Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/luWw0cXdHbPPibCI_nKSS4y5KmU.roa
File: luWw0cXdHbPPibCI_nKSS4y5KmU.roa (raw, json)
Hash identifier: XDQ/xpi3PxUIF8oYcHoUN5L24eE78dWnrIYL8oVoRVo=
Subject key identifier: 96:E5:B0:D1:C5:DD:1D:B3:CF:89:B0:88:FE:72:92:4B:8C:B9:2A:65
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 01869192616BAADA71EDD6DD6AB8D78C4814
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/luWw0cXdHbPPibCI_nKSS4y5KmU.roa
Signing time: Mon 27 Feb 2023 06:32:14 +0000
ROA not before: Mon 27 Feb 2023 06:32:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 192.144.52.0/22 maxlen: 24
193.187.168.0/22 maxlen: 24
193.9.40.0/22 maxlen: 24
45.83.112.0/22 maxlen: 24
80.254.232.0/22 maxlen: 24
185.181.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Mar 2023 11:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:91:92:61:6b:aa:da:71:ed:d6:dd:6a:b8:d7:8c:48:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Feb 27 06:32:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96e5b0d1c5dd1db3cf89b088fe72924b8cb92a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7a:bb:a5:0f:8e:11:37:d2:a8:3e:b9:0d:9b:
b2:fb:05:06:9b:f3:96:f7:a1:01:73:f7:5b:e3:3e:
9c:92:3d:f4:a6:9a:97:ce:ca:37:f1:7e:51:09:c8:
70:af:cc:40:cd:33:b3:29:14:77:63:5a:d2:04:76:
f7:41:4e:15:7e:c2:8c:68:ba:7f:9c:ee:79:30:5c:
fd:b9:28:a9:4c:2f:00:43:39:f0:57:57:b5:8a:92:
fa:5a:52:5c:e0:85:e3:bb:c1:03:0d:f0:e0:45:e1:
31:da:1c:b4:e8:d1:50:08:12:21:6f:53:9f:05:6d:
34:05:e4:ab:0a:c3:64:3f:bf:df:c7:19:93:3c:b6:
ad:32:66:b0:a2:c9:a8:3e:0b:c9:f8:4a:5c:2c:98:
3e:0e:76:ea:53:ce:34:22:7d:7f:1b:06:d0:3e:47:
f6:56:f9:68:8c:bc:df:c9:0e:11:74:2d:ff:7f:cf:
fa:44:2d:67:9e:e2:40:a9:28:1d:b3:1f:8c:2a:e5:
90:ee:e7:38:46:d8:84:36:b3:84:00:f1:3e:2a:c5:
73:2b:8d:d1:1c:ac:fa:36:e6:1e:ed:64:4b:08:0a:
5a:0c:b6:5b:63:7a:3d:cf:1d:e8:32:87:ca:25:8e:
6c:a9:57:ef:9e:24:7b:e7:5a:81:c9:48:bc:f1:75:
e9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E5:B0:D1:C5:DD:1D:B3:CF:89:B0:88:FE:72:92:4B:8C:B9:2A:65
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/luWw0cXdHbPPibCI_nKSS4y5KmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.112.0/22
80.254.232.0/22
185.181.56.0/22
192.144.52.0/22
193.9.40.0/22
193.187.168.0/22
Signature Algorithm: sha256WithRSAEncryption
09:40:75:e9:9e:11:db:22:dd:37:d6:90:e3:14:43:1e:9b:e0:
27:bc:36:6b:82:89:a5:6c:34:c7:4a:f7:7d:0d:30:ba:02:ea:
16:bc:c3:42:56:a5:22:46:e6:da:7b:ca:c5:24:ea:89:a1:6d:
3d:0c:3b:17:ee:1f:2e:db:9f:85:f0:b2:64:1e:0c:18:37:c3:
27:d5:a3:b4:60:27:92:f9:fb:8a:bb:b2:f1:6a:cb:a7:b8:46:
ac:91:8c:38:f4:02:62:48:82:70:78:26:07:df:37:f3:7b:77:
07:8b:68:37:bf:f0:2e:6d:cd:b9:92:c2:37:a9:bb:ba:35:f2:
90:32:45:e7:60:1d:d6:20:dc:61:ed:62:46:39:94:4e:a6:d1:
fb:35:bd:bb:4d:66:fa:1c:24:b3:12:9c:68:ad:c4:af:31:b8:
f9:41:f9:d9:b1:ee:8b:67:f2:39:d4:b6:da:25:bb:1c:91:33:
7e:66:b2:30:3f:79:3a:5e:e1:c1:db:ca:0a:1d:6f:13:34:e2:
19:a8:a5:90:b6:89:03:0b:05:e4:ca:25:2f:07:93:e8:b2:f9:
b3:c9:9f:46:da:21:fe:41:84:f3:d4:67:eb:46:87:53:61:78:
d2:b5:e5:28:c2:ca:2b:94:bd:22:8e:35:63:57:f4:11:03:b5:
b5:62:5e:c2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYaRkmFrqtpx7dbdarjXjEgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjMwMjI3MDYzMjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU1YjBkMWM1ZGQxZGIzY2Y4OWIwODhmZTcyOTI0YjhjYjkyYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHq7pQ+OETfSqD65DZuy+wUGm/OW
96EBc/db4z6ckj30ppqXzso38X5RCchwr8xAzTOzKRR3Y1rSBHb3QU4VfsKMaLp/
nO55MFz9uSipTC8AQznwV1e1ipL6WlJc4IXju8EDDfDgReEx2hy06NFQCBIhb1Of
BW00BeSrCsNkP7/fxxmTPLatMmawosmoPgvJ+EpcLJg+DnbqU840In1/GwbQPkf2
VvlojLzfyQ4RdC3/f8/6RC1nnuJAqSgdsx+MKuWQ7uc4RtiENrOEAPE+KsVzK43R
HKz6NuYe7WRLCApaDLZbY3o9zx3oMofKJY5sqVfvniR751qByUi88XXpqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJblsNHF3R2zz4mwiP5ykkuMuSplMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvbHVXdzBjWGRIYlBQaWJDSV9uS1NTNHk1S21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLVNwAwQC
UP7oAwQCubU4AwQCwJA0AwQCwQkoAwQCwbuoMA0GCSqGSIb3DQEBCwUAA4IBAQAJ
QHXpnhHbIt031pDjFEMem+AnvDZrgomlbDTHSvd9DTC6AuoWvMNCVqUiRubae8rF
JOqJoW09DDsX7h8u25+F8LJkHgwYN8Mn1aO0YCeS+fuKu7LxasunuEaskYw49AJi
SIJweCYH3zfze3cHi2g3v/Aubc25ksI3qbu6NfKQMkXnYB3WINxh7WJGOZROptH7
Nb27TWb6HCSzEpxorcSvMbj5QfnZse6LZ/I51LbaJbsckTN+ZrIwP3k6XuHB28oK
HW8TNOIZqKWQtokDCwXkyiUvB5PosvmzyZ9G2iH+QYTz1GfrRodTYXjSteUowsor
lL0ijjVjV/QRA7W1Yl7C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org