Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/LfFP5YGvm_DFQsXH25LLBarqrJM.roa
File: LfFP5YGvm_DFQsXH25LLBarqrJM.roa (raw, json)
Hash identifier: pLqUfg8+YkCyDGmpVjFvjJH1lCwQMcdIgvj3WmmhODU=
Subject key identifier: 2D:F1:4F:E5:81:AF:9B:F0:C5:42:C5:C7:DB:92:CB:05:AA:EA:AC:93
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018EADD1897B51F368A1F17859E651C908CF
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/LfFP5YGvm_DFQsXH25LLBarqrJM.roa
Signing time: Fri 05 Apr 2024 10:32:54 +0000
ROA not before: Fri 05 Apr 2024 10:32:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.206.64.0/20 maxlen: 20
82.206.64.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 14:24:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:d1:89:7b:51:f3:68:a1:f1:78:59:e6:51:c9:08:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Apr 5 10:32:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2df14fe581af9bf0c542c5c7db92cb05aaeaac93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8c:54:90:b9:19:17:91:e4:ca:8d:65:26:fd:
32:2b:7e:03:b3:f2:71:58:f6:52:b8:39:52:e7:f7:
b7:68:94:26:3b:86:8d:e1:bc:26:c6:e8:76:a3:1a:
58:f5:7b:41:82:be:4d:97:b8:f7:4a:93:b7:b0:20:
00:e2:35:d7:47:47:7f:15:33:0c:8e:62:8b:05:fd:
7c:1a:d1:fc:2b:14:ff:b2:ac:68:2a:aa:32:f6:71:
9d:46:e1:1c:94:cf:c8:ce:71:f7:3f:c9:30:90:0d:
0b:11:26:5f:1f:69:6f:26:6f:3f:9c:6b:c3:0f:b2:
7b:b5:20:8f:c7:62:c6:7d:9a:2a:3a:88:6c:0d:4c:
46:62:8b:3f:9e:7b:36:9b:42:75:2e:6a:d5:4f:18:
ea:6a:a6:a5:ef:4f:85:ad:64:2c:83:f7:30:c4:1f:
c5:ca:dc:55:b3:c8:5d:a8:32:af:7c:3f:53:ff:d2:
c3:33:ef:33:55:87:09:09:7a:90:b9:51:2e:6f:59:
de:2f:36:dc:6d:e3:8c:32:3d:1e:07:7f:b9:df:b4:
c6:ea:16:ea:90:d0:2e:6b:9e:27:8e:a8:cd:f7:d9:
55:0e:55:d4:f1:1d:25:25:74:3b:08:2d:56:79:e8:
6b:cd:8e:5d:d9:12:08:91:92:4e:8b:aa:ef:ae:6d:
b0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F1:4F:E5:81:AF:9B:F0:C5:42:C5:C7:DB:92:CB:05:AA:EA:AC:93
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/LfFP5YGvm_DFQsXH25LLBarqrJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.64.0/20
Signature Algorithm: sha256WithRSAEncryption
6a:8e:90:a2:67:b4:57:8b:30:38:21:9e:de:55:08:12:1e:99:
a0:c8:28:14:e7:3e:50:03:9d:9c:f4:2a:ae:f9:6f:56:89:2a:
a7:0c:a7:a9:3e:86:57:5f:87:f5:6e:30:75:13:42:3c:42:f0:
97:22:d0:2c:50:6e:e1:a3:c9:96:f6:96:38:7e:b7:e8:82:51:
c1:7e:d4:74:71:90:a4:18:1a:b2:fd:81:a4:ac:71:5c:9f:69:
64:93:fe:ce:2b:06:4f:84:1b:61:72:27:89:7f:d0:f2:c8:52:
90:41:25:0f:15:25:7d:7d:f0:e4:94:cc:cd:85:c3:ad:a2:2e:
10:24:34:b6:34:55:f2:f6:0d:f2:5b:92:9c:6a:90:c3:a2:c8:
8e:d2:df:3a:23:f5:c5:1b:35:1d:64:57:41:71:a8:23:25:20:
9b:89:db:28:50:34:bb:6b:7b:dd:6d:d4:ec:31:f5:6d:c7:d2:
ef:b9:97:9f:6e:d5:d2:5e:bd:c3:01:fa:7e:d8:54:c3:e4:ce:
21:8a:f1:cb:ae:ef:8d:15:95:a3:be:89:15:e0:d6:69:c8:a6:
6e:a1:22:1a:40:74:92:44:9a:0e:d0:0a:ae:85:f9:52:96:6e:
2e:11:7a:b8:30:ab:26:98:f0:75:52:52:9a:7a:a9:1a:3b:d1:
c3:cc:c3:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6t0Yl7UfNoofF4WeZRyQjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjQwNDA1MTAzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGYxNGZlNTgxYWY5YmYwYzU0MmM1YzdkYjkyY2IwNWFhZWFhYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoxUkLkZF5Hkyo1lJv0yK34Ds/Jx
WPZSuDlS5/e3aJQmO4aN4bwmxuh2oxpY9XtBgr5Nl7j3SpO3sCAA4jXXR0d/FTMM
jmKLBf18GtH8KxT/sqxoKqoy9nGdRuEclM/IznH3P8kwkA0LESZfH2lvJm8/nGvD
D7J7tSCPx2LGfZoqOohsDUxGYos/nns2m0J1LmrVTxjqaqal70+FrWQsg/cwxB/F
ytxVs8hdqDKvfD9T/9LDM+8zVYcJCXqQuVEub1neLzbcbeOMMj0eB3+537TG6hbq
kNAua54njqjN99lVDlXU8R0lJXQ7CC1WeehrzY5d2RIIkZJOi6rvrm2wmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3xT+WBr5vwxULFx9uSywWq6qyTMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvTGZGUDVZR3ZtX0RGUXNYSDI1TExCYXJxckpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUs5AMA0G
CSqGSIb3DQEBCwUAA4IBAQBqjpCiZ7RXizA4IZ7eVQgSHpmgyCgU5z5QA52c9Cqu
+W9WiSqnDKepPoZXX4f1bjB1E0I8QvCXItAsUG7ho8mW9pY4frfoglHBftR0cZCk
GBqy/YGkrHFcn2lkk/7OKwZPhBthcieJf9DyyFKQQSUPFSV9ffDklMzNhcOtoi4Q
JDS2NFXy9g3yW5KcapDDosiO0t86I/XFGzUdZFdBcagjJSCbidsoUDS7a3vdbdTs
MfVtx9LvuZefbtXSXr3DAfp+2FTD5M4hivHLru+NFZWjvokV4NZpyKZuoSIaQHSS
RJoO0AquhflSlm4uEXq4MKsmmPB1UlKaeqkaO9HDzMNS
-----END CERTIFICATE-----
Generated at Wed Apr 17 16:56:22 2024 by rpki-client on console-fra.rpki-client.org