Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/LFas-dQKgL7J7eQ7vzxmgULpEVk.roa
File: LFas-dQKgL7J7eQ7vzxmgULpEVk.roa (raw, json)
Hash identifier: Ll0Lv0WzQN4KuCuPGv6iKu7l9+2gAXjNYE4e6S+9P6w=
Subject key identifier: 2C:56:AC:F9:D4:0A:80:BE:C9:ED:E4:3B:BF:3C:66:81:42:E9:11:59
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01856FD5268F15E09714904939A8CE7D1891
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/LFas-dQKgL7J7eQ7vzxmgULpEVk.roa
Signing time: Mon 02 Jan 2023 00:15:18 +0000
ROA not before: Mon 02 Jan 2023 00:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43345
IP address blocks: 62.221.250.0/24 maxlen: 24
185.94.228.0/24 maxlen: 24
2a0b:7280:0:4::/63 maxlen: 63
2a05:1500:500::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Mar 2023 09:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:26:8f:15:e0:97:14:90:49:39:a8:ce:7d:18:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 2 00:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c56acf9d40a80bec9ede43bbf3c668142e91159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cf:6a:79:80:13:cf:72:95:47:d9:17:59:f9:
7e:2f:44:cb:c2:70:22:cd:ee:54:2b:bf:23:43:90:
27:b8:f6:76:14:b6:b7:f8:98:6f:34:0f:3e:f3:85:
24:27:34:51:98:a3:19:1b:2d:4a:5f:a7:34:3d:f9:
2d:86:2d:d1:78:6b:08:12:2a:69:1f:7e:8f:7b:48:
41:41:c5:c9:cd:cb:52:61:d3:57:08:ff:18:97:38:
21:1f:b8:f3:9e:b5:51:51:11:8b:c5:f1:26:80:7f:
e9:c8:12:9e:4f:09:74:7b:9e:30:0a:6a:d1:d2:08:
c3:8e:30:13:92:d8:37:62:01:af:e8:43:f1:91:16:
06:c7:e6:b3:d4:af:13:a9:9f:f3:78:f8:ee:86:72:
1b:a4:c6:24:99:7f:d1:49:0a:f7:6a:51:b6:22:a0:
7d:f8:a0:1d:42:3f:74:b0:62:46:6c:31:e0:15:88:
4a:bb:b1:5c:a5:7c:79:13:60:a4:88:48:26:61:25:
65:fd:75:32:48:9a:9a:a3:b0:7c:91:ba:ca:f4:6b:
69:4b:94:99:19:2c:5e:37:05:1d:13:9b:c6:54:fd:
79:8c:29:97:18:b2:11:54:42:2d:92:1b:2d:9a:9f:
88:e7:18:2b:c7:07:59:3a:ae:52:b0:7a:22:2a:5a:
db:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:56:AC:F9:D4:0A:80:BE:C9:ED:E4:3B:BF:3C:66:81:42:E9:11:59
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/LFas-dQKgL7J7eQ7vzxmgULpEVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.250.0/24
185.94.228.0/24
IPv6:
2a05:1500:500::/40
2a0b:7280:0:4::/63
Signature Algorithm: sha256WithRSAEncryption
60:7c:fa:4c:f9:dd:95:f8:a5:0a:ce:73:7b:f8:0d:d4:4f:7e:
d6:4a:22:74:32:9d:8e:ea:2a:70:db:49:cb:2e:d9:c5:0f:c1:
c9:0d:a3:ac:3e:5c:7a:53:60:6c:ff:b5:9f:21:45:eb:63:2a:
56:cf:f6:7e:e2:dc:f4:84:c7:2b:a0:d5:60:f1:91:48:c6:7f:
96:85:16:3b:80:7b:80:5a:01:77:f3:3c:ca:8e:2c:99:1c:0b:
c5:2b:d3:e5:d3:9c:d2:0e:b7:78:19:46:cd:30:0a:9e:45:9d:
1f:cb:f4:c1:e5:91:a9:ab:13:de:48:f5:aa:ea:49:69:a9:18:
c8:a9:38:84:28:45:e2:3b:2d:c7:11:f6:7c:eb:d0:b8:24:c0:
16:01:1d:5d:95:28:b8:c2:e5:81:44:1a:fa:2d:ec:7f:32:6d:
a5:53:2e:5e:0d:99:a5:6e:f8:9f:05:81:fa:3a:13:29:ae:38:
77:13:45:ec:82:48:c9:8a:d7:54:43:bc:4a:a7:82:1c:92:7d:
81:7d:a4:df:b9:b5:66:67:b8:87:aa:a9:fe:47:1a:54:57:b0:
a3:66:6d:c5:64:e9:d2:af:89:e4:17:ad:f3:5d:49:22:b0:76:
88:e0:0f:9f:85:ef:2d:c7:cb:9c:8b:7b:21:54:46:93:21:df:
5c:ee:e3:cf
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVv1SaPFeCXFJBJOajOfRiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzU2YWNmOWQ0MGE4MGJlYzllZGU0M2JiZjNjNjY4MTQyZTkxMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM9qeYATz3KVR9kXWfl+L0TLwnAi
ze5UK78jQ5AnuPZ2FLa3+JhvNA8+84UkJzRRmKMZGy1KX6c0Pfkthi3ReGsIEipp
H36Pe0hBQcXJzctSYdNXCP8YlzghH7jznrVRURGLxfEmgH/pyBKeTwl0e54wCmrR
0gjDjjATktg3YgGv6EPxkRYGx+az1K8TqZ/zePjuhnIbpMYkmX/RSQr3alG2IqB9
+KAdQj90sGJGbDHgFYhKu7FcpXx5E2CkiEgmYSVl/XUySJqao7B8kbrK9GtpS5SZ
GSxeNwUdE5vGVP15jCmXGLIRVEItkhstmp+I5xgrxwdZOq5SsHoiKlrbKQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCxWrPnUCoC+ye3kO788ZoFC6RFZMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvTEZhcy1kUUtnTDdKN2VRN3Z6eG1nVUxwRVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzASBAIAATAMAwQAPt36AwQA
uV7kMBkEAgACMBMDBgAqBRUABQMJASoLcoAAAAAEMA0GCSqGSIb3DQEBCwUAA4IB
AQBgfPpM+d2V+KUKznN7+A3UT37WSiJ0Mp2O6ipw20nLLtnFD8HJDaOsPlx6U2Bs
/7WfIUXrYypWz/Z+4tz0hMcroNVg8ZFIxn+WhRY7gHuAWgF38zzKjiyZHAvFK9Pl
05zSDrd4GUbNMAqeRZ0fy/TB5ZGpqxPeSPWq6klpqRjIqTiEKEXiOy3HEfZ869C4
JMAWAR1dlSi4wuWBRBr6Lex/Mm2lUy5eDZmlbvifBYH6OhMprjh3E0XsgkjJitdU
Q7xKp4Ickn2BfaTfubVmZ7iHqqn+RxpUV7CjZm3FZOnSr4nkF63zXUkisHaI4A+f
he8tx8uci3shVEaTId9c7uPP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org