Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b1ce34-e043-45a8-bebd-8982b7a8f614/1/loeq_OtJ7dYvnFESGh7qCBZ29HE.roa
File: loeq_OtJ7dYvnFESGh7qCBZ29HE.roa (raw, json)
Hash identifier: vWosAE91E4dugUT62O/SkilINpvI4yWqNmntugmedDs=
Subject key identifier: 96:87:AA:FC:EB:49:ED:D6:2F:9C:51:12:1A:1E:EA:08:16:76:F4:71
Certificate issuer: /CN=7d6340e37ccfc12aebaac2a5f33d45ea0a887a8a
Certificate serial: 018571C311A5DD5119DCF95B0D5C23697146
Authority key identifier: 7D:63:40:E3:7C:CF:C1:2A:EB:AA:C2:A5:F3:3D:45:EA:0A:88:7A:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWNA43zPwSrrqsKl8z1F6gqIeoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b1ce34-e043-45a8-bebd-8982b7a8f614/1/loeq_OtJ7dYvnFESGh7qCBZ29HE.roa
Signing time: Mon 02 Jan 2023 09:14:47 +0000
ROA not before: Mon 02 Jan 2023 09:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34803
IP address blocks: 195.166.192.0/19 maxlen: 24
185.104.220.0/22 maxlen: 24
85.115.128.0/19 maxlen: 24
2a02:638::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:11:a5:dd:51:19:dc:f9:5b:0d:5c:23:69:71:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d6340e37ccfc12aebaac2a5f33d45ea0a887a8a
Validity
Not Before: Jan 2 09:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9687aafceb49edd62f9c51121a1eea081676f471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1a:84:3d:b8:7b:10:11:9a:9f:75:d0:2e:74:
05:06:1c:5b:76:b7:a9:c5:ff:4f:32:78:00:8e:d2:
32:b3:f0:96:53:60:82:b5:fb:10:d8:89:94:d3:c8:
70:a1:c1:66:8c:ff:11:d0:82:66:aa:ef:b9:95:23:
ff:fe:ef:59:2f:e4:4f:ca:4a:c2:10:05:8d:4e:83:
61:e4:30:51:ad:5c:2b:97:ae:40:0d:cb:7b:19:ba:
43:0b:62:3b:1e:71:29:76:4c:7a:f5:b5:23:6a:89:
73:6e:ef:da:93:91:ba:bd:a8:76:b5:d8:49:2c:48:
a3:0a:60:07:55:f3:80:b1:48:94:f3:91:e0:21:08:
ea:25:7e:d7:da:41:32:87:1b:99:7c:a1:f8:f5:06:
9b:f5:00:40:ff:d1:2e:39:8e:4f:70:b8:66:47:61:
3f:5c:4f:25:c8:2f:3f:b4:0d:df:dc:8b:23:8a:b6:
25:f5:ab:eb:91:b9:9c:6c:00:78:46:cc:75:51:db:
85:bd:a4:42:50:4b:10:7b:eb:47:ee:07:47:24:02:
2d:f3:7d:73:2a:ca:bf:3a:ba:71:61:52:33:3f:dd:
09:2f:54:3a:36:86:11:2f:7f:c2:1f:e5:ab:95:54:
74:a7:e8:8d:35:88:c3:20:a3:d4:40:98:0b:86:16:
aa:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:87:AA:FC:EB:49:ED:D6:2F:9C:51:12:1A:1E:EA:08:16:76:F4:71
X509v3 Authority Key Identifier:
keyid:7D:63:40:E3:7C:CF:C1:2A:EB:AA:C2:A5:F3:3D:45:EA:0A:88:7A:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWNA43zPwSrrqsKl8z1F6gqIeoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b1ce34-e043-45a8-bebd-8982b7a8f614/1/loeq_OtJ7dYvnFESGh7qCBZ29HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b1ce34-e043-45a8-bebd-8982b7a8f614/1/fWNA43zPwSrrqsKl8z1F6gqIeoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.128.0/19
