Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/_lsTk6MUCFBZcUy0giQXvD7jrgA.roa
File: _lsTk6MUCFBZcUy0giQXvD7jrgA.roa (raw, json)
Hash identifier: 64oLfT1VlNpMmE+h6fXIfsqL06IJBS+2stRLPRS8yKk=
Subject key identifier: FE:5B:13:93:A3:14:08:50:59:71:4C:B4:82:24:17:BC:3E:E3:AE:00
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018A25B874B03D28788286CCF443EBE4315F
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/_lsTk6MUCFBZcUy0giQXvD7jrgA.roa
Signing time: Thu 24 Aug 2023 04:05:59 +0000
ROA not before: Thu 24 Aug 2023 04:05:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.66.24.0/24 maxlen: 24
193.108.56.0/24 maxlen: 24
193.108.104.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:25:b8:74:b0:3d:28:78:82:86:cc:f4:43:eb:e4:31:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Aug 24 04:05:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe5b1393a314085059714cb4822417bc3ee3ae00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:64:69:be:44:9c:b9:f3:ad:25:eb:de:1c:1b:
3d:3e:73:99:3f:3e:60:ba:f3:93:7f:a3:7b:b0:94:
a6:8d:e5:59:d3:c9:15:2f:25:b0:97:95:04:50:4b:
76:e1:09:5b:55:09:b8:15:40:ca:2f:af:0a:77:10:
fd:23:57:a4:87:e4:2d:23:8b:e9:7a:90:83:58:4d:
7f:15:0d:9d:ed:69:e4:15:ce:81:49:b5:a9:2b:85:
b2:cb:32:83:69:31:3b:71:d5:c1:90:5a:f7:8d:38:
94:52:36:d3:48:7e:1d:cb:91:ce:64:7e:56:1a:a7:
4a:40:08:fc:3a:eb:2c:9e:af:2f:7f:b5:1d:93:af:
2c:7f:9a:43:9f:9a:da:0f:cb:08:c8:bc:e7:57:5b:
82:62:d3:ca:64:7e:8e:22:d4:16:71:61:6c:a1:f0:
40:0b:fc:7c:af:ec:57:31:83:f1:b5:36:c0:58:63:
31:e7:c1:d6:c6:f0:14:44:d0:0a:56:5f:6a:f2:c2:
8c:8e:b1:8f:68:a4:6a:b4:d0:5a:3c:fb:42:03:85:
82:cb:3c:89:55:9f:da:cc:fc:cb:05:e3:f1:10:db:
5f:76:72:72:d1:a5:f6:a8:cd:86:d5:5d:dc:0c:5b:
aa:82:19:eb:66:8a:85:56:f8:00:67:ee:14:3c:d4:
c1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5B:13:93:A3:14:08:50:59:71:4C:B4:82:24:17:BC:3E:E3:AE:00
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/_lsTk6MUCFBZcUy0giQXvD7jrgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.24.0/24
193.108.56.0/24
193.108.104.0/24
Signature Algorithm: sha256WithRSAEncryption
35:38:5e:89:0a:29:9f:3e:fb:0b:02:c5:29:88:1d:b5:e1:dd:
4e:ee:3e:a5:69:ec:eb:e8:4a:97:68:95:3e:31:9c:03:0c:52:
3a:ca:16:9e:01:c3:ec:1c:79:83:2d:20:af:f4:36:41:a4:48:
fd:a8:15:06:12:3b:12:96:3b:fb:54:b9:35:8c:a3:38:32:28:
d0:4e:21:2e:a6:50:a4:84:41:25:81:d1:52:35:32:8c:37:1e:
e7:17:c0:89:9a:6e:f5:e6:01:8c:47:fe:5f:7f:90:f6:0b:13:
bf:db:2d:29:79:ee:09:22:be:79:2e:43:c0:64:42:77:49:dc:
e0:24:20:6f:2c:42:68:6b:8f:a7:36:62:d6:97:30:b6:85:b6:
cd:98:ba:8f:fc:d8:df:88:44:dc:65:6b:b0:f6:2e:85:75:d1:
c0:b5:52:e3:6e:d4:47:53:44:33:41:e7:4f:8a:73:3c:c6:d0:
37:03:d8:b7:28:77:2e:c2:8f:92:57:8f:68:dd:f7:c7:82:f9:
ab:c2:93:14:b7:fd:86:ef:56:38:eb:96:4e:1b:54:fd:d7:c1:
08:df:ba:c2:7e:3c:86:f3:da:21:be:dc:ef:40:0c:93:71:af:
d0:4c:96:f8:a0:12:72:9c:10:15:3b:48:41:27:98:d7:55:8a:
8f:48:6b:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoluHSwPSh4gobM9EPr5DFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMwODI0MDQwNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTViMTM5M2EzMTQwODUwNTk3MTRjYjQ4MjI0MTdiYzNlZTNhZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmRpvkScufOtJeveHBs9PnOZPz5g
uvOTf6N7sJSmjeVZ08kVLyWwl5UEUEt24QlbVQm4FUDKL68KdxD9I1ekh+QtI4vp
epCDWE1/FQ2d7WnkFc6BSbWpK4WyyzKDaTE7cdXBkFr3jTiUUjbTSH4dy5HOZH5W
GqdKQAj8Oussnq8vf7Udk68sf5pDn5raD8sIyLznV1uCYtPKZH6OItQWcWFsofBA
C/x8r+xXMYPxtTbAWGMx58HWxvAURNAKVl9q8sKMjrGPaKRqtNBaPPtCA4WCyzyJ
VZ/azPzLBePxENtfdnJy0aX2qM2G1V3cDFuqghnrZoqFVvgAZ+4UPNTBIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP5bE5OjFAhQWXFMtIIkF7w+464AMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvX2xzVGs2TVVDRkJaY1V5MGdpUVh2RDdqcmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvEIYAwQA
wWw4AwQAwWxoMA0GCSqGSIb3DQEBCwUAA4IBAQA1OF6JCimfPvsLAsUpiB214d1O
7j6laezr6EqXaJU+MZwDDFI6yhaeAcPsHHmDLSCv9DZBpEj9qBUGEjsSljv7VLk1
jKM4MijQTiEuplCkhEElgdFSNTKMNx7nF8CJmm715gGMR/5ff5D2CxO/2y0pee4J
Ir55LkPAZEJ3SdzgJCBvLEJoa4+nNmLWlzC2hbbNmLqP/NjfiETcZWuw9i6FddHA
tVLjbtRHU0QzQedPinM8xtA3A9i3KHcuwo+SV49o3ffHgvmrwpMUt/2G71Y465ZO
G1T918EI37rCfjyG89ohvtzvQAyTca/QTJb4oBJynBAVO0hBJ5jXVYqPSGu9
-----END CERTIFICATE-----
Generated at Fri Aug 25 04:45:32 2023 by rpki-client on console-fra.rpki-client.org