Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lc28n9uj3l1-28c9JM-blhxLYDM.roa
File: lc28n9uj3l1-28c9JM-blhxLYDM.roa (raw, json)
Hash identifier: w+CIGZCHOXSecVYAQKHf4U9C/rbZZVmxauPSwpPpuG4=
Subject key identifier: 95:CD:BC:9F:DB:A3:DE:5D:7E:DB:C7:3D:24:CF:9B:96:1C:4B:60:33
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01912C60C5C581A6FA783F10148CA3007195
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lc28n9uj3l1-28c9JM-blhxLYDM.roa
Signing time: Wed 07 Aug 2024 10:27:05 +0000
ROA not before: Wed 07 Aug 2024 10:27:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149977
IP address blocks: 85.202.203.0/24 maxlen: 24
2a0f:e404:105::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 Aug 2024 12:25:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:60:c5:c5:81:a6:fa:78:3f:10:14:8c:a3:00:71:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 7 10:27:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95cdbc9fdba3de5d7edbc73d24cf9b961c4b6033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8d:8b:08:c7:87:a1:d0:c0:1f:21:7f:1e:ff:
a7:b0:79:a1:2e:16:b4:4a:51:85:91:4f:7a:0e:6e:
21:da:56:f9:77:28:e5:1b:76:ea:42:10:d8:f6:6c:
e3:2d:34:d3:34:cb:88:43:a8:dc:32:67:2f:84:37:
d3:24:e8:01:87:6d:cb:d0:31:c6:90:c6:04:61:47:
ce:75:ad:25:97:df:3c:82:85:61:03:63:25:a6:e7:
4d:30:b1:e0:2d:30:bf:5f:59:92:a7:39:fc:19:bd:
8f:80:bd:de:64:46:8a:69:d1:eb:d2:96:f3:fd:88:
33:c0:79:29:c9:df:74:ad:32:5a:ac:7a:b3:ef:c4:
c0:cb:bc:e2:26:23:29:26:4a:2d:dc:0e:a0:a6:6e:
c3:40:7a:a9:4c:9b:44:59:33:14:9c:a6:3e:7b:df:
20:01:8e:86:e8:b7:bf:dc:2b:d9:38:a4:9e:13:49:
c7:89:57:72:95:2a:0c:50:70:f2:26:22:f9:50:9f:
5a:bb:4f:11:7c:59:fd:9e:a4:38:ef:6f:ed:ea:09:
92:5f:f5:c5:e9:46:7c:e1:ca:8c:13:1d:1f:65:34:
d0:28:4e:8b:08:cd:3f:6f:f9:23:b3:3d:6c:6d:74:
ec:64:43:f1:98:79:51:a6:0f:22:7b:38:c0:29:97:
2c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CD:BC:9F:DB:A3:DE:5D:7E:DB:C7:3D:24:CF:9B:96:1C:4B:60:33
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lc28n9uj3l1-28c9JM-blhxLYDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.203.0/24
IPv6:
2a0f:e404:105::/48
Signature Algorithm: sha256WithRSAEncryption
b5:c5:4b:c5:e5:f0:c7:25:28:4d:81:4f:6c:38:03:a2:65:8f:
86:9f:91:1e:d1:73:f5:2e:14:a2:f3:b6:f3:7c:8a:13:91:b0:
5c:b9:f2:b1:50:1e:23:02:f1:98:f9:a4:b5:6b:ea:0c:99:22:
62:69:1e:06:be:cd:a8:bb:d9:6a:9a:1b:a0:be:29:0c:cd:0a:
56:0f:e2:0e:34:b2:35:5d:ac:42:d3:fa:d4:33:23:90:4d:de:
09:25:00:6e:26:92:1b:68:0b:d1:30:c1:ed:19:f3:8b:32:b1:
a0:13:1e:c1:94:0a:de:13:69:0b:0c:c5:d5:22:95:0c:11:2b:
45:bc:4a:f7:68:14:70:ff:21:ab:7a:50:79:5e:4e:31:e5:2b:
4b:a5:aa:79:aa:43:bf:aa:83:a6:b6:c6:aa:1d:70:66:f5:c6:
48:a6:99:dc:69:c0:06:c0:c0:07:4e:1d:74:e8:4d:b0:9e:3f:
ec:ad:e6:da:1b:97:78:13:bf:ca:0d:ef:84:18:e8:df:78:c9:
b2:b0:2d:d5:08:a3:1d:ec:3c:03:9d:38:5a:2a:d6:51:e3:8d:
67:a5:03:89:94:74:d4:10:25:47:c1:12:b0:9a:b6:cc:ef:94:
60:1e:98:5c:fb:95:02:98:ed:37:c9:f8:fe:1d:aa:21:8c:de:
e9:92:a5:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZEsYMXFgab6eD8QFIyjAHGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwODA3MTAyNzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWNkYmM5ZmRiYTNkZTVkN2VkYmM3M2QyNGNmOWI5NjFjNGI2MDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0I2LCMeHodDAHyF/Hv+nsHmhLha0
SlGFkU96Dm4h2lb5dyjlG3bqQhDY9mzjLTTTNMuIQ6jcMmcvhDfTJOgBh23L0DHG
kMYEYUfOda0ll988goVhA2MlpudNMLHgLTC/X1mSpzn8Gb2PgL3eZEaKadHr0pbz
/YgzwHkpyd90rTJarHqz78TAy7ziJiMpJkot3A6gpm7DQHqpTJtEWTMUnKY+e98g
AY6G6Le/3CvZOKSeE0nHiVdylSoMUHDyJiL5UJ9au08RfFn9nqQ472/t6gmSX/XF
6UZ84cqMEx0fZTTQKE6LCM0/b/kjsz1sbXTsZEPxmHlRpg8iezjAKZcsZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJXNvJ/bo95dftvHPSTPm5YcS2AzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbGMyOG45dWozbDEtMjhjOUpNLWJsaHhMWURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVcrLMA8E
AgACMAkDBwAqD+QEAQUwDQYJKoZIhvcNAQELBQADggEBALXFS8Xl8MclKE2BT2w4
A6Jlj4afkR7Rc/UuFKLztvN8ihORsFy58rFQHiMC8Zj5pLVr6gyZImJpHga+zai7
2WqaG6C+KQzNClYP4g40sjVdrELT+tQzI5BN3gklAG4mkhtoC9Ewwe0Z84sysaAT
HsGUCt4TaQsMxdUilQwRK0W8SvdoFHD/Iat6UHleTjHlK0ulqnmqQ7+qg6a2xqod
cGb1xkimmdxpwAbAwAdOHXToTbCeP+yt5tobl3gTv8oN74QY6N94ybKwLdUIox3s
PAOdOFoq1lHjjWelA4mUdNQQJUfBErCatszvlGAemFz7lQKY7TfJ+P4dqiGM3umS
pVo=
-----END CERTIFICATE-----
Generated at Fri Aug 16 15:18:28 2024 by rpki-client on console-fra.rpki-client.org