Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/300165-25c6-401b-9cbf-1f49bc7fd3bd/1/LvsfvvhrN2HQRZAzNLNKBWleqE4.roa
File: LvsfvvhrN2HQRZAzNLNKBWleqE4.roa (raw, json)
Hash identifier: zH2QBJdEWM6p/jITTfOtzbcGxdPfNbusr6hLtLkbwFY=
Subject key identifier: 2E:FB:1F:BE:F8:6B:37:61:D0:45:90:33:34:B3:4A:05:69:5E:A8:4E
Certificate issuer: /CN=a8ef61bdc034fb5638bcf19e07ec21d90019d42c
Certificate serial: 01856CE5FC523EA12D1EFB3C4AD5CD14A21E
Authority key identifier: A8:EF:61:BD:C0:34:FB:56:38:BC:F1:9E:07:EC:21:D9:00:19:D4:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qO9hvcA0-1Y4vPGeB-wh2QAZ1Cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/300165-25c6-401b-9cbf-1f49bc7fd3bd/1/LvsfvvhrN2HQRZAzNLNKBWleqE4.roa
Signing time: Sun 01 Jan 2023 10:34:49 +0000
ROA not before: Sun 01 Jan 2023 10:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39848
IP address blocks: 84.234.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:fc:52:3e:a1:2d:1e:fb:3c:4a:d5:cd:14:a2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8ef61bdc034fb5638bcf19e07ec21d90019d42c
Validity
Not Before: Jan 1 10:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2efb1fbef86b3761d045903334b34a05695ea84e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:10:3f:d2:ad:b9:3b:4a:fd:8b:e9:d6:db:92:
a8:fa:ef:96:f5:83:54:77:59:a0:7d:27:04:89:89:
ac:8e:80:7b:9b:5a:5e:73:2b:a8:99:6f:ab:a3:9e:
dd:ee:ce:a3:81:e6:62:7c:76:23:68:1b:5f:2d:07:
b5:ad:57:fe:2b:a6:8b:cf:07:41:04:58:35:77:59:
33:da:68:af:a7:58:d4:1b:1d:68:14:aa:0a:8d:68:
d5:97:29:ac:be:54:b7:5c:77:1b:ad:cb:4c:6e:5e:
b0:af:48:82:2d:e2:10:1b:fa:9a:cc:30:3f:be:3d:
c4:9f:a1:b8:6e:ff:23:9e:c2:22:ca:02:17:c9:38:
96:82:cb:50:d6:1d:54:64:47:a3:f4:63:40:2a:73:
28:fa:b7:de:92:89:dd:20:ff:8d:2e:de:0e:cb:39:
50:a0:17:59:0e:de:73:bb:ca:fd:f5:2a:bd:e2:3b:
d1:03:4d:df:e5:29:de:6e:78:fb:cf:cb:d4:6c:09:
4d:c3:1e:17:2c:2c:2e:dc:f9:67:82:7f:d6:98:93:
49:0a:81:6e:c3:87:96:26:50:32:0f:18:38:b3:42:
87:92:43:43:74:cc:e4:08:97:a8:f1:7a:6e:98:0e:
e7:89:f1:95:fe:45:ab:a9:a6:1f:5e:ca:b7:c8:80:
8d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FB:1F:BE:F8:6B:37:61:D0:45:90:33:34:B3:4A:05:69:5E:A8:4E
X509v3 Authority Key Identifier:
keyid:A8:EF:61:BD:C0:34:FB:56:38:BC:F1:9E:07:EC:21:D9:00:19:D4:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qO9hvcA0-1Y4vPGeB-wh2QAZ1Cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/300165-25c6-401b-9cbf-1f49bc7fd3bd/1/LvsfvvhrN2HQRZAzNLNKBWleqE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/300165-25c6-401b-9cbf-1f49bc7fd3bd/1/qO9hvcA0-1Y4vPGeB-wh2QAZ1Cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.108.0/22
