Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/L-KKG6zDwKdzU0vjauBd_oIipcg.roa
File: L-KKG6zDwKdzU0vjauBd_oIipcg.roa (raw, json)
Hash identifier: cwBxpZznihjnkvwLZjY/hc7fdRJ6Guhf/tz950xltdk=
Subject key identifier: 2F:E2:8A:1B:AC:C3:C0:A7:73:53:4B:E3:6A:E0:5D:FE:82:22:A5:C8
Certificate issuer: /CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Certificate serial: 01887B39D67793A14F25B3EB4C7E46AB628F
Authority key identifier: 34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/L-KKG6zDwKdzU0vjauBd_oIipcg.roa
Signing time: Fri 02 Jun 2023 08:29:27 +0000
ROA not before: Fri 02 Jun 2023 08:29:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51162
IP address blocks: 91.216.178.0/24 maxlen: 24
91.103.107.0/24 maxlen: 24
91.103.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:39:d6:77:93:a1:4f:25:b3:eb:4c:7e:46:ab:62:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Validity
Not Before: Jun 2 08:29:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fe28a1bacc3c0a773534be36ae05dfe8222a5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:89:87:90:48:29:d7:11:41:41:03:b8:7e:a2:
bf:ff:ec:50:85:55:1c:1f:7d:ed:91:4d:d3:b1:d5:
cf:7e:cc:21:88:1f:ac:dd:b4:17:c8:42:6e:69:02:
0a:93:a9:03:95:f9:bb:1f:3f:58:9b:83:c5:2e:0c:
78:63:3d:ac:75:b7:b4:3a:36:d1:4b:76:5f:88:db:
32:60:d7:d0:51:f1:bd:36:ee:b5:9f:91:9e:01:26:
5b:27:35:cd:cd:78:75:0d:1b:ef:2f:85:18:bb:64:
a6:2a:5b:99:50:b9:1e:36:96:8b:6f:d6:be:90:1c:
be:f9:1e:b0:cd:b0:0c:49:a5:0e:7b:7c:24:1b:a8:
d5:01:cd:f3:d0:4c:a4:00:84:78:a5:04:fe:26:9c:
94:44:45:0f:d9:dc:d2:3a:8b:8b:98:c3:13:d5:60:
35:e7:83:85:41:74:1f:80:2d:4c:1d:55:e7:2d:75:
ce:74:a3:d7:98:92:dd:62:ab:6c:42:95:c6:8f:b4:
62:fb:8b:f5:80:71:4a:7f:96:8f:a9:c5:fb:51:a6:
aa:4b:60:51:81:f8:36:50:d1:d9:d0:19:a2:36:b6:
07:7d:c5:70:9d:0b:fc:f3:7e:3f:46:83:eb:8a:48:
22:3d:c6:a3:aa:cf:96:d5:0c:a6:52:1f:ba:67:50:
0a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E2:8A:1B:AC:C3:C0:A7:73:53:4B:E3:6A:E0:5D:FE:82:22:A5:C8
X509v3 Authority Key Identifier:
keyid:34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/L-KKG6zDwKdzU0vjauBd_oIipcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.106.0/23
91.216.178.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:54:ba:a0:d3:87:62:66:ba:60:78:8b:ff:47:b0:a8:6a:d4:
c8:a5:e1:0d:22:c2:4a:d6:8b:75:87:ee:3c:d2:4f:d6:8d:8d:
8e:c9:58:d4:a9:3f:0a:a0:b8:45:fd:84:88:63:86:e9:8d:1e:
48:7d:98:06:49:d3:7b:5a:a0:e6:cf:31:6b:cf:dd:59:6f:63:
69:6e:64:ff:08:3a:d0:36:03:7c:0e:ad:c8:8b:82:ae:ed:76:
be:dc:22:50:05:07:95:18:08:e0:f8:47:e9:89:1a:8d:24:a0:
c5:cd:1b:2a:60:91:cb:ca:17:48:72:e8:a7:23:53:58:67:30:
f6:2b:1b:be:2a:45:69:aa:53:2d:6b:6b:90:47:f3:bb:b0:80:
f1:91:9e:9d:d1:4b:84:08:4f:a5:8f:bf:20:33:54:d5:02:ff:
9b:16:87:2a:c5:dc:f8:2b:45:23:1e:77:72:5f:58:1b:41:56:
92:34:6d:f9:cc:6a:5d:e9:2f:cb:df:65:f9:98:5e:db:a4:21:
ea:0b:95:e2:1f:d4:dc:4d:7b:6d:35:e6:3b:39:cd:b2:2b:e8:
0d:af:ee:48:20:1b:09:f2:c8:4f:c6:01:fc:dc:28:ff:66:5a:
8d:85:cd:4b:39:2a:59:24:a4:8f:87:b4:b2:d5:69:c9:45:35:
c2:9e:c7:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh7OdZ3k6FPJbPrTH5Gq2KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmNhOTRmNmI2MWUxMDEwMGRjM2E3MTg2ZmZhM2Y5YjAw
YzY5ZGQwHhcNMjMwNjAyMDgyOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmUyOGExYmFjYzNjMGE3NzM1MzRiZTM2YWUwNWRmZTgyMjJhNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4mHkEgp1xFBQQO4fqK//+xQhVUc
H33tkU3TsdXPfswhiB+s3bQXyEJuaQIKk6kDlfm7Hz9Ym4PFLgx4Yz2sdbe0OjbR
S3ZfiNsyYNfQUfG9Nu61n5GeASZbJzXNzXh1DRvvL4UYu2SmKluZULkeNpaLb9a+
kBy++R6wzbAMSaUOe3wkG6jVAc3z0EykAIR4pQT+JpyUREUP2dzSOouLmMMT1WA1
54OFQXQfgC1MHVXnLXXOdKPXmJLdYqtsQpXGj7Ri+4v1gHFKf5aPqcX7UaaqS2BR
gfg2UNHZ0BmiNrYHfcVwnQv8834/RoPrikgiPcajqs+W1QymUh+6Z1AKmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC/iihusw8Cnc1NL42rgXf6CIqXIMB8GA1UdIwQY
MBaAFDS8qU9rYeEBANw6cYb/o/mwDGndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMt
NzA5ZjAzNjI0ZTdlLzEvTC1LS0c2ekR3S2R6VTB2amF1QmRfb0lpcGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMtNzA5ZjAzNjI0ZTdl
LzEvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW2dqAwQA
W9iyMA0GCSqGSIb3DQEBCwUAA4IBAQB6VLqg04diZrpgeIv/R7CoatTIpeENIsJK
1ot1h+480k/WjY2OyVjUqT8KoLhF/YSIY4bpjR5IfZgGSdN7WqDmzzFrz91Zb2Np
bmT/CDrQNgN8Dq3Ii4Ku7Xa+3CJQBQeVGAjg+EfpiRqNJKDFzRsqYJHLyhdIcuin
I1NYZzD2Kxu+KkVpqlMta2uQR/O7sIDxkZ6d0UuECE+lj78gM1TVAv+bFocqxdz4
K0UjHndyX1gbQVaSNG35zGpd6S/L32X5mF7bpCHqC5XiH9TcTXttNeY7Oc2yK+gN
r+5IIBsJ8shPxgH83Cj/ZlqNhc1LOSpZJKSPh7Sy1WnJRTXCnscC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:08 2024 by rpki-client on console-ams.rpki-client.org