Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/LQHOSQCsaKPqgnC1gHMe9izrEI4.roa
File: LQHOSQCsaKPqgnC1gHMe9izrEI4.roa (raw, json)
Hash identifier: iWFPi/tJ7MaOKmWPpGbmj2e9xLvUR0uo+qSOsuL83xo=
Subject key identifier: 2D:01:CE:49:00:AC:68:A3:EA:82:70:B5:80:73:1E:F6:2C:EB:10:8E
Certificate issuer: /CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Certificate serial: 01856ED50112DA7B364B4C7B2C5C7371932D
Authority key identifier: BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/LQHOSQCsaKPqgnC1gHMe9izrEI4.roa
Signing time: Sun 01 Jan 2023 19:35:31 +0000
ROA not before: Sun 01 Jan 2023 19:35:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202513
IP address blocks: 87.239.52.0/22 maxlen: 24
185.147.16.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d5:01:12:da:7b:36:4b:4c:7b:2c:5c:73:71:93:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Validity
Not Before: Jan 1 19:35:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d01ce4900ac68a3ea8270b580731ef62ceb108e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ac:f7:34:b4:34:ae:56:93:4c:cc:cb:73:5e:
77:2a:f4:b3:a5:9d:0b:a9:8f:5e:77:91:77:4c:46:
07:2c:9d:b4:d3:7e:7a:fa:c9:c9:78:cc:41:a6:51:
b7:54:16:1b:60:51:8e:cb:62:83:90:69:7b:6a:44:
a3:1e:bb:14:d0:60:40:de:98:1f:c3:26:8f:a5:ca:
2b:69:24:de:46:60:ff:15:a7:ef:e9:c3:6b:00:b4:
66:f6:6e:a3:37:6a:99:da:d8:37:fb:44:aa:33:a3:
b6:aa:26:6a:38:40:0c:b8:d9:2a:b4:e6:09:85:41:
9a:85:80:08:45:25:3f:7e:82:c4:b4:ca:f1:01:4a:
e5:b5:95:18:25:5c:bd:5f:02:b7:14:15:af:03:37:
b1:1b:84:4d:87:e7:fa:35:e9:46:87:c0:a7:ee:11:
fa:3e:e2:f0:b5:57:75:09:43:b1:69:65:84:bd:b9:
88:a6:f3:42:ec:97:3d:45:97:6d:51:c7:c2:e5:0e:
49:cd:2a:d4:b3:d3:a0:ef:89:2a:fd:18:89:d6:40:
f7:32:39:84:2e:7d:ab:a8:d4:99:b5:81:88:19:de:
c4:f9:50:a3:ff:db:2f:5d:cf:8b:d3:b9:c1:0d:80:
ef:db:55:32:0b:20:6f:bf:9a:0b:3f:66:d6:e4:12:
c3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:01:CE:49:00:AC:68:A3:EA:82:70:B5:80:73:1E:F6:2C:EB:10:8E
X509v3 Authority Key Identifier:
keyid:BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/LQHOSQCsaKPqgnC1gHMe9izrEI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/u0oK8VYzLTx-y1hfruOpDZvyoJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.52.0/22
185.147.16.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:22:b5:b0:a2:c8:8a:3b:bf:09:ea:41:28:ae:51:e1:2a:37:
00:9e:28:20:fe:a3:f0:b7:43:94:6b:6e:e2:58:b5:77:77:28:
06:e6:18:1a:7a:2c:b6:8f:25:44:b4:02:8d:01:bb:11:fc:2c:
55:8c:8b:4f:e9:b5:59:16:8c:2a:3f:b7:b5:3a:0f:aa:eb:c1:
05:76:fc:19:84:54:1f:52:38:ba:19:28:88:ac:45:a5:b5:e2:
a8:6e:dc:df:ea:62:11:88:75:10:4f:1d:56:04:ab:f2:77:22:
95:0d:fd:f1:3e:3d:91:3f:46:22:ff:d7:3b:47:df:82:89:a0:
f0:4e:72:43:2c:da:ff:57:70:86:58:63:e9:4a:9f:c1:f5:7f:
21:ac:01:10:88:52:bf:f8:d4:ff:c7:a4:18:a7:97:28:71:40:
83:6b:69:34:54:86:0b:5d:78:c3:37:3d:6b:1c:c2:31:9f:24:
96:8f:fc:2a:9e:1e:c1:52:be:8d:3f:b4:7a:23:f4:89:18:ba:
4f:b9:21:36:a6:6e:69:86:09:8a:91:94:5b:71:90:8c:cd:91:
17:d4:6b:6b:09:eb:c6:b8:d0:c7:43:bb:9c:cd:8f:33:4a:68:
83:9d:36:1d:ef:72:01:50:a0:c5:7a:30:5b:2a:b6:33:55:a1:
50:c6:11:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu1QES2ns2S0x7LFxzcZMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNGEwYWYxNTYzMzJkM2M3ZWNiNTg1ZmFlZTNhOTBkOWJm
MmEwOTYwHhcNMjMwMTAxMTkzNTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDAxY2U0OTAwYWM2OGEzZWE4MjcwYjU4MDczMWVmNjJjZWIxMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaz3NLQ0rlaTTMzLc153KvSzpZ0L
qY9ed5F3TEYHLJ200356+snJeMxBplG3VBYbYFGOy2KDkGl7akSjHrsU0GBA3pgf
wyaPpcoraSTeRmD/Fafv6cNrALRm9m6jN2qZ2tg3+0SqM6O2qiZqOEAMuNkqtOYJ
hUGahYAIRSU/foLEtMrxAUrltZUYJVy9XwK3FBWvAzexG4RNh+f6NelGh8Cn7hH6
PuLwtVd1CUOxaWWEvbmIpvNC7Jc9RZdtUcfC5Q5JzSrUs9Og74kq/RiJ1kD3MjmE
Ln2rqNSZtYGIGd7E+VCj/9svXc+L07nBDYDv21UyCyBvv5oLP2bW5BLD6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC0BzkkArGij6oJwtYBzHvYs6xCOMB8GA1UdIwQY
MBaAFLtKCvFWMy08fstYX67jqQ2b8qCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBvSzhWWXpMVHgteTFoZnJ1T3BEWnZ5b0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xYjA5OTgtYWI4MS00Y2NlLThjNDYt
ZjIxMjY2NjcyNWI0LzEvTFFIT1NRQ3NhS1BxZ25DMWdITWU5aXpyRUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xYjA5OTgtYWI4MS00Y2NlLThjNDYtZjIxMjY2NjcyNWI0
LzEvdTBvSzhWWXpMVHgteTFoZnJ1T3BEWnZ5b0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCV+80AwQC
uZMQMA0GCSqGSIb3DQEBCwUAA4IBAQAaIrWwosiKO78J6kEorlHhKjcAnigg/qPw
t0OUa27iWLV3dygG5hgaeiy2jyVEtAKNAbsR/CxVjItP6bVZFowqP7e1Og+q68EF
dvwZhFQfUji6GSiIrEWlteKobtzf6mIRiHUQTx1WBKvydyKVDf3xPj2RP0Yi/9c7
R9+CiaDwTnJDLNr/V3CGWGPpSp/B9X8hrAEQiFK/+NT/x6QYp5cocUCDa2k0VIYL
XXjDNz1rHMIxnySWj/wqnh7BUr6NP7R6I/SJGLpPuSE2pm5phgmKkZRbcZCMzZEX
1GtrCevGuNDHQ7uczY8zSmiDnTYd73IBUKDFejBbKrYzVaFQxhEp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:35 2024 by rpki-client on console-fra.rpki-client.org