Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/LB2HKq6ShZqgTjgZnFIETcwuW0U.roa
File: LB2HKq6ShZqgTjgZnFIETcwuW0U.roa (raw, json)
Hash identifier: KQOWOc0bie/ZIz6VTs2todGhsnWfriYHeZ8nk6r0Igo=
Subject key identifier: 2C:1D:87:2A:AE:92:85:9A:A0:4E:38:19:9C:52:04:4D:CC:2E:5B:45
Certificate issuer: /CN=de9461c211bf3551c5507c930b4204c6ec43b322
Certificate serial: 018C9C945E30A35FD75A82EA13FCCFCB0CD8
Authority key identifier: DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/LB2HKq6ShZqgTjgZnFIETcwuW0U.roa
Signing time: Sun 24 Dec 2023 16:06:58 +0000
ROA not before: Sun 24 Dec 2023 16:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211392
IP address blocks: 193.106.189.0/24 maxlen: 24
91.192.106.0/24 maxlen: 24
91.192.106.0/23 maxlen: 23
91.192.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:94:5e:30:a3:5f:d7:5a:82:ea:13:fc:cf:cb:0c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9461c211bf3551c5507c930b4204c6ec43b322
Validity
Not Before: Dec 24 16:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c1d872aae92859aa04e38199c52044dcc2e5b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:0c:a1:74:6d:d0:7f:b8:83:3b:40:c5:43:
87:2d:2a:8a:fa:e4:5d:cd:e5:29:3e:9e:e1:ca:68:
da:26:ce:a8:26:ca:c4:fa:f7:05:fd:58:57:30:ff:
88:65:a2:51:0d:66:48:46:42:8b:ca:b0:ca:99:f7:
8b:f0:80:95:6e:5d:1c:6a:85:7b:c9:e3:11:6a:24:
44:b3:42:49:68:d8:12:27:33:f1:03:40:cf:cc:a1:
6b:64:cf:eb:73:4c:29:e6:74:03:7d:44:2a:ba:91:
ac:b9:49:2b:53:d4:ad:bd:3b:7e:4a:00:39:b3:ab:
f4:e5:51:53:14:34:02:ef:a5:2d:fc:43:ac:4f:f8:
eb:c1:9b:26:41:43:76:1f:cd:35:aa:dd:39:b2:86:
81:97:73:73:0a:1a:6e:3f:7f:8f:db:1f:4d:7b:99:
c6:06:e5:80:9b:cf:2c:dd:ed:02:8c:b8:3a:d3:f8:
21:c9:a2:57:3d:ce:97:ac:6f:86:b5:5a:8d:9b:71:
46:ea:72:a0:6f:6e:b0:58:4f:c1:8f:bc:5a:6b:8d:
08:75:42:be:5b:bc:8e:8d:46:65:a5:46:54:a8:17:
1b:cf:bd:91:bb:31:74:d0:76:8f:a4:70:7e:31:19:
c2:34:15:47:e4:63:c8:89:ea:5a:13:e2:69:3d:49:
47:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1D:87:2A:AE:92:85:9A:A0:4E:38:19:9C:52:04:4D:CC:2E:5B:45
X509v3 Authority Key Identifier:
keyid:DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/LB2HKq6ShZqgTjgZnFIETcwuW0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/3pRhwhG_NVHFUHyTC0IExuxDsyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.106.0/23
193.106.189.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ba:ec:05:71:1f:7c:8b:65:ad:6c:b0:7a:e8:b5:bc:a3:ea:
cb:e3:05:35:71:79:a5:dc:cb:3f:23:04:b0:78:f6:be:36:1d:
a0:db:6d:58:5a:27:84:29:fc:ec:2d:1d:02:e2:ab:0c:a8:2b:
4e:71:c7:cc:da:a6:7f:9a:4f:af:9f:bc:9d:45:1e:cf:44:79:
1c:66:b1:21:2b:61:5a:29:75:80:86:f8:19:b2:fb:83:5b:86:
89:fa:af:db:01:79:b6:37:c8:ac:5b:6d:4e:65:11:fd:01:4b:
4d:46:7c:dc:5b:24:f1:7e:4f:fe:1c:03:39:52:ef:d1:6e:3e:
03:08:86:6c:49:e6:87:7f:c1:90:87:3f:9f:80:e0:07:55:2d:
46:e8:87:fa:d3:86:df:95:fc:86:e9:47:5d:e2:5f:f6:85:c1:
7e:c4:7f:f5:9e:5e:62:33:63:2a:6d:eb:af:47:ca:90:95:cd:
88:dd:bd:24:fb:79:5d:66:18:08:6f:67:ff:9b:19:5c:74:ff:
ee:d4:e6:0e:23:60:07:29:f6:5f:40:fa:16:bc:c7:41:12:ca:
25:a2:e3:bf:76:6d:9c:9d:04:a3:f9:15:96:60:94:7f:8d:af:
e0:c1:e9:33:78:19:b7:c1:93:6b:78:5e:7c:83:f5:8d:d3:8e:
dc:0f:48:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyclF4wo1/XWoLqE/zPywzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTQ2MWMyMTFiZjM1NTFjNTUwN2M5MzBiNDIwNGM2ZWM0
M2IzMjIwHhcNMjMxMjI0MTYwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzFkODcyYWFlOTI4NTlhYTA0ZTM4MTk5YzUyMDQ0ZGNjMmU1YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5oMoXRt0H+4gztAxUOHLSqK+uRd
zeUpPp7hymjaJs6oJsrE+vcF/VhXMP+IZaJRDWZIRkKLyrDKmfeL8ICVbl0caoV7
yeMRaiREs0JJaNgSJzPxA0DPzKFrZM/rc0wp5nQDfUQqupGsuUkrU9StvTt+SgA5
s6v05VFTFDQC76Ut/EOsT/jrwZsmQUN2H801qt05soaBl3NzChpuP3+P2x9Ne5nG
BuWAm88s3e0CjLg60/ghyaJXPc6XrG+GtVqNm3FG6nKgb26wWE/Bj7xaa40IdUK+
W7yOjUZlpUZUqBcbz72RuzF00HaPpHB+MRnCNBVH5GPIiepaE+JpPUlHaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCwdhyqukoWaoE44GZxSBE3MLltFMB8GA1UdIwQY
MBaAFN6UYcIRvzVRxVB8kwtCBMbsQ7MiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2Zjct
ODIwMmE0NjdkNzUzLzEvTEIySEtxNlNoWnFnVGpnWm5GSUVUY3d1VzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2ZjctODIwMmE0NjdkNzUz
LzEvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8BqAwQA
wWq9MA0GCSqGSIb3DQEBCwUAA4IBAQADuuwFcR98i2WtbLB66LW8o+rL4wU1cXml
3Ms/IwSwePa+Nh2g221YWieEKfzsLR0C4qsMqCtOccfM2qZ/mk+vn7ydRR7PRHkc
ZrEhK2FaKXWAhvgZsvuDW4aJ+q/bAXm2N8isW21OZRH9AUtNRnzcWyTxfk/+HAM5
Uu/Rbj4DCIZsSeaHf8GQhz+fgOAHVS1G6If604bflfyG6Udd4l/2hcF+xH/1nl5i
M2MqbeuvR8qQlc2I3b0k+3ldZhgIb2f/mxlcdP/u1OYOI2AHKfZfQPoWvMdBEsol
ouO/dm2cnQSj+RWWYJR/ja/gwekzeBm3wZNreF58g/WN047cD0gx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:49 2024 by rpki-client on console-fra.rpki-client.org