Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LnPNWf0dDTtBiAagadeUlwyH0Js.roa
File: LnPNWf0dDTtBiAagadeUlwyH0Js.roa (raw, json)
Hash identifier: 8ti2O7fWpTeyiByWJNEIZYVUABIdmCRDd6Z5A/GeQA8=
Subject key identifier: 2E:73:CD:59:FD:1D:0D:3B:41:88:06:A0:69:D7:94:97:0C:87:D0:9B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018AB3B4603EEEBB17D31944D788B46E6C15
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LnPNWf0dDTtBiAagadeUlwyH0Js.roa
Signing time: Wed 20 Sep 2023 17:47:37 +0000
ROA not before: Wed 20 Sep 2023 17:47:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399045
IP address blocks: 213.209.129.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:b4:60:3e:ee:bb:17:d3:19:44:d7:88:b4:6e:6c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 20 17:47:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e73cd59fd1d0d3b418806a069d794970c87d09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8d:30:2b:af:9f:c3:83:42:0b:83:c4:07:13:
86:a1:57:c9:4d:e8:24:5e:4a:bc:94:be:71:e7:e8:
e1:95:00:d1:65:a8:4e:27:01:88:f2:4e:d9:06:bb:
b4:30:fa:a9:08:b5:97:c9:55:ea:c5:03:6c:ec:02:
c3:a2:36:7a:60:54:aa:db:19:d3:4c:71:ab:dc:8e:
a1:b4:eb:d3:5d:89:58:a8:47:eb:61:e5:37:fd:a9:
97:ac:02:4c:3e:26:89:5f:f7:8e:f7:b9:fc:4d:42:
10:e7:4c:ca:66:1a:0f:d1:58:a1:7c:04:21:c2:52:
00:95:e1:c5:7c:c9:5d:1c:5e:9c:99:e5:7b:6e:e0:
9b:0a:3a:8b:c9:16:e0:40:2a:92:86:ce:88:3d:14:
35:35:fd:23:e4:cf:06:83:10:7c:09:71:44:74:14:
77:54:b0:22:68:6e:3f:5b:2c:87:35:71:52:4c:57:
08:5f:5a:6a:3a:9d:6f:c8:c9:21:e9:b3:59:29:e6:
35:fd:bd:fe:43:7a:5a:14:69:48:7a:d8:6e:69:89:
74:ef:23:cf:1c:2a:2e:8a:7b:4a:f6:2e:6a:ed:18:
01:5a:a8:cb:3e:e1:98:f9:3e:d5:68:32:c3:c1:bf:
ad:74:a5:4b:d0:47:29:cf:d2:84:33:e9:ae:61:8f:
f6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:73:CD:59:FD:1D:0D:3B:41:88:06:A0:69:D7:94:97:0C:87:D0:9B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LnPNWf0dDTtBiAagadeUlwyH0Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.129.0/24
Signature Algorithm: sha256WithRSAEncryption
47:7a:dd:52:9c:18:36:ac:37:87:66:17:37:8d:47:cf:14:66:
22:45:48:a6:db:92:16:3d:08:8e:f0:fb:90:41:dc:14:39:4e:
f4:ad:f0:1e:51:3d:95:bc:98:cc:68:8c:4a:77:5a:ce:30:bc:
8e:27:c8:ce:b4:fc:ce:fd:b6:77:7b:15:6b:dd:ec:bd:dd:48:
8b:3c:fa:35:91:d1:11:61:8b:8e:61:64:c0:82:28:10:3a:40:
9e:7a:32:eb:84:d1:75:9e:09:df:73:82:fb:41:5a:46:2f:23:
ce:52:1b:cf:e3:10:f7:f5:63:d2:d5:dd:d8:be:c2:08:9e:a3:
bf:8b:66:e2:a2:d6:de:00:73:7b:51:2d:88:0f:e8:1d:37:66:
6d:b3:59:cb:04:18:98:23:9f:ca:78:18:77:20:62:1f:9a:0a:
af:9f:23:51:af:7a:2f:bd:bf:d0:fc:71:20:2d:c8:ed:5f:bb:
77:0b:31:ec:bc:15:e3:d2:24:68:ca:b3:07:6b:3c:e5:dc:c9:
35:81:fd:e3:33:59:1e:85:f4:94:12:3e:27:28:5f:b4:9a:4d:
3c:c0:ba:96:e1:30:f1:69:ca:43:bd:21:8a:a1:fa:f2:1d:d9:
89:ca:be:83:11:39:26:41:86:f8:59:95:78:b2:1c:3c:3e:dc:
6a:a5:6a:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqztGA+7rsX0xlE14i0bmwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTIwMTc0NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTczY2Q1OWZkMWQwZDNiNDE4ODA2YTA2OWQ3OTQ5NzBjODdkMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn40wK6+fw4NCC4PEBxOGoVfJTegk
Xkq8lL5x5+jhlQDRZahOJwGI8k7ZBru0MPqpCLWXyVXqxQNs7ALDojZ6YFSq2xnT
THGr3I6htOvTXYlYqEfrYeU3/amXrAJMPiaJX/eO97n8TUIQ50zKZhoP0VihfAQh
wlIAleHFfMldHF6cmeV7buCbCjqLyRbgQCqShs6IPRQ1Nf0j5M8GgxB8CXFEdBR3
VLAiaG4/WyyHNXFSTFcIX1pqOp1vyMkh6bNZKeY1/b3+Q3paFGlIethuaYl07yPP
HCouintK9i5q7RgBWqjLPuGY+T7VaDLDwb+tdKVL0Ecpz9KEM+muYY/22QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5zzVn9HQ07QYgGoGnXlJcMh9CbMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvTG5QTldmMGREVHRCaUFhZ2FkZVVsd3lIMEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGBMA0G
CSqGSIb3DQEBCwUAA4IBAQBHet1SnBg2rDeHZhc3jUfPFGYiRUim25IWPQiO8PuQ
QdwUOU70rfAeUT2VvJjMaIxKd1rOMLyOJ8jOtPzO/bZ3exVr3ey93UiLPPo1kdER
YYuOYWTAgigQOkCeejLrhNF1ngnfc4L7QVpGLyPOUhvP4xD39WPS1d3YvsIInqO/
i2biotbeAHN7US2ID+gdN2Zts1nLBBiYI5/KeBh3IGIfmgqvnyNRr3ovvb/Q/HEg
LcjtX7t3CzHsvBXj0iRoyrMHazzl3Mk1gf3jM1kehfSUEj4nKF+0mk08wLqW4TDx
acpDvSGKofryHdmJyr6DETkmQYb4WZV4shw8PtxqpWq/
-----END CERTIFICATE-----
Generated at Mon Nov 27 15:49:46 2023 by rpki-client on console-ams.rpki-client.org