Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/LKHGqTPSuEOL-OpIF5kCga2k698.roa
File: LKHGqTPSuEOL-OpIF5kCga2k698.roa (raw, json)
Hash identifier: 3FCYvcA/dSUR9DUMBHgUl20QwxvrijurjTb9LoTw+uo=
Subject key identifier: 2C:A1:C6:A9:33:D2:B8:43:8B:F8:EA:48:17:99:02:81:AD:A4:EB:DF
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018D1C31DCD054158EAC31EBF54F591D18A3
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/LKHGqTPSuEOL-OpIF5kCga2k698.roa
Signing time: Thu 18 Jan 2024 10:50:46 +0000
ROA not before: Thu 18 Jan 2024 10:50:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205209
IP address blocks: 94.188.179.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 06 Feb 2024 05:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:31:dc:d0:54:15:8e:ac:31:eb:f5:4f:59:1d:18:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 18 10:50:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ca1c6a933d2b8438bf8ea4817990281ada4ebdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bc:cc:35:89:c5:6e:4b:97:49:3a:c9:f0:86:
b3:d5:c7:bc:78:d1:ae:fb:ef:7a:3d:bb:47:72:56:
b7:d3:05:27:f5:ad:48:aa:07:43:dc:df:c5:d7:df:
6e:bc:c1:9b:08:ac:f5:ef:d7:dc:32:dd:da:0f:83:
64:34:ea:6f:5c:21:52:d9:c2:8b:4f:fc:91:11:eb:
28:87:e0:11:69:05:2b:54:44:b4:f2:7b:b2:20:21:
3f:14:8a:29:4e:fc:c0:07:8e:f9:a9:55:9e:48:95:
91:34:01:1d:dd:f3:67:7e:2b:0a:83:ab:30:93:41:
1f:76:f7:ca:ca:7d:de:ab:0b:17:eb:87:67:25:ac:
1d:94:c1:c5:31:81:d7:3b:39:bb:8c:7b:42:9c:fc:
0c:33:16:b0:36:8c:c7:c4:10:de:7d:6f:fe:ee:df:
eb:59:f5:bf:44:20:97:ec:ec:87:0d:d4:c3:e1:64:
17:2f:3a:fd:41:c9:9d:f7:09:42:c8:38:08:c8:ef:
08:e6:9f:f6:1e:b3:f2:c9:17:21:89:14:76:e4:71:
b1:1d:a6:5d:93:e0:e0:d0:69:59:bc:0e:05:03:27:
58:5a:2a:0f:9f:7e:06:b2:59:9d:79:23:73:a3:01:
77:de:d9:81:88:99:c1:4a:7e:a3:73:ac:b6:99:f8:
ea:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A1:C6:A9:33:D2:B8:43:8B:F8:EA:48:17:99:02:81:AD:A4:EB:DF
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/LKHGqTPSuEOL-OpIF5kCga2k698.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.179.0/24
94.188.186.0/23
Signature Algorithm: sha256WithRSAEncryption
13:01:1a:91:8e:02:7b:44:0c:bf:78:af:bb:17:d3:36:72:b5:
37:77:5c:18:f7:78:c3:25:b8:52:e0:e3:23:7e:1b:ac:01:e5:
7a:f2:37:85:88:28:ff:90:60:02:e7:69:e6:8f:e7:26:83:6e:
be:ba:56:e5:5a:2c:1c:a8:48:70:9b:7b:b9:2f:26:c4:b7:d4:
82:3d:fa:13:8d:3a:c1:47:a8:1f:6f:d2:84:39:bf:50:de:be:
c9:7e:7f:19:d4:56:46:41:a7:de:d6:8c:49:00:bc:f9:5c:29:
e2:e8:dc:a5:e8:18:69:5b:59:f7:cd:d2:6d:1e:cb:d6:9c:90:
52:2f:b2:af:99:7f:94:b7:38:c4:84:ae:e9:6b:77:56:9f:69:
96:cb:f8:d5:11:06:bd:c6:95:95:bf:4c:8d:e6:77:cc:6f:83:
08:2c:3e:a5:30:76:32:ce:18:e0:96:3e:d1:65:b8:47:b5:7f:
87:53:23:8a:08:3a:16:80:81:e7:1e:c5:da:38:47:f5:09:85:
b5:c9:45:30:14:1f:df:3e:6b:48:94:42:a3:fb:e9:ab:79:b7:
e3:84:9b:bb:ab:df:ea:58:90:d6:33:2b:f9:f7:10:44:e1:a4:
2b:7b:99:1e:18:6c:c2:1e:d1:a4:80:90:49:19:7f:69:69:e9:
2f:7b:96:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0cMdzQVBWOrDHr9U9ZHRijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMTE4MTA1MDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2ExYzZhOTMzZDJiODQzOGJmOGVhNDgxNzk5MDI4MWFkYTRlYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurzMNYnFbkuXSTrJ8Iaz1ce8eNGu
++96PbtHcla30wUn9a1IqgdD3N/F199uvMGbCKz179fcMt3aD4NkNOpvXCFS2cKL
T/yREesoh+ARaQUrVES08nuyICE/FIopTvzAB475qVWeSJWRNAEd3fNnfisKg6sw
k0EfdvfKyn3eqwsX64dnJawdlMHFMYHXOzm7jHtCnPwMMxawNozHxBDefW/+7t/r
WfW/RCCX7OyHDdTD4WQXLzr9Qcmd9wlCyDgIyO8I5p/2HrPyyRchiRR25HGxHaZd
k+Dg0GlZvA4FAydYWioPn34GslmdeSNzowF33tmBiJnBSn6jc6y2mfjqoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCyhxqkz0rhDi/jqSBeZAoGtpOvfMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvTEtIR3FUUFN1RU9MLU9wSUY1a0NnYTJrNjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXryzAwQB
Xry6MA0GCSqGSIb3DQEBCwUAA4IBAQATARqRjgJ7RAy/eK+7F9M2crU3d1wY93jD
JbhS4OMjfhusAeV68jeFiCj/kGAC52nmj+cmg26+ulblWiwcqEhwm3u5LybEt9SC
PfoTjTrBR6gfb9KEOb9Q3r7Jfn8Z1FZGQafe1oxJALz5XCni6Nyl6BhpW1n3zdJt
HsvWnJBSL7KvmX+UtzjEhK7pa3dWn2mWy/jVEQa9xpWVv0yN5nfMb4MILD6lMHYy
zhjglj7RZbhHtX+HUyOKCDoWgIHnHsXaOEf1CYW1yUUwFB/fPmtIlEKj++mrebfj
hJu7q9/qWJDWMyv59xBE4aQre5keGGzCHtGkgJBJGX9paekve5Y2
-----END CERTIFICATE-----
Generated at Tue Feb 6 06:51:58 2024 by rpki-client on console-ams.rpki-client.org