Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/lymCyPtLuhMomOo2qWeTnK9La3E.roa
File: lymCyPtLuhMomOo2qWeTnK9La3E.roa (raw, json)
Hash identifier: 9i+gmR07cZdsWMABdsRXfNb3bLeDRXEfJcpNC81/KgY=
Subject key identifier: 97:29:82:C8:FB:4B:BA:13:28:98:EA:36:A9:67:93:9C:AF:4B:6B:71
Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Certificate serial: 018CC2DAB970A3F540303EFFE5D0011AB850
Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/lymCyPtLuhMomOo2qWeTnK9La3E.roa
Signing time: Mon 01 Jan 2024 02:29:23 +0000
ROA not before: Mon 01 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13214
IP address blocks: 185.109.84.0/23 maxlen: 23
185.109.86.0/24 maxlen: 24
31.22.88.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 04 Apr 2024 07:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b9:70:a3:f5:40:30:3e:ff:e5:d0:01:1a:b8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Validity
Not Before: Jan 1 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=972982c8fb4bba132898ea36a967939caf4b6b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3e:80:b8:06:df:dc:08:97:60:e2:b4:e3:80:
78:32:22:f5:e5:d8:00:9c:14:56:94:4e:54:dd:b5:
10:2b:13:9c:79:96:ca:45:1a:3b:b7:ce:83:6e:8f:
91:12:62:1a:18:e6:d0:a8:41:1c:a9:81:82:c0:05:
e1:c6:1c:44:7c:96:23:ac:87:17:3a:4c:91:8c:ba:
46:a3:f0:c9:1b:e8:ff:f6:2e:b4:7b:fd:7e:2a:6b:
ec:13:f4:6e:53:f9:4e:72:28:35:b8:6f:a8:72:38:
36:85:da:26:e4:14:bf:96:05:cf:27:e6:a4:f5:c3:
0b:0e:b4:d4:ae:1a:23:75:5f:a6:38:83:71:cb:e3:
60:99:f3:28:4a:d1:4c:d6:6f:65:2f:ea:de:d3:89:
fb:fb:bf:a8:b2:7b:25:b6:4d:29:c5:a0:23:96:f9:
8c:38:57:1d:73:ad:81:62:f7:8d:bb:94:79:85:87:
91:c3:ee:32:38:9c:68:ef:a8:88:1b:52:f6:a2:a1:
aa:d4:0b:2d:5b:01:3a:b5:81:b7:91:30:fb:57:5b:
08:26:1d:8e:d4:ce:a6:ec:1f:b9:49:22:8e:f7:0e:
4d:4c:75:39:a2:7c:9b:b5:73:68:8e:59:41:23:34:
47:10:b0:80:ea:90:27:30:9c:eb:5f:09:50:20:a9:
38:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:29:82:C8:FB:4B:BA:13:28:98:EA:36:A9:67:93:9C:AF:4B:6B:71
X509v3 Authority Key Identifier:
keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/lymCyPtLuhMomOo2qWeTnK9La3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.88.0/21
185.109.84.0-185.109.86.255
Signature Algorithm: sha256WithRSAEncryption
54:cd:d2:1c:24:a8:fa:c4:ca:01:b4:d1:3b:0a:56:2c:e6:02:
2b:2d:85:a8:60:ef:d7:43:48:ac:8f:dd:fc:2a:29:13:66:5f:
31:48:82:70:76:13:c3:40:c1:4d:c4:22:da:e7:ef:a8:0c:1a:
da:04:d4:45:f8:54:db:6e:dd:ce:a0:fd:a7:ea:2a:20:42:c4:
dc:e0:de:a4:23:82:74:31:8e:22:90:f9:87:7c:b1:7b:5e:95:
3b:04:db:db:87:a7:fe:7c:e4:5e:12:e6:17:ed:4a:1a:3a:fe:
0a:fe:1e:d9:11:7d:5e:9b:8a:5e:85:fb:a6:62:5e:84:9a:87:
ee:83:7d:68:3c:3b:39:57:95:24:c3:1a:65:01:62:79:f8:12:
14:28:37:71:ca:4c:5a:fb:bd:72:e5:d2:2d:96:88:cf:81:43:
cf:05:b1:e3:5f:d4:26:5a:9c:05:58:ef:cd:0e:3a:7d:c0:d7:
c5:96:02:65:f0:84:e9:cb:a7:7a:43:60:f8:f1:d4:92:c0:98:
13:cf:6d:57:09:17:bd:75:76:89:2d:ef:2e:c3:c8:e6:df:bd:
61:49:42:3e:5f:cb:35:f5:d1:51:dd:5f:d7:5a:4b:5e:8d:8c:
12:d6:32:94:cd:12:24:ee:43:80:06:6b:c9:37:df:c8:d6:29:
1a:a6:3b:d3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzC2rlwo/VAMD7/5dABGrhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm
ZmM3YzAwHhcNMjQwMTAxMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI5ODJjOGZiNGJiYTEzMjg5OGVhMzZhOTY3OTM5Y2FmNGI2YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj6AuAbf3AiXYOK044B4MiL15dgA
nBRWlE5U3bUQKxOceZbKRRo7t86Dbo+REmIaGObQqEEcqYGCwAXhxhxEfJYjrIcX
OkyRjLpGo/DJG+j/9i60e/1+KmvsE/RuU/lOcig1uG+ocjg2hdom5BS/lgXPJ+ak
9cMLDrTUrhojdV+mOINxy+NgmfMoStFM1m9lL+re04n7+7+osnsltk0pxaAjlvmM
OFcdc62BYveNu5R5hYeRw+4yOJxo76iIG1L2oqGq1AstWwE6tYG3kTD7V1sIJh2O
1M6m7B+5SSKO9w5NTHU5onybtXNojllBIzRHELCA6pAnMJzrXwlQIKk44QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJcpgsj7S7oTKJjqNqlnk5yvS2txMB8GA1UdIwQY
MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt
YTZkNDVlZjdkMjI3LzEvbHltQ3lQdEx1aE1vbU9vMnFXZVRuSzlMYTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3
LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDHxZYMAwD
BAK5bVQDBAC5bVYwDQYJKoZIhvcNAQELBQADggEBAFTN0hwkqPrEygG00TsKVizm
Aisthahg79dDSKyP3fwqKRNmXzFIgnB2E8NAwU3EItrn76gMGtoE1EX4VNtu3c6g
/afqKiBCxNzg3qQjgnQxjiKQ+Yd8sXtelTsE29uHp/585F4S5hftSho6/gr+HtkR
fV6bil6F+6ZiXoSah+6DfWg8OzlXlSTDGmUBYnn4EhQoN3HKTFr7vXLl0i2WiM+B
Q88FseNf1CZanAVY780OOn3A18WWAmXwhOnLp3pDYPjx1JLAmBPPbVcJF711dokt
7y7DyObfvWFJQj5fyzX10VHdX9daS16NjBLWMpTNEiTuQ4AGa8k338jWKRqmO9M=
-----END CERTIFICATE-----
Generated at Thu Apr 4 12:05:29 2024 by rpki-client on console-fra.rpki-client.org