Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/lqcG3yMD47Ti4WNcYqo2NmFunxc.roa
File: lqcG3yMD47Ti4WNcYqo2NmFunxc.roa (raw, json)
Hash identifier: +8Zf0MEiWvhYfbHvci6YfhmEMCWjx8M8Oc1wwuvO1o0=
Subject key identifier: 96:A7:06:DF:23:03:E3:B4:E2:E1:63:5C:62:AA:36:36:61:6E:9F:17
Certificate issuer: /CN=19f5e04b6555f1e2c92d7a41ac106a75dea928a2
Certificate serial: 01856C25D1364DEEF01044C00B6A63DCC822
Authority key identifier: 19:F5:E0:4B:65:55:F1:E2:C9:2D:7A:41:AC:10:6A:75:DE:A9:28:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/lqcG3yMD47Ti4WNcYqo2NmFunxc.roa
Signing time: Sun 01 Jan 2023 07:04:55 +0000
ROA not before: Sun 01 Jan 2023 07:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204453
IP address blocks: 193.104.170.0/24 maxlen: 24
194.145.202.0/24 maxlen: 24
91.214.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Dec 2023 16:58:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:d1:36:4d:ee:f0:10:44:c0:0b:6a:63:dc:c8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f5e04b6555f1e2c92d7a41ac106a75dea928a2
Validity
Not Before: Jan 1 07:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96a706df2303e3b4e2e1635c62aa3636616e9f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:80:a6:89:98:10:97:a7:44:8f:8e:86:33:14:
42:ca:06:d6:ae:db:25:74:42:35:5f:8e:7f:a3:70:
7b:92:1d:48:c4:28:59:65:03:ef:ae:15:69:43:0a:
98:03:45:dd:a3:a0:2c:e1:fa:d7:e4:de:d8:48:53:
ef:3a:68:e8:bb:6a:49:90:18:0c:5b:44:f6:c0:21:
59:cd:39:4b:c0:cf:5c:86:4c:25:aa:9c:a0:4a:be:
d0:51:50:3d:15:c8:4a:c1:fc:c5:d2:f3:ef:5a:f2:
2c:c4:41:70:61:ed:35:f9:e2:20:71:7e:7c:49:73:
66:10:40:5a:72:9b:78:2d:0d:3f:5a:75:38:ed:88:
d6:87:a7:a2:97:1f:56:92:f4:b1:db:d6:57:39:e6:
ff:63:86:0a:14:7e:a4:9f:10:bf:71:b4:0d:37:9e:
21:16:2f:77:3f:1c:8e:ce:ac:53:e0:dc:fb:42:3c:
d2:b5:22:7c:8e:cf:d8:31:40:f0:c9:1e:84:36:96:
56:b5:4e:61:8a:68:8b:39:9e:a9:0d:45:33:e1:d2:
25:ed:94:d9:25:23:17:11:f6:64:60:6c:e3:0a:55:
4f:36:89:1b:d6:08:6f:fd:36:5d:5d:64:e6:95:b0:
ec:5e:cf:c5:2f:54:ad:34:cb:96:e2:85:90:96:66:
49:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A7:06:DF:23:03:E3:B4:E2:E1:63:5C:62:AA:36:36:61:6E:9F:17
X509v3 Authority Key Identifier:
keyid:19:F5:E0:4B:65:55:F1:E2:C9:2D:7A:41:AC:10:6A:75:DE:A9:28:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/lqcG3yMD47Ti4WNcYqo2NmFunxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/GfXgS2VV8eLJLXpBrBBqdd6pKKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.126.0/24
193.104.170.0/24
194.145.202.0/24
Signature Algorithm: sha256WithRSAEncryption
