Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/LmNaKZ_W8v9paH4w7C6YZ14Shww.roa
File: LmNaKZ_W8v9paH4w7C6YZ14Shww.roa (raw, json)
Hash identifier: JGvTEpXGzJgUef/0qJ3UnHkPcq5OClxmRtSsDA9ZEVo=
Subject key identifier: 2E:63:5A:29:9F:D6:F2:FF:69:68:7E:30:EC:2E:98:67:5E:12:87:0C
Certificate issuer: /CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Certificate serial: 018570799947739CF7B346B39B4175E64BCF
Authority key identifier: 4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/LmNaKZ_W8v9paH4w7C6YZ14Shww.roa
Signing time: Mon 02 Jan 2023 03:14:55 +0000
ROA not before: Mon 02 Jan 2023 03:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20612
IP address blocks: 194.242.34.0/24 maxlen: 24
185.222.12.0/22 maxlen: 24
2a0c:d000::/29 maxlen: 64
2001:67c:20ac::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Feb 2023 08:21:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:99:47:73:9c:f7:b3:46:b3:9b:41:75:e6:4b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Validity
Not Before: Jan 2 03:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e635a299fd6f2ff69687e30ec2e98675e12870c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:04:0b:85:0a:17:76:54:eb:19:f4:51:88:4c:
27:39:a7:00:f9:43:44:d5:cd:63:55:9d:f3:47:4a:
fc:e9:c0:ce:ce:4f:99:79:01:50:54:47:6a:a8:64:
68:8a:cf:73:d1:ab:02:c4:74:a6:3f:1d:09:78:77:
6d:7e:e7:d7:54:41:95:8e:8a:63:53:80:a1:59:61:
82:80:40:fa:fe:82:e4:5b:04:81:cb:62:df:af:e4:
4d:55:bb:64:ee:65:e7:fb:af:df:89:0f:b7:f2:89:
55:c1:d7:05:43:cb:63:97:4c:b6:4b:a5:8f:ba:95:
b9:c3:7a:24:65:4c:8a:2d:4b:63:9d:9c:ff:c5:86:
25:98:81:8b:02:20:8f:fd:19:57:97:f7:97:7c:f3:
43:4c:fa:b2:ad:58:18:f0:b7:81:ed:e1:85:4c:36:
38:46:ed:ab:7f:c3:cc:17:1c:4b:c7:f3:42:9f:92:
82:e4:11:2e:24:f9:0a:99:69:c3:72:f3:d5:be:4f:
4b:6a:de:64:93:34:e2:73:35:5a:04:c5:da:34:b0:
df:48:45:15:fc:2b:19:68:b1:f4:bb:74:04:e4:5b:
b0:1d:cc:7b:d3:a3:69:35:90:90:42:f1:7a:50:72:
3c:99:3a:a8:b5:ff:95:9d:75:c8:7d:58:ae:64:2e:
a4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:63:5A:29:9F:D6:F2:FF:69:68:7E:30:EC:2E:98:67:5E:12:87:0C
X509v3 Authority Key Identifier:
keyid:4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/LmNaKZ_W8v9paH4w7C6YZ14Shww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/T5CKbYaKuem9sQRy--wxyWbpQnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.12.0/22
194.242.34.0/24
IPv6:
2001:67c:20ac::/48
2a0c:d000::/29
Signature Algorithm: sha256WithRSAEncryption
8c:43:73:b1:be:68:0e:09:ff:44:2f:5c:a7:0e:bd:0a:d1:fb:
