Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/LSKhbJQCTESGtWpysN0i--v8sUk.roa
File: LSKhbJQCTESGtWpysN0i--v8sUk.roa (raw, json)
Hash identifier: hr3XVLdSfj2VLQg+SxR9IxGfToUXuEcOQyeZTXB0gpo=
Subject key identifier: 2D:22:A1:6C:94:02:4C:44:86:B5:6A:72:B0:DD:22:FB:EB:FC:B1:49
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 018573CCEC474854CD657511C524B2686FA8
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/LSKhbJQCTESGtWpysN0i--v8sUk.roa
Signing time: Mon 02 Jan 2023 18:44:47 +0000
ROA not before: Mon 02 Jan 2023 18:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209565
IP address blocks: 131.117.225.0/24 maxlen: 24
131.117.224.0/24 maxlen: 24
131.117.228.0/24 maxlen: 24
131.117.233.0/24 maxlen: 24
185.21.138.0/24 maxlen: 24
185.21.137.0/24 maxlen: 24
185.21.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cc:ec:47:48:54:cd:65:75:11:c5:24:b2:68:6f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Jan 2 18:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d22a16c94024c4486b56a72b0dd22fbebfcb149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b6:39:ef:98:68:01:4b:92:0a:7e:ee:87:4a:
f3:56:44:76:1c:27:33:36:7f:37:a1:82:4c:03:f0:
55:8e:fd:72:1f:ac:d8:a5:57:5e:3e:58:0b:bf:1f:
54:e1:83:6c:49:14:4f:7d:e8:90:60:e3:59:f1:40:
3a:2d:95:e1:8b:07:26:f6:10:a6:b5:9a:bf:40:6e:
69:7b:9c:38:3f:54:8d:da:ae:31:cf:1d:84:b6:6f:
a4:15:ee:5d:57:b9:0b:d0:36:18:e6:5b:75:59:52:
9c:f6:34:d9:6a:ae:c2:78:9e:6f:78:08:a7:ba:fc:
72:18:06:70:27:cb:1f:be:f1:2e:2d:7f:a8:22:49:
57:16:78:cd:32:1c:d0:98:02:06:42:a6:03:b6:2d:
02:c5:3a:49:de:73:f3:4b:20:76:3f:d9:e3:ab:ae:
5a:5d:cd:dd:38:b6:1c:05:35:d5:bf:f2:a0:e5:fd:
e5:76:63:97:f5:9c:c1:4d:c2:3e:2e:9d:ae:34:1d:
54:df:b2:79:02:e9:b2:99:5e:6f:0c:5a:88:ab:20:
a8:f2:68:e7:69:a3:37:09:fd:6c:51:2c:5f:f3:c3:
74:34:f1:74:86:27:a8:4e:d7:9f:75:e9:32:2f:1a:
d9:dc:68:61:e1:c7:98:d2:d9:0a:59:ce:55:eb:03:
d9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:22:A1:6C:94:02:4C:44:86:B5:6A:72:B0:DD:22:FB:EB:FC:B1:49
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/LSKhbJQCTESGtWpysN0i--v8sUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.224.0/23
131.117.228.0/24
131.117.233.0/24
185.21.136.0-185.21.138.255
Signature Algorithm: sha256WithRSAEncryption
75:41:1f:f0:42:87:eb:70:4d:e0:55:af:45:68:4a:37:b7:a0:
10:0a:b0:7f:39:23:88:21:5c:eb:7e:11:18:bf:be:2c:8d:95:
78:03:c9:de:d7:86:13:78:e5:60:8e:da:ba:6e:6a:b0:b7:c7:
13:93:32:1c:75:cf:a9:43:95:57:7e:dc:15:95:2b:36:f1:92:
b8:49:c3:56:3f:8f:f8:b3:05:1d:87:08:51:de:1b:2c:3f:13:
64:0b:f8:8d:f2:be:4d:13:a5:31:41:ef:44:22:8c:9c:31:34:
f7:e4:f7:6d:77:e1:8e:bd:40:87:67:69:c2:31:7f:24:60:9c:
77:59:c4:91:fa:4c:26:10:a7:16:99:09:b1:d6:13:29:63:fa:
36:2a:88:aa:21:c2:45:e5:9b:5d:cd:aa:6d:2b:f9:de:cd:ce:
ed:61:23:49:e5:1d:67:59:ae:62:ab:dd:76:9a:21:c7:b2:9e:
75:18:52:43:31:41:ce:96:97:4a:85:6f:6d:36:ed:80:13:f5:
4e:bb:21:86:47:0d:e9:74:c8:d1:7c:91:ca:6d:00:32:f9:55:
14:41:93:71:82:95:8b:ef:ec:1b:80:ff:a7:62:05:30:e3:5e:
68:e6:b3:7d:65:b0:ff:be:03:07:37:71:7f:77:bb:29:42:00:
cd:ed:b2:08
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVzzOxHSFTNZXURxSSyaG+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjMwMTAyMTg0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDIyYTE2Yzk0MDI0YzQ0ODZiNTZhNzJiMGRkMjJmYmViZmNiMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybY575hoAUuSCn7uh0rzVkR2HCcz
Nn83oYJMA/BVjv1yH6zYpVdePlgLvx9U4YNsSRRPfeiQYONZ8UA6LZXhiwcm9hCm
tZq/QG5pe5w4P1SN2q4xzx2Etm+kFe5dV7kL0DYY5lt1WVKc9jTZaq7CeJ5veAin
uvxyGAZwJ8sfvvEuLX+oIklXFnjNMhzQmAIGQqYDti0CxTpJ3nPzSyB2P9njq65a
Xc3dOLYcBTXVv/Kg5f3ldmOX9ZzBTcI+Lp2uNB1U37J5AumymV5vDFqIqyCo8mjn
aaM3Cf1sUSxf88N0NPF0hieoTtefdekyLxrZ3Ghh4ceY0tkKWc5V6wPZawIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFC0ioWyUAkxEhrVqcrDdIvvr/LFJMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL0xTS2hiSlFDVEVTR3RXcHlzTjBpLS12OHNVay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBAGDdeAD
BACDdeQDBACDdekwDAMEA7kViAMEALkVijANBgkqhkiG9w0BAQsFAAOCAQEAdUEf
8EKH63BN4FWvRWhKN7egEAqwfzkjiCFc634RGL++LI2VeAPJ3teGE3jlYI7aum5q
sLfHE5MyHHXPqUOVV37cFZUrNvGSuEnDVj+P+LMFHYcIUd4bLD8TZAv4jfK+TROl
MUHvRCKMnDE09+T3bXfhjr1Ah2dpwjF/JGCcd1nEkfpMJhCnFpkJsdYTKWP6NiqI
qiHCReWbXc2qbSv53s3O7WEjSeUdZ1muYqvddpohx7KedRhSQzFBzpaXSoVvbTbt
gBP1TrshhkcN6XTI0XyRym0AMvlVFEGTcYKVi+/sG4D/p2IFMONeaOazfWWw/74D
Bzdxf3e7KUIAze2yCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org