Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/Lq_wvo2KmBjMhya2o7d0Rwv3qM0.roa
File: Lq_wvo2KmBjMhya2o7d0Rwv3qM0.roa (raw, json)
Hash identifier: Rr9/amTRXmf1LgtFKDDlkUWDoFJFvOwoyFdMTwtphyw=
Subject key identifier: 2E:AF:F0:BE:8D:8A:98:18:CC:87:26:B6:A3:B7:74:47:0B:F7:A8:CD
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 018C3476F9A240DB240F00999388373F50AF
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/Lq_wvo2KmBjMhya2o7d0Rwv3qM0.roa
Signing time: Mon 04 Dec 2023 10:54:21 +0000
ROA not before: Mon 04 Dec 2023 10:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205467
IP address blocks: 85.12.0.0/22 maxlen: 24
193.138.223.0/24 maxlen: 24
2a01:788:213::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:76:f9:a2:40:db:24:0f:00:99:93:88:37:3f:50:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Dec 4 10:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eaff0be8d8a9818cc8726b6a3b774470bf7a8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3e:90:eb:c8:5a:a9:12:73:9d:18:59:70:18:
e9:9c:06:63:11:fe:a0:3c:19:0a:fc:6e:e8:7b:cd:
b8:30:25:8c:f2:20:1b:e4:28:80:4a:e9:0c:bc:08:
a7:86:1e:13:ad:b4:30:c3:f5:8a:10:0b:7e:0a:3e:
e3:7c:53:a6:ce:35:eb:8e:a3:06:da:ac:ae:f9:ae:
6b:fc:22:56:3c:35:ab:12:fa:a4:49:3c:8c:54:7d:
8a:72:e2:4d:85:91:15:50:04:eb:40:42:f1:c8:c9:
27:dc:77:d7:95:25:f2:df:b6:c4:23:42:97:69:21:
f2:34:87:b3:82:94:55:db:6a:d1:02:d3:49:d8:46:
c8:ed:e5:12:7f:10:d9:16:0b:ad:6b:fb:07:c4:fc:
3a:c5:48:7b:a0:88:19:bf:25:4d:22:db:ba:c5:b1:
6f:e0:c5:54:08:cd:4a:12:67:57:6d:32:b0:2f:09:
2f:68:37:c6:c7:32:51:07:01:84:3f:c0:34:20:42:
b2:c4:4d:f0:4d:0c:50:0b:87:06:a0:9a:b4:9d:c4:
4f:bd:df:82:75:a4:15:f8:73:91:f7:41:1f:67:81:
42:f7:6f:36:3c:e3:71:14:2d:7a:44:d4:ba:02:bf:
d5:a1:f2:6e:aa:95:25:2c:55:e5:0d:e4:37:14:1e:
84:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AF:F0:BE:8D:8A:98:18:CC:87:26:B6:A3:B7:74:47:0B:F7:A8:CD
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/Lq_wvo2KmBjMhya2o7d0Rwv3qM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.0.0/22
193.138.223.0/24
IPv6:
2a01:788:213::/48
Signature Algorithm: sha256WithRSAEncryption
0e:07:3d:07:c5:74:07:1f:03:cd:86:69:5c:e0:4c:fa:1c:85:
d2:d9:c5:e5:c4:26:19:45:2b:36:f6:05:fd:a9:44:cd:73:fc:
07:d3:76:1c:85:89:01:7e:e5:b1:1f:74:05:62:8a:9a:17:ca:
22:3d:c7:8e:49:c6:79:cc:15:f3:be:48:1a:ec:ae:52:a2:be:
96:b1:9f:58:3f:53:54:22:46:1f:0e:7f:84:7c:51:33:ea:bc:
81:57:c4:2e:55:18:24:8c:a7:a3:40:02:df:a2:f4:c7:8c:c0:
80:4a:37:86:ff:a6:d9:13:98:76:5b:55:0f:9f:b6:b7:79:fc:
07:99:3d:f1:30:19:39:36:1c:41:d9:61:d4:60:32:9a:ee:38:
98:ea:9f:d0:cf:82:38:f0:00:73:fa:15:d3:f9:5e:cc:c8:cd:
1c:cf:66:2f:55:5a:ce:b9:4e:61:fb:2c:1b:65:12:13:08:50:
60:4f:21:97:91:86:e5:d6:6f:10:0d:6e:c6:b4:f9:61:db:31:
31:0c:2b:ad:06:58:48:ca:fb:c8:8b:e2:49:c2:ef:b4:94:32:
19:82:e4:4c:df:82:a8:d4:51:97:84:47:b6:0f:57:a2:fa:b8:
4e:c6:94:b7:5f:46:0c:34:60:49:b4:ec:32:8f:e2:67:3a:16:
23:ee:c1:48
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYw0dvmiQNskDwCZk4g3P1CvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjMxMjA0MTA1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWFmZjBiZThkOGE5ODE4Y2M4NzI2YjZhM2I3NzQ0NzBiZjdhOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApT6Q68haqRJznRhZcBjpnAZjEf6g
PBkK/G7oe824MCWM8iAb5CiASukMvAinhh4TrbQww/WKEAt+Cj7jfFOmzjXrjqMG
2qyu+a5r/CJWPDWrEvqkSTyMVH2KcuJNhZEVUATrQELxyMkn3HfXlSXy37bEI0KX
aSHyNIezgpRV22rRAtNJ2EbI7eUSfxDZFguta/sHxPw6xUh7oIgZvyVNItu6xbFv
4MVUCM1KEmdXbTKwLwkvaDfGxzJRBwGEP8A0IEKyxE3wTQxQC4cGoJq0ncRPvd+C
daQV+HOR90EfZ4FC9282PONxFC16RNS6Ar/VofJuqpUlLFXlDeQ3FB6EiQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC6v8L6NipgYzIcmtqO3dEcL96jNMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvTHFfd3ZvMkttQmpNaHlhMm83ZDBSd3YzcU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCVQwAAwQA
wYrfMA8EAgACMAkDBwAqAQeIAhMwDQYJKoZIhvcNAQELBQADggEBAA4HPQfFdAcf
A82GaVzgTPochdLZxeXEJhlFKzb2Bf2pRM1z/AfTdhyFiQF+5bEfdAViipoXyiI9
x45JxnnMFfO+SBrsrlKivpaxn1g/U1QiRh8Of4R8UTPqvIFXxC5VGCSMp6NAAt+i
9MeMwIBKN4b/ptkTmHZbVQ+ftrd5/AeZPfEwGTk2HEHZYdRgMpruOJjqn9DPgjjw
AHP6FdP5XszIzRzPZi9VWs65TmH7LBtlEhMIUGBPIZeRhuXWbxANbsa0+WHbMTEM
K60GWEjK+8iL4knC77SUMhmC5EzfgqjUUZeER7YPV6L6uE7GlLdfRgw0YEm07DKP
4mc6FiPuwUg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:07 2024 by rpki-client on console-ams.rpki-client.org