Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/lc199LlM6d_qEQ7sEjJ_lDxEiL0.roa
File: lc199LlM6d_qEQ7sEjJ_lDxEiL0.roa (raw, json)
Hash identifier: nkFi+XsD3hzBaWlNNJvPGwNPNXluPFYkbCqcAJmPX8o=
Subject key identifier: 95:CD:7D:F4:B9:4C:E9:DF:EA:11:0E:EC:12:32:7F:94:3C:44:88:BD
Certificate issuer: /CN=0297a58998f0974347081c17f25eedd65fad9661
Certificate serial: 01856E5D770F115C41085869F7F12BBC784B
Authority key identifier: 02:97:A5:89:98:F0:97:43:47:08:1C:17:F2:5E:ED:D6:5F:AD:96:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApeliZjwl0NHCBwX8l7t1l-tlmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/lc199LlM6d_qEQ7sEjJ_lDxEiL0.roa
Signing time: Sun 01 Jan 2023 17:24:57 +0000
ROA not before: Sun 01 Jan 2023 17:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198588
IP address blocks: 164.138.2.0/24 maxlen: 24
164.138.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:77:0f:11:5c:41:08:58:69:f7:f1:2b:bc:78:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0297a58998f0974347081c17f25eedd65fad9661
Validity
Not Before: Jan 1 17:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95cd7df4b94ce9dfea110eec12327f943c4488bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4e:15:c6:fc:42:4e:8c:ad:0a:0f:8f:a1:fc:
13:e9:86:5b:14:94:ac:38:9a:b4:6c:e6:38:c9:e1:
61:20:6e:02:56:df:7f:af:44:b3:39:48:8d:ed:1a:
91:75:98:b7:76:ce:82:20:7e:1b:61:5e:fa:38:dc:
89:ec:9c:35:b2:3a:03:25:c9:5c:1c:18:3e:0a:bd:
4d:71:cd:c2:52:11:d7:cf:9f:86:79:3a:0b:b3:55:
fb:f3:5d:ce:6c:71:9d:6f:90:bb:92:c2:7e:f5:3b:
9a:ca:9e:ef:6b:38:23:74:6b:fe:e1:4e:63:e0:ca:
85:7b:4c:df:61:f7:79:a1:f8:57:d3:18:02:f0:6f:
8b:40:dd:8d:ef:f6:6a:41:f9:59:31:f5:b1:21:c5:
0c:e1:3f:7c:08:48:ac:b5:f0:23:30:b3:ec:27:5b:
bb:dc:13:5e:28:de:9b:65:f2:20:21:79:59:6a:a9:
8d:c9:33:25:7d:ae:f3:6d:30:c5:33:41:2e:0c:5d:
c5:74:a8:48:15:39:6a:46:44:7e:3b:da:20:ca:97:
1e:a8:1b:0b:89:9f:78:80:0b:c1:d9:48:57:34:75:
f5:36:9a:ee:08:5b:4e:67:cb:f9:01:0e:79:1c:1f:
de:95:a7:e7:ee:41:2a:a3:98:a5:17:a5:b5:f6:55:
79:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CD:7D:F4:B9:4C:E9:DF:EA:11:0E:EC:12:32:7F:94:3C:44:88:BD
X509v3 Authority Key Identifier:
keyid:02:97:A5:89:98:F0:97:43:47:08:1C:17:F2:5E:ED:D6:5F:AD:96:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApeliZjwl0NHCBwX8l7t1l-tlmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/lc199LlM6d_qEQ7sEjJ_lDxEiL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/ApeliZjwl0NHCBwX8l7t1l-tlmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.0.0/24
164.138.2.0/24
