Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/LNDA0Gnn2a1fFM0MUh5V37nZSD0.roa
File: LNDA0Gnn2a1fFM0MUh5V37nZSD0.roa (raw, json)
Hash identifier: 3vp0w88Kc1XcLZbulngv/tH+y6QkzBNIiBJEE5/b7gw=
Subject key identifier: 2C:D0:C0:D0:69:E7:D9:AD:5F:14:CD:0C:52:1E:55:DF:B9:D9:48:3D
Certificate issuer: /CN=f4a5b042fe48eeb123be56dbf9e8dda20c1ea11d
Certificate serial: 01856FD5044657BDE56322524140FBDA6DF7
Authority key identifier: F4:A5:B0:42:FE:48:EE:B1:23:BE:56:DB:F9:E8:DD:A2:0C:1E:A1:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9KWwQv5I7rEjvlbb-ejdogweoR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/LNDA0Gnn2a1fFM0MUh5V37nZSD0.roa
Signing time: Mon 02 Jan 2023 00:15:09 +0000
ROA not before: Mon 02 Jan 2023 00:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197914
IP address blocks: 195.66.112.0/24 maxlen: 24
130.0.192.0/21 maxlen: 24
194.50.60.0/24 maxlen: 24
2a03:a580::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:04:46:57:bd:e5:63:22:52:41:40:fb:da:6d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4a5b042fe48eeb123be56dbf9e8dda20c1ea11d
Validity
Not Before: Jan 2 00:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cd0c0d069e7d9ad5f14cd0c521e55dfb9d9483d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:52:12:23:d8:5e:c9:23:b9:28:2a:f6:fe:67:
b2:65:52:04:b7:1a:3e:5e:f5:79:07:99:ef:57:39:
ab:bb:a5:a5:f6:64:0f:09:a3:3c:e6:08:76:4e:53:
ae:77:97:95:05:19:05:92:82:ce:9f:73:17:a0:26:
85:84:8c:78:ec:e8:3f:83:b2:a0:de:89:6c:67:9c:
73:25:04:10:36:91:bf:fc:4d:68:ce:81:64:9e:54:
ba:05:a2:fb:cf:49:1d:a4:1a:58:dd:52:a0:25:54:
91:ed:69:c1:0f:cc:af:a4:f1:a2:3e:f1:c1:88:be:
23:c4:51:d7:64:04:4b:b0:da:d6:c4:fa:94:63:3a:
a2:d7:3f:bf:da:0c:b5:08:62:9f:94:21:18:52:a9:
60:c9:f4:98:5c:9f:f7:3a:10:f2:9f:16:50:85:af:
d0:56:c5:03:7f:2e:6d:95:3a:85:1f:c5:c9:31:9e:
8b:18:43:e6:0e:7f:43:7d:39:44:84:78:af:02:20:
48:88:8d:d2:58:c5:e2:03:1f:19:c9:0a:96:4a:f4:
d7:a1:23:c2:2d:5e:37:3d:9c:e6:d4:0e:0f:85:5a:
5c:98:87:15:f3:85:33:5c:d5:2c:c5:c6:cf:9d:a2:
b5:19:f6:92:42:80:ea:3e:5e:d8:31:5d:ae:53:74:
c4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D0:C0:D0:69:E7:D9:AD:5F:14:CD:0C:52:1E:55:DF:B9:D9:48:3D
X509v3 Authority Key Identifier:
keyid:F4:A5:B0:42:FE:48:EE:B1:23:BE:56:DB:F9:E8:DD:A2:0C:1E:A1:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9KWwQv5I7rEjvlbb-ejdogweoR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/LNDA0Gnn2a1fFM0MUh5V37nZSD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/9KWwQv5I7rEjvlbb-ejdogweoR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.192.0/21
194.50.60.0/24
195.66.112.0/24
IPv6:
