Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lvhzw2Rp1xQrIC6N7Ei8W0RLPI8.roa
File: lvhzw2Rp1xQrIC6N7Ei8W0RLPI8.roa (raw, json)
Hash identifier: Fn92HgqZFilMZ+C4Pw+ovOciJYXLVs+TNfjsCRz4ung=
Subject key identifier: 96:F8:73:C3:64:69:D7:14:2B:20:2E:8D:EC:48:BC:5B:44:4B:3C:8F
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018AA818C65DF62A681E4A25C81DF01E6988
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lvhzw2Rp1xQrIC6N7Ei8W0RLPI8.roa
Signing time: Mon 18 Sep 2023 11:41:50 +0000
ROA not before: Mon 18 Sep 2023 11:41:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.191.96.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Sep 2023 10:25:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:18:c6:5d:f6:2a:68:1e:4a:25:c8:1d:f0:1e:69:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Sep 18 11:41:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96f873c36469d7142b202e8dec48bc5b444b3c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:75:02:31:0c:65:03:38:db:b4:da:ff:6c:7e:
f1:80:1b:20:50:43:f7:a7:64:0a:47:36:9d:82:f3:
9b:73:6c:f6:90:8a:54:b1:e0:46:76:aa:05:dc:e7:
99:8f:66:4e:cd:f9:9a:1c:97:1c:09:12:f4:3f:a6:
97:91:fb:cb:ab:c3:81:b7:1f:52:6a:22:d5:02:c1:
22:31:49:e0:3e:13:95:b0:26:5b:d1:6d:7d:99:3e:
bf:b8:e0:b7:af:a1:11:5a:0c:8d:0e:b5:80:2a:fd:
75:89:92:20:d8:9b:b3:70:4b:e2:37:df:4c:cd:cc:
a8:a9:fa:2c:ed:00:fc:75:53:a8:aa:b9:ae:f7:6a:
2d:1f:41:a7:11:33:df:92:d6:bd:50:e4:ed:08:74:
41:9f:46:15:a1:70:b7:bd:b0:64:88:a1:83:32:18:
e5:ad:11:80:13:bc:8d:8f:4b:ab:cf:f0:f2:2c:6c:
0e:59:e7:da:8f:bb:40:14:3e:10:1d:25:0a:88:76:
b2:18:bd:c1:1f:f0:b3:14:dc:1a:ec:6f:3a:24:3c:
5a:49:bb:43:4a:b6:53:0e:48:2c:c9:cb:a6:6d:24:
da:ab:f8:73:38:09:26:ec:4e:2b:80:57:d2:1a:73:
ee:68:e2:65:bb:5a:6a:bc:5c:3a:3c:ad:89:18:7b:
0e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F8:73:C3:64:69:D7:14:2B:20:2E:8D:EC:48:BC:5B:44:4B:3C:8F
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lvhzw2Rp1xQrIC6N7Ei8W0RLPI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.96.0/24
188.191.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:ab:30:74:fe:07:03:0b:ad:80:8b:ef:7b:dd:25:18:10:8d:
01:57:f6:89:e6:df:4f:84:e1:fe:e2:7c:24:54:9b:9d:c1:be:
88:5c:30:95:37:a0:d0:8f:00:b4:30:eb:2c:3d:b5:45:a6:a9:
42:51:e2:83:7a:fe:d2:11:fd:68:e3:de:ad:1f:43:ff:87:09:
91:e9:df:a7:4c:4c:ca:15:53:6e:42:47:08:98:f1:04:ac:a7:
ea:13:47:ed:34:dd:b7:8d:cd:31:f7:72:c5:04:63:13:ef:47:
e7:c1:04:fb:82:65:73:d4:13:e1:f5:c5:0b:ac:4b:8d:50:c3:
fe:f4:92:66:ae:e3:9b:f2:0d:44:84:38:d9:28:0b:7c:f0:87:
92:62:59:e8:69:4f:97:6e:47:8b:f2:4b:d0:58:b9:0f:e8:f5:
a0:99:63:20:8b:53:11:65:f4:04:b2:96:ea:5c:05:39:1f:95:
01:72:f2:78:ac:2a:ff:71:5f:49:fc:a2:8a:4b:6e:a2:57:75:
43:b8:f9:54:39:4d:59:ed:f6:f2:bb:ba:f6:81:8f:c9:b7:5f:
7f:69:22:c5:4d:4c:b1:70:37:19:f8:32:92:4f:4a:66:15:44:
d0:f5:9d:0c:ee:b8:9f:5a:76:d7:4b:5f:3a:71:d6:36:23:3c:
41:36:b1:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqoGMZd9ipoHkolyB3wHmmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwOTE4MTE0MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmY4NzNjMzY0NjlkNzE0MmIyMDJlOGRlYzQ4YmM1YjQ0NGIzYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHUCMQxlAzjbtNr/bH7xgBsgUEP3
p2QKRzadgvObc2z2kIpUseBGdqoF3OeZj2ZOzfmaHJccCRL0P6aXkfvLq8OBtx9S
aiLVAsEiMUngPhOVsCZb0W19mT6/uOC3r6ERWgyNDrWAKv11iZIg2JuzcEviN99M
zcyoqfos7QD8dVOoqrmu92otH0GnETPfkta9UOTtCHRBn0YVoXC3vbBkiKGDMhjl
rRGAE7yNj0urz/DyLGwOWefaj7tAFD4QHSUKiHayGL3BH/CzFNwa7G86JDxaSbtD
SrZTDkgsycumbSTaq/hzOAkm7E4rgFfSGnPuaOJlu1pqvFw6PK2JGHsOlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJb4c8NkadcUKyAujexIvFtESzyPMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvbHZoencyUnAxeFFySUM2TjdFaThXMFJMUEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+HhAwQA
vL9gAwQAvL9rMA0GCSqGSIb3DQEBCwUAA4IBAQA6qzB0/gcDC62Ai+973SUYEI0B
V/aJ5t9PhOH+4nwkVJudwb6IXDCVN6DQjwC0MOssPbVFpqlCUeKDev7SEf1o496t
H0P/hwmR6d+nTEzKFVNuQkcImPEErKfqE0ftNN23jc0x93LFBGMT70fnwQT7gmVz
1BPh9cULrEuNUMP+9JJmruOb8g1EhDjZKAt88IeSYlnoaU+XbkeL8kvQWLkP6PWg
mWMgi1MRZfQEspbqXAU5H5UBcvJ4rCr/cV9J/KKKS26iV3VDuPlUOU1Z7fbyu7r2
gY/Jt19/aSLFTUyxcDcZ+DKST0pmFUTQ9Z0M7rifWnbXS186cdY2IzxBNrEc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org