Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/lUcAa7aG6meVFxr5UKYiPbd0XDE.roa
File: lUcAa7aG6meVFxr5UKYiPbd0XDE.roa (raw, json)
Hash identifier: HSElTZqM3zNUEU00n63LR4BgubHPkAOR8Qgv7PnWHX8=
Subject key identifier: 95:47:00:6B:B6:86:EA:67:95:17:1A:F9:50:A6:22:3D:B7:74:5C:31
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 018611385ED186DDCE9E44806354D39F740F
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/lUcAa7aG6meVFxr5UKYiPbd0XDE.roa
Signing time: Thu 02 Feb 2023 08:22:32 +0000
ROA not before: Thu 02 Feb 2023 08:22:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43647
IP address blocks: 82.148.0.0/21 maxlen: 24
89.232.184.0/22 maxlen: 24
213.232.225.0/24 maxlen: 24
213.232.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 May 2023 14:59:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:11:38:5e:d1:86:dd:ce:9e:44:80:63:54:d3:9f:74:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Feb 2 08:22:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9547006bb686ea6795171af950a6223db7745c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:41:10:73:88:3f:35:04:22:52:62:1e:91:6e:
97:90:4a:24:76:a2:e3:80:ba:7c:53:36:47:d3:b4:
61:d5:f4:cd:c8:89:a8:b2:76:95:4b:2d:91:6c:50:
b3:52:b5:14:c1:d4:b6:79:c8:2d:12:a8:6e:2e:b5:
d0:0c:0d:75:bd:52:cd:e1:62:69:6b:d6:b6:20:b9:
ea:51:e8:6c:55:76:68:db:9f:00:dd:a6:14:30:a4:
61:a4:90:31:31:67:84:94:9f:43:cd:e1:c1:63:8e:
04:e1:da:c0:bc:0a:ff:ad:a8:92:ed:d4:b6:5a:0a:
d6:a7:12:8b:be:14:b1:a5:df:16:e9:52:fe:9a:fb:
aa:e9:24:ad:09:61:73:66:02:c9:24:37:cb:96:e2:
6a:8e:ae:1c:fc:63:f9:41:ff:31:68:c1:fc:53:45:
b2:94:66:c2:d0:67:68:ec:05:94:34:a0:78:7f:03:
21:49:c4:75:e5:94:57:ab:95:fe:e6:18:3f:ed:cb:
7d:1f:f8:71:51:e1:43:85:70:34:98:07:23:8b:9a:
7f:c7:ff:4a:fd:1e:69:e7:5a:1b:46:c1:ae:ec:4b:
34:1f:c6:f6:f0:e3:70:d9:a1:2f:34:c7:c8:f8:7d:
35:d4:8b:70:c2:e1:cf:dc:c2:44:b3:71:39:12:47:
89:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:47:00:6B:B6:86:EA:67:95:17:1A:F9:50:A6:22:3D:B7:74:5C:31
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/lUcAa7aG6meVFxr5UKYiPbd0XDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.0.0/21
89.232.184.0/22
213.232.225.0/24
213.232.245.0/24
Signature Algorithm: sha256WithRSAEncryption
50:eb:c9:81:cd:5f:84:23:fa:7d:29:95:d3:b9:bc:bf:60:86:
19:ae:5b:0f:98:7e:75:eb:e8:b1:65:9e:58:83:6c:e2:73:56:
3c:7b:1d:72:6a:90:99:a7:40:9b:42:93:a9:c3:e5:ca:b4:5d:
65:8d:b8:f6:cb:7e:bd:46:1e:78:03:24:7c:07:95:17:c9:8a:
96:0d:ac:37:f0:49:14:e5:d1:64:0e:8c:9c:77:82:f8:60:8c:
49:6a:e0:f0:a9:23:c7:2e:d1:00:2a:0e:01:cf:fd:c0:00:1d:
ff:62:9c:5e:cb:11:65:bd:11:9f:94:84:7c:f9:b2:9c:5d:69:
b2:06:48:d7:f2:67:01:b3:a7:c6:1c:87:76:13:de:96:95:86:
52:b5:c2:9a:38:11:af:2e:e0:ec:d8:5d:a3:a5:0a:4d:7b:87:
83:3a:90:0e:37:7a:73:4f:b3:fc:0d:87:d4:84:bc:6b:c7:88:
28:8a:16:6b:a1:ab:c0:b6:13:46:8d:e4:e9:83:ae:53:44:d2:
65:59:04:a8:1f:da:ae:83:f8:73:5e:26:ce:b7:87:e6:01:36:
70:61:48:e0:ac:6d:f8:ff:96:ea:9e:8a:a4:41:77:cc:0e:94:
21:4c:eb:07:c6:d5:5f:c1:49:9b:c1:f9:f8:7e:53:a2:c6:de:
31:00:5c:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYROF7Rht3OnkSAY1TTn3QPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjMwMjAyMDgyMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ3MDA2YmI2ODZlYTY3OTUxNzFhZjk1MGE2MjIzZGI3NzQ1YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkEQc4g/NQQiUmIekW6XkEokdqLj
gLp8UzZH07Rh1fTNyImosnaVSy2RbFCzUrUUwdS2ecgtEqhuLrXQDA11vVLN4WJp
a9a2ILnqUehsVXZo258A3aYUMKRhpJAxMWeElJ9DzeHBY44E4drAvAr/raiS7dS2
WgrWpxKLvhSxpd8W6VL+mvuq6SStCWFzZgLJJDfLluJqjq4c/GP5Qf8xaMH8U0Wy
lGbC0Gdo7AWUNKB4fwMhScR15ZRXq5X+5hg/7ct9H/hxUeFDhXA0mAcji5p/x/9K
/R5p51obRsGu7Es0H8b28ONw2aEvNMfI+H011ItwwuHP3MJEs3E5EkeJRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJVHAGu2hupnlRca+VCmIj23dFwxMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvbFVjQWE3YUc2bWVWRnhyNVVLWWlQYmQwWERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDUpQAAwQC
Wei4AwQA1ejhAwQA1ej1MA0GCSqGSIb3DQEBCwUAA4IBAQBQ68mBzV+EI/p9KZXT
uby/YIYZrlsPmH516+ixZZ5Yg2zic1Y8ex1yapCZp0CbQpOpw+XKtF1ljbj2y369
Rh54AyR8B5UXyYqWDaw38EkU5dFkDoycd4L4YIxJauDwqSPHLtEAKg4Bz/3AAB3/
YpxeyxFlvRGflIR8+bKcXWmyBkjX8mcBs6fGHId2E96WlYZStcKaOBGvLuDs2F2j
pQpNe4eDOpAON3pzT7P8DYfUhLxrx4goihZroavAthNGjeTpg65TRNJlWQSoH9qu
g/hzXibOt4fmATZwYUjgrG34/5bqnoqkQXfMDpQhTOsHxtVfwUmbwfn4flOixt4x
AFwa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:19 2024 by rpki-client on console-ams.rpki-client.org