Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/L2lg5YlhMa7p6iPUEYTQsEx3lAM.roa
File: L2lg5YlhMa7p6iPUEYTQsEx3lAM.roa (raw, json)
Hash identifier: RiAPmeqXfcu/KoiFzvfNsMF/z8kCk3Nn9Qrl3/xyrNg=
Subject key identifier: 2F:69:60:E5:89:61:31:AE:E9:EA:23:D4:11:84:D0:B0:4C:77:94:03
Certificate issuer: /CN=78d636c505d56af42a414c167d52407d356b3d0b
Certificate serial: 018570302BD395E9A16EFA2EBDDA8172C31F
Authority key identifier: 78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/L2lg5YlhMa7p6iPUEYTQsEx3lAM.roa
Signing time: Mon 02 Jan 2023 01:54:42 +0000
ROA not before: Mon 02 Jan 2023 01:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201011
IP address blocks: 188.65.144.0/21 maxlen: 21
91.204.168.0/22 maxlen: 22
2a00:1aa0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Nov 2023 11:21:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:2b:d3:95:e9:a1:6e:fa:2e:bd:da:81:72:c3:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d636c505d56af42a414c167d52407d356b3d0b
Validity
Not Before: Jan 2 01:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f6960e5896131aee9ea23d41184d0b04c779403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ed:37:dc:52:8b:ef:21:fb:bd:0a:27:28:27:
f2:20:75:44:cf:19:56:72:d6:56:59:2d:f4:14:10:
64:b5:ea:af:67:73:63:61:dd:44:e8:48:7a:96:54:
98:9c:23:5e:20:2e:42:0b:22:60:0a:33:48:9b:93:
7c:e6:ef:f3:9d:2e:5c:76:db:83:26:72:51:63:be:
00:01:6e:8e:58:d0:5e:ac:c1:f2:40:1f:4f:bf:ef:
3d:65:19:db:b1:13:47:b7:84:d3:10:b3:02:bb:7b:
ad:be:3b:b8:08:7a:e7:96:e4:da:94:83:42:22:66:
69:97:a4:5b:e5:b1:db:f9:43:52:9b:aa:5d:80:29:
bf:d5:63:ac:be:54:58:6a:fc:59:5f:d4:3b:75:ad:
07:37:3b:6f:70:62:cb:a6:ce:da:9c:eb:61:10:ea:
6b:69:89:2b:46:38:ad:c3:23:cd:8e:77:98:d2:a8:
aa:b8:63:23:69:39:cc:ac:c8:32:18:10:85:5f:7d:
86:36:74:a1:cd:ce:77:e0:95:71:32:b1:f7:d0:33:
27:70:20:02:fb:4c:eb:e1:e2:f3:40:3f:b0:f2:d8:
cb:81:52:38:4e:05:52:bb:2d:eb:55:9c:c3:ec:a2:
ba:6b:b7:11:ae:8b:cd:74:48:90:05:19:0f:bf:50:
de:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:69:60:E5:89:61:31:AE:E9:EA:23:D4:11:84:D0:B0:4C:77:94:03
X509v3 Authority Key Identifier:
keyid:78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/L2lg5YlhMa7p6iPUEYTQsEx3lAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/eNY2xQXVavQqQUwWfVJAfTVrPQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.168.0/22
188.65.144.0/21
IPv6:
2a00:1aa0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:bf:ab:f6:97:58:b4:92:2f:c3:b9:5a:51:9d:80:cb:0b:1c:
