Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/LkM73PY6wwLJ50uRb88BcthtJ_I.roa
File: LkM73PY6wwLJ50uRb88BcthtJ_I.roa (raw, json)
Hash identifier: o/fwO7ry28Pa4T+SiuBuTuxNudXJfRCSQWzTciuQQCg=
Subject key identifier: 2E:43:3B:DC:F6:3A:C3:02:C9:E7:4B:91:6F:CF:01:72:D8:6D:27:F2
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018C117974591B02473D7B843D8FE81D625B
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/LkM73PY6wwLJ50uRb88BcthtJ_I.roa
Signing time: Mon 27 Nov 2023 15:50:21 +0000
ROA not before: Mon 27 Nov 2023 15:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 94.141.100.0/22 maxlen: 32
80.72.20.0/23 maxlen: 32
92.246.132.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 04 Dec 2023 11:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:79:74:59:1b:02:47:3d:7b:84:3d:8f:e8:1d:62:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Nov 27 15:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e433bdcf63ac302c9e74b916fcf0172d86d27f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9e:0b:42:7b:7c:de:12:03:0b:44:4d:f2:e1:
76:2e:bb:3e:10:d2:5b:ce:f1:a8:ca:19:c4:df:09:
4c:ef:32:89:a9:ce:99:d2:2e:06:aa:bd:ec:e4:52:
a3:d6:f3:3b:ff:e1:99:35:42:cb:04:b2:69:dc:61:
55:20:13:19:9c:e8:89:09:6b:9e:d3:d2:ea:43:44:
93:df:db:96:c0:a8:eb:b8:33:96:e7:62:94:38:ba:
6c:f7:b8:12:ea:a3:09:9d:cc:8d:36:aa:19:cc:d9:
8b:77:04:ad:f1:87:92:c8:0b:60:5b:84:77:cc:fc:
f1:79:14:1a:67:e8:3b:8c:7f:40:40:24:2b:f6:11:
74:e9:d7:5f:31:ad:19:00:dc:f8:8e:af:0d:12:8f:
fd:d8:cb:3f:f6:1b:18:af:32:a2:43:1f:0c:1e:e8:
02:e5:c4:4d:b2:1e:32:f7:52:95:61:c6:84:53:7f:
a7:62:f0:a8:23:f3:fc:97:a4:1d:56:b5:c8:6a:8d:
6a:72:dd:a3:ac:48:08:75:58:14:1d:e9:31:e9:ec:
45:66:b6:20:9d:a1:c5:11:50:a2:ef:ba:d4:54:87:
1e:8d:3c:16:e1:7b:24:75:71:10:cb:b2:0c:30:74:
53:21:76:cd:39:04:17:ce:33:c9:3c:b1:c4:90:3d:
85:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:43:3B:DC:F6:3A:C3:02:C9:E7:4B:91:6F:CF:01:72:D8:6D:27:F2
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/LkM73PY6wwLJ50uRb88BcthtJ_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.20.0/23
92.246.132.0/22
94.141.100.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:c8:17:fb:7b:1f:ad:9e:cc:bc:cd:49:0b:b3:3b:f9:e1:24:
5c:97:50:19:7f:03:16:81:0a:71:3c:de:8a:f9:a3:ca:c7:c4:
9e:ba:2f:da:d8:6b:82:59:54:4e:35:41:e6:13:a2:92:86:91:
76:e4:d9:55:74:94:ee:35:4b:36:fa:33:d5:1e:08:fc:70:0d:
6f:49:5d:3f:70:cb:13:4c:5e:52:91:04:5b:96:b0:2e:3d:87:
c3:e1:d7:a0:4a:47:0c:fa:76:13:09:1c:70:1c:bc:e2:26:e8:
cc:56:a2:39:00:7a:c9:e6:99:be:58:56:7d:cf:c3:f9:8e:29:
51:66:ce:b8:85:58:ed:a4:32:e8:b5:e6:32:bf:ab:bc:3d:82:
4c:6b:0e:7f:50:5c:8b:f4:8b:7a:75:9c:f4:51:d0:fa:b8:55:
15:c4:77:6e:f4:d9:d0:d1:9e:17:b6:2d:2b:c6:e4:07:cb:bc:
7b:92:a5:08:25:05:b5:c1:10:6a:4e:a1:73:03:6a:0d:f6:aa:
2e:ca:34:af:f8:6c:6f:23:8a:c5:7a:f6:46:47:e2:8c:af:ff:
06:5c:a6:c5:46:36:55:74:b0:ae:4e:54:f1:d7:a2:4c:96:3d:
44:e0:47:93:db:21:5e:52:ff:b9:16:c9:96:1f:f9:95:aa:df:
f3:8b:6a:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwReXRZGwJHPXuEPY/oHWJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMxMTI3MTU1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQzM2JkY2Y2M2FjMzAyYzllNzRiOTE2ZmNmMDE3MmQ4NmQyN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh54LQnt83hIDC0RN8uF2Lrs+ENJb
zvGoyhnE3wlM7zKJqc6Z0i4Gqr3s5FKj1vM7/+GZNULLBLJp3GFVIBMZnOiJCWue
09LqQ0ST39uWwKjruDOW52KUOLps97gS6qMJncyNNqoZzNmLdwSt8YeSyAtgW4R3
zPzxeRQaZ+g7jH9AQCQr9hF06ddfMa0ZANz4jq8NEo/92Ms/9hsYrzKiQx8MHugC
5cRNsh4y91KVYcaEU3+nYvCoI/P8l6QdVrXIao1qct2jrEgIdVgUHekx6exFZrYg
naHFEVCi77rUVIcejTwW4XskdXEQy7IMMHRTIXbNOQQXzjPJPLHEkD2FzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC5DO9z2OsMCyedLkW/PAXLYbSfyMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvTGtNNzNQWTZ3d0xKNTB1UmI4OEJjdGh0Sl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUEgUAwQC
XPaEAwQCXo1kMA0GCSqGSIb3DQEBCwUAA4IBAQBfyBf7ex+tnsy8zUkLszv54SRc
l1AZfwMWgQpxPN6K+aPKx8Seui/a2GuCWVRONUHmE6KShpF25NlVdJTuNUs2+jPV
Hgj8cA1vSV0/cMsTTF5SkQRblrAuPYfD4degSkcM+nYTCRxwHLziJujMVqI5AHrJ
5pm+WFZ9z8P5jilRZs64hVjtpDLoteYyv6u8PYJMaw5/UFyL9It6dZz0UdD6uFUV
xHdu9NnQ0Z4Xti0rxuQHy7x7kqUIJQW1wRBqTqFzA2oN9qouyjSv+GxvI4rFevZG
R+KMr/8GXKbFRjZVdLCuTlTx16JMlj1E4EeT2yFeUv+5FsmWH/mVqt/zi2o5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org