Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/LFt4cKlJV6j-jKgDc348tjB2C4k.roa
File: LFt4cKlJV6j-jKgDc348tjB2C4k.roa (raw, json)
Hash identifier: 8R++QQhooLTv8Fg1BsT+FVBzKOaW+58hU4oavAFSY2Q=
Subject key identifier: 2C:5B:78:70:A9:49:57:A8:FE:8C:A8:03:73:7E:3C:B6:30:76:0B:89
Certificate issuer: /CN=184d1c002f060ec956e64e5cfe4f1dc098587fd6
Certificate serial: 01856B93472D52E2A88592E021F4D2A0923D
Authority key identifier: 18:4D:1C:00:2F:06:0E:C9:56:E6:4E:5C:FE:4F:1D:C0:98:58:7F:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/LFt4cKlJV6j-jKgDc348tjB2C4k.roa
Signing time: Sun 01 Jan 2023 04:24:52 +0000
ROA not before: Sun 01 Jan 2023 04:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201978
IP address blocks: 217.28.139.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:47:2d:52:e2:a8:85:92:e0:21:f4:d2:a0:92:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=184d1c002f060ec956e64e5cfe4f1dc098587fd6
Validity
Not Before: Jan 1 04:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c5b7870a94957a8fe8ca803737e3cb630760b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:40:19:28:50:0b:62:94:89:40:2b:28:f0:b4:
4a:3b:17:b8:b3:36:4d:59:02:db:9f:48:de:44:90:
c3:6b:4d:61:96:0a:5d:b1:30:f2:27:7e:b1:9a:2f:
dc:c2:0c:39:92:49:26:60:66:a9:1e:71:4b:dd:24:
95:5d:ee:74:0b:ad:c0:8f:64:77:5f:cf:a0:5a:0e:
0a:07:02:ba:db:82:99:e0:95:d0:37:26:74:92:3b:
3e:bc:b6:7a:9c:96:39:b0:04:6c:d2:26:2d:cf:3b:
2f:f5:4c:6a:ca:fe:87:d5:46:d3:fc:0c:4e:ff:79:
f4:c2:8d:96:0a:d0:8f:4f:80:c4:d2:e4:ec:14:bc:
ce:b6:42:69:14:56:47:e1:90:19:79:30:06:bf:c4:
4c:a7:ac:50:61:b0:ba:6d:dd:0c:41:31:52:16:68:
de:49:c6:0a:0a:ee:93:63:93:0f:74:04:f3:e5:e9:
c2:a6:a7:b1:80:5e:c2:f8:7f:0b:a1:86:44:6b:29:
4c:a7:c2:2a:8d:2f:c2:cb:45:5f:f4:ba:5d:af:bd:
21:e6:32:c3:dc:dc:7f:40:aa:74:0d:30:2d:c3:77:
1b:e1:0f:ab:8b:fd:1f:55:0c:f8:08:4b:d7:f3:e7:
85:e5:94:cc:c6:0e:4b:5d:c3:b6:29:92:d9:0d:9a:
cd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5B:78:70:A9:49:57:A8:FE:8C:A8:03:73:7E:3C:B6:30:76:0B:89
X509v3 Authority Key Identifier:
keyid:18:4D:1C:00:2F:06:0E:C9:56:E6:4E:5C:FE:4F:1D:C0:98:58:7F:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/LFt4cKlJV6j-jKgDc348tjB2C4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/GE0cAC8GDslW5k5c_k8dwJhYf9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.139.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:ad:16:54:a3:65:d0:83:7c:f0:2e:9e:0c:23:fe:3f:c4:c7:
