Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/lAfCUmRMa2SmV9XX_28KFXUSOaY.roa
File: lAfCUmRMa2SmV9XX_28KFXUSOaY.roa (raw, json)
Hash identifier: JTvcxn9O7GvyRJSMHIAMjfWqecJl5PSXSRLj11FXf5w=
Subject key identifier: 94:07:C2:52:64:4C:6B:64:A6:57:D5:D7:FF:6F:0A:15:75:12:39:A6
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 01856C53DDB3ABBEB8E63BA8471A524C1E99
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/lAfCUmRMa2SmV9XX_28KFXUSOaY.roa
Signing time: Sun 01 Jan 2023 07:55:12 +0000
ROA not before: Sun 01 Jan 2023 07:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395886
IP address blocks: 193.227.121.0/24 maxlen: 24
45.153.8.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:dd:b3:ab:be:b8:e6:3b:a8:47:1a:52:4c:1e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 07:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9407c252644c6b64a657d5d7ff6f0a15751239a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:31:f3:56:7c:82:ce:0e:13:59:ae:92:b4:32:
26:c2:65:9c:52:fc:5f:6b:bd:46:71:d8:30:dd:3d:
6e:01:5d:59:f5:64:61:4d:26:39:a5:74:25:8b:fe:
b4:5c:32:fe:28:6d:32:5d:63:24:3a:f5:b7:df:89:
71:69:c7:d2:ea:cc:10:7b:33:a7:80:c2:86:87:31:
b1:63:b1:31:e8:65:6d:d1:8c:2f:bc:e4:7d:16:01:
64:f6:eb:31:18:9a:71:2e:7c:12:d3:0f:9a:a1:17:
2a:ff:24:45:c0:08:fc:24:ce:e2:89:85:67:6b:55:
fc:52:9d:b1:e9:3e:62:69:ee:44:10:f4:11:36:f5:
8a:c7:3c:e0:db:10:77:65:d4:0c:3c:34:3f:ca:ec:
a2:58:42:d3:bb:54:33:65:ec:9c:6e:f4:3f:41:0e:
66:b1:cf:b1:5c:9f:8f:0c:31:cc:8e:b8:b7:57:78:
94:ab:92:f8:3d:e8:02:ad:b7:71:66:a2:d8:0f:aa:
55:fa:e0:07:3b:88:43:3f:f7:ef:e5:a3:3b:67:82:
f0:14:b3:ce:50:5d:39:29:dd:c6:ff:d4:68:79:c3:
ca:14:60:da:e7:6b:ba:aa:b4:44:58:83:f9:c1:68:
e8:cc:33:3d:cc:1f:fe:d4:59:b0:88:2d:f8:f9:91:
47:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:07:C2:52:64:4C:6B:64:A6:57:D5:D7:FF:6F:0A:15:75:12:39:A6
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/lAfCUmRMa2SmV9XX_28KFXUSOaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.8.0/23
193.227.121.0/24
Signature Algorithm: sha256WithRSAEncryption
65:bc:9f:92:8f:2c:ed:2d:2a:0f:15:de:9f:06:df:b2:f4:c1:
f2:0d:0e:13:c6:f0:43:1d:4d:62:90:1c:e3:c3:5c:25:cc:d8:
d3:71:91:71:c6:71:f8:34:84:ef:b1:84:27:62:22:d5:58:69:
2c:77:92:6f:9a:19:5d:1c:6a:d6:65:72:66:40:01:92:69:d7:
ec:08:f2:05:d8:fa:d1:2e:d4:38:dd:d7:09:37:77:d9:6e:20:
db:06:5e:d0:15:b3:ca:f0:15:5b:bd:5c:20:fa:38:46:e0:5d:
f5:b3:84:e9:7f:09:28:bf:ca:4f:06:b5:92:5d:37:84:40:d0:
24:45:66:57:cc:e0:e0:21:3b:21:16:19:5b:b6:0f:a6:e7:0a:
82:35:f7:6e:31:94:ba:5c:f5:93:ac:e4:94:5f:f5:9b:b6:dd:
c6:2e:ae:8f:9f:71:1b:2f:16:b6:f1:e7:65:93:f1:58:f8:12:
5c:ee:9c:23:1c:1b:01:73:8e:45:ce:12:e1:6d:d1:05:be:ca:
45:a6:27:7d:91:d9:a9:77:ea:29:36:50:60:62:fa:7a:ac:7c:
f8:bf:dc:46:d6:df:e5:a3:e4:ad:0a:61:e1:8e:b2:99:c7:62:
f0:9a:fe:08:82:3c:72:d3:17:18:59:0b:49:2a:4e:0b:3b:68:
d8:36:c1:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU92zq7645juoRxpSTB6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMTAxMDc1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA3YzI1MjY0NGM2YjY0YTY1N2Q1ZDdmZjZmMGExNTc1MTIzOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDHzVnyCzg4TWa6StDImwmWcUvxf
a71Gcdgw3T1uAV1Z9WRhTSY5pXQli/60XDL+KG0yXWMkOvW334lxacfS6swQezOn
gMKGhzGxY7Ex6GVt0YwvvOR9FgFk9usxGJpxLnwS0w+aoRcq/yRFwAj8JM7iiYVn
a1X8Up2x6T5iae5EEPQRNvWKxzzg2xB3ZdQMPDQ/yuyiWELTu1QzZeycbvQ/QQ5m
sc+xXJ+PDDHMjri3V3iUq5L4PegCrbdxZqLYD6pV+uAHO4hDP/fv5aM7Z4LwFLPO
UF05Kd3G/9RoecPKFGDa52u6qrREWIP5wWjozDM9zB/+1FmwiC34+ZFHwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJQHwlJkTGtkplfV1/9vChV1EjmmMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvbEFmQ1VtUk1hMlNtVjlYWF8yOEtGWFVTT2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZkIAwQA
weN5MA0GCSqGSIb3DQEBCwUAA4IBAQBlvJ+SjyztLSoPFd6fBt+y9MHyDQ4TxvBD
HU1ikBzjw1wlzNjTcZFxxnH4NITvsYQnYiLVWGksd5JvmhldHGrWZXJmQAGSadfs
CPIF2PrRLtQ43dcJN3fZbiDbBl7QFbPK8BVbvVwg+jhG4F31s4Tpfwkov8pPBrWS
XTeEQNAkRWZXzODgITshFhlbtg+m5wqCNfduMZS6XPWTrOSUX/Wbtt3GLq6Pn3Eb
Lxa28edlk/FY+BJc7pwjHBsBc45FzhLhbdEFvspFpid9kdmpd+opNlBgYvp6rHz4
v9xG1t/lo+StCmHhjrKZx2Lwmv4Igjxy0xcYWQtJKk4LO2jYNsFB
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:55 2024 by rpki-client on console-ams.rpki-client.org