Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/lp4vCXATOdDyrmkfazoworVGJW8.roa
File: lp4vCXATOdDyrmkfazoworVGJW8.roa (raw, json)
Hash identifier: /kNgkvAV4bDJdqovRZM6ViUn3jrlsBJF+MmPOortwsc=
Subject key identifier: 96:9E:2F:09:70:13:39:D0:F2:AE:69:1F:6B:3A:30:A2:B5:46:25:6F
Certificate issuer: /CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Certificate serial: 018A1C771209B232A59B6F112DF37173486D
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/lp4vCXATOdDyrmkfazoworVGJW8.roa
Signing time: Tue 22 Aug 2023 08:57:59 +0000
ROA not before: Tue 22 Aug 2023 08:57:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 185.156.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:77:12:09:b2:32:a5:9b:6f:11:2d:f3:71:73:48:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Validity
Not Before: Aug 22 08:57:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=969e2f09701339d0f2ae691f6b3a30a2b546256f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:96:84:7d:8d:52:20:c8:37:f2:3d:7e:77:
d7:2a:ae:4a:ab:1a:0a:39:f8:da:27:3c:7c:72:6f:
75:ad:b4:b2:22:a1:ee:27:54:0e:50:2a:7d:4b:8b:
e4:07:e2:44:db:2e:61:0b:3e:64:41:d3:39:30:9c:
f4:61:15:68:b8:b2:fd:64:a3:81:e5:b8:c2:7f:04:
02:66:77:a6:ca:20:fd:c5:88:07:3b:87:ed:0a:4a:
7d:2d:a9:82:43:d8:18:b6:3a:a8:d2:dd:ec:30:0c:
f7:18:5a:a9:e4:17:dd:ab:69:75:a9:35:df:dc:66:
ad:f4:9f:81:81:6e:be:d0:19:10:cc:1d:3d:d9:c8:
b8:4b:c5:e8:c8:e4:30:b6:e2:82:f7:46:a8:1f:3f:
a2:9e:8c:7f:85:99:fe:4e:70:20:47:7b:e6:e5:b7:
3b:49:11:ee:c3:f6:c8:9f:3e:f9:eb:5b:8f:29:ff:
24:7d:d0:a5:50:de:e9:d7:4e:a0:22:9f:13:0c:84:
bc:5a:51:4a:aa:54:c7:99:e2:ca:b3:bb:cf:fc:3c:
e7:2d:ca:38:a5:d7:f1:67:8f:e3:39:75:43:4f:6c:
25:cf:0a:ee:b0:a7:aa:63:76:db:6c:56:5a:ba:fc:
c0:f3:15:f9:16:b7:06:bd:bc:64:0d:60:65:b4:a3:
ba:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:9E:2F:09:70:13:39:D0:F2:AE:69:1F:6B:3A:30:A2:B5:46:25:6F
X509v3 Authority Key Identifier:
keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/lp4vCXATOdDyrmkfazoworVGJW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.16.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:1d:62:ff:c1:73:67:51:a8:14:2e:1b:fd:26:7b:15:24:3e:
69:13:4c:62:ab:b4:c3:cd:08:98:a2:2a:61:b1:b1:c9:e7:5e:
c5:6a:8d:48:c6:1b:7d:c1:9e:d5:3f:6d:96:5c:c9:5c:87:90:
bc:63:eb:c2:33:4f:1e:cc:38:9d:2b:ee:3d:51:eb:05:57:1e:
67:2d:83:26:fe:7f:7f:11:bd:d8:37:4b:f7:77:7d:66:2d:26:
5b:5f:2c:f2:2c:84:ac:b0:49:94:d1:b5:84:ed:95:e8:87:44:
d3:eb:57:7f:00:d8:4e:b8:d2:d3:09:30:7d:72:e7:cb:b1:f4:
4e:25:82:a9:fa:81:24:05:97:2f:15:d7:4a:b6:0d:3f:b4:0b:
cb:a3:13:c8:4e:ba:b9:10:1c:ed:48:3b:d4:e3:fa:22:a6:5c:
66:f7:55:97:9c:f1:75:08:41:bb:74:c3:78:65:6e:67:f0:61:
d3:e6:1c:4f:15:1e:4e:5c:d6:8e:0e:88:f3:18:3e:6c:b1:31:
4a:d0:e1:9f:98:d0:01:bd:dd:54:b7:d9:ff:fc:00:6f:61:4e:
a8:e2:ea:40:d5:bd:a8:0c:74:a1:fe:1d:2d:e0:30:c4:e9:dc:
f4:f3:f6:bc:d1:a8:bb:78:c6:e3:b2:20:e7:e9:a5:d9:1e:53:
f3:a9:d4:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYocdxIJsjKlm28RLfNxc0htMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZmU2YjlkMGNjMWU3ZjZlMTZiMmE0NmI0MmNhNWUwMWM3
MDAzNDYwHhcNMjMwODIyMDg1NzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjllMmYwOTcwMTMzOWQwZjJhZTY5MWY2YjNhMzBhMmI1NDYyNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzuWhH2NUiDIN/I9fnfXKq5KqxoK
OfjaJzx8cm91rbSyIqHuJ1QOUCp9S4vkB+JE2y5hCz5kQdM5MJz0YRVouLL9ZKOB
5bjCfwQCZnemyiD9xYgHO4ftCkp9LamCQ9gYtjqo0t3sMAz3GFqp5Bfdq2l1qTXf
3Gat9J+BgW6+0BkQzB092ci4S8XoyOQwtuKC90aoHz+inox/hZn+TnAgR3vm5bc7
SRHuw/bInz7561uPKf8kfdClUN7p106gIp8TDIS8WlFKqlTHmeLKs7vP/DznLco4
pdfxZ4/jOXVDT2wlzwrusKeqY3bbbFZauvzA8xX5FrcGvbxkDWBltKO6SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJaeLwlwEznQ8q5pH2s6MKK1RiVvMB8GA1UdIwQY
MBaAFDT+a50Mwef24WsqRrQspeAccANGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUt
MTE4YWZlZDdhNWFlLzEvbHA0dkNYQVRPZER5cm1rZmF6b3dvclZHSlc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUtMTE4YWZlZDdhNWFl
LzEvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZwQMA0G
CSqGSIb3DQEBCwUAA4IBAQBNHWL/wXNnUagULhv9JnsVJD5pE0xiq7TDzQiYoiph
sbHJ517Fao1Ixht9wZ7VP22WXMlch5C8Y+vCM08ezDidK+49UesFVx5nLYMm/n9/
Eb3YN0v3d31mLSZbXyzyLISssEmU0bWE7ZXoh0TT61d/ANhOuNLTCTB9cufLsfRO
JYKp+oEkBZcvFddKtg0/tAvLoxPITrq5EBztSDvU4/oiplxm91WXnPF1CEG7dMN4
ZW5n8GHT5hxPFR5OXNaODojzGD5ssTFK0OGfmNABvd1Ut9n//ABvYU6o4upA1b2o
DHSh/h0t4DDE6dz08/a80ai7eMbjsiDn6aXZHlPzqdR0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:10 2024 by rpki-client on console-fra.rpki-client.org