Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/lJbPHl5lpSjdWlkgLnxeKuyn0zM.roa
File: lJbPHl5lpSjdWlkgLnxeKuyn0zM.roa (raw, json)
Hash identifier: jGkm4/qFm2Zz+xj3tfm5/8wAdr7K4W2YPNl5cNUWy9o=
Subject key identifier: 94:96:CF:1E:5E:65:A5:28:DD:5A:59:20:2E:7C:5E:2A:EC:A7:D3:33
Certificate issuer: /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial: 0185DA217544E3B98D805D53FD9CC0F175A7
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/lJbPHl5lpSjdWlkgLnxeKuyn0zM.roa
Signing time: Sun 22 Jan 2023 15:38:23 +0000
ROA not before: Sun 22 Jan 2023 15:38:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6663
IP address blocks: 195.146.0.0/20 maxlen: 20
195.146.11.0/24 maxlen: 24
195.146.8.0/24 maxlen: 24
195.146.12.0/24 maxlen: 24
195.146.16.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:da:21:75:44:e3:b9:8d:80:5d:53:fd:9c:c0:f1:75:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Validity
Not Before: Jan 22 15:38:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9496cf1e5e65a528dd5a59202e7c5e2aeca7d333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:93:dc:de:70:35:74:d5:c3:8f:5c:59:49:58:
99:fc:55:56:fc:0b:88:cb:02:cc:d5:06:38:a3:35:
cd:dc:87:1f:b1:fe:d4:c1:7f:e3:90:05:33:af:5e:
df:ec:4f:5b:ba:50:76:4f:55:b5:61:3d:c8:96:37:
ef:13:3f:58:3c:15:19:bf:99:15:36:e8:3b:3b:b9:
45:bd:ef:7c:9c:e0:f8:44:4e:02:86:00:45:a0:fa:
8c:bb:f8:13:3a:78:de:f6:4c:3b:a6:a0:73:73:11:
45:1a:7a:22:89:53:5e:e6:d0:34:b1:6b:73:0b:53:
a8:1c:c6:38:ce:7d:71:0a:70:f0:6d:a1:08:00:92:
f2:5a:95:d5:2e:17:c0:ea:9c:b4:43:96:14:11:35:
41:07:4d:83:3c:f7:b1:91:79:96:96:59:81:68:7d:
79:39:a2:e6:19:16:1e:0e:b0:3c:f4:39:49:13:ea:
1e:32:d7:f0:2d:30:45:9b:d4:42:11:4a:c7:10:fe:
21:18:e8:a5:77:01:35:f0:85:1f:9e:a2:60:b5:56:
d1:e4:ed:40:16:b0:bd:4d:d1:bb:7e:fd:dd:3f:18:
ca:b5:4c:f8:82:93:95:ad:d2:a2:14:76:97:c9:1a:
6d:c7:5c:21:99:f1:22:e7:d8:59:40:c6:ad:0a:01:
59:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:96:CF:1E:5E:65:A5:28:DD:5A:59:20:2E:7C:5E:2A:EC:A7:D3:33
X509v3 Authority Key Identifier:
keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/lJbPHl5lpSjdWlkgLnxeKuyn0zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.146.0.0/19
Signature Algorithm: sha256WithRSAEncryption
05:26:82:6b:2c:28:06:1c:00:47:16:33:a8:d5:bb:31:8d:4a:
41:e3:39:1e:a9:f4:bc:10:4e:89:dc:65:23:9d:ac:7c:8a:a9:
a5:81:3c:db:28:70:2e:e1:03:b7:a6:46:04:2d:f4:cb:2d:40:
9d:ad:cd:31:e1:c0:ed:44:4a:90:28:b2:95:ed:03:d0:df:7f:
88:7e:4b:37:93:66:10:f6:f7:b5:b9:c5:42:e6:7d:c2:54:ad:
9e:d2:70:d2:30:3d:5a:aa:14:e9:9d:09:3c:94:d4:8f:96:73:
09:13:29:6f:2d:d5:29:0e:8a:5d:fa:ae:2a:90:ea:c1:cb:db:
2b:62:17:de:3d:4b:3a:c1:f0:5c:a7:b4:75:58:07:e7:f9:ea:
b5:db:21:62:4e:6f:9c:9c:1b:53:94:a5:46:57:5f:40:c9:77:
de:3e:db:af:8e:11:a5:88:c4:82:f3:7e:3a:5c:d3:f9:59:09:
f5:36:a0:e5:b5:54:da:1b:f3:eb:22:43:df:d1:b2:51:28:07:
31:bb:8e:02:88:f8:15:73:0b:5e:78:33:99:e6:ff:44:57:f3:
25:80:4d:55:58:96:48:e9:9e:07:08:12:a2:ab:8e:f6:89:0a:
c9:d2:05:5f:d8:71:4e:a7:82:93:62:0d:1c:21:45:8a:7c:c0:
74:cf:32:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXaIXVE47mNgF1T/ZzA8XWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjMwMTIyMTUzODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk2Y2YxZTVlNjVhNTI4ZGQ1YTU5MjAyZTdjNWUyYWVjYTdkMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Pc3nA1dNXDj1xZSViZ/FVW/AuI
ywLM1QY4ozXN3Icfsf7UwX/jkAUzr17f7E9bulB2T1W1YT3IljfvEz9YPBUZv5kV
Nug7O7lFve98nOD4RE4ChgBFoPqMu/gTOnje9kw7pqBzcxFFGnoiiVNe5tA0sWtz
C1OoHMY4zn1xCnDwbaEIAJLyWpXVLhfA6py0Q5YUETVBB02DPPexkXmWllmBaH15
OaLmGRYeDrA89DlJE+oeMtfwLTBFm9RCEUrHEP4hGOildwE18IUfnqJgtVbR5O1A
FrC9TdG7fv3dPxjKtUz4gpOVrdKiFHaXyRptx1whmfEi59hZQMatCgFZ4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSWzx5eZaUo3VpZIC58Xirsp9MzMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvbEpiUEhsNWxwU2pkV2xrZ0xueGVLdXluMHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFw5IAMA0G
CSqGSIb3DQEBCwUAA4IBAQAFJoJrLCgGHABHFjOo1bsxjUpB4zkeqfS8EE6J3GUj
nax8iqmlgTzbKHAu4QO3pkYELfTLLUCdrc0x4cDtREqQKLKV7QPQ33+Ifks3k2YQ
9ve1ucVC5n3CVK2e0nDSMD1aqhTpnQk8lNSPlnMJEylvLdUpDopd+q4qkOrBy9sr
YhfePUs6wfBcp7R1WAfn+eq12yFiTm+cnBtTlKVGV19AyXfePtuvjhGliMSC8346
XNP5WQn1NqDltVTaG/PrIkPf0bJRKAcxu44CiPgVcwteeDOZ5v9EV/MlgE1VWJZI
6Z4HCBKiq472iQrJ0gVf2HFOp4KTYg0cIUWKfMB0zzK6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-fra.rpki-client.org