2a03:a580::/32
Signature Algorithm: sha256WithRSAEncryption
52:13:c0:8a:b9:45:b0:f9:c4:de:43:64:d6:fe:e0:f7:fd:e8:
89:08:bd:b1:69:24:c9:f8:2c:ab:23:78:67:30:7e:6a:07:c2:
8e:92:34:b6:f2:aa:0f:f9:85:44:b0:97:0f:2c:10:ce:8b:41:
5c:86:8d:06:2a:47:d1:12:ea:58:88:a0:b1:6b:3a:05:6d:ad:
0e:f6:85:e3:8e:9c:08:dc:0b:b1:e5:f4:8b:cc:5c:b2:7c:ba:
01:b1:43:a9:23:27:e8:6b:21:9b:5c:04:af:9e:2e:f4:e7:c8:
bd:f1:60:73:d1:ca:c7:34:5d:84:3b:76:2d:1a:e8:fe:2b:89:
7e:ae:fb:28:9e:ce:74:ef:5c:0d:c3:6e:bf:4b:b7:f9:82:9d:
6c:ad:74:81:0a:b6:3a:cf:46:d0:ad:59:09:90:37:22:41:6c:
77:2e:ce:05:c4:73:60:81:f2:48:80:cf:e4:43:87:2c:be:8f:
42:82:43:54:6e:a1:55:db:80:3b:63:7a:19:b4:9d:19:b3:7e:
0b:83:5e:89:e3:ae:33:53:11:9e:09:41:ba:db:32:16:1a:30:
0b:1e:b6:fb:3c:0a:4f:35:5c:6d:fb:29:f5:3f:6d:1f:5a:5e:
d1:14:9d:9a:08:71:ff:1f:b8:a3:eb:31:90:33:51:b4:41:67:
29:1c:c1:d4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVv1QRGV73lYyJSQUD72m33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YTViMDQyZmU0OGVlYjEyM2JlNTZkYmY5ZThkZGEyMGMx
ZWExMWQwHhcNMjMwMTAyMDAxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2QwYzBkMDY5ZTdkOWFkNWYxNGNkMGM1MjFlNTVkZmI5ZDk0ODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVISI9heySO5KCr2/meyZVIEtxo+
XvV5B5nvVzmru6Wl9mQPCaM85gh2TlOud5eVBRkFkoLOn3MXoCaFhIx47Og/g7Kg
3olsZ5xzJQQQNpG//E1ozoFknlS6BaL7z0kdpBpY3VKgJVSR7WnBD8yvpPGiPvHB
iL4jxFHXZARLsNrWxPqUYzqi1z+/2gy1CGKflCEYUqlgyfSYXJ/3OhDynxZQha/Q
VsUDfy5tlTqFH8XJMZ6LGEPmDn9DfTlEhHivAiBIiI3SWMXiAx8ZyQqWSvTXoSPC
LV43PZzm1A4PhVpcmIcV84UzXNUsxcbPnaK1GfaSQoDqPl7YMV2uU3TEbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCzQwNBp59mtXxTNDFIeVd+52Ug9MB8GA1UdIwQY
MBaAFPSlsEL+SO6xI75W2/no3aIMHqEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUtXd1F2NUk3ckVqdmxiYi1lamRvZ3dlb1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zODkyMzEtMmI1Zi00YzllLTk0MWQt
YjRiMjg0MzdmZTZjLzEvTE5EQTBHbm4yYTFmRk0wTVVoNVYzN25aU0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zODkyMzEtMmI1Zi00YzllLTk0MWQtYjRiMjg0MzdmZTZj
LzEvOUtXd1F2NUk3ckVqdmxiYi1lamRvZ3dlb1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDggDAAwQA
wjI8AwQAw0JwMA0EAgACMAcDBQAqA6WAMA0GCSqGSIb3DQEBCwUAA4IBAQBSE8CK
uUWw+cTeQ2TW/uD3/eiJCL2xaSTJ+CyrI3hnMH5qB8KOkjS28qoP+YVEsJcPLBDO
i0Fcho0GKkfREupYiKCxazoFba0O9oXjjpwI3Aux5fSLzFyyfLoBsUOpIyfoayGb
XASvni7058i98WBz0crHNF2EO3YtGuj+K4l+rvsons5071wNw26/S7f5gp1srXSB
CrY6z0bQrVkJkDciQWx3Ls4FxHNggfJIgM/kQ4csvo9CgkNUbqFV24A7Y3oZtJ0Z
s34Lg16J464zUxGeCUG62zIWGjALHrb7PApPNVxt+yn1P20fWl7RFJ2aCHH/H7ij
6zGQM1G0QWcpHMHU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:52 2024 by rpki-client on console-ams.rpki-client.org