a5:9f:f6:b8:1e:0f:c3:9f:be:40:78:94:48:db:ec:0f:cc:0b:
aa:b7:5f:e7:ba:02:eb:75:6c:dc:0c:fb:c3:06:68:c0:17:4e:
c1:0b:b6:47:30:ab:eb:3c:b1:7a:f1:04:ec:dd:cd:f8:7f:ba:
07:66:a1:87:4e:6f:9e:9b:50:79:46:9f:21:e0:30:cd:fc:13:
e5:2a:35:56:e2:f6:9b:31:4c:3f:5a:9f:09:83:db:e7:78:b7:
6e:df:41:ff:28:11:32:d9:ea:85:bb:c8:f4:94:1b:75:6e:c0:
cf:52:43:dd:5d:00:ed:81:ef:8f:38:2b:30:9e:de:5a:1e:87:
7e:8f:ec:a2:58:96:2b:e8:38:d6:43:0e:cf:9d:a6:0b:13:a7:
2f:7c:fa:78:64:cb:43:b6:36:e5:d9:25:c2:8e:3e:fe:8c:25:
6d:7c:b7:8e:2e:bb:7f:ab:d3:26:f7:d1:b9:d8:12:96:7a:8e:
e1:04:04:53:c2:11:1a:66:0d:ab:a7:e9:44:24:1c:cf:e5:1e:
5b:03:44:6b:5d:6e:58:5b:4b:04:f2:9c:e9:73:59:69:f2:d4:
03:17:ef:c5:e1:d5:b8:7e:c5:43:51:a8:08:09:ba:72:ad:a7:
e7:ad:d3:74
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVweZlHc5z3s0azm0F15kvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTA4YTZkODY4YWI5ZTliZGIxMDQ3MmZiZWMzMWM5NjZl
OTQyNzQwHhcNMjMwMTAyMDMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYzNWEyOTlmZDZmMmZmNjk2ODdlMzBlYzJlOTg2NzVlMTI4NzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwQLhQoXdlTrGfRRiEwnOacA+UNE
1c1jVZ3zR0r86cDOzk+ZeQFQVEdqqGRois9z0asCxHSmPx0JeHdtfufXVEGVjopj
U4ChWWGCgED6/oLkWwSBy2Lfr+RNVbtk7mXn+6/fiQ+38olVwdcFQ8tjl0y2S6WP
upW5w3okZUyKLUtjnZz/xYYlmIGLAiCP/RlXl/eXfPNDTPqyrVgY8LeB7eGFTDY4
Ru2rf8PMFxxLx/NCn5KC5BEuJPkKmWnDcvPVvk9Lat5kkzTiczVaBMXaNLDfSEUV
/CsZaLH0u3QE5FuwHcx706NpNZCQQvF6UHI8mTqotf+VnXXIfViuZC6k2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC5jWimf1vL/aWh+MOwumGdeEocMMB8GA1UdIwQY
MBaAFE+Qim2GirnpvbEEcvvsMclm6UJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVDS2JZYUt1ZW05c1FSeS0td3h5V2JwUW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80ZDc3ZDktYjBhMy00OGFkLWFhMmEt
MWM2ZWU1YmJlYjY2LzEvTG1OYUtaX1c4djlwYUg0dzdDNllaMTRTaHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80ZDc3ZDktYjBhMy00OGFkLWFhMmEtMWM2ZWU1YmJlYjY2
LzEvVDVDS2JZYUt1ZW05c1FSeS0td3h5V2JwUW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCud4MAwQA
wvIiMBYEAgACMBADBwAgAQZ8IKwDBQMqDNAAMA0GCSqGSIb3DQEBCwUAA4IBAQCM
Q3OxvmgOCf9EL1ynDr0K0fuln/a4Hg/Dn75AeJRI2+wPzAuqt1/nugLrdWzcDPvD
BmjAF07BC7ZHMKvrPLF68QTs3c34f7oHZqGHTm+em1B5Rp8h4DDN/BPlKjVW4vab
MUw/Wp8Jg9vneLdu30H/KBEy2eqFu8j0lBt1bsDPUkPdXQDtge+POCswnt5aHod+
j+yiWJYr6DjWQw7PnaYLE6cvfPp4ZMtDtjbl2SXCjj7+jCVtfLeOLrt/q9Mm99G5
2BKWeo7hBARTwhEaZg2rp+lEJBzP5R5bA0RrXW5YW0sE8pzpc1lp8tQDF+/F4dW4
fsVDUagICbpyrafnrdN0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:24 2024 by rpki-client on console-ams.rpki-client.org