Signature Algorithm: sha256WithRSAEncryption
70:a1:4a:84:94:c4:31:df:e0:64:fa:88:60:70:0e:35:38:da:
72:8f:f2:1e:1a:e6:32:45:58:39:46:28:86:d5:6b:9f:d4:dc:
df:11:6f:61:ca:ae:15:75:5e:79:94:b3:2e:0d:b5:c6:dd:4c:
c2:f4:84:26:8f:cc:af:8c:39:c7:2e:78:f9:93:2a:af:06:6d:
d3:63:3e:cb:49:1d:18:ca:eb:e1:09:8a:97:df:28:a4:97:e3:
67:75:d1:47:64:1b:16:cd:73:3d:6d:d3:76:d9:e7:fc:a3:e7:
18:5d:41:09:c5:08:d2:41:4a:26:21:9f:fa:31:66:b4:80:d9:
61:ac:a0:08:dc:70:37:2d:5c:81:9f:4c:04:cd:b9:98:07:31:
db:02:61:72:9c:ad:d1:00:1d:7f:87:da:9c:0e:76:dc:e2:9a:
6e:e4:86:ce:99:78:4b:07:5e:8c:1d:13:ad:bc:5d:16:82:23:
c6:9c:74:4d:e2:d0:ba:da:28:8e:5d:6e:42:a1:5e:96:03:55:
19:3c:32:71:39:84:24:15:56:50:2d:8b:46:61:c7:39:0b:44:
9c:5a:94:82:24:18:7d:99:5a:6e:1a:67:f8:2c:f8:b1:4f:c3:
03:6c:34:82:0d:13:e4:e2:6a:aa:db:a5:ca:17:66:39:7b:91:
a4:7a:57:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5fxSPqEtHvs8StXNFKIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZWY2MWJkYzAzNGZiNTYzOGJjZjE5ZTA3ZWMyMWQ5MDAx
OWQ0MmMwHhcNMjMwMTAxMTAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWZiMWZiZWY4NmIzNzYxZDA0NTkwMzMzNGIzNGEwNTY5NWVhODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxA/0q25O0r9i+nW25Ko+u+W9YNU
d1mgfScEiYmsjoB7m1pecyuomW+ro57d7s6jgeZifHYjaBtfLQe1rVf+K6aLzwdB
BFg1d1kz2mivp1jUGx1oFKoKjWjVlymsvlS3XHcbrctMbl6wr0iCLeIQG/qazDA/
vj3En6G4bv8jnsIiygIXyTiWgstQ1h1UZEej9GNAKnMo+rfekondIP+NLt4OyzlQ
oBdZDt5zu8r99Sq94jvRA03f5Snebnj7z8vUbAlNwx4XLCwu3Plngn/WmJNJCoFu
w4eWJlAyDxg4s0KHkkNDdMzkCJeo8XpumA7nifGV/kWrqaYfXsq3yICNBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC77H774azdh0EWQMzSzSgVpXqhOMB8GA1UdIwQY
MBaAFKjvYb3ANPtWOLzxngfsIdkAGdQsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU85aHZjQTAtMVk0dlBHZUItd2gyUUFaMUN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMDAxNjUtMjVjNi00MDFiLTljYmYt
MWY0OWJjN2ZkM2JkLzEvTHZzZnZ2aHJOMkhRUlpBek5MTktCV2xlcUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8zMDAxNjUtMjVjNi00MDFiLTljYmYtMWY0OWJjN2ZkM2Jk
LzEvcU85aHZjQTAtMVk0dlBHZUItd2gyUUFaMUN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVOpsMA0G
CSqGSIb3DQEBCwUAA4IBAQBwoUqElMQx3+Bk+ohgcA41ONpyj/IeGuYyRVg5RiiG
1Wuf1NzfEW9hyq4VdV55lLMuDbXG3UzC9IQmj8yvjDnHLnj5kyqvBm3TYz7LSR0Y
yuvhCYqX3yikl+NnddFHZBsWzXM9bdN22ef8o+cYXUEJxQjSQUomIZ/6MWa0gNlh
rKAI3HA3LVyBn0wEzbmYBzHbAmFynK3RAB1/h9qcDnbc4ppu5IbOmXhLB16MHROt
vF0WgiPGnHRN4tC62iiOXW5CoV6WA1UZPDJxOYQkFVZQLYtGYcc5C0ScWpSCJBh9
mVpuGmf4LPixT8MDbDSCDRPk4mqq26XKF2Y5e5Gkelde
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:52 2024 by rpki-client on console-ams.rpki-client.org