Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lkafAOMSreJnZDzczKmTkfsyld0.roa
File: lkafAOMSreJnZDzczKmTkfsyld0.roa (raw, json)
Hash identifier: WjFhLbMlB1/0+t7Yl5hxcvhRd634JKwz7jwpvb+pn4k=
Subject key identifier: 96:46:9F:00:E3:12:AD:E2:67:64:3C:DC:CC:A9:93:91:FB:32:95:DD
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018D8DF4A5220CA1445F2FA32A0540446336
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lkafAOMSreJnZDzczKmTkfsyld0.roa
Signing time: Fri 09 Feb 2024 13:00:36 +0000
ROA not before: Fri 09 Feb 2024 13:00:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 212.80.8.0/22 maxlen: 22
212.80.24.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 09:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:f4:a5:22:0c:a1:44:5f:2f:a3:2a:05:40:44:63:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 9 13:00:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96469f00e312ade267643cdccca99391fb3295dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:19:32:1a:10:82:b4:aa:44:da:c1:21:ce:
f1:72:3d:5e:f3:2b:a0:67:37:31:81:95:5f:ad:9d:
99:c0:ec:96:8b:8b:11:5b:7d:de:1b:6c:4c:4a:72:
55:90:4a:e3:95:40:e7:00:79:e8:77:19:7c:d5:6c:
bc:62:b9:90:e8:e9:90:bc:b9:c0:5b:d1:64:6f:1c:
e8:47:83:2a:5e:4a:1e:15:37:d9:ac:e1:f0:5f:73:
6d:d2:42:c6:55:e1:1f:33:ed:51:10:d3:db:08:61:
d5:87:ac:73:6a:10:92:4b:d6:01:d6:cc:e3:ad:ee:
99:3f:c3:df:54:82:c9:6d:5e:cd:6b:1c:86:ca:62:
7c:73:7f:9f:a6:1b:28:3c:2b:f6:78:c6:5e:b5:70:
3e:12:52:a3:d0:70:be:0d:0e:b7:c5:f8:78:c3:c7:
c6:e8:bd:53:31:e7:65:ba:ca:ec:5f:28:ee:cb:33:
aa:f3:4a:83:cd:eb:24:15:74:71:5d:12:b8:0a:b5:
37:9c:73:7a:a3:f5:a0:ce:ff:c5:ab:d6:8c:21:0a:
0c:66:82:98:a1:51:b0:0e:8d:54:a4:ca:7b:2a:73:
f4:fa:71:76:23:93:88:a6:bd:91:b6:20:09:a4:47:
c4:7b:3d:2d:49:53:b0:74:59:5b:ba:27:9e:4d:d0:
48:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:46:9F:00:E3:12:AD:E2:67:64:3C:DC:CC:A9:93:91:FB:32:95:DD
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lkafAOMSreJnZDzczKmTkfsyld0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.80.8.0/22
212.80.24.0/24
212.80.29.0/24
Signature Algorithm: sha256WithRSAEncryption
26:7d:64:03:b3:84:65:21:98:a4:ef:76:95:56:6d:b8:83:f5:
f2:15:99:fb:57:02:1d:81:bc:cb:4c:ce:7f:5c:36:77:66:6c:
f0:42:5d:d6:1a:73:28:c8:57:58:01:1f:98:54:06:bf:01:3a:
78:eb:45:d7:6d:4e:0b:e5:c6:b1:93:d6:d3:a3:d2:18:a2:40:
fe:a7:9d:1f:f2:52:91:86:05:e8:c9:85:eb:b6:95:88:23:b6:
79:25:22:68:ac:63:55:ed:c7:fe:1b:53:8c:1f:e9:3c:63:07:
98:f1:d3:ea:a6:e8:e0:a3:1a:ae:b6:c2:2c:6d:80:bd:18:eb:
40:d0:a8:72:ee:12:7c:09:56:3f:42:8b:3a:d2:ac:ad:6b:94:
0f:ed:79:c2:6d:59:85:83:b6:f5:65:b3:a9:76:2a:ef:de:02:
6b:d0:8f:1d:9d:51:06:7f:34:c5:fd:d3:7b:21:d5:93:a3:9f:
a7:00:e0:fa:e4:60:a2:f5:1b:4d:de:89:27:d6:96:0b:b2:65:
5e:77:8c:5c:d9:27:f2:b5:ff:a0:7f:05:ba:9c:d5:35:d6:a0:
96:7f:a8:7b:a4:cb:a7:b0:8a:da:42:98:8d:c0:d9:ee:ad:f7:
c1:60:b1:72:5a:41:af:ae:0e:5d:10:da:a3:84:78:d9:bc:a9:
24:65:fa:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2N9KUiDKFEXy+jKgVARGM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjA5MTMwMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQ2OWYwMGUzMTJhZGUyNjc2NDNjZGNjY2E5OTM5MWZiMzI5NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbAZMhoQgrSqRNrBIc7xcj1e8yug
ZzcxgZVfrZ2ZwOyWi4sRW33eG2xMSnJVkErjlUDnAHnodxl81Wy8YrmQ6OmQvLnA
W9FkbxzoR4MqXkoeFTfZrOHwX3Nt0kLGVeEfM+1RENPbCGHVh6xzahCSS9YB1szj
re6ZP8PfVILJbV7NaxyGymJ8c3+fphsoPCv2eMZetXA+ElKj0HC+DQ63xfh4w8fG
6L1TMedlusrsXyjuyzOq80qDzeskFXRxXRK4CrU3nHN6o/Wgzv/Fq9aMIQoMZoKY
oVGwDo1UpMp7KnP0+nF2I5OIpr2RtiAJpEfEez0tSVOwdFlbuieeTdBIpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJZGnwDjEq3iZ2Q83Mypk5H7MpXdMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvbGthZkFPTVNyZUpuWkR6Y3pLbVRrZnN5bGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQC1FAIAwQA
1FAYAwQA1FAdMA0GCSqGSIb3DQEBCwUAA4IBAQAmfWQDs4RlIZik73aVVm24g/Xy
FZn7VwIdgbzLTM5/XDZ3ZmzwQl3WGnMoyFdYAR+YVAa/ATp460XXbU4L5caxk9bT
o9IYokD+p50f8lKRhgXoyYXrtpWII7Z5JSJorGNV7cf+G1OMH+k8YweY8dPqpujg
oxqutsIsbYC9GOtA0Khy7hJ8CVY/Qos60qyta5QP7XnCbVmFg7b1ZbOpdirv3gJr
0I8dnVEGfzTF/dN7IdWTo5+nAOD65GCi9RtN3okn1pYLsmVed4xc2Sfytf+gfwW6
nNU11qCWf6h7pMunsIraQpiNwNnurffBYLFyWkGvrg5dENqjhHjZvKkkZfqn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org