Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/lAmVR8tlrMmJIwy2AZSa46EHNWg.roa
File: lAmVR8tlrMmJIwy2AZSa46EHNWg.roa (raw, json)
Hash identifier: 3UN+GwYPl95lCnnKNfMTJR4vnsTbH9ML8idv/1atrt0=
Subject key identifier: 94:09:95:47:CB:65:AC:C9:89:23:0C:B6:01:94:9A:E3:A1:07:35:68
Certificate issuer: /CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92
Certificate serial: 018573683E653DDC16BB8AAF080C4F0932DC
Authority key identifier: 0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/lAmVR8tlrMmJIwy2AZSa46EHNWg.roa
Signing time: Mon 02 Jan 2023 16:54:49 +0000
ROA not before: Mon 02 Jan 2023 16:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198399
IP address blocks: 185.95.224.0/22 maxlen: 24
37.34.72.0/21 maxlen: 24
195.93.168.0/23 maxlen: 24
2a00:c5e0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:3e:65:3d:dc:16:bb:8a:af:08:0c:4f:09:32:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92
Validity
Not Before: Jan 2 16:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94099547cb65acc989230cb601949ae3a1073568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f8:ef:e4:6c:23:e9:ad:57:b5:30:d5:f2:e8:
12:46:61:13:65:65:00:54:56:15:55:f8:f0:9f:53:
01:65:c5:bf:c5:ab:26:fb:73:cc:9a:1c:05:4e:db:
5c:d5:56:70:a0:75:56:e8:a8:dc:91:7a:b9:d8:ce:
af:4e:dd:67:1f:88:cd:46:20:81:78:12:80:41:23:
e7:ab:7e:1f:3b:fb:16:f3:b2:f8:c0:b0:c4:7d:59:
94:82:13:79:b1:ef:97:2e:0a:55:0a:81:3b:b8:55:
cf:4a:65:6e:0a:79:f4:a4:bd:44:a4:d1:f0:00:65:
32:a9:c2:95:93:85:c7:64:ee:23:1b:a1:1a:62:9a:
dc:69:e5:2e:ec:6c:fb:70:49:b2:87:e2:21:27:2d:
63:7e:59:68:14:a5:56:fe:98:bb:d1:1c:e1:fc:19:
fc:aa:ec:c5:d6:6c:2f:b1:d9:3c:e3:8c:3f:61:1b:
b5:d9:fd:1b:9e:8e:33:c8:9f:83:7b:8a:10:65:43:
6f:27:07:90:fb:27:20:31:8a:b2:3a:e3:06:99:71:
aa:a5:ac:13:24:9f:c2:54:88:ed:ac:5d:e1:86:0d:
1b:79:de:c6:93:3b:42:b2:23:ee:f8:9a:2f:72:6f:
f8:12:3e:b2:70:e8:2d:8a:ab:4b:01:1f:ab:5a:28:
5f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:09:95:47:CB:65:AC:C9:89:23:0C:B6:01:94:9A:E3:A1:07:35:68
X509v3 Authority Key Identifier:
keyid:0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/lAmVR8tlrMmJIwy2AZSa46EHNWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.72.0/21
185.95.224.0/22
195.93.168.0/23
IPv6:
2a00:c5e0::/32
Signature Algorithm: sha256WithRSAEncryption
64:95:69:01:51:63:0a:e5:c4:6b:5f:43:ee:54:eb:a4:55:66:
39:31:3c:9b:7b:39:86:cc:2e:a2:84:7a:0a:d2:8b:07:df:65:
