Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/904a2a-6dd1-4974-bb29-4c92cec08ba8/1/lfsp2nK6UIZ05ShxypsZ9fVhwJg.roa
File: lfsp2nK6UIZ05ShxypsZ9fVhwJg.roa (raw, json)
Hash identifier: S7cIV6K5/mEbhSeRuaLOdXZtDiKAx69Gpiq4QoIoAL0=
Subject key identifier: 95:FB:29:DA:72:BA:50:86:74:E5:28:71:CA:9B:19:F5:F5:61:C0:98
Certificate issuer: /CN=58f7d27ebc269bf14b8d6895791affd429f70222
Certificate serial: 01856CA5E3B8EEA3B73524033E20A3E760FB
Authority key identifier: 58:F7:D2:7E:BC:26:9B:F1:4B:8D:68:95:79:1A:FF:D4:29:F7:02:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WPfSfrwmm_FLjWiVeRr_1Cn3AiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/904a2a-6dd1-4974-bb29-4c92cec08ba8/1/lfsp2nK6UIZ05ShxypsZ9fVhwJg.roa
Signing time: Sun 01 Jan 2023 09:24:49 +0000
ROA not before: Sun 01 Jan 2023 09:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209835
IP address blocks: 83.143.109.0/24 maxlen: 24
83.143.110.0/24 maxlen: 24
83.143.108.0/24 maxlen: 24
83.143.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 27 Mar 2023 15:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:e3:b8:ee:a3:b7:35:24:03:3e:20:a3:e7:60:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58f7d27ebc269bf14b8d6895791affd429f70222
Validity
Not Before: Jan 1 09:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95fb29da72ba508674e52871ca9b19f5f561c098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:80:17:2e:b3:48:0d:93:5d:7c:4c:85:00:ad:
c7:e8:6a:3d:05:05:21:c5:0d:f6:55:65:28:4f:5f:
80:69:b3:32:4e:88:9d:12:8a:38:1e:bd:5d:d7:fa:
f7:cf:2f:f1:14:a2:55:8b:50:a0:79:44:2a:b4:46:
c1:bf:60:48:d7:03:88:07:e3:1f:8f:c2:95:1b:33:
be:c3:89:a3:b1:a9:cb:27:bc:e3:1c:c6:4e:78:39:
7f:49:fa:b1:e0:71:6f:0f:3b:42:68:a0:b5:03:99:
20:97:0a:f1:e7:3c:6c:bb:91:ec:35:ac:d8:20:87:
36:93:f1:ae:a9:82:85:5e:31:c9:2d:6f:50:b2:e4:
ba:16:4f:20:93:8e:a7:35:99:fc:43:f0:99:76:84:
4f:94:3b:ab:b7:03:00:3a:1d:71:6a:93:91:a0:42:
67:5a:99:ff:4a:6b:7f:c2:8b:01:90:e0:dd:d9:ec:
6d:6f:cb:47:97:57:fe:d5:5e:a0:cc:82:d3:d3:0c:
fc:d6:a3:80:b1:e5:b5:dd:af:00:21:66:4f:25:1c:
4e:dc:6b:49:61:10:dc:94:1a:ed:8e:8d:44:5f:ca:
17:a0:3d:3e:0f:c7:3e:5f:2c:1d:ce:d1:4c:ed:d2:
06:d0:cc:c3:e7:ee:dd:10:be:cd:59:3a:dd:21:1d:
60:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FB:29:DA:72:BA:50:86:74:E5:28:71:CA:9B:19:F5:F5:61:C0:98
X509v3 Authority Key Identifier:
keyid:58:F7:D2:7E:BC:26:9B:F1:4B:8D:68:95:79:1A:FF:D4:29:F7:02:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WPfSfrwmm_FLjWiVeRr_1Cn3AiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/904a2a-6dd1-4974-bb29-4c92cec08ba8/1/lfsp2nK6UIZ05ShxypsZ9fVhwJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/904a2a-6dd1-4974-bb29-4c92cec08ba8/1/WPfSfrwmm_FLjWiVeRr_1Cn3AiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.108.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:6f:76:d4:3f:8e:5f:d1:9e:26:dc:12:67:1d:7a:0c:3c:b7:
