8ozcl87AnXsRK/PnCvv0MEq/nk+qXLCf2EzR7AQ
CFA40mc0U9F2MvMaeZ82M9nWkVTVtKHOC7JlgiRTlfljSdfoK2hDaEe0cxYzJOhp
k5P9xQFsheamnn5n+iPfWmmtXqvUJfOjNd3z+BEAlk5fsF15ix9jpXD34FDdOwYB
180d4X07LT0GIxSUCANIq3DotYhduH9N85miJSmA7omwB82p4bkLqIUwq7snwzMA
GJ0D20VmwpD3gZckSqQmDyfu5AakuFN4OV03MZK61blhct/3sx7V
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:47 2024 by rpki-client on console-ams.rpki-client.org