Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/LksNFOMQNvKhP_Qh0v8PjZ1PcjE.roa
File: LksNFOMQNvKhP_Qh0v8PjZ1PcjE.roa (raw, json)
Hash identifier: wVKOaAsz17N64weomWKXKRGX0Uaxc1hoSfI9y+3X44k=
Subject key identifier: 2E:4B:0D:14:E3:10:36:F2:A1:3F:F4:21:D2:FF:0F:8D:9D:4F:72:31
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 018573562921311747B54EB3919BED00E4BE
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/LksNFOMQNvKhP_Qh0v8PjZ1PcjE.roa
Signing time: Mon 02 Jan 2023 16:35:04 +0000
ROA not before: Mon 02 Jan 2023 16:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200006
IP address blocks: 195.214.152.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:29:21:31:17:47:b5:4e:b3:91:9b:ed:00:e4:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 2 16:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e4b0d14e31036f2a13ff421d2ff0f8d9d4f7231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:37:73:c5:ec:8f:96:68:52:43:2c:9b:a8:17:
59:c7:f8:93:90:a8:6d:ae:bf:4b:69:e6:cf:33:41:
1b:ac:9f:24:22:80:2f:0b:86:71:0f:e0:b5:48:c1:
09:cb:f4:74:ed:30:7f:a4:a1:86:94:2c:ea:16:3f:
4c:5e:df:c3:10:f6:f9:4e:fa:25:0f:b0:9f:f9:dd:
4d:4b:66:0c:e5:f3:80:c1:85:4e:a3:f8:69:fd:44:
f6:22:db:43:dd:99:cf:e7:d4:6b:8c:83:36:f4:96:
d2:ba:42:1b:09:c3:32:0e:05:2d:9b:56:5b:fd:ef:
d8:e5:f2:f2:b0:44:b6:8b:72:9c:b0:d3:ad:bf:d7:
18:d1:aa:cd:0d:53:76:37:05:08:a3:01:77:ac:d4:
de:a3:33:f9:39:51:26:fc:db:9d:ef:83:ce:75:bc:
27:07:e1:76:a2:60:18:64:59:2f:4a:58:ed:5f:05:
2d:82:11:0f:ab:03:77:2c:69:e0:45:71:73:51:e6:
ce:8e:03:f0:a4:c7:78:14:8f:df:7a:6d:96:08:6b:
d4:1f:d7:5b:1f:e4:80:b5:0b:24:f6:7d:00:ce:a9:
e5:bb:80:c2:27:6a:1b:06:e5:d7:30:ef:b4:51:51:
bc:56:aa:bd:fb:9b:c7:3e:49:73:5b:2c:b0:50:80:
bc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:4B:0D:14:E3:10:36:F2:A1:3F:F4:21:D2:FF:0F:8D:9D:4F:72:31
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/LksNFOMQNvKhP_Qh0v8PjZ1PcjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.152.0/24
Signature Algorithm: sha256WithRSAEncryption
60:e6:ae:5c:6e:5c:b7:ff:57:53:fa:c3:32:d9:bc:62:da:90:
0d:62:00:d4:c4:e6:0d:d2:7c:66:e5:0a:3f:64:a3:60:fc:16:
79:2f:9c:19:d0:42:eb:9b:b3:c5:e4:e2:22:b3:db:7c:f5:34:
15:55:fb:0d:6a:b9:4a:88:92:43:a2:e0:f3:25:1b:46:c8:b9:
6d:51:66:b0:a4:4f:6f:47:6a:ee:c6:e5:0e:e2:5b:fa:d3:e9:
0b:f6:e2:bc:cd:9d:73:3a:1b:ef:5c:78:b7:19:2f:ae:ac:03:
db:91:a6:0d:9b:c5:83:5b:bd:36:10:9b:9a:aa:5f:2c:1c:13:
13:13:2c:32:9d:ed:dc:2b:22:01:ed:5f:7e:d6:46:ba:ae:96:
e9:82:e5:48:28:20:67:06:f9:88:9c:1a:48:7c:09:f2:5c:9e:
87:78:d1:7b:9f:f9:ba:12:91:ff:ac:9f:13:0a:52:5a:30:68:
3e:17:10:c3:fb:6f:1b:95:0c:0c:29:99:45:a3:98:1d:1e:e2:
25:12:59:0d:ac:be:33:2d:de:8d:ed:e5:8a:fb:ca:50:d0:fe:
10:7c:dd:ab:c3:4f:20:61:ff:4f:7b:ec:00:52:9b:60:40:39:
b9:aa:c6:26:d9:c9:80:2f:28:6e:a0:b8:dc:d5:a3:ce:20:84:
59:5b:c3:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVikhMRdHtU6zkZvtAOS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjMwMTAyMTYzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTRiMGQxNGUzMTAzNmYyYTEzZmY0MjFkMmZmMGY4ZDlkNGY3MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjdzxeyPlmhSQyybqBdZx/iTkKht
rr9LaebPM0EbrJ8kIoAvC4ZxD+C1SMEJy/R07TB/pKGGlCzqFj9MXt/DEPb5Tvol
D7Cf+d1NS2YM5fOAwYVOo/hp/UT2IttD3ZnP59RrjIM29JbSukIbCcMyDgUtm1Zb
/e/Y5fLysES2i3KcsNOtv9cY0arNDVN2NwUIowF3rNTeozP5OVEm/Nud74POdbwn
B+F2omAYZFkvSljtXwUtghEPqwN3LGngRXFzUebOjgPwpMd4FI/fem2WCGvUH9db
H+SAtQsk9n0Azqnlu4DCJ2obBuXXMO+0UVG8Vqq9+5vHPklzWyywUIC8iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5LDRTjEDbyoT/0IdL/D42dT3IxMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvTGtzTkZPTVFOdktoUF9RaDB2OFBqWjFQY2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9aYMA0G
CSqGSIb3DQEBCwUAA4IBAQBg5q5cbly3/1dT+sMy2bxi2pANYgDUxOYN0nxm5Qo/
ZKNg/BZ5L5wZ0ELrm7PF5OIis9t89TQVVfsNarlKiJJDouDzJRtGyLltUWawpE9v
R2ruxuUO4lv60+kL9uK8zZ1zOhvvXHi3GS+urAPbkaYNm8WDW702EJuaql8sHBMT
Eywyne3cKyIB7V9+1ka6rpbpguVIKCBnBvmInBpIfAnyXJ6HeNF7n/m6EpH/rJ8T
ClJaMGg+FxDD+28blQwMKZlFo5gdHuIlElkNrL4zLd6N7eWK+8pQ0P4QfN2rw08g
Yf9Pe+wAUptgQDm5qsYm2cmALyhuoLjc1aPOIIRZW8MY
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:35 2024 by rpki-client on console-fra.rpki-client.org