e9:1a:1a:0e:86:6d:83:39:79:70:3d:ad:25:d3:bc:b1:a2:62:
93:7a:bc:08:bd:0b:85:bf:ef:20:fe:60:4f:e9:cd:5f:21:a7:
1b:b2:58:1a:68:b5:fd:b2:7c:9d:60:0a:cd:4e:b5:68:c4:c5:
12:5d:e2:b9:42:88:9f:95:0b:47:0b:11:6b:92:ba:79:0c:da:
94:6d:52:2b:4a:6b:a3:ce:af:c5:0e:f5:4f:e5:6b:17:49:1e:
c1:bc:a7:f4:cf:3c:d6:83:d3:c2:08:6d:21:38:e2:70:70:5a:
e4:a2:6c:2d:29:1a:fe:c8:bb:1e:05:99:aa:ac:0b:8e:f5:74:
d4:c8:8b:3c:8f:c9:eb:cb:94:17:7f:0d:7d:82:ed:c1:f8:83:
bc:f9:31:e9:5d:1c:46:44:cf:b3:07:f7:e3:bc:d1:4a:fe:dd:
76:af:88:ed:7c:0b:a8:ab:d0:52:7a:95:af:2a:d2:64:b8:53:
3d:d9:98:dd:20:55:2f:98:dd:07:ea:a5:dd:43:46:f3:00:eb:
3d:d4:a9:a0:61:47:95:87:d6:66:19:7b:dc:3e:d3:56:27:75:
26:51:02:01:6a:a2:35:47:f7:b4:41:91:30:8b:ff:c8:69:07:
bb:1d:f9:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVspeO47qO3NSQDPiCj52D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZjdkMjdlYmMyNjliZjE0YjhkNjg5NTc5MWFmZmQ0Mjlm
NzAyMjIwHhcNMjMwMTAxMDkyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWZiMjlkYTcyYmE1MDg2NzRlNTI4NzFjYTliMTlmNWY1NjFjMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYAXLrNIDZNdfEyFAK3H6Go9BQUh
xQ32VWUoT1+AabMyToidEoo4Hr1d1/r3zy/xFKJVi1CgeUQqtEbBv2BI1wOIB+Mf
j8KVGzO+w4mjsanLJ7zjHMZOeDl/Sfqx4HFvDztCaKC1A5kglwrx5zxsu5HsNazY
IIc2k/GuqYKFXjHJLW9QsuS6Fk8gk46nNZn8Q/CZdoRPlDurtwMAOh1xapORoEJn
Wpn/Smt/wosBkODd2extb8tHl1f+1V6gzILT0wz81qOAseW13a8AIWZPJRxO3GtJ
YRDclBrtjo1EX8oXoD0+D8c+XywdztFM7dIG0MzD5+7dEL7NWTrdIR1gmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJX7KdpyulCGdOUoccqbGfX1YcCYMB8GA1UdIwQY
MBaAFFj30n68JpvxS41olXka/9Qp9wIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1BmU2Zyd21tX0ZMaldpVmVScl8xQ24zQWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC85MDRhMmEtNmRkMS00OTc0LWJiMjkt
NGM5MmNlYzA4YmE4LzEvbGZzcDJuSzZVSVowNVNoeHlwc1o5ZlZod0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC85MDRhMmEtNmRkMS00OTc0LWJiMjktNGM5MmNlYzA4YmE4
LzEvV1BmU2Zyd21tX0ZMaldpVmVScl8xQ24zQWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU49sMA0G
CSqGSIb3DQEBCwUAA4IBAQDHb3bUP45f0Z4m3BJnHXoMPLfpGhoOhm2DOXlwPa0l
07yxomKTerwIvQuFv+8g/mBP6c1fIacbslgaaLX9snydYArNTrVoxMUSXeK5Qoif
lQtHCxFrkrp5DNqUbVIrSmujzq/FDvVP5WsXSR7BvKf0zzzWg9PCCG0hOOJwcFrk
omwtKRr+yLseBZmqrAuO9XTUyIs8j8nry5QXfw19gu3B+IO8+THpXRxGRM+zB/fj
vNFK/t12r4jtfAuoq9BSepWvKtJkuFM92ZjdIFUvmN0H6qXdQ0bzAOs91KmgYUeV
h9ZmGXvcPtNWJ3UmUQIBaqI1R/e0QZEwi//IaQe7Hfnv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:50 2024 by rpki-client on console-ams.rpki-client.org