Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LDkpRuNuzCdNMC6ivMDpF--8KG4.roa
File: LDkpRuNuzCdNMC6ivMDpF--8KG4.roa (raw, json)
Hash identifier: pGkKQus/u/cEXvn7X8HJl8EJpGAJ7IX3mAAhz7Bw/Z4=
Subject key identifier: 2C:39:29:46:E3:6E:CC:27:4D:30:2E:A2:BC:C0:E9:17:EF:BC:28:6E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01864F37ED91696BC23250A080A027AB5F4D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LDkpRuNuzCdNMC6ivMDpF--8KG4.roa
Signing time: Tue 14 Feb 2023 09:18:30 +0000
ROA not before: Tue 14 Feb 2023 09:18:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 81.5.191.0/24 maxlen: 24
82.153.242.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Feb 2023 11:18:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:37:ed:91:69:6b:c2:32:50:a0:80:a0:27:ab:5f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 14 09:18:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c392946e36ecc274d302ea2bcc0e917efbc286e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0d:ab:04:83:63:ca:be:2d:4b:b6:13:9a:66:
3b:f3:10:e8:78:d7:a5:ff:64:49:80:89:3e:8a:e7:
3f:59:2e:f5:03:3c:16:5a:47:68:4d:2b:42:7b:68:
b7:f9:46:ba:ca:a1:2a:01:84:51:80:31:38:a3:04:
2a:d5:84:9a:92:47:59:5f:55:66:42:f7:0f:97:8d:
70:d8:04:cb:2f:42:19:ed:9b:37:52:c6:9a:a4:f1:
a7:6d:c5:0c:b9:34:d9:01:54:71:e0:49:42:ec:3b:
0f:04:12:92:89:b6:46:e4:d2:ef:de:94:88:1f:cf:
b5:4b:1e:bf:33:86:0a:90:ff:b2:b2:16:d0:cc:fd:
f2:90:4b:92:91:76:f6:ab:90:ee:a6:56:e9:a3:cf:
33:74:e1:da:0e:f6:e2:0f:e7:1c:bf:8b:1a:f5:66:
ea:f6:41:0d:67:09:97:06:64:0d:3e:4d:73:87:34:
1b:a0:22:19:6b:09:26:e9:41:5d:22:02:62:65:8d:
2c:86:9d:ac:5f:8b:7e:2c:fb:78:a7:42:88:79:32:
f1:40:58:8d:89:8c:9a:f2:2e:b9:8d:1c:10:51:8c:
95:e2:3f:d4:98:59:0f:41:8e:75:36:81:e1:bf:1b:
61:a0:32:26:87:1e:61:99:cc:b6:32:bd:be:91:16:
9e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:39:29:46:E3:6E:CC:27:4D:30:2E:A2:BC:C0:E9:17:EF:BC:28:6E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LDkpRuNuzCdNMC6ivMDpF--8KG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.191.0/24
82.153.65.0/24
82.153.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:d7:4c:9a:22:bf:7c:9a:c2:d9:b8:7e:05:95:30:a0:c8:af:
8b:19:47:46:15:68:22:88:c1:5b:b0:7a:89:ef:0d:e9:cf:b5:
16:f5:a3:6f:27:60:74:0e:16:7e:c8:ee:1a:c2:96:33:a7:a9:
1b:ad:38:52:e7:10:aa:9c:ff:50:a1:34:a4:be:13:75:dc:61:
eb:c2:7f:97:23:c0:3a:fd:6f:50:92:bc:c5:7a:4a:d4:74:50:
61:92:e4:93:59:de:20:00:ca:85:7e:a3:59:a0:7f:dd:ec:c2:
49:1c:44:5b:19:57:47:1f:ed:ab:2a:59:f5:df:9a:13:05:21:
9a:3c:f9:5e:10:4f:7d:f5:64:39:9f:d4:ea:fd:38:65:9c:cd:
75:06:9c:b5:bd:57:8d:8e:2e:0f:43:f1:6b:2d:b9:c2:cf:1d:
14:41:30:71:4e:c0:02:ed:46:9d:30:87:6e:7c:a1:6a:36:0c:
aa:53:e7:5e:9c:05:ae:3a:5d:4c:a6:96:ce:be:a1:21:b8:c2:
2d:bc:13:9c:8b:ce:d6:e7:da:66:30:78:86:5a:9e:8c:aa:a2:
4d:2a:15:a1:4c:aa:97:ea:da:0c:39:43:b5:29:bc:9f:ae:ca:
2e:da:09:50:6f:72:95:13:d0:14:63:98:2f:5c:e8:d1:95:d3:
a4:c0:25:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZPN+2RaWvCMlCggKAnq19NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjE0MDkxODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM5Mjk0NmUzNmVjYzI3NGQzMDJlYTJiY2MwZTkxN2VmYmMyODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg2rBINjyr4tS7YTmmY78xDoeNel
/2RJgIk+iuc/WS71AzwWWkdoTStCe2i3+Ua6yqEqAYRRgDE4owQq1YSakkdZX1Vm
QvcPl41w2ATLL0IZ7Zs3UsaapPGnbcUMuTTZAVRx4ElC7DsPBBKSibZG5NLv3pSI
H8+1Sx6/M4YKkP+yshbQzP3ykEuSkXb2q5Duplbpo88zdOHaDvbiD+ccv4sa9Wbq
9kENZwmXBmQNPk1zhzQboCIZawkm6UFdIgJiZY0shp2sX4t+LPt4p0KIeTLxQFiN
iYya8i65jRwQUYyV4j/UmFkPQY51NoHhvxthoDImhx5hmcy2Mr2+kRae0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCw5KUbjbswnTTAuorzA6RfvvChuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTERrcFJ1TnV6Q2ROTUM2aXZNRHBGLS04S0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUQW/AwQA
UplBAwQAUpnyMA0GCSqGSIb3DQEBCwUAA4IBAQBe10yaIr98msLZuH4FlTCgyK+L
GUdGFWgiiMFbsHqJ7w3pz7UW9aNvJ2B0DhZ+yO4awpYzp6kbrThS5xCqnP9QoTSk
vhN13GHrwn+XI8A6/W9QkrzFekrUdFBhkuSTWd4gAMqFfqNZoH/d7MJJHERbGVdH
H+2rKln135oTBSGaPPleEE999WQ5n9Tq/ThlnM11Bpy1vVeNji4PQ/FrLbnCzx0U
QTBxTsAC7UadMIdufKFqNgyqU+denAWuOl1MppbOvqEhuMItvBOci87W59pmMHiG
Wp6MqqJNKhWhTKqX6toMOUO1Kbyfrsou2glQb3KVE9AUY5gvXOjRldOkwCXQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org