Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/LFG3TX4xF4iFBg5LRFfhGCqtml8.roa
File: LFG3TX4xF4iFBg5LRFfhGCqtml8.roa (raw, json)
Hash identifier: 35FH8/hK5UwrOL6m4EPSKipUtcj+vfuAjwgHczDTKa4=
Subject key identifier: 2C:51:B7:4D:7E:31:17:88:85:06:0E:4B:44:57:E1:18:2A:AD:9A:5F
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 01856BDCA4DC275AA6D2010FDC3FA92A23CB
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/LFG3TX4xF4iFBg5LRFfhGCqtml8.roa
Signing time: Sun 01 Jan 2023 05:45:00 +0000
ROA not before: Sun 01 Jan 2023 05:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206766
IP address blocks: 88.218.43.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a4:dc:27:5a:a6:d2:01:0f:dc:3f:a9:2a:23:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jan 1 05:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c51b74d7e31178885060e4b4457e1182aad9a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ea:b8:59:40:6f:b6:7d:a6:ae:29:b8:e6:e3:
61:43:08:cf:e9:40:e0:18:1d:62:e6:fc:4c:2f:eb:
e8:51:28:00:0c:ea:37:37:dc:1a:ec:44:00:5a:7f:
92:c5:bb:83:7d:3c:ec:f6:c2:4a:8b:c2:52:63:5a:
8f:9e:fb:9a:92:6d:91:61:76:1c:13:a7:35:35:db:
52:be:f1:4b:e0:40:9a:44:b3:03:f0:52:7c:39:b5:
af:c2:e7:66:fc:b5:e7:b8:3b:e8:5b:b7:37:24:64:
bb:84:0e:96:c9:70:25:89:60:1e:b4:e4:75:43:61:
b0:43:06:ea:10:33:ff:11:98:e0:8e:0b:42:4b:3b:
78:93:37:f5:75:8d:d2:0c:bd:c4:66:a3:57:1d:31:
37:ce:f4:a4:c7:f1:8e:57:f3:73:71:3b:26:25:6d:
ba:7b:23:6a:ff:f4:67:33:9c:d2:97:e5:2c:2b:f4:
83:82:83:11:1b:ef:75:17:b7:65:99:58:b5:43:4d:
e7:8a:16:de:6c:51:b2:ac:e9:68:de:51:54:14:b8:
1c:0b:b3:12:74:f8:11:b2:43:a9:45:55:f2:90:d7:
1a:cf:ab:04:77:90:b7:5d:97:d4:77:ce:8c:59:99:
c1:65:d3:08:46:ad:2b:09:e6:a1:e1:c5:ec:0e:a9:
fa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:51:B7:4D:7E:31:17:88:85:06:0E:4B:44:57:E1:18:2A:AD:9A:5F
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/LFG3TX4xF4iFBg5LRFfhGCqtml8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.43.0/24
Signature Algorithm: sha256WithRSAEncryption
56:20:99:77:e3:7a:0a:38:46:b4:26:95:f5:54:18:66:09:f9:
d1:a8:d8:04:7a:0c:34:c6:5d:49:f4:f7:f2:e5:71:42:82:80:
12:ce:4c:ed:da:ae:4d:b0:a7:ce:f4:6c:51:67:16:9c:29:71:
8b:5a:39:bf:7c:b3:2f:ce:c3:9c:c1:ef:aa:78:40:7b:21:34:
1c:3f:9e:13:fc:58:97:a1:8c:c0:e8:30:f9:5d:7a:d3:34:df:
ff:54:25:1d:f6:1d:48:bb:fb:df:c4:ff:91:99:82:2f:18:1a:
a5:9b:ac:a5:15:1f:51:20:86:75:74:19:7d:86:88:28:d1:d0:
67:8b:fb:2f:5b:24:e5:cb:8d:4f:ef:16:26:c3:73:ef:46:07:
54:59:2d:f2:05:cb:70:8d:0f:de:50:8f:4a:26:c0:69:b4:33:
22:44:c7:47:e7:18:b2:9a:39:d3:8b:5d:7f:f6:62:59:ee:ef:
6a:94:66:b6:24:e3:83:1d:59:68:d4:1c:07:26:bf:61:d0:28:
13:b9:9a:d3:4e:32:14:29:8e:3a:b5:b4:35:c2:99:bf:10:fe:
af:f2:4c:c7:1a:f7:50:a2:0c:2a:36:5b:5b:cd:28:b5:12:e7:
81:5a:d6:7d:3a:50:78:bc:8b:89:99:2f:8b:83:b4:bd:b3:48:
1d:31:ef:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3KTcJ1qm0gEP3D+pKiPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjMwMTAxMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzUxYjc0ZDdlMzExNzg4ODUwNjBlNGI0NDU3ZTExODJhYWQ5YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuq4WUBvtn2mrim45uNhQwjP6UDg
GB1i5vxML+voUSgADOo3N9wa7EQAWn+SxbuDfTzs9sJKi8JSY1qPnvuakm2RYXYc
E6c1NdtSvvFL4ECaRLMD8FJ8ObWvwudm/LXnuDvoW7c3JGS7hA6WyXAliWAetOR1
Q2GwQwbqEDP/EZjgjgtCSzt4kzf1dY3SDL3EZqNXHTE3zvSkx/GOV/NzcTsmJW26
eyNq//RnM5zSl+UsK/SDgoMRG+91F7dlmVi1Q03nihbebFGyrOlo3lFUFLgcC7MS
dPgRskOpRVXykNcaz6sEd5C3XZfUd86MWZnBZdMIRq0rCeah4cXsDqn6FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxRt01+MReIhQYOS0RX4RgqrZpfMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvTEZHM1RYNHhGNGlGQmc1TFJGZmhHQ3F0bWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNorMA0G
CSqGSIb3DQEBCwUAA4IBAQBWIJl343oKOEa0JpX1VBhmCfnRqNgEegw0xl1J9Pfy
5XFCgoASzkzt2q5NsKfO9GxRZxacKXGLWjm/fLMvzsOcwe+qeEB7ITQcP54T/FiX
oYzA6DD5XXrTNN//VCUd9h1Iu/vfxP+RmYIvGBqlm6ylFR9RIIZ1dBl9hogo0dBn
i/svWyTly41P7xYmw3PvRgdUWS3yBctwjQ/eUI9KJsBptDMiRMdH5xiymjnTi11/
9mJZ7u9qlGa2JOODHVlo1BwHJr9h0CgTuZrTTjIUKY46tbQ1wpm/EP6v8kzHGvdQ
ogwqNltbzSi1EueBWtZ9OlB4vIuJmS+Lg7S9s0gdMe+g
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:24 2024 by rpki-client on console-ams.rpki-client.org