Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/LnZjkUL8a4PD9NnHiXfG2VyqUBQ.roa
File: LnZjkUL8a4PD9NnHiXfG2VyqUBQ.roa (raw, json)
Hash identifier: IvHyV2mOmXocG8est3FwmzAr+WhgyKW6gf1wvt6oh3Q=
Subject key identifier: 2E:76:63:91:42:FC:6B:83:C3:F4:D9:C7:89:77:C6:D9:5C:AA:50:14
Certificate issuer: /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial: 018AEF2871FF5E9F698C8C0819E439B78F92
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/LnZjkUL8a4PD9NnHiXfG2VyqUBQ.roa
Signing time: Mon 02 Oct 2023 06:51:59 +0000
ROA not before: Mon 02 Oct 2023 06:51:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 160.214.98.0/24 maxlen: 24
160.214.97.0/24 maxlen: 24
160.214.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 07:45:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:28:71:ff:5e:9f:69:8c:8c:08:19:e4:39:b7:8f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
Validity
Not Before: Oct 2 06:51:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e76639142fc6b83c3f4d9c78977c6d95caa5014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1e:8f:7d:0e:20:c9:59:88:29:c8:f0:b5:7c:
f6:9b:4a:ba:e9:ea:e8:1c:53:c9:6d:36:00:b5:cb:
be:74:dd:0e:8f:e6:63:44:51:f8:45:c8:56:79:ea:
a2:bf:a4:bb:53:3b:c6:af:a6:53:84:af:a2:24:51:
ff:49:e1:c8:d7:a2:bf:35:90:82:d7:c6:b8:80:8c:
50:60:19:c5:ae:09:82:37:ff:d5:35:75:9a:92:7b:
52:b7:1e:c0:36:58:cf:4e:1d:78:57:48:a3:00:65:
40:85:c8:6c:5c:f1:7b:69:57:5c:b7:31:c8:64:7f:
f4:90:65:c1:89:a4:c4:86:8e:e7:3a:d0:01:21:5f:
7c:93:11:75:77:46:09:43:2f:20:91:15:70:b2:70:
65:1c:8e:29:c2:cf:67:74:ec:bc:38:21:0f:fb:5e:
e8:fa:d0:ad:75:35:2e:04:9d:71:0f:d8:c1:de:e0:
a8:dd:39:60:04:4b:e5:71:4f:75:35:b1:d5:52:85:
3b:1a:d9:52:60:8b:38:df:82:de:64:28:5a:ed:6b:
2d:8b:ad:19:1a:db:85:6d:e4:84:88:0e:41:a7:c3:
bf:bb:4f:32:a0:92:ac:0c:eb:58:42:1f:d6:65:bf:
05:23:61:87:8c:2c:55:26:3d:1f:40:dc:0e:a6:01:
43:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:76:63:91:42:FC:6B:83:C3:F4:D9:C7:89:77:C6:D9:5C:AA:50:14
X509v3 Authority Key Identifier:
keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/LnZjkUL8a4PD9NnHiXfG2VyqUBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.214.97.0-160.214.99.255
Signature Algorithm: sha256WithRSAEncryption
9e:c5:20:65:93:8d:31:46:40:b8:8e:26:b8:4b:11:74:5f:aa:
51:00:d9:eb:fc:29:c0:b2:8e:d1:e2:b6:2b:fc:8b:be:d2:15:
cf:97:d6:7b:98:b3:1b:7f:d5:23:c9:c5:72:10:37:02:3f:eb:
15:8c:90:b4:ca:d9:48:bb:bb:2a:e5:c7:6b:8d:bb:92:e7:5f:
13:0a:4a:36:f8:48:c5:e7:8f:02:97:55:b7:c5:c5:bc:a2:f6:
af:7e:4a:31:0a:ea:12:cf:6c:a3:c4:5f:ca:77:51:29:f6:46:
58:fe:de:95:89:6d:41:4c:14:2f:3e:60:89:2d:ee:2d:63:8d:
16:4d:e8:ac:47:18:71:9a:5c:5b:73:fe:1f:e1:10:25:22:82:
e0:22:d5:65:62:b8:e3:3b:da:ea:a5:16:66:c6:90:84:72:35:
73:67:ae:36:5d:be:dd:f8:f7:60:7d:88:f7:23:9c:1f:a9:2a:
e3:4d:92:03:f3:48:20:08:c0:f0:1d:98:83:6f:34:1f:58:14:
04:a9:94:7b:31:40:06:11:f0:17:0c:46:c9:75:b7:c7:a1:5f:
40:45:99:3e:93:0b:cf:1d:6e:37:7e:4f:44:f3:9f:ff:bd:db:
e1:95:f8:79:5a:0b:e3:7b:22:cf:c8:79:f8:cf:32:10:48:ff:
da:51:54:74
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYrvKHH/Xp9pjIwIGeQ5t4+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMDAyMDY1MTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTc2NjM5MTQyZmM2YjgzYzNmNGQ5Yzc4OTc3YzZkOTVjYWE1MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh6PfQ4gyVmIKcjwtXz2m0q66ero
HFPJbTYAtcu+dN0Oj+ZjRFH4RchWeeqiv6S7UzvGr6ZThK+iJFH/SeHI16K/NZCC
18a4gIxQYBnFrgmCN//VNXWakntStx7ANljPTh14V0ijAGVAhchsXPF7aVdctzHI
ZH/0kGXBiaTEho7nOtABIV98kxF1d0YJQy8gkRVwsnBlHI4pws9ndOy8OCEP+17o
+tCtdTUuBJ1xD9jB3uCo3TlgBEvlcU91NbHVUoU7GtlSYIs434LeZCha7Wsti60Z
GtuFbeSEiA5Bp8O/u08yoJKsDOtYQh/WZb8FI2GHjCxVJj0fQNwOpgFDAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC52Y5FC/GuDw/TZx4l3xtlcqlAUMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvTG5aamtVTDhhNFBEOU5uSGlYZkcyVnlxVUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACg1mED
BAKg1mAwDQYJKoZIhvcNAQELBQADggEBAJ7FIGWTjTFGQLiOJrhLEXRfqlEA2ev8
KcCyjtHitiv8i77SFc+X1nuYsxt/1SPJxXIQNwI/6xWMkLTK2Ui7uyrlx2uNu5Ln
XxMKSjb4SMXnjwKXVbfFxbyi9q9+SjEK6hLPbKPEX8p3USn2Rlj+3pWJbUFMFC8+
YIkt7i1jjRZN6KxHGHGaXFtz/h/hECUiguAi1WViuOM72uqlFmbGkIRyNXNnrjZd
vt3492B9iPcjnB+pKuNNkgPzSCAIwPAdmINvNB9YFASplHsxQAYR8BcMRsl1t8eh
X0BFmT6TC88dbjd+T0Tzn/+92+GV+HlaC+N7Is/IefjPMhBI/9pRVHQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:33 2024 by rpki-client on console-ams.rpki-client.org