Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/LgTrEKY5Em4LhjVIcxu2M2XNKAo.roa
File: LgTrEKY5Em4LhjVIcxu2M2XNKAo.roa (raw, json)
Hash identifier: srFMrXfwct3jadR9UudtAxoJj7iw5ivbIr4BF4Qrvt0=
Subject key identifier: 2E:04:EB:10:A6:39:12:6E:0B:86:35:48:73:1B:B6:33:65:CD:28:0A
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAF005232CB526002C12A0958E63917
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/LgTrEKY5Em4LhjVIcxu2M2XNKAo.roa
Signing time: Sun 01 Jan 2023 09:34:46 +0000
ROA not before: Sun 01 Jan 2023 09:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50613
IP address blocks: 37.235.49.0/24 maxlen: 24
151.236.24.0/24 maxlen: 24
2a03:f80:354::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:00:52:32:cb:52:60:02:c1:2a:09:58:e6:39:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e04eb10a639126e0b863548731bb63365cd280a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:af:ea:cf:9a:16:54:22:1c:4a:6c:41:4f:ed:
22:bf:9a:bb:22:f2:e7:54:ec:37:10:f7:83:17:09:
77:22:9b:02:3a:31:fd:2a:f0:a5:6e:72:6a:50:d6:
08:33:24:d4:52:3d:94:63:9a:f3:77:0b:d8:3f:9a:
b1:85:b3:e2:08:6a:18:89:54:06:d9:30:6b:db:4b:
3e:7e:8e:4c:de:74:de:57:fe:78:6b:ff:0d:75:e1:
40:f3:05:c1:50:7c:2a:56:c5:b3:3f:1b:91:d2:df:
59:b0:e2:2e:3c:8f:08:8f:9f:55:d4:4c:b2:b7:95:
f9:2e:e5:85:70:2b:c3:2f:36:e7:8d:2b:aa:b5:e6:
1f:48:20:d5:71:2e:b2:c8:fb:46:ef:9d:d0:3e:29:
0c:b5:df:d4:d9:a1:e6:be:de:e9:fb:0b:ce:14:90:
65:d2:96:8a:0b:65:c9:f7:0a:a6:91:15:8e:d9:8e:
6c:0f:59:ce:d9:82:78:b0:5e:35:0d:96:fe:28:ed:
ce:04:e9:8e:97:98:17:01:27:cf:ec:58:a5:4d:74:
ac:0a:5a:76:4b:49:f5:81:6e:65:2c:e4:db:ca:70:
6b:97:b7:b4:14:43:d1:0e:c3:bc:fd:ab:b8:d8:30:
91:1f:fd:dd:b1:eb:32:0e:fb:92:70:ca:59:63:3f:
0a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:04:EB:10:A6:39:12:6E:0B:86:35:48:73:1B:B6:33:65:CD:28:0A
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/LgTrEKY5Em4LhjVIcxu2M2XNKAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.49.0/24
151.236.24.0/24
IPv6:
2a03:f80:354::/48
Signature Algorithm: sha256WithRSAEncryption
67:82:fb:ad:bb:f0:7a:df:2e:bf:39:8b:9f:28:48:6f:fa:0b:
32:cf:41:df:ca:55:44:06:99:32:45:d4:ec:68:a3:23:8c:a7:
c7:2d:a3:f9:d7:84:65:4c:83:95:1f:21:20:d2:a0:13:da:b4:
2e:84:e4:0e:52:b3:e3:34:ba:55:19:93:71:08:83:83:88:99:
da:7b:fd:11:4c:e2:7a:6f:ab:53:b2:fc:de:76:c2:db:e9:c1:
4e:60:ef:c8:7e:81:42:e2:69:62:0c:7f:73:5d:7b:14:ee:9b:
c3:bd:7d:7b:94:78:03:c6:cb:ce:17:3b:0a:47:90:88:21:1e:
28:2e:96:da:4f:90:59:d8:e8:d3:61:9c:fe:90:fa:b2:8b:59:
54:47:d4:b4:76:2f:ff:8b:25:a3:e8:67:59:6f:aa:54:35:97:
a3:d1:8f:8f:2b:9f:23:1a:61:b3:33:48:5d:8e:b0:76:6b:ac:
b2:18:6a:42:18:8e:5a:12:a9:02:11:bc:f7:f9:43:05:13:98:
71:e9:e6:0b:1b:fc:cf:93:c7:2b:ef:2e:9a:66:26:19:46:48:
06:c5:9b:38:7c:00:39:15:f4:50:9a:6e:d5:6b:4d:23:16:2c:
88:76:9b:7e:59:07:ba:ea:da:1a:f2:a0:ea:52:54:50:34:7e:
41:0f:58:9b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsrwBSMstSYALBKglY5jkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTA0ZWIxMGE2MzkxMjZlMGI4NjM1NDg3MzFiYjYzMzY1Y2QyODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia/qz5oWVCIcSmxBT+0iv5q7IvLn
VOw3EPeDFwl3IpsCOjH9KvClbnJqUNYIMyTUUj2UY5rzdwvYP5qxhbPiCGoYiVQG
2TBr20s+fo5M3nTeV/54a/8NdeFA8wXBUHwqVsWzPxuR0t9ZsOIuPI8Ij59V1Eyy
t5X5LuWFcCvDLzbnjSuqteYfSCDVcS6yyPtG753QPikMtd/U2aHmvt7p+wvOFJBl
0paKC2XJ9wqmkRWO2Y5sD1nO2YJ4sF41DZb+KO3OBOmOl5gXASfP7FilTXSsClp2
S0n1gW5lLOTbynBrl7e0FEPRDsO8/au42DCRH/3dsesyDvuScMpZYz8KjQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC4E6xCmORJuC4Y1SHMbtjNlzSgKMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvTGdUckVLWTVFbTRMaGpWSWN4dTJNMlhOS0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAJesxAwQA
l+wYMA8EAgACMAkDBwAqAw+AA1QwDQYJKoZIhvcNAQELBQADggEBAGeC+6278Hrf
Lr85i58oSG/6CzLPQd/KVUQGmTJF1OxooyOMp8cto/nXhGVMg5UfISDSoBPatC6E
5A5Ss+M0ulUZk3EIg4OImdp7/RFM4npvq1Oy/N52wtvpwU5g78h+gULiaWIMf3Nd
exTum8O9fXuUeAPGy84XOwpHkIghHigultpPkFnY6NNhnP6Q+rKLWVRH1LR2L/+L
JaPoZ1lvqlQ1l6PRj48rnyMaYbMzSF2OsHZrrLIYakIYjloSqQIRvPf5QwUTmHHp
5gsb/M+TxyvvLppmJhlGSAbFmzh8ADkV9FCabtVrTSMWLIh2m35ZB7rq2hryoOpS
VFA0fkEPWJs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org