Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/lW4zbDiktmnrIf8TPcdspHgHBaY.roa
File: lW4zbDiktmnrIf8TPcdspHgHBaY.roa (raw, json)
Hash identifier: aAweZF9KQQ4kRi72yezRgWNH4XCOtIajBBcq20pU+RY=
Subject key identifier: 95:6E:33:6C:38:A4:B6:69:EB:21:FF:13:3D:C7:6C:A4:78:07:05:A6
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 0187A7EC1C5B5DF3ABC8A9296BE21921FAA1
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/lW4zbDiktmnrIf8TPcdspHgHBaY.roa
Signing time: Sat 22 Apr 2023 07:44:41 +0000
ROA not before: Sat 22 Apr 2023 07:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.75.69.0/24 maxlen: 24
103.75.68.0/24 maxlen: 24
88.218.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Apr 2023 11:54:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a7:ec:1c:5b:5d:f3:ab:c8:a9:29:6b:e2:19:21:fa:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Apr 22 07:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956e336c38a4b669eb21ff133dc76ca4780705a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:44:c9:ca:5c:f8:a8:0d:1b:22:9b:67:68:de:
2f:57:a4:ab:75:34:40:c8:e7:fb:38:c5:45:a2:a5:
c0:9c:a1:6f:42:59:39:25:8c:ba:18:42:ae:7e:28:
58:b1:2a:40:1d:4f:97:04:df:d6:cd:96:9b:2f:96:
3c:df:35:31:dc:46:d7:5e:29:68:39:f6:5c:7c:65:
fa:34:b1:88:13:74:9b:a3:f3:64:04:fa:53:fc:79:
db:d0:63:4f:f8:ff:fa:59:e7:30:f7:36:83:61:59:
77:58:2f:b9:60:8a:4e:ff:9a:fd:16:d6:87:45:52:
b2:f4:80:33:4c:8f:ea:88:6e:8e:b1:01:e7:db:00:
a3:35:b1:5c:6f:19:78:8d:4b:a3:10:26:cf:e9:65:
2a:02:79:d1:16:4f:0d:3c:23:63:a4:82:c9:3d:8f:
4b:73:46:1a:00:71:6d:d1:38:c0:af:5d:33:8d:bf:
1a:e7:1b:55:a3:5a:ac:e2:01:db:7a:ff:9b:a8:f0:
39:32:bd:2f:17:94:58:00:1c:4a:e4:ac:2c:5e:ca:
f4:06:e6:24:52:61:09:bf:bf:ae:65:10:64:01:86:
4d:40:69:2c:3f:cd:f3:ac:e7:9c:d9:e1:3d:28:f1:
f7:10:9f:77:81:34:e4:8e:c0:6d:cb:ce:63:e0:e0:
bb:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6E:33:6C:38:A4:B6:69:EB:21:FF:13:3D:C7:6C:A4:78:07:05:A6
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/lW4zbDiktmnrIf8TPcdspHgHBaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.42.0/24
103.75.68.0/23
Signature Algorithm: sha256WithRSAEncryption
45:5c:63:ac:ee:aa:78:1d:43:dd:b0:7c:3f:df:cb:62:3a:7c:
3c:2a:a4:a3:ba:36:2b:8a:07:07:9e:6b:a7:13:57:b3:5f:9e:
0a:cd:0b:fb:38:98:1c:da:f2:d3:cc:ea:c2:2d:ec:24:61:e8:
28:e6:2e:b5:34:c4:9f:60:4c:ec:5f:fc:50:76:93:cc:5d:83:
b5:0a:82:c1:d0:b2:a8:d2:ca:14:18:d4:c8:40:62:dc:1f:37:
ba:b9:d9:65:53:ab:19:34:19:2e:d3:8f:92:6b:5b:77:3d:c8:
c9:f2:32:41:34:ff:9f:ee:c4:36:05:90:70:c4:9a:eb:da:3c:
fe:24:24:cb:f4:fd:36:62:1d:6a:4f:7e:32:52:b5:65:50:4d:
d6:70:50:06:65:77:b0:75:8c:cf:5f:85:95:0c:95:93:76:3d:
66:7e:8b:9d:dc:d2:0f:5d:7c:cc:bb:cf:57:21:45:ca:64:32:
5a:f5:65:d9:e3:7e:f8:b7:5c:14:81:e4:76:a1:f4:6e:a1:fd:
7b:8a:7f:74:67:6e:dd:09:7b:44:5c:a1:1f:c2:25:f3:83:8a:
db:26:5c:bf:a2:18:4e:50:8b:bc:af:ad:90:9c:57:44:cf:be:
46:2f:8b:47:05:e5:ba:d1:d0:02:9a:2b:e3:ff:66:f6:c2:69:
d1:2a:f0:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYen7BxbXfOryKkpa+IZIfqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjMwNDIyMDc0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZlMzM2YzM4YTRiNjY5ZWIyMWZmMTMzZGM3NmNhNDc4MDcwNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUTJylz4qA0bIptnaN4vV6SrdTRA
yOf7OMVFoqXAnKFvQlk5JYy6GEKufihYsSpAHU+XBN/WzZabL5Y83zUx3EbXXilo
OfZcfGX6NLGIE3Sbo/NkBPpT/Hnb0GNP+P/6Wecw9zaDYVl3WC+5YIpO/5r9FtaH
RVKy9IAzTI/qiG6OsQHn2wCjNbFcbxl4jUujECbP6WUqAnnRFk8NPCNjpILJPY9L
c0YaAHFt0TjAr10zjb8a5xtVo1qs4gHbev+bqPA5Mr0vF5RYABxK5KwsXsr0BuYk
UmEJv7+uZRBkAYZNQGksP83zrOec2eE9KPH3EJ93gTTkjsBty85j4OC7WwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJVuM2w4pLZp6yH/Ez3HbKR4BwWmMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvbFc0emJEaWt0bW5ySWY4VFBjZHNwSGdIQmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNoqAwQB
Z0tEMA0GCSqGSIb3DQEBCwUAA4IBAQBFXGOs7qp4HUPdsHw/38tiOnw8KqSjujYr
igcHnmunE1ezX54KzQv7OJgc2vLTzOrCLewkYego5i61NMSfYEzsX/xQdpPMXYO1
CoLB0LKo0soUGNTIQGLcHze6udllU6sZNBku04+Sa1t3PcjJ8jJBNP+f7sQ2BZBw
xJrr2jz+JCTL9P02Yh1qT34yUrVlUE3WcFAGZXewdYzPX4WVDJWTdj1mfoud3NIP
XXzMu89XIUXKZDJa9WXZ4374t1wUgeR2ofRuof17in90Z27dCXtEXKEfwiXzg4rb
Jly/ohhOUIu8r62QnFdEz75GL4tHBeW60dACmivj/2b2wmnRKvDu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:03 2024 by rpki-client on console-fra.rpki-client.org