Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/LFrE-FrAJcgoyt_FB3EuMYv8U9w.roa
File: LFrE-FrAJcgoyt_FB3EuMYv8U9w.roa (raw, json)
Hash identifier: hmLmti9SmXb+CuQCxU5TaEcr5j03G4ryBtbvs7XkZPY=
Subject key identifier: 2C:5A:C4:F8:5A:C0:25:C8:28:CA:DF:C5:07:71:2E:31:8B:FC:53:DC
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018B25A0C8D3EBE89700BCCE8E7B12B25E90
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/LFrE-FrAJcgoyt_FB3EuMYv8U9w.roa
Signing time: Thu 12 Oct 2023 20:42:56 +0000
ROA not before: Thu 12 Oct 2023 20:42:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 217.67.64.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:25:a0:c8:d3:eb:e8:97:00:bc:ce:8e:7b:12:b2:5e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Oct 12 20:42:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c5ac4f85ac025c828cadfc507712e318bfc53dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:53:f9:16:d8:6b:f4:8c:d3:96:c5:6c:b8:
ec:78:48:b3:3a:f0:49:8e:29:b2:12:b2:38:01:0a:
c0:37:7a:8a:e9:43:92:6b:af:19:67:06:5a:cc:a2:
3d:b1:b1:1f:ab:0d:7c:3b:55:3f:6e:6e:ad:4e:e4:
7d:3d:99:e0:e6:9b:c9:30:e6:9b:8c:a6:85:40:3c:
96:75:86:0b:8d:85:7b:a0:a4:6e:36:fe:0b:50:fb:
4e:be:0f:d9:d3:2e:2b:a1:31:46:4b:ac:b2:1f:34:
38:e0:9b:d0:4b:f1:9e:6c:5c:6f:a8:de:dc:ea:ed:
33:a3:8b:fe:d4:25:26:19:7f:f0:cd:79:72:b8:e8:
35:a7:d5:b3:94:e0:4a:40:bc:b8:74:47:cf:f2:60:
2b:2d:26:1b:bf:27:32:2a:6a:56:90:4e:f4:29:bf:
db:45:22:a5:e1:a5:af:eb:fd:dc:fc:4a:a9:bd:b9:
b6:66:88:ff:dc:c7:b8:45:c7:7d:8c:0c:33:d1:8b:
d5:21:de:f3:c1:90:a4:2d:14:b5:38:1e:86:3b:b1:
6e:34:fb:c7:42:2d:61:32:3a:73:13:9e:0b:23:7a:
1c:8e:69:3a:9e:14:aa:87:3b:2a:14:fc:46:1d:16:
65:a3:06:40:d0:b5:7c:50:0d:9e:dd:ae:a6:06:f7:
49:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5A:C4:F8:5A:C0:25:C8:28:CA:DF:C5:07:71:2E:31:8B:FC:53:DC
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/LFrE-FrAJcgoyt_FB3EuMYv8U9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.64.0/22
Signature Algorithm: sha256WithRSAEncryption
87:14:ed:10:4e:56:95:8a:b2:b7:71:7f:49:7b:91:6c:1d:29:
12:f8:3c:b5:42:d4:4b:9a:70:94:f9:a5:bc:ea:9c:aa:e5:c1:
fc:c8:a2:4a:50:f2:35:85:2e:c3:3a:07:eb:26:19:f4:d6:f4:
47:59:12:42:37:47:f0:d4:aa:63:33:40:2d:47:05:87:36:28:
45:fc:27:a5:a4:26:bd:4f:73:7b:dd:2b:ec:b8:2e:a7:45:57:
fe:2b:20:cd:e1:e4:cb:8e:d3:e4:e2:33:de:0d:7d:4b:56:6f:
bf:52:86:b0:80:45:c8:59:90:3f:26:a6:7b:3b:66:e5:b3:58:
9a:d8:0c:ab:38:a6:b5:6b:f3:f3:d6:c2:5e:03:b4:d5:02:24:
ea:64:f7:ea:14:81:5e:a9:59:f5:b2:3a:cb:1a:e4:cf:59:9b:
f7:ea:98:e5:60:f0:45:31:29:83:5a:aa:83:b3:e5:b9:75:2f:
f2:37:81:00:2e:79:e9:77:7d:b0:12:0d:9e:c4:0a:d0:84:8f:
dd:03:f3:2d:ca:d4:b5:4f:cc:7a:6a:e3:73:af:5d:7f:d3:a9:
60:4e:5a:36:59:f9:66:25:f1:14:44:62:b4:ce:eb:21:84:f1:
5f:11:f4:6a:3b:3a:6e:7e:71:a8:ce:72:08:4c:ca:3e:bd:75:
3d:2b:e2:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsloMjT6+iXALzOjnsSsl6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMxMDEyMjA0MjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzVhYzRmODVhYzAyNWM4MjhjYWRmYzUwNzcxMmUzMThiZmM1M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl51T+RbYa/SM05bFbLjseEizOvBJ
jimyErI4AQrAN3qK6UOSa68ZZwZazKI9sbEfqw18O1U/bm6tTuR9PZng5pvJMOab
jKaFQDyWdYYLjYV7oKRuNv4LUPtOvg/Z0y4roTFGS6yyHzQ44JvQS/GebFxvqN7c
6u0zo4v+1CUmGX/wzXlyuOg1p9WzlOBKQLy4dEfP8mArLSYbvycyKmpWkE70Kb/b
RSKl4aWv6/3c/Eqpvbm2Zoj/3Me4Rcd9jAwz0YvVId7zwZCkLRS1OB6GO7FuNPvH
Qi1hMjpzE54LI3ocjmk6nhSqhzsqFPxGHRZlowZA0LV8UA2e3a6mBvdJWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxaxPhawCXIKMrfxQdxLjGL/FPcMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvTEZyRS1GckFKY2dveXRfRkIzRXVNWXY4VTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UNAMA0G
CSqGSIb3DQEBCwUAA4IBAQCHFO0QTlaVirK3cX9Je5FsHSkS+Dy1QtRLmnCU+aW8
6pyq5cH8yKJKUPI1hS7DOgfrJhn01vRHWRJCN0fw1KpjM0AtRwWHNihF/CelpCa9
T3N73SvsuC6nRVf+KyDN4eTLjtPk4jPeDX1LVm+/UoawgEXIWZA/JqZ7O2bls1ia
2AyrOKa1a/Pz1sJeA7TVAiTqZPfqFIFeqVn1sjrLGuTPWZv36pjlYPBFMSmDWqqD
s+W5dS/yN4EALnnpd32wEg2exArQhI/dA/MtytS1T8x6auNzr11/06lgTlo2Wflm
JfEURGK0zushhPFfEfRqOzpufnGoznIITMo+vXU9K+Lb
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:01 2024 by rpki-client on console-fra.rpki-client.org