Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lXK0ilpRbsga6xGgZMut12y0L54.roa
File: lXK0ilpRbsga6xGgZMut12y0L54.roa (raw, json)
Hash identifier: ObFyd+7cYU1+tG3yhPorG4CB+2B4hgOWjDjAqsVASjU=
Subject key identifier: 95:72:B4:8A:5A:51:6E:C8:1A:EB:11:A0:64:CB:AD:D7:6C:B4:2F:9E
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018723C921C06A7762DF2815AA93834301C1
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lXK0ilpRbsga6xGgZMut12y0L54.roa
Signing time: Mon 27 Mar 2023 15:56:36 +0000
ROA not before: Mon 27 Mar 2023 15:56:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208757
IP address blocks: 193.36.222.0/23 maxlen: 23
91.239.220.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:c9:21:c0:6a:77:62:df:28:15:aa:93:83:43:01:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 27 15:56:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9572b48a5a516ec81aeb11a064cbadd76cb42f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:47:94:88:e2:6f:64:03:20:1b:f2:a5:53:11:
88:d0:9b:5e:b8:16:69:c9:4c:5d:59:e9:73:13:c4:
95:56:82:24:d6:76:fa:ce:af:fa:30:fa:5f:77:7a:
a3:71:92:54:10:24:a9:ff:11:30:1c:14:c7:4a:1a:
9f:c4:da:fb:d6:83:7d:a7:bf:5c:9e:ed:8d:59:b2:
ef:27:e6:68:1a:da:3c:fa:f6:3b:ab:bc:dd:7c:bb:
74:3e:77:07:94:4a:a1:23:b5:cf:97:5a:54:a9:d0:
c8:a6:d6:a3:a7:af:74:4b:91:6b:16:44:0e:db:55:
97:9d:a9:cc:a5:f7:fb:8f:dc:13:ec:1d:e4:cc:0e:
cc:df:b3:0f:ce:ea:16:5e:df:af:f9:74:16:3f:5a:
70:4c:59:fd:03:24:c7:4a:9e:41:9a:f8:7a:fd:2e:
49:a7:56:a5:24:72:48:35:7c:e9:5c:43:55:4e:08:
cd:e6:a0:c7:7a:85:dd:7c:c0:b7:21:c2:3a:74:ac:
af:a1:74:e6:cd:52:0a:9f:bd:2a:cc:38:7c:e2:b4:
52:33:69:2e:28:76:d1:5b:af:95:b2:f4:e9:ee:0d:
fc:bc:60:d8:c3:40:72:4a:3a:11:3e:57:3e:6e:c6:
d9:a3:df:62:e0:e3:b9:1c:d1:fe:a8:0f:e3:90:58:
42:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:72:B4:8A:5A:51:6E:C8:1A:EB:11:A0:64:CB:AD:D7:6C:B4:2F:9E
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lXK0ilpRbsga6xGgZMut12y0L54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.220.0/23
193.36.222.0/23
Signature Algorithm: sha256WithRSAEncryption
56:cf:7f:02:8e:fc:d3:63:ee:60:ac:91:d9:b0:5f:2c:55:e3:
82:89:8d:40:8c:36:d4:5e:e7:8c:cf:a2:62:b1:65:5d:93:e5:
fc:0a:5c:bd:15:ea:e8:5b:1d:09:20:0c:d6:fb:58:2d:a7:ce:
2f:4d:f4:63:32:0a:0e:e4:57:32:81:93:aa:8b:75:07:4e:00:
b5:24:09:d3:7a:bd:52:8a:29:23:f5:03:2b:1a:ae:39:a9:ee:
8d:e3:6f:8a:c5:c8:ba:98:16:7b:a2:11:fb:9b:f2:78:7c:e9:
f8:57:c0:0a:d3:15:ed:6e:9b:0f:ba:58:9d:f6:50:6f:86:aa:
c3:5d:16:ae:52:0d:d7:dd:7e:49:d5:49:5e:80:28:c7:ba:54:
ff:7d:02:22:6d:c7:89:64:4e:99:cf:f2:64:38:68:5a:11:bd:
d5:78:c7:f9:9b:3c:2c:5e:02:f5:96:cb:bc:b3:15:2e:7f:0b:
83:1c:e9:a6:98:2c:8b:7e:e3:94:d8:27:59:00:ac:2a:69:9e:
6a:81:e1:82:bb:dc:20:4e:c7:2b:d4:8b:09:35:be:84:0b:11:
ca:a2:08:cd:eb:02:20:26:8f:11:87:86:66:b2:8d:ba:22:c5:
0f:4c:37:f9:cd:a2:3c:94:e1:32:c7:5a:74:52:57:2a:e5:00:
de:5e:c4:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcjySHAandi3ygVqpODQwHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMzI3MTU1NjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTcyYjQ4YTVhNTE2ZWM4MWFlYjExYTA2NGNiYWRkNzZjYjQyZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUeUiOJvZAMgG/KlUxGI0JteuBZp
yUxdWelzE8SVVoIk1nb6zq/6MPpfd3qjcZJUECSp/xEwHBTHShqfxNr71oN9p79c
nu2NWbLvJ+ZoGto8+vY7q7zdfLt0PncHlEqhI7XPl1pUqdDIptajp690S5FrFkQO
21WXnanMpff7j9wT7B3kzA7M37MPzuoWXt+v+XQWP1pwTFn9AyTHSp5Bmvh6/S5J
p1alJHJINXzpXENVTgjN5qDHeoXdfMC3IcI6dKyvoXTmzVIKn70qzDh84rRSM2ku
KHbRW6+VsvTp7g38vGDYw0BySjoRPlc+bsbZo99i4OO5HNH+qA/jkFhChwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJVytIpaUW7IGusRoGTLrddstC+eMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbFhLMGlscFJic2dhNnhHZ1pNdXQxMnkwTDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+/cAwQB
wSTeMA0GCSqGSIb3DQEBCwUAA4IBAQBWz38CjvzTY+5grJHZsF8sVeOCiY1AjDbU
XueMz6JisWVdk+X8Cly9FeroWx0JIAzW+1gtp84vTfRjMgoO5FcygZOqi3UHTgC1
JAnTer1Siikj9QMrGq45qe6N42+Kxci6mBZ7ohH7m/J4fOn4V8AK0xXtbpsPulid
9lBvhqrDXRauUg3X3X5J1UlegCjHulT/fQIibceJZE6Zz/JkOGhaEb3VeMf5mzws
XgL1lsu8sxUufwuDHOmmmCyLfuOU2CdZAKwqaZ5qgeGCu9wgTscr1IsJNb6ECxHK
ogjN6wIgJo8Rh4Zmso26IsUPTDf5zaI8lOEyx1p0Ulcq5QDeXsQX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org