Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/LkDiF-cDOEoc9SU0nU5mMmP2Osg.roa
File: LkDiF-cDOEoc9SU0nU5mMmP2Osg.roa (raw, json)
Hash identifier: QL7QKCBXdmiZM08+xpz8KYVbdsU3SVY+Y93PwWbRq6w=
Subject key identifier: 2E:40:E2:17:E7:03:38:4A:1C:F5:25:34:9D:4E:66:32:63:F6:3A:C8
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DD174E61526E3FC5E9B056C737013
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/LkDiF-cDOEoc9SU0nU5mMmP2Osg.roa
Signing time: Sun 01 Jan 2023 23:14:51 +0000
ROA not before: Sun 01 Jan 2023 23:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206995
IP address blocks: 85.153.156.0/24 maxlen: 24
176.88.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jul 2023 14:21:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d1:74:e6:15:26:e3:fc:5e:9b:05:6c:73:70:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e40e217e703384a1cf525349d4e663263f63ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:74:f5:5d:60:80:a6:fa:c3:1d:3c:a2:30:96:
b5:9f:75:f3:fc:10:2f:cb:9d:2b:1f:62:fc:99:69:
1d:9b:0b:e0:8d:85:cc:b8:9a:d6:60:3a:a7:c7:ca:
0b:4d:50:e3:cb:5e:9d:75:97:4f:15:f9:22:d5:4c:
13:d4:a1:5a:04:f6:ae:2c:a1:28:ec:36:68:bc:47:
e5:a0:99:73:88:0e:2c:9f:50:f2:39:5c:e7:2c:84:
8b:7b:1c:91:0a:5e:32:a8:8d:b4:9b:9d:6d:fe:53:
57:61:42:b5:7a:83:a2:a2:af:55:0b:4a:8f:12:13:
ac:b5:85:50:9e:bf:e1:38:d1:55:a1:7d:fc:83:f4:
6f:17:1f:57:6a:be:10:36:56:1d:9c:40:f7:d5:7a:
0c:aa:fa:b9:60:bb:12:29:cb:2f:19:71:63:fb:87:
c6:0f:c1:ca:0f:08:6f:f6:8e:ca:73:4d:6c:9c:dc:
81:7d:b1:4e:cb:a4:33:1c:b3:de:0c:b1:4b:19:93:
22:37:37:92:e0:09:19:82:0e:56:a1:08:9d:6f:2f:
90:b9:19:3d:74:60:79:cc:98:59:f2:75:24:d1:76:
13:b9:63:02:8b:b2:d3:56:bb:ec:7d:18:cf:77:43:
03:94:93:e9:5c:23:1e:b5:01:46:16:4f:58:cd:64:
f0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:40:E2:17:E7:03:38:4A:1C:F5:25:34:9D:4E:66:32:63:F6:3A:C8
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/LkDiF-cDOEoc9SU0nU5mMmP2Osg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.156.0/24
176.88.51.0/24
Signature Algorithm: sha256WithRSAEncryption
73:7d:61:cb:5b:5f:24:29:89:41:ea:18:0e:13:21:dc:e1:07:
d3:00:ca:b0:a6:1e:24:81:23:4b:c5:7e:6a:7c:50:ed:d2:8a:
6e:6b:bd:0a:63:52:a8:1b:74:2d:e5:25:95:93:06:c0:6f:77:
6f:5c:85:4b:5c:99:ee:b5:fb:31:c4:00:96:88:c1:05:7a:95:
c3:9f:26:d5:f9:88:19:52:66:2a:9e:e9:0b:b5:4f:11:71:d0:
5a:48:b7:7b:f7:5f:9f:5a:72:20:07:c4:59:6e:71:c4:13:46:
65:83:d5:57:83:22:1e:ad:9f:dc:9a:65:2c:02:cb:88:27:ef:
58:75:9a:52:21:13:e8:0f:18:db:df:dd:35:37:9d:15:cd:6c:
4a:62:52:3f:0b:5d:ef:04:4f:bb:e1:88:e2:1a:70:e4:8c:cd:
68:0b:bb:95:ec:58:40:c1:ec:7f:b3:25:bf:10:7a:a7:84:94:
63:07:56:c1:9a:47:ed:cb:27:30:86:ff:a6:e0:8d:bb:91:be:
f6:0c:de:d7:27:43:d1:2e:14:b6:f5:56:ee:e7:17:22:a4:a0:
1d:29:99:8c:48:79:22:ef:b2:f8:ba:0c:37:88:5e:09:67:b9:
59:72:7f:45:7d:52:84:9a:62:44:35:90:47:b6:4d:05:c9:ea:
d5:00:d4:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvndF05hUm4/xemwVsc3ATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQwZTIxN2U3MDMzODRhMWNmNTI1MzQ5ZDRlNjYzMjYzZjYzYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHT1XWCApvrDHTyiMJa1n3Xz/BAv
y50rH2L8mWkdmwvgjYXMuJrWYDqnx8oLTVDjy16ddZdPFfki1UwT1KFaBPauLKEo
7DZovEfloJlziA4sn1DyOVznLISLexyRCl4yqI20m51t/lNXYUK1eoOioq9VC0qP
EhOstYVQnr/hONFVoX38g/RvFx9Xar4QNlYdnED31XoMqvq5YLsSKcsvGXFj+4fG
D8HKDwhv9o7Kc01snNyBfbFOy6QzHLPeDLFLGZMiNzeS4AkZgg5WoQidby+QuRk9
dGB5zJhZ8nUk0XYTuWMCi7LTVrvsfRjPd0MDlJPpXCMetQFGFk9YzWTwQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC5A4hfnAzhKHPUlNJ1OZjJj9jrIMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvTGtEaUYtY0RPRW9jOVNVMG5VNW1NbVAyT3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZmcAwQA
sFgzMA0GCSqGSIb3DQEBCwUAA4IBAQBzfWHLW18kKYlB6hgOEyHc4QfTAMqwph4k
gSNLxX5qfFDt0opua70KY1KoG3Qt5SWVkwbAb3dvXIVLXJnutfsxxACWiMEFepXD
nybV+YgZUmYqnukLtU8RcdBaSLd791+fWnIgB8RZbnHEE0Zlg9VXgyIerZ/cmmUs
AsuIJ+9YdZpSIRPoDxjb3901N50VzWxKYlI/C13vBE+74YjiGnDkjM1oC7uV7FhA
wex/syW/EHqnhJRjB1bBmkftyycwhv+m4I27kb72DN7XJ0PRLhS29Vbu5xcipKAd
KZmMSHki77L4ugw3iF4JZ7lZcn9FfVKEmmJENZBHtk0FyerVANTi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org