59:63:37:25:92:5c:94:a2:90:5b:e5:0d:aa:52:06:bd:55:7c:
5f:41:b8:b0:12:56:d3:ba:3c:ba:97:31:d8:4a:2a:25:1f:5c:
a0:9d:50:ad:e3:79:32:b7:7e:5d:2d:ed:39:2f:46:09:14:35:
c8:03:64:e2:8e:48:7d:66:3f:35:77:b1:2a:80:b2:57:70:dd:
ed:91:58:2e:d7:21:ed:1f:84:78:b4:45:ce:eb:99:d1:75:d9:
1d:b2:3a:31:0b:11:eb:8c:dc:fc:dc:cd:4a:e1:60:f5:26:a7:
f4:7b:16:f9:f1:ea:fe:84:0f:3d:68:1b:2a:f5:27:07:38:8b:
3a:b1:0c:69:27:ef:95:68:c0:76:e9:1f:24:54:cf:d0:cc:fe:
2c:61:9a:76:33:73:f2:c7:db:9b:08:b5:30:40:91:59:36:7e:
b5:81:2d:43:81:51:6e:00:96:2c:0c:e3:bf:4a:99:89:a9:ed:
8e:b0:91:22:46:a7:54:6a:2d:c2:93:4a:db:bd:ad:3d:81:93:
1b:81:8c:10:c2:a2:cd:e7:5c:67:96:56:1f:ce:16:af:59:7b:
d5:6e:ca:43:dd:f0:c6:1c:9a:01:ec:d0:49:95:ac:b3:75:0f:
f7:76:83:de:8b:7f:c2:39:e8:7b:22:c7:32:04:ab:f4:a2:5f:
8c:00:27:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsJdE2Te7wEETAC2pj3MgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjVlMDRiNjU1NWYxZTJjOTJkN2E0MWFjMTA2YTc1ZGVh
OTI4YTIwHhcNMjMwMTAxMDcwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmE3MDZkZjIzMDNlM2I0ZTJlMTYzNWM2MmFhMzYzNjYxNmU5ZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoCmiZgQl6dEj46GMxRCygbWrtsl
dEI1X45/o3B7kh1IxChZZQPvrhVpQwqYA0Xdo6As4frX5N7YSFPvOmjou2pJkBgM
W0T2wCFZzTlLwM9chkwlqpygSr7QUVA9FchKwfzF0vPvWvIsxEFwYe01+eIgcX58
SXNmEEBacpt4LQ0/WnU47YjWh6eilx9WkvSx29ZXOeb/Y4YKFH6knxC/cbQNN54h
Fi93PxyOzqxT4Nz7QjzStSJ8js/YMUDwyR6ENpZWtU5himiLOZ6pDUUz4dIl7ZTZ
JSMXEfZkYGzjClVPNokb1ghv/TZdXWTmlbDsXs/FL1StNMuW4oWQlmZJgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJanBt8jA+O04uFjXGKqNjZhbp8XMB8GA1UdIwQY
MBaAFBn14EtlVfHiyS16QawQanXeqSiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZYZ1MyVlY4ZUxKTFhwQnJCQnFkZDZwS0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMmU5MjUtNmZlNi00YjI2LWE0OTgt
NzUzMDRmOWY1YzI0LzEvbHFjRzN5TUQ0N1RpNFdOY1lxbzJObUZ1bnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMmU5MjUtNmZlNi00YjI2LWE0OTgtNzUzMDRmOWY1YzI0
LzEvR2ZYZ1MyVlY4ZUxKTFhwQnJCQnFkZDZwS0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9Z+AwQA
wWiqAwQAwpHKMA0GCSqGSIb3DQEBCwUAA4IBAQBZYzclklyUopBb5Q2qUga9VXxf
QbiwElbTujy6lzHYSiolH1ygnVCt43kyt35dLe05L0YJFDXIA2Tijkh9Zj81d7Eq
gLJXcN3tkVgu1yHtH4R4tEXO65nRddkdsjoxCxHrjNz83M1K4WD1Jqf0exb58er+
hA89aBsq9ScHOIs6sQxpJ++VaMB26R8kVM/QzP4sYZp2M3Pyx9ubCLUwQJFZNn61
gS1DgVFuAJYsDOO/SpmJqe2OsJEiRqdUai3Ck0rbva09gZMbgYwQwqLN51xnllYf
zhavWXvVbspD3fDGHJoB7NBJlayzdQ/3doPei3/COeh7IscyBKv0ol+MACeS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:22 2024 by rpki-client on console-ams.rpki-client.org