Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/AnkGlsOulqCKmP17x7jLORFLeQs.roa
File: AnkGlsOulqCKmP17x7jLORFLeQs.roa (raw, json)
Hash identifier: hZWX38tj/b9EsaQFFIrMiGfqIcT5+//JJ2K5vbYZZ74=
Subject key identifier: 02:79:06:96:C3:AE:96:A0:8A:98:FD:7B:C7:B8:CB:39:11:4B:79:0B
Certificate issuer: /CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Certificate serial: 018B22F9D00841D57F5E495F5FFCF33C9D1F
Authority key identifier: 96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/AnkGlsOulqCKmP17x7jLORFLeQs.roa
Signing time: Thu 12 Oct 2023 08:21:18 +0000
ROA not before: Thu 12 Oct 2023 08:21:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39662
IP address blocks: 87.239.120.0/21 maxlen: 24
93.190.96.0/21 maxlen: 24
2a00:13f0::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:22:f9:d0:08:41:d5:7f:5e:49:5f:5f:fc:f3:3c:9d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Validity
Not Before: Oct 12 08:21:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02790696c3ae96a08a98fd7bc7b8cb39114b790b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:45:0d:5c:70:a7:b3:32:ef:86:36:4d:9c:16:
c7:01:4e:54:d5:1b:72:b8:ce:3d:58:5b:07:b6:ee:
3b:fd:66:c6:d7:67:14:5b:21:ef:50:1e:df:e8:87:
93:bb:f9:47:ee:65:45:f2:ae:52:c9:c4:f9:95:9f:
4e:32:8a:7b:a2:4c:a3:2f:f4:53:a4:0f:64:57:18:
37:a2:ac:2e:04:70:b9:0b:c8:77:cd:ca:96:71:ec:
55:64:c1:6e:87:f3:33:48:a0:ea:64:34:1d:49:69:
f8:53:16:59:e0:9d:20:cf:37:2e:50:3f:1a:ed:86:
d9:93:f8:84:2f:bc:44:8d:c7:27:fb:3c:3b:da:47:
3f:a5:36:08:d3:c6:08:a1:8e:8c:8e:0e:24:b6:9d:
2d:e5:51:2a:61:7a:56:23:fc:34:77:b9:ac:8c:6e:
33:58:81:cd:da:55:a8:be:5d:85:e1:de:77:fd:e1:
1e:b6:b0:52:04:64:f0:aa:20:81:7e:3b:6f:dc:8d:
0d:54:2c:b2:09:a1:c0:11:62:19:00:c5:ec:41:49:
c1:86:f9:02:ec:96:0e:cb:da:9a:8d:fd:5b:dd:c1:
e7:1f:23:c8:f4:ce:5e:fa:63:6c:01:66:24:13:b9:
51:32:27:52:76:ab:e2:d2:be:06:a9:9c:df:37:20:
20:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:79:06:96:C3:AE:96:A0:8A:98:FD:7B:C7:B8:CB:39:11:4B:79:0B
X509v3 Authority Key Identifier:
keyid:96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/AnkGlsOulqCKmP17x7jLORFLeQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/lpztpb83kB_p5E9ztb-CtoezRXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.120.0/21
93.190.96.0/21
IPv6:
2a00:13f0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:fe:fe:4e:e8:d3:13:21:f3:8f:c6:9a:94:39:d3:dc:cc:cb:
7b:b3:86:01:bc:cc:ec:88:2b:56:b5:3f:db:4a:e2:37:a0:e1:
87:ca:7d:ca:1e:6b:4c:89:29:ed:7b:3d:5e:9b:3b:68:07:00:
ac:0a:9b:91:1f:40:4f:5e:af:b2:3b:1c:4b:89:d2:3a:cd:0a:
fe:0b:31:cf:a8:b9:ea:0f:3a:d8:3a:28:bd:d5:cc:07:7b:28:
e8:6f:bc:0e:97:ba:d4:bb:e6:32:0b:4b:30:23:5f:ba:3e:79:
c6:dd:14:ef:84:c8:7e:33:5e:e3:7f:87:55:2f:dc:ce:7f:1b:
85:e9:f3:4f:66:af:84:a7:9f:97:32:71:a5:10:a7:03:fb:31:
8e:1d:06:76:11:0e:5a:d4:a1:3d:c4:2f:f3:c6:60:ed:17:a9:
14:ba:a7:80:23:cc:43:6a:84:4e:a1:ca:30:15:5f:4b:0d:2f:
72:be:36:5b:51:09:45:e4:03:a3:4a:8f:e2:1c:b1:4a:4a:bc:
f0:20:3e:5b:6a:a9:46:30:3f:9d:b8:e0:6e:78:f0:f7:ad:66:
3c:4d:42:3c:9f:b4:26:e0:20:84:ab:aa:83:1c:3a:6c:c3:52:
0d:cf:72:6a:10:bc:d3:e5:69:5c:75:9c:94:a7:e6:92:31:c4:
f8:de:77:f0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYsi+dAIQdV/XklfX/zzPJ0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWNlZGE1YmYzNzkwMWZlOWU0NGY3M2I1YmY4MmI2ODdi
MzQ1NzIwHhcNMjMxMDEyMDgyMTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjc5MDY5NmMzYWU5NmEwOGE5OGZkN2JjN2I4Y2IzOTExNGI3OTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUUNXHCnszLvhjZNnBbHAU5U1Rty
uM49WFsHtu47/WbG12cUWyHvUB7f6IeTu/lH7mVF8q5SycT5lZ9OMop7okyjL/RT
pA9kVxg3oqwuBHC5C8h3zcqWcexVZMFuh/MzSKDqZDQdSWn4UxZZ4J0gzzcuUD8a
7YbZk/iEL7xEjccn+zw72kc/pTYI08YIoY6Mjg4ktp0t5VEqYXpWI/w0d7msjG4z
WIHN2lWovl2F4d53/eEetrBSBGTwqiCBfjtv3I0NVCyyCaHAEWIZAMXsQUnBhvkC
7JYOy9qajf1b3cHnHyPI9M5e+mNsAWYkE7lRMidSdqvi0r4GqZzfNyAgoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAJ5BpbDrpagipj9e8e4yzkRS3kLMB8GA1UdIwQY
MBaAFJac7aW/N5Af6eRPc7W/graHs0VyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQt
MjFmYzlhZmM4YWMxLzEvQW5rR2xzT3VscUNLbVAxN3g3akxPUkZMZVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQtMjFmYzlhZmM4YWMx
LzEvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDV+94AwQD
Xb5gMA0EAgACMAcDBQAqABPwMA0GCSqGSIb3DQEBCwUAA4IBAQBs/v5O6NMTIfOP
xpqUOdPczMt7s4YBvMzsiCtWtT/bSuI3oOGHyn3KHmtMiSntez1emztoBwCsCpuR
H0BPXq+yOxxLidI6zQr+CzHPqLnqDzrYOii91cwHeyjob7wOl7rUu+YyC0swI1+6
PnnG3RTvhMh+M17jf4dVL9zOfxuF6fNPZq+Ep5+XMnGlEKcD+zGOHQZ2EQ5a1KE9
xC/zxmDtF6kUuqeAI8xDaoROocowFV9LDS9yvjZbUQlF5AOjSo/iHLFKSrzwID5b
aqlGMD+duOBuePD3rWY8TUI8n7Qm4CCEq6qDHDpsw1INz3JqELzT5WlcdZyUp+aS
McT43nfw
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:39 2024 by rpki-client on console-ams.rpki-client.org