Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/_Lp_dPnBYV7oOkt_SwQDV7P3IPg.roa
File: _Lp_dPnBYV7oOkt_SwQDV7P3IPg.roa (raw, json)
Hash identifier: qu6TTIWxl/9g4FIKqCRS3CBNd+KVI1krOt2glhNbqm8=
Subject key identifier: FC:BA:7F:74:F9:C1:61:5E:E8:3A:4B:7F:4B:04:03:57:B3:F7:20:F8
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01856F94D4079B67789500F7B260C2FF6A16
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/_Lp_dPnBYV7oOkt_SwQDV7P3IPg.roa
Signing time: Sun 01 Jan 2023 23:05:02 +0000
ROA not before: Sun 01 Jan 2023 23:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205262
IP address blocks: 89.40.74.0/24 maxlen: 24
37.122.216.0/22 maxlen: 24
185.205.252.0/22 maxlen: 24
185.84.204.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d4:07:9b:67:78:95:00:f7:b2:60:c2:ff:6a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcba7f74f9c1615ee83a4b7f4b040357b3f720f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:32:ee:32:65:9d:ef:59:f2:66:48:80:96:18:
33:95:e4:d2:68:2e:6b:9f:e5:37:22:8c:3d:77:e9:
40:79:e5:b5:f5:e7:a8:5b:59:7a:ea:93:d0:8e:4a:
c6:62:1d:3e:8d:86:35:26:1e:3a:58:70:87:33:a6:
d5:dd:e8:d3:d4:49:2a:98:4a:9d:e2:88:52:e6:bb:
54:2e:00:92:3e:fa:dd:19:06:f9:81:df:e5:02:4f:
2f:e4:17:28:cf:09:f3:cf:eb:3d:68:28:49:14:b5:
4c:4e:9a:85:e5:cc:8d:b4:a6:78:2a:6d:38:b9:dd:
af:95:d7:f0:45:65:06:b0:d5:65:36:5c:9c:e3:0d:
8e:ee:03:f1:8f:99:00:bc:8f:2b:20:85:b0:e6:0c:
e2:db:f4:39:f9:86:d2:25:7c:49:fa:39:c7:02:f0:
b3:4f:d5:b1:e1:a9:bc:89:9a:f7:04:35:bb:04:10:
63:6d:64:c1:c2:f5:36:12:36:a0:b5:02:44:aa:b7:
48:8c:36:89:02:5e:10:e9:40:25:de:20:45:9e:3b:
70:04:b6:f6:df:9d:73:53:eb:3e:9c:a5:a3:ad:e6:
ac:c9:96:b9:8d:64:09:6b:80:ec:52:5c:3a:64:c9:
0c:91:fd:03:31:9d:44:6f:01:1d:2a:42:7a:11:03:
99:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:BA:7F:74:F9:C1:61:5E:E8:3A:4B:7F:4B:04:03:57:B3:F7:20:F8
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/_Lp_dPnBYV7oOkt_SwQDV7P3IPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.216.0/22
89.40.74.0/24
185.84.204.0/22
185.205.252.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:70:3d:a5:6e:07:19:79:d6:bf:3b:98:8f:af:c7:4d:91:ff:
d1:8f:aa:dd:e4:91:2e:6d:e8:93:1b:35:0a:81:35:25:48:bb:
45:6a:5e:3c:8b:fc:35:56:bf:97:99:1f:23:60:1c:52:7a:a7:
a8:7a:9b:ae:82:7c:15:6c:a0:d6:ae:08:80:46:07:39:d7:ac:
8f:c2:5d:50:18:db:53:21:8c:29:30:fb:1b:02:cf:8b:6f:98:
96:1d:6b:45:29:b2:b5:d9:64:79:aa:cf:bb:6f:f0:de:09:4b:
e0:0e:87:7c:8b:43:49:6b:e4:4b:1a:db:de:6f:76:8d:10:c3:
ed:84:e8:65:0e:52:f1:f9:1c:48:72:15:c2:69:1f:ef:b5:0b:
a1:cc:a3:da:68:83:b6:0d:94:c0:5c:b4:78:5e:e7:ae:ad:64:
02:6c:44:bc:cb:5c:97:34:5b:1e:cd:cd:4a:15:5b:57:57:22:
f8:be:ac:c2:c1:02:53:68:4c:24:96:7b:29:2c:03:b5:b7:e7:
9f:fa:97:70:db:b3:25:5a:d1:b0:b7:62:52:10:96:90:7a:c5:
27:24:36:b3:6d:98:46:37:ae:86:d7:4b:06:8a:44:bb:0a:1f:
29:dd:ad:2e:18:c4:03:19:ec:53:2f:fb:cd:85:0e:3b:c5:c4:
23:d0:18:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvlNQHm2d4lQD3smDC/2oWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMwMTAxMjMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2JhN2Y3NGY5YzE2MTVlZTgzYTRiN2Y0YjA0MDM1N2IzZjcyMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjLuMmWd71nyZkiAlhgzleTSaC5r
n+U3Iow9d+lAeeW19eeoW1l66pPQjkrGYh0+jYY1Jh46WHCHM6bV3ejT1EkqmEqd
4ohS5rtULgCSPvrdGQb5gd/lAk8v5Bcozwnzz+s9aChJFLVMTpqF5cyNtKZ4Km04
ud2vldfwRWUGsNVlNlyc4w2O7gPxj5kAvI8rIIWw5gzi2/Q5+YbSJXxJ+jnHAvCz
T9Wx4am8iZr3BDW7BBBjbWTBwvU2EjagtQJEqrdIjDaJAl4Q6UAl3iBFnjtwBLb2
351zU+s+nKWjreasyZa5jWQJa4DsUlw6ZMkMkf0DMZ1EbwEdKkJ6EQOZxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPy6f3T5wWFe6DpLf0sEA1ez9yD4MB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvX0xwX2RQbkJZVjdvT2t0X1N3UURWN1AzSVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJXrYAwQA
WShKAwQCuVTMAwQCuc38MA0GCSqGSIb3DQEBCwUAA4IBAQAucD2lbgcZeda/O5iP
r8dNkf/Rj6rd5JEubeiTGzUKgTUlSLtFal48i/w1Vr+XmR8jYBxSeqeoepuugnwV
bKDWrgiARgc516yPwl1QGNtTIYwpMPsbAs+Lb5iWHWtFKbK12WR5qs+7b/DeCUvg
Dod8i0NJa+RLGtveb3aNEMPthOhlDlLx+RxIchXCaR/vtQuhzKPaaIO2DZTAXLR4
XueurWQCbES8y1yXNFsezc1KFVtXVyL4vqzCwQJTaEwklnspLAO1t+ef+pdw27Ml
WtGwt2JSEJaQesUnJDazbZhGN66G10sGikS7Ch8p3a0uGMQDGexTL/vNhQ47xcQj
0BjZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org