Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/lQtA72AM2RJjPHCReJDyiTNysUk.roa
File: lQtA72AM2RJjPHCReJDyiTNysUk.roa (raw, json)
Hash identifier: HdhlOYQjpXPzIhL8ZcPVxVBQNujEUQK6b4IeeaX/MUc=
Subject key identifier: 95:0B:40:EF:60:0C:D9:12:63:3C:70:91:78:90:F2:89:33:72:B1:49
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01925138A3A2094397541345B10F4E48558A
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/lQtA72AM2RJjPHCReJDyiTNysUk.roa
Signing time: Thu 03 Oct 2024 07:11:59 +0000
ROA not before: Thu 03 Oct 2024 07:11:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214209
IP address blocks: 213.176.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 09:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:38:a3:a2:09:43:97:54:13:45:b1:0f:4e:48:55:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Oct 3 07:11:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=950b40ef600cd912633c70917890f2893372b149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:11:75:4e:72:83:2a:16:0d:fb:45:d5:7f:e0:
9f:ce:31:11:3e:08:cc:92:e2:ff:f3:d5:aa:ed:5c:
d4:dc:2b:cd:a9:e8:0c:fa:ce:f3:13:d9:f5:7b:f5:
52:ef:83:fd:e7:9c:e7:72:03:53:a6:af:a9:c4:25:
b9:6e:85:ec:62:55:e4:c0:2c:7e:4e:27:29:e4:c6:
c5:50:a1:b8:02:a4:84:f1:98:87:eb:3a:7a:f4:ba:
67:2f:1d:c3:0a:16:52:f0:a4:b3:25:9f:73:c6:84:
af:6e:b1:06:c1:d4:3a:0d:0a:04:45:67:7c:8a:32:
60:5e:00:5a:e0:68:33:85:dc:cc:0b:07:f2:82:a3:
39:1f:fd:c3:13:12:93:2c:95:51:bc:c2:7f:80:b4:
d8:64:2d:b6:63:1a:0e:08:b7:6d:76:76:80:9f:89:
c6:81:41:74:47:d4:a2:6c:3c:e3:8c:cd:22:ca:1f:
42:aa:85:df:0b:2c:51:da:2c:49:c4:bb:cc:f3:e0:
30:c4:74:cc:92:14:8f:48:af:ed:63:4b:8e:e1:9b:
4d:8d:5c:c0:1f:a6:4e:e6:4e:db:99:68:96:9e:04:
71:a5:a7:e6:a5:c5:a9:ea:67:c6:91:78:aa:65:2e:
89:7c:dd:3e:e7:82:b2:6f:a2:2c:6b:e7:d6:d8:17:
81:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0B:40:EF:60:0C:D9:12:63:3C:70:91:78:90:F2:89:33:72:B1:49
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/lQtA72AM2RJjPHCReJDyiTNysUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.66.0/24
Signature Algorithm: sha256WithRSAEncryption
62:37:c7:0c:72:8d:db:21:35:9b:1f:5b:47:a3:7f:bb:e0:fa:
06:04:14:5e:f5:76:c5:1a:97:f1:16:4b:a9:e2:cc:75:74:ec:
77:e1:38:a6:d1:ba:46:33:a8:c9:91:14:3a:e7:b1:fa:21:eb:
ff:fb:22:b7:5a:ba:12:d5:0a:34:ed:26:14:7c:ac:7e:08:67:
d7:10:18:09:c3:15:10:bd:23:08:59:22:7b:23:98:f0:ca:51:
3d:85:d1:ba:2c:f6:c6:ef:2e:ec:7c:03:88:34:cc:c6:2e:21:
db:be:60:9a:07:42:56:51:41:b7:b7:48:3a:28:f8:5d:3e:d0:
dd:78:12:48:7d:48:f9:03:30:1d:b4:2f:53:67:19:a1:f8:ee:
47:6b:99:32:ba:a3:ab:22:57:ca:b5:a5:1c:31:93:77:9d:9b:
ea:43:29:8d:86:9c:9b:24:3f:73:93:8c:1d:46:dc:c0:5c:f6:
ec:8b:1b:eb:b1:ee:26:e6:f9:26:44:1f:e9:bc:85:fb:09:8e:
e4:45:ad:30:91:31:1a:01:c9:10:8f:94:16:4c:10:34:a1:46:
59:69:b1:10:63:ff:41:1c:83:aa:bd:6a:03:f4:80:1c:b8:b9:
bd:70:c6:32:d7:34:1e:ec:6d:64:fa:d6:e5:8d:6c:04:8f:ca:
aa:de:ea:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJROKOiCUOXVBNFsQ9OSFWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQxMDAzMDcxMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBiNDBlZjYwMGNkOTEyNjMzYzcwOTE3ODkwZjI4OTMzNzJiMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphF1TnKDKhYN+0XVf+CfzjERPgjM
kuL/89Wq7VzU3CvNqegM+s7zE9n1e/VS74P955zncgNTpq+pxCW5boXsYlXkwCx+
Ticp5MbFUKG4AqSE8ZiH6zp69LpnLx3DChZS8KSzJZ9zxoSvbrEGwdQ6DQoERWd8
ijJgXgBa4GgzhdzMCwfygqM5H/3DExKTLJVRvMJ/gLTYZC22YxoOCLdtdnaAn4nG
gUF0R9SibDzjjM0iyh9CqoXfCyxR2ixJxLvM8+AwxHTMkhSPSK/tY0uO4ZtNjVzA
H6ZO5k7bmWiWngRxpafmpcWp6mfGkXiqZS6JfN0+54Kyb6Isa+fW2BeBOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJULQO9gDNkSYzxwkXiQ8okzcrFJMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvbFF0QTcyQU0yUkpqUEhDUmVKRHlpVE55c1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1bBCMA0G
CSqGSIb3DQEBCwUAA4IBAQBiN8cMco3bITWbH1tHo3+74PoGBBRe9XbFGpfxFkup
4sx1dOx34Tim0bpGM6jJkRQ657H6Iev/+yK3WroS1Qo07SYUfKx+CGfXEBgJwxUQ
vSMIWSJ7I5jwylE9hdG6LPbG7y7sfAOINMzGLiHbvmCaB0JWUUG3t0g6KPhdPtDd
eBJIfUj5AzAdtC9TZxmh+O5Ha5kyuqOrIlfKtaUcMZN3nZvqQymNhpybJD9zk4wd
RtzAXPbsixvrse4m5vkmRB/pvIX7CY7kRa0wkTEaAckQj5QWTBA0oUZZabEQY/9B
HIOqvWoD9IAcuLm9cMYy1zQe7G1k+tbljWwEj8qq3uqz
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:59 2024 by rpki-client on console-ams.rpki-client.org