Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/LFRhd-k46sX-wTh6M8Ngh7IGnQE.roa
File: LFRhd-k46sX-wTh6M8Ngh7IGnQE.roa (raw, json)
Hash identifier: IXQkGGQXjj6NNS1i6oshUou2HsPSaXT0iPqwfrA/bD8=
Subject key identifier: 2C:54:61:77:E9:38:EA:C5:FE:C1:38:7A:33:C3:60:87:B2:06:9D:01
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018CC8DF313542724891D6AA3AF496F462BC
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/LFRhd-k46sX-wTh6M8Ngh7IGnQE.roa
Signing time: Tue 02 Jan 2024 06:31:59 +0000
ROA not before: Tue 02 Jan 2024 06:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202369
IP address blocks: 147.234.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:31:35:42:72:48:91:d6:aa:3a:f4:96:f4:62:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 06:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c546177e938eac5fec1387a33c36087b2069d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6d:8a:21:2c:82:ea:18:a4:82:63:1f:a8:aa:
27:e8:aa:ae:29:52:0d:d3:db:76:92:a7:47:1d:b7:
9d:42:3c:06:09:82:08:c4:d9:96:02:51:0b:eb:6a:
20:d8:86:5a:7a:e1:be:41:34:62:01:60:ff:7f:a1:
36:27:47:42:2f:40:b8:e9:ec:8f:c8:29:e7:c4:71:
92:19:1b:07:35:2d:79:b4:43:6e:54:27:73:30:7a:
48:03:ca:a1:d6:a6:ef:77:e0:17:78:44:4b:ec:4f:
0e:f6:11:ad:1b:b9:5d:0a:2c:03:36:11:98:9c:24:
ef:be:78:09:27:b8:20:c8:3d:10:f8:4d:1c:db:57:
b2:49:63:82:30:26:e1:26:62:b3:9d:e9:fd:b1:5a:
a3:c9:64:a7:62:ba:bb:63:70:78:58:1d:a6:66:25:
bd:91:e7:46:39:0d:8f:31:8c:19:dc:33:c2:b8:70:
f1:bb:94:ac:74:47:62:b9:1d:92:e9:14:3d:cb:7e:
2d:5f:f7:b3:04:f3:35:64:3d:22:ff:49:0e:14:9d:
0b:41:13:ae:30:41:f0:02:0e:21:41:6c:8e:e6:ff:
48:bc:60:bd:55:02:cd:95:47:b4:62:63:d0:fd:ce:
7e:4a:53:f7:9b:d6:76:38:fc:7c:12:b7:27:77:be:
09:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:54:61:77:E9:38:EA:C5:FE:C1:38:7A:33:C3:60:87:B2:06:9D:01
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/LFRhd-k46sX-wTh6M8Ngh7IGnQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.33.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c4:d4:1c:f7:5a:43:9a:2e:f2:05:0a:10:e4:17:00:bf:4a:
d0:b7:a6:dc:03:a0:4d:cd:05:3c:52:3d:07:c3:61:f3:51:ad:
b4:23:ed:14:93:30:e6:e5:f2:2d:77:7d:ab:36:f0:86:51:7f:
06:50:0f:4c:09:69:39:59:e4:22:c7:f9:b7:82:6a:29:4e:36:
d0:a7:e4:4a:ee:e9:ef:c9:59:12:08:17:ae:4b:14:1f:4f:a2:
36:62:19:0a:43:4e:bc:56:3a:80:94:7b:76:36:53:08:ce:4d:
ae:cc:85:5a:ef:9d:d3:f5:a3:99:97:37:d1:33:91:dc:98:6e:
13:6e:7c:00:63:bc:16:4a:ec:01:88:4b:ce:0c:67:b4:6c:66:
dd:84:57:ab:d4:0f:35:e0:6b:cb:a9:5d:79:84:cd:ee:3d:4f:
b8:5f:db:5a:91:8a:32:16:f5:45:d8:a5:6f:87:cb:c2:5a:9a:
50:4b:0f:49:4e:da:19:5d:27:65:21:5c:b3:36:97:e8:22:7a:
ae:3a:0c:dc:07:fd:1b:df:44:13:89:d5:79:79:08:14:c1:1a:
e8:76:c9:0a:27:b9:34:5d:6c:35:78:06:7c:ad:2b:fa:c2:18:
9d:51:71:f0:30:ed:bd:ba:39:ee:2a:0c:e3:4c:36:29:de:7e:
29:e9:6b:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3zE1QnJIkdaqOvSW9GK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMTAyMDYzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzU0NjE3N2U5MzhlYWM1ZmVjMTM4N2EzM2MzNjA4N2IyMDY5ZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG2KISyC6hikgmMfqKon6KquKVIN
09t2kqdHHbedQjwGCYIIxNmWAlEL62og2IZaeuG+QTRiAWD/f6E2J0dCL0C46eyP
yCnnxHGSGRsHNS15tENuVCdzMHpIA8qh1qbvd+AXeERL7E8O9hGtG7ldCiwDNhGY
nCTvvngJJ7ggyD0Q+E0c21eySWOCMCbhJmKznen9sVqjyWSnYrq7Y3B4WB2mZiW9
kedGOQ2PMYwZ3DPCuHDxu5SsdEdiuR2S6RQ9y34tX/ezBPM1ZD0i/0kOFJ0LQROu
MEHwAg4hQWyO5v9IvGC9VQLNlUe0YmPQ/c5+SlP3m9Z2OPx8Ercnd74JfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxUYXfpOOrF/sE4ejPDYIeyBp0BMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvTEZSaGQtazQ2c1gtd1RoNk04TmdoN0lHblFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+ohMA0G
CSqGSIb3DQEBCwUAA4IBAQApxNQc91pDmi7yBQoQ5BcAv0rQt6bcA6BNzQU8Uj0H
w2HzUa20I+0UkzDm5fItd32rNvCGUX8GUA9MCWk5WeQix/m3gmopTjbQp+RK7unv
yVkSCBeuSxQfT6I2YhkKQ068VjqAlHt2NlMIzk2uzIVa753T9aOZlzfRM5HcmG4T
bnwAY7wWSuwBiEvODGe0bGbdhFer1A814GvLqV15hM3uPU+4X9takYoyFvVF2KVv
h8vCWppQSw9JTtoZXSdlIVyzNpfoInquOgzcB/0b30QTidV5eQgUwRrodskKJ7k0
XWw1eAZ8rSv6whidUXHwMO29ujnuKgzjTDYp3n4p6WtS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:33 2025 by rpki-client