Signature Algorithm: sha256WithRSAEncryption
89:46:54:36:87:79:de:1e:06:64:2e:b5:e9:21:f1:10:00:93:
7e:bc:6c:7a:ec:08:ea:8a:7f:c2:2a:47:09:c5:64:59:00:d9:
7b:7d:36:33:1b:48:84:2e:f7:51:04:99:29:2d:a9:47:01:77:
91:f8:f9:13:52:a0:ee:03:ea:58:53:2f:1d:1a:42:ce:be:7b:
4f:56:ef:7a:c2:51:ef:36:86:cb:f3:7f:cf:5a:0e:90:fb:1c:
39:e5:36:78:e2:4b:d6:fc:c9:dc:43:4a:04:1c:31:2b:0d:70:
87:9d:c0:58:71:e9:f2:cb:d3:88:12:e9:41:24:c5:44:e8:97:
f4:91:6e:bb:12:47:b8:31:b9:dd:0e:d2:ea:28:4a:06:40:ae:
5a:29:d5:b7:33:10:84:a0:dd:62:d2:22:4a:1a:85:c6:c5:67:
cf:c1:91:18:21:6d:57:f4:d8:e2:19:b1:77:91:3a:09:45:bb:
46:00:25:59:93:34:26:54:14:2e:a0:7b:07:b1:7a:9c:17:57:
8e:f3:ed:a1:9d:ce:79:e5:d9:bb:8b:0f:0b:06:62:2b:26:8f:
fb:8d:ad:f9:85:29:bb:54:41:e3:ed:44:fd:b7:47:0f:8c:40:
89:a0:e9:cd:41:0d:a4:d2:07:dc:36:04:5a:8f:72:67:63:87:
41:ba:8c:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuXXcPEVxBCFhp9/ErvHhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTdhNTg5OThmMDk3NDM0NzA4MWMxN2YyNWVlZGQ2NWZh
ZDk2NjEwHhcNMjMwMTAxMTcyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWNkN2RmNGI5NGNlOWRmZWExMTBlZWMxMjMyN2Y5NDNjNDQ4OGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv04VxvxCToytCg+PofwT6YZbFJSs
OJq0bOY4yeFhIG4CVt9/r0SzOUiN7RqRdZi3ds6CIH4bYV76ONyJ7Jw1sjoDJclc
HBg+Cr1Ncc3CUhHXz5+GeToLs1X7813ObHGdb5C7ksJ+9Tuayp7vazgjdGv+4U5j
4MqFe0zfYfd5ofhX0xgC8G+LQN2N7/ZqQflZMfWxIcUM4T98CEistfAjMLPsJ1u7
3BNeKN6bZfIgIXlZaqmNyTMlfa7zbTDFM0EuDF3FdKhIFTlqRkR+O9ogypceqBsL
iZ94gAvB2UhXNHX1NpruCFtOZ8v5AQ55HB/elafn7kEqo5ilF6W19lV54QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJXNffS5TOnf6hEO7BIyf5Q8RIi9MB8GA1UdIwQY
MBaAFAKXpYmY8JdDRwgcF/Je7dZfrZZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBlbGlaandsME5IQ0J3WDhsN3QxbC10bG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xMjkzZGItYzc1Mi00ZDAzLTg1N2Qt
NTc5NTMxZTVhMDBmLzEvbGMxOTlMbE02ZF9xRVE3c0VqSl9sRHhFaUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xMjkzZGItYzc1Mi00ZDAzLTg1N2QtNTc5NTMxZTVhMDBm
LzEvQXBlbGlaandsME5IQ0J3WDhsN3QxbC10bG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQApIoAAwQA
pIoCMA0GCSqGSIb3DQEBCwUAA4IBAQCJRlQ2h3neHgZkLrXpIfEQAJN+vGx67Ajq
in/CKkcJxWRZANl7fTYzG0iELvdRBJkpLalHAXeR+PkTUqDuA+pYUy8dGkLOvntP
Vu96wlHvNobL83/PWg6Q+xw55TZ44kvW/MncQ0oEHDErDXCHncBYcenyy9OIEulB
JMVE6Jf0kW67Eke4MbndDtLqKEoGQK5aKdW3MxCEoN1i0iJKGoXGxWfPwZEYIW1X
9NjiGbF3kToJRbtGACVZkzQmVBQuoHsHsXqcF1eO8+2hnc555dm7iw8LBmIrJo/7
ja35hSm7VEHj7UT9t0cPjECJoOnNQQ2k0gfcNgRaj3JnY4dBuoyo
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:16 2024 by rpki-client on console-fra.rpki-client.org