185.104.220.0/22
195.166.192.0/19
IPv6:
2a02:638::/32
Signature Algorithm: sha256WithRSAEncryption
85:f4:49:eb:20:79:c5:2f:81:ff:92:eb:3d:12:9d:26:fb:2b:
ed:ed:64:e5:cf:f5:e5:76:ca:f1:71:4b:2c:20:0a:71:36:c2:
bf:a1:6d:ac:b6:fc:88:56:9d:6b:5a:e5:a0:d0:b5:4a:f5:fc:
d6:7f:1c:1d:1b:fe:15:4b:50:22:e3:7d:ec:92:f3:6e:0a:91:
77:a2:03:42:ab:14:c9:06:ef:8e:e3:86:c0:43:2e:b8:85:6f:
20:89:59:09:3d:22:a7:cb:f2:45:9c:6d:9d:d8:bf:4c:27:0d:
95:4d:e0:29:ce:cb:43:a9:cc:64:12:f3:a1:a7:f8:5f:0a:bf:
d9:5b:bc:78:cd:c1:58:e3:ff:5d:4b:1a:d8:e2:81:7f:45:9a:
d2:1e:93:3a:02:a5:e6:2c:94:b6:f3:4d:e3:e6:02:8c:3b:38:
33:88:f4:86:19:c2:ab:c9:01:d7:b1:8d:8e:a0:0c:c6:21:5e:
fc:08:43:cd:df:69:0e:86:d3:80:32:be:66:1d:53:bd:0e:37:
46:c0:2e:b0:27:ad:77:48:5c:70:9f:c1:8a:c9:3f:fc:d1:75:
01:a8:78:93:5e:08:7b:7e:2b:9a:86:2c:dd:8f:c8:10:b6:a6:
1f:e7:77:d9:4c:b2:22:1a:8d:ec:d5:96:9e:8a:6c:e0:50:b3:
26:0f:0a:51
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxwxGl3VEZ3PlbDVwjaXFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjM0MGUzN2NjZmMxMmFlYmFhYzJhNWYzM2Q0NWVhMGE4
ODdhOGEwHhcNMjMwMTAyMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njg3YWFmY2ViNDllZGQ2MmY5YzUxMTIxYTFlZWEwODE2NzZmNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBqEPbh7EBGan3XQLnQFBhxbdrep
xf9PMngAjtIys/CWU2CCtfsQ2ImU08hwocFmjP8R0IJmqu+5lSP//u9ZL+RPykrC
EAWNToNh5DBRrVwrl65ADct7GbpDC2I7HnEpdkx69bUjaolzbu/ak5G6vah2tdhJ
LEijCmAHVfOAsUiU85HgIQjqJX7X2kEyhxuZfKH49Qab9QBA/9EuOY5PcLhmR2E/
XE8lyC8/tA3f3IsjirYl9avrkbmcbAB4Rsx1UduFvaRCUEsQe+tH7gdHJAIt831z
Ksq/OrpxYVIzP90JL1Q6NoYRL3/CH+WrlVR0p+iNNYjDIKPUQJgLhhaqTwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJaHqvzrSe3WL5xREhoe6ggWdvRxMB8GA1UdIwQY
MBaAFH1jQON8z8Eq66rCpfM9ReoKiHqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldOQTQzelB3U3JycXNLbDh6MUY2Z3FJZW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iMWNlMzQtZTA0My00NWE4LWJlYmQt
ODk4MmI3YThmNjE0LzEvbG9lcV9PdEo3ZFl2bkZFU0doN3FDQloyOUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iMWNlMzQtZTA0My00NWE4LWJlYmQtODk4MmI3YThmNjE0
LzEvZldOQTQzelB3U3JycXNLbDh6MUY2Z3FJZW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVXOAAwQC
uWjcAwQFw6bAMA0EAgACMAcDBQAqAgY4MA0GCSqGSIb3DQEBCwUAA4IBAQCF9Enr
IHnFL4H/kus9Ep0m+yvt7WTlz/XldsrxcUssIApxNsK/oW2stvyIVp1rWuWg0LVK
9fzWfxwdG/4VS1Ai433skvNuCpF3ogNCqxTJBu+O44bAQy64hW8giVkJPSKny/JF
nG2d2L9MJw2VTeApzstDqcxkEvOhp/hfCr/ZW7x4zcFY4/9dSxrY4oF/RZrSHpM6
AqXmLJS2803j5gKMOzgziPSGGcKryQHXsY2OoAzGIV78CEPN32kOhtOAMr5mHVO9
DjdGwC6wJ613SFxwn8GKyT/80XUBqHiTXgh7fiuahizdj8gQtqYf53fZTLIiGo3s
1ZaeimzgULMmDwpR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:40 2024 by rpki-client on console-fra.rpki-client.org