7d:75:f9:65:7a:d5:c8:ee:75:e1:90:f7:e8:71:56:29:6f:44:
8f:79:27:91:8b:f7:21:9e:35:fb:f9:cf:84:a3:40:0d:7f:a3:
68:d4:d1:53:33:ae:a6:bf:9e:33:22:8f:24:89:b1:42:f6:6b:
44:01:4c:73:ac:9c:5e:88:5d:1a:5c:51:e6:89:50:2a:c5:45:
55:e0:6b:68:07:7b:12:80:1b:f5:a1:a1:19:2c:36:8f:77:77:
4b:99:aa:e7:86:f7:45:2f:57:1d:b9:71:a9:62:0b:07:58:0c:
2d:c6:ff:b7:65:32:fe:bf:3d:16:7f:3a:ce:65:a1:a7:11:f5:
d8:a4:79:e0:45:24:d1:59:b7:1a:ed:d7:33:b8:13:94:f5:d8:
11:e8:19:4c:39:23:f5:d8:a0:6c:eb:33:07:84:3f:be:e5:f6:
85:aa:dc:c2:ff:e6:3b:ee:5b:41:0b:1e:f4:91:8c:17:0c:69:
34:1b:1a:61:aa:44:5d:cf:d2:22:6a:ad:9d:9b:d4:f0:d1:1f:
40:d6:48:ae:3f:71:2e:75:8e:c1:4c:8e:b1:28:39:ad:14:49:
8d:ed:77:08
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzaD5lPdwWu4qvCAxPCTLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDkxYmRjNjY2YjhhNTk0MzNjNjhkOTBlMGQ4Y2MzN2Fj
ZGNlOTIwHhcNMjMwMTAyMTY1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA5OTU0N2NiNjVhY2M5ODkyMzBjYjYwMTk0OWFlM2ExMDczNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fjv5Gwj6a1XtTDV8ugSRmETZWUA
VFYVVfjwn1MBZcW/xasm+3PMmhwFTttc1VZwoHVW6KjckXq52M6vTt1nH4jNRiCB
eBKAQSPnq34fO/sW87L4wLDEfVmUghN5se+XLgpVCoE7uFXPSmVuCnn0pL1EpNHw
AGUyqcKVk4XHZO4jG6EaYprcaeUu7Gz7cEmyh+IhJy1jflloFKVW/pi70Rzh/Bn8
quzF1mwvsdk844w/YRu12f0bno4zyJ+De4oQZUNvJweQ+ycgMYqyOuMGmXGqpawT
JJ/CVIjtrF3hhg0bed7GkztCsiPu+Jovcm/4Ej6ycOgtiqtLAR+rWihfpQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJQJlUfLZazJiSMMtgGUmuOhBzVoMB8GA1UdIwQY
MBaAFA8JG9xma4pZQzxo2Q4NjMN6zc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdrYjNHWnJpbGxEUEdqWkRnMk13M3JOenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iNjQwODMtNTUwZS00Y2FmLWJjMjkt
YTM0YThiODA2ODMyLzEvbEFtVlI4dGxyTW1KSXd5MkFaU2E0NkVITldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iNjQwODMtNTUwZS00Y2FmLWJjMjktYTM0YThiODA2ODMy
LzEvRHdrYjNHWnJpbGxEUEdqWkRnMk13M3JOenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJSJIAwQC
uV/gAwQBw12oMA0EAgACMAcDBQAqAMXgMA0GCSqGSIb3DQEBCwUAA4IBAQBklWkB
UWMK5cRrX0PuVOukVWY5MTybezmGzC6ihHoK0osH32V9dflletXI7nXhkPfocVYp
b0SPeSeRi/chnjX7+c+Eo0ANf6No1NFTM66mv54zIo8kibFC9mtEAUxzrJxeiF0a
XFHmiVAqxUVV4GtoB3sSgBv1oaEZLDaPd3dLmarnhvdFL1cduXGpYgsHWAwtxv+3
ZTL+vz0WfzrOZaGnEfXYpHngRSTRWbca7dczuBOU9dgR6BlMOSP12KBs6zMHhD++
5faFqtzC/+Y77ltBCx70kYwXDGk0GxphqkRdz9Iiaq2dm9Tw0R9A1kiuP3EudY7B
TI6xKDmtFEmN7XcI
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:43 2024 by rpki-client on console-fra.rpki-client.org