Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/LzoRRlwnqsY713eAcbdG523X9Jg.roa
File: LzoRRlwnqsY713eAcbdG523X9Jg.roa (raw, json)
Hash identifier: flepKUtSx9dO1GQ4FpwlnTroecvDo4pLjJxfIZUWI1Q=
Subject key identifier: 2F:3A:11:46:5C:27:AA:C6:3B:D7:77:80:71:B7:46:E7:6D:D7:F4:98
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C89290DF3D726E5E0A891FA688BAA7735
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/LzoRRlwnqsY713eAcbdG523X9Jg.roa
Signing time: Wed 20 Dec 2023 21:36:58 +0000
ROA not before: Wed 20 Dec 2023 21:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5650
IP address blocks: 89.251.17.0/24 maxlen: 24
193.93.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:89:29:0d:f3:d7:26:e5:e0:a8:91:fa:68:8b:aa:77:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 20 21:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f3a11465c27aac63bd7778071b746e76dd7f498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:76:18:e6:ef:e8:9c:ae:66:6f:87:78:b5:d8:
b3:f8:3d:3c:c2:ec:c0:2d:45:5c:8e:48:73:df:69:
47:ef:8f:7f:cf:0f:54:98:f4:bb:9f:33:f5:f5:ca:
0b:89:aa:13:aa:59:0e:34:a1:dc:b5:58:be:30:d6:
df:40:25:29:4f:f9:e7:e8:73:ee:ad:18:d6:d3:f1:
0f:ae:7c:3f:de:0b:ac:66:47:b2:bd:d6:16:78:aa:
4a:99:fb:e6:3c:de:2a:de:7c:6f:f9:72:e3:e4:31:
1c:71:04:28:37:79:dd:57:82:35:85:1c:53:76:a4:
b9:73:b2:5c:25:5c:d8:b2:ff:e6:27:4d:68:52:32:
03:93:ac:08:36:2d:b0:38:4d:28:74:ab:b2:29:48:
56:8d:4d:63:ef:50:7c:50:71:36:4e:9b:6a:78:cb:
ca:a3:7d:0b:02:16:e6:5e:13:99:68:53:5b:a0:35:
4a:8b:bf:25:c6:38:ea:f1:62:fe:1c:4b:df:23:88:
dd:31:b4:f4:ee:20:f0:a9:64:e0:f2:5c:0c:f5:bc:
b7:63:d7:0c:3a:7a:9f:3b:cd:4e:86:75:bb:63:19:
75:f5:f5:28:e8:12:90:c1:69:85:58:6a:3a:45:b6:
69:b3:d9:6f:65:bb:95:93:d6:b2:d5:33:67:16:c2:
5a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3A:11:46:5C:27:AA:C6:3B:D7:77:80:71:B7:46:E7:6D:D7:F4:98
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/LzoRRlwnqsY713eAcbdG523X9Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.17.0/24
193.93.53.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ea:92:e7:cd:80:be:27:da:09:77:7e:45:50:e2:46:70:70:
d1:d9:bd:30:88:23:42:2a:38:eb:3c:53:d4:e7:f0:37:2d:14:
69:38:1a:79:a4:41:15:43:ae:fa:7e:67:45:05:f6:4f:4f:f5:
3c:06:16:33:99:6a:8f:9f:a6:17:22:3b:d5:a2:13:ea:eb:d7:
2d:12:ee:90:8d:48:1a:50:ad:ed:76:55:8c:4c:2f:0d:fe:75:
ab:c5:7c:dc:ec:ac:39:67:79:ed:eb:9b:10:cc:6f:00:e4:df:
7c:50:8a:de:d7:c1:28:3b:af:b7:96:9e:78:48:0b:bf:a5:5f:
97:0f:7c:0b:ab:a7:63:4d:ec:5a:b7:eb:4e:e1:0f:a2:af:c7:
e3:97:c4:1c:ae:7a:7d:80:83:8a:c7:bb:b2:4d:64:8d:a4:7d:
c2:32:aa:65:b5:08:0f:17:94:cf:01:42:f3:dc:08:c7:58:44:
d3:78:bf:a4:8b:56:7c:ff:d7:10:fb:cb:4a:0e:41:32:01:79:
f5:0b:af:41:5e:2a:a1:5a:b7:6c:81:50:f1:69:7e:00:c2:b7:
f2:90:da:cd:39:73:8e:fa:64:9b:00:79:72:a7:3b:66:f8:cb:
88:a5:b3:64:2f:40:40:9f:e7:0c:43:c3:ff:87:f7:3c:a5:92:
be:3e:9c:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyJKQ3z1ybl4KiR+miLqnc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjIwMjEzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNhMTE0NjVjMjdhYWM2M2JkNzc3ODA3MWI3NDZlNzZkZDdmNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3YY5u/onK5mb4d4tdiz+D08wuzA
LUVcjkhz32lH749/zw9UmPS7nzP19coLiaoTqlkONKHctVi+MNbfQCUpT/nn6HPu
rRjW0/EPrnw/3gusZkeyvdYWeKpKmfvmPN4q3nxv+XLj5DEccQQoN3ndV4I1hRxT
dqS5c7JcJVzYsv/mJ01oUjIDk6wINi2wOE0odKuyKUhWjU1j71B8UHE2TptqeMvK
o30LAhbmXhOZaFNboDVKi78lxjjq8WL+HEvfI4jdMbT07iDwqWTg8lwM9by3Y9cM
OnqfO81OhnW7Yxl19fUo6BKQwWmFWGo6RbZps9lvZbuVk9ay1TNnFsJapwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC86EUZcJ6rGO9d3gHG3Rudt1/SYMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTHpvUlJsd25xc1k3MTNlQWNiZEc1MjNYOUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsRAwQA
wV01MA0GCSqGSIb3DQEBCwUAA4IBAQAc6pLnzYC+J9oJd35FUOJGcHDR2b0wiCNC
KjjrPFPU5/A3LRRpOBp5pEEVQ676fmdFBfZPT/U8BhYzmWqPn6YXIjvVohPq69ct
Eu6QjUgaUK3tdlWMTC8N/nWrxXzc7Kw5Z3nt65sQzG8A5N98UIre18EoO6+3lp54
SAu/pV+XD3wLq6djTexat+tO4Q+ir8fjl8Qcrnp9gIOKx7uyTWSNpH3CMqpltQgP
F5TPAULz3AjHWETTeL+ki1Z8/9cQ+8tKDkEyAXn1C69BXiqhWrdsgVDxaX4Awrfy
kNrNOXOO+mSbAHlypztm+MuIpbNkL0BAn+cMQ8P/h/c8pZK+Ppzr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org