Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LyjLxtKJgGVYRpRb6M9w1EsePoU.roa
File: LyjLxtKJgGVYRpRb6M9w1EsePoU.roa (raw, json)
Hash identifier: kQZ8WtTDBBgR58aIE2h+SYcRWVDzTEp+PJ8F+jsGHZQ=
Subject key identifier: 2F:28:CB:C6:D2:89:80:65:58:46:94:5B:E8:CF:70:D4:4B:1E:3E:85
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AFB722C19F769C7B689DDA1B6333F46E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LyjLxtKJgGVYRpRb6M9w1EsePoU.roa
Signing time: Wed 04 Oct 2023 16:07:58 +0000
ROA not before: Wed 04 Oct 2023 16:07:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.152.108.0/24 maxlen: 24
82.152.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 07:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:72:2c:19:f7:69:c7:b6:89:dd:a1:b6:33:3f:46:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 4 16:07:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f28cbc6d28980655846945be8cf70d44b1e3e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:82:8d:37:a7:4a:89:8e:c3:45:31:86:b2:8e:
49:cc:e4:91:e5:62:2b:03:1f:ad:5a:00:ad:9a:2b:
9c:00:37:62:da:cb:98:a8:c7:b6:9c:12:26:69:55:
f2:df:e2:99:9a:52:88:7b:f4:2e:e2:61:55:14:13:
0c:2a:76:02:3d:3a:a2:87:12:38:19:a9:84:6c:b0:
7e:5b:ab:10:6a:4c:89:4d:97:9f:b6:04:0a:b4:5b:
54:1c:01:e3:20:15:35:b3:5b:e5:93:c7:bf:ff:75:
52:f9:00:ae:f9:76:1e:a5:74:04:c5:bf:f4:42:da:
a0:03:8c:91:c5:f8:31:0a:84:5a:0a:8e:1e:5e:79:
66:17:5f:ec:1a:db:0b:8f:0e:f3:dc:c7:4e:bb:a0:
05:e1:54:3e:10:a2:2d:46:23:68:68:32:2c:53:d2:
98:5b:15:b9:1d:5c:7f:35:5e:85:2f:ae:1d:db:23:
c3:7f:00:d9:85:db:59:94:72:18:ff:01:97:a7:98:
eb:cf:5b:ee:cf:8c:26:be:06:25:85:31:e7:86:38:
82:93:2c:fc:6f:6e:1b:27:48:cd:93:68:12:7b:e1:
62:9f:fb:67:f0:57:da:38:7d:0b:8b:c6:a8:3b:1b:
2f:88:3b:d0:a1:69:e0:a3:02:17:96:ac:f4:e4:bb:
58:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:28:CB:C6:D2:89:80:65:58:46:94:5B:E8:CF:70:D4:4B:1E:3E:85
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LyjLxtKJgGVYRpRb6M9w1EsePoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.49.0/24
82.152.108.0/24
82.153.65.0/24
89.213.4.0/24
Signature Algorithm: sha256WithRSAEncryption
64:4b:4e:0d:fd:9c:99:61:d3:d2:b0:5c:6d:c1:ad:6f:76:de:
2a:2e:19:3c:79:41:53:7a:a0:92:37:28:05:11:8a:d0:bb:1e:
5f:ce:9a:f6:26:0f:d0:e0:73:da:be:bc:4a:0c:d0:61:57:90:
8f:3d:33:28:36:08:bc:fc:aa:ba:d7:3f:9c:72:14:96:1c:7c:
0e:13:4f:2f:91:ba:20:46:75:e3:02:00:78:41:00:c6:5f:ac:
9b:0d:e8:89:ee:e3:00:e5:12:57:aa:da:2b:5a:66:2b:34:1e:
27:9a:f6:04:a7:58:2d:88:ee:ea:22:23:9a:4d:89:17:4c:9d:
60:bd:0c:ab:cd:1c:20:73:e9:02:5a:88:7a:43:30:0d:26:bb:
25:ba:25:bb:7b:b5:6e:d5:47:0a:af:2c:3b:8f:9a:d0:b7:b8:
31:e6:ff:8b:c0:10:31:4b:8d:92:c4:ab:d0:65:a5:d7:09:ca:
ca:bf:c9:03:36:f5:b3:d4:13:55:8f:e5:40:0d:69:e4:a1:31:
9a:19:64:e8:6e:d2:13:1b:c7:37:5d:df:62:75:94:f4:8b:76:
a1:f5:d9:08:65:2d:bc:2d:d9:68:af:2c:03:ca:4b:08:d0:f0:
f7:07:b7:c7:53:25:6c:33:5f:c5:68:21:08:5b:f5:d8:28:ec:
ff:ea:22:fb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYr7ciwZ92nHtondobYzP0bkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA0MTYwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjI4Y2JjNmQyODk4MDY1NTg0Njk0NWJlOGNmNzBkNDRiMWUzZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYKNN6dKiY7DRTGGso5JzOSR5WIr
Ax+tWgCtmiucADdi2suYqMe2nBImaVXy3+KZmlKIe/Qu4mFVFBMMKnYCPTqihxI4
GamEbLB+W6sQakyJTZeftgQKtFtUHAHjIBU1s1vlk8e//3VS+QCu+XYepXQExb/0
QtqgA4yRxfgxCoRaCo4eXnlmF1/sGtsLjw7z3MdOu6AF4VQ+EKItRiNoaDIsU9KY
WxW5HVx/NV6FL64d2yPDfwDZhdtZlHIY/wGXp5jrz1vuz4wmvgYlhTHnhjiCkyz8
b24bJ0jNk2gSe+Fin/tn8FfaOH0Li8aoOxsviDvQoWngowIXlqz05LtYQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC8oy8bSiYBlWEaUW+jPcNRLHj6FMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTHlqTHh0S0pnR1ZZUnBSYjZNOXcxRXNlUG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUQW9AwQA
UpgxAwQAUphsAwQAUplBAwQAWdUEMA0GCSqGSIb3DQEBCwUAA4IBAQBkS04N/ZyZ
YdPSsFxtwa1vdt4qLhk8eUFTeqCSNygFEYrQux5fzpr2Jg/Q4HPavrxKDNBhV5CP
PTMoNgi8/Kq61z+cchSWHHwOE08vkbogRnXjAgB4QQDGX6ybDeiJ7uMA5RJXqtor
WmYrNB4nmvYEp1gtiO7qIiOaTYkXTJ1gvQyrzRwgc+kCWoh6QzANJrsluiW7e7Vu
1UcKryw7j5rQt7gx5v+LwBAxS42SxKvQZaXXCcrKv8kDNvWz1BNVj+VADWnkoTGa
GWTobtITG8c3Xd9idZT0i3ah9dkIZS28LdlorywDyksI0PD3B7fHUyVsM1/FaCEI
W/XYKOz/6iL7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org