4a:fd:58:90:1b:c2:21:52:f0:14:7b:87:3e:4a:1b:de:9a:f2:
09:5c:c4:dc:02:51:66:e8:d5:3c:9d:fb:1a:73:b2:bf:0e:15:
b2:18:4a:14:66:fe:b5:99:95:a6:bd:7e:01:3a:4a:f0:75:f5:
3e:42:cc:34:50:02:34:d8:dd:79:a8:b0:e2:bb:12:6a:95:9f:
ec:5e:fb:fa:8e:bf:7b:62:f0:dc:94:fa:7a:f6:0b:e4:80:32:
72:52:95:d3:39:d3:e1:64:0b:9e:4d:9e:3b:c5:12:02:bb:80:
6f:0b:fd:4d:ff:57:b3:c6:eb:62:7e:bf:1a:d3:89:6f:f9:e5:
e0:12:15:45:4e:d8:4c:04:9c:df:a4:4f:7f:4f:97:25:67:e3:
2b:7a:43:64:1d:35:ec:78:ac:09:c6:92:92:f8:32:53:67:50:
13:66:9a:d3:ef:5f:cb:d0:28:c6:ac:0d:cc:60:a7:7f:e5:72:
35:57:85:40:88:59:b9:6c:07:f9:20:b0:a4:fb:1d:a8:36:ee:
de:d7:e1:bc:ca:d5:d7:e3:56:a6:5b:cd:01:22:bd:ac:0c:72:
ad:fa:13:e0:62:53:51:81:a2:96:46:6b:06:f3:c8:bf:ec:f8:
e2:c4:ce:8b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwMCvTlemhbvouvdqBcsMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZDYzNmM1MDVkNTZhZjQyYTQxNGMxNjdkNTI0MDdkMzU2
YjNkMGIwHhcNMjMwMTAyMDE1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjY5NjBlNTg5NjEzMWFlZTllYTIzZDQxMTg0ZDBiMDRjNzc5NDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne033FKL7yH7vQonKCfyIHVEzxlW
ctZWWS30FBBkteqvZ3NjYd1E6Eh6llSYnCNeIC5CCyJgCjNIm5N85u/znS5cdtuD
JnJRY74AAW6OWNBerMHyQB9Pv+89ZRnbsRNHt4TTELMCu3utvju4CHrnluTalINC
ImZpl6Rb5bHb+UNSm6pdgCm/1WOsvlRYavxZX9Q7da0HNztvcGLLps7anOthEOpr
aYkrRjitwyPNjneY0qiquGMjaTnMrMgyGBCFX32GNnShzc534JVxMrH30DMncCAC
+0zr4eLzQD+w8tjLgVI4TgVSuy3rVZzD7KK6a7cRrovNdEiQBRkPv1DeHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC9pYOWJYTGu6eoj1BGE0LBMd5QDMB8GA1UdIwQY
MBaAFHjWNsUF1Wr0KkFMFn1SQH01az0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZU5ZMnhRWFZhdlFxUVV3V2ZWSkFmVFZyUFFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZmE5NDUtNTBlNy00NzlhLTlkOTIt
ZGRjZDRkOTM1MDMwLzEvTDJsZzVZbGhNYTdwNmlQVUVZVFFzRXgzbEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZmE5NDUtNTBlNy00NzlhLTlkOTItZGRjZDRkOTM1MDMw
LzEvZU5ZMnhRWFZhdlFxUVV3V2ZWSkFmVFZyUFFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8yoAwQD
vEGQMA0EAgACMAcDBQAqABqgMA0GCSqGSIb3DQEBCwUAA4IBAQBsv6v2l1i0ki/D
uVpRnYDLCxxK/ViQG8IhUvAUe4c+ShvemvIJXMTcAlFm6NU8nfsac7K/DhWyGEoU
Zv61mZWmvX4BOkrwdfU+Qsw0UAI02N15qLDiuxJqlZ/sXvv6jr97YvDclPp69gvk
gDJyUpXTOdPhZAueTZ47xRICu4BvC/1N/1ezxutifr8a04lv+eXgEhVFTthMBJzf
pE9/T5clZ+MrekNkHTXseKwJxpKS+DJTZ1ATZprT71/L0CjGrA3MYKd/5XI1V4VA
iFm5bAf5ILCk+x2oNu7e1+G8ytXX41amW80BIr2sDHKt+hPgYlNRgaKWRmsG88i/
7PjixM6L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:46 2024 by rpki-client on console-fra.rpki-client.org