62:ec:16:b4:7f:87:fc:b0:7b:03:0a:8f:35:28:4d:00:fb:39:
53:de:a6:fb:35:15:0e:43:ae:fd:68:35:ea:33:74:1e:09:8f:
02:b6:73:1d:96:3d:55:76:fe:e9:1b:8c:c0:4a:d0:3e:65:98:
e8:3b:17:0f:3f:a6:8c:e6:a7:b3:c1:d4:59:bf:ed:a7:54:5f:
e5:6e:64:2d:03:15:1d:6b:be:36:5a:78:7d:b0:0a:3e:11:6b:
07:6b:7b:05:a3:0d:08:3d:46:c6:a1:a7:0a:9c:aa:8b:e8:80:
90:9e:69:52:36:4f:82:4e:89:06:64:47:8b:ef:83:44:7a:a5:
25:5c:68:1c:ce:6d:42:23:2f:97:8b:88:a4:45:90:7a:79:a6:
49:7a:c5:ac:1c:f8:c0:cd:7c:92:c8:49:ba:1a:d2:5a:6d:75:
47:93:28:2a:45:f1:75:57:28:02:de:01:23:b9:dc:1a:29:6a:
80:d8:96:d0:f2:b4:ee:4a:0c:84:9a:35:c5:39:d6:6f:39:f0:
4f:63:81:52:82:7e:19:36:d7:64:c1:0d:cf:29:ca:ce:1f:81:
f7:35:2f:40:90:32:ec:37:7d:b0:5d:cd:9e:18:20:a0:18:12:
4d:70:37:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrk0ctUuKohZLgIfTSoJI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NGQxYzAwMmYwNjBlYzk1NmU2NGU1Y2ZlNGYxZGMwOTg1
ODdmZDYwHhcNMjMwMTAxMDQyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzViNzg3MGE5NDk1N2E4ZmU4Y2E4MDM3MzdlM2NiNjMwNzYwYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kAZKFALYpSJQCso8LRKOxe4szZN
WQLbn0jeRJDDa01hlgpdsTDyJ36xmi/cwgw5kkkmYGapHnFL3SSVXe50C63Aj2R3
X8+gWg4KBwK624KZ4JXQNyZ0kjs+vLZ6nJY5sARs0iYtzzsv9Uxqyv6H1UbT/AxO
/3n0wo2WCtCPT4DE0uTsFLzOtkJpFFZH4ZAZeTAGv8RMp6xQYbC6bd0MQTFSFmje
ScYKCu6TY5MPdATz5enCpqexgF7C+H8LoYZEaylMp8IqjS/Cy0Vf9Lpdr70h5jLD
3Nx/QKp0DTAtw3cb4Q+ri/0fVQz4CEvX8+eF5ZTMxg5LXcO2KZLZDZrNywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxbeHCpSVeo/oyoA3N+PLYwdguJMB8GA1UdIwQY
MBaAFBhNHAAvBg7JVuZOXP5PHcCYWH/WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0UwY0FDOEdEc2xXNWs1Y19rOGR3SmhZZjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wNGRmOTItYTk3OS00MjFmLTgwNDYt
MTQxNWM5Nzc5ZTE3LzEvTEZ0NGNLbEpWNmotaktnRGMzNDh0akIyQzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wNGRmOTItYTk3OS00MjFmLTgwNDYtMTQxNWM5Nzc5ZTE3
LzEvR0UwY0FDOEdEc2xXNWs1Y19rOGR3SmhZZjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyLMA0G
CSqGSIb3DQEBCwUAA4IBAQBsrRZUo2XQg3zwLp4MI/4/xMdi7Ba0f4f8sHsDCo81
KE0A+zlT3qb7NRUOQ679aDXqM3QeCY8CtnMdlj1Vdv7pG4zAStA+ZZjoOxcPP6aM
5qezwdRZv+2nVF/lbmQtAxUda742Wnh9sAo+EWsHa3sFow0IPUbGoacKnKqL6ICQ
nmlSNk+CTokGZEeL74NEeqUlXGgczm1CIy+Xi4ikRZB6eaZJesWsHPjAzXySyEm6
GtJabXVHkygqRfF1VygC3gEjudwaKWqA2JbQ8rTuSgyEmjXFOdZvOfBPY4FSgn4Z
NtdkwQ3PKcrOH4H3NS9AkDLsN32wXc2eGCCgGBJNcDfy
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:20 2024 by rpki-client on console-fra.rpki-client.org