Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/lHOmvNI_VREzaPwwe45_OcgmjSc.roa
File: lHOmvNI_VREzaPwwe45_OcgmjSc.roa (raw, json)
Hash identifier: pwntM+0cCHqiH4CXUrbu7SnpvhJw32I59kYtD5okDZI=
Subject key identifier: 94:73:A6:BC:D2:3F:55:11:33:68:FC:30:7B:8E:7F:39:C8:26:8D:27
Certificate issuer: /CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Certificate serial: 018B67D15015C1581F5172E5EFCA831423EB
Authority key identifier: 08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/lHOmvNI_VREzaPwwe45_OcgmjSc.roa
Signing time: Wed 25 Oct 2023 17:10:52 +0000
ROA not before: Wed 25 Oct 2023 17:10:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203380
IP address blocks: 195.137.221.0/24 maxlen: 24
2a13:2440:a0::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:d1:50:15:c1:58:1f:51:72:e5:ef:ca:83:14:23:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Validity
Not Before: Oct 25 17:10:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9473a6bcd23f55113368fc307b8e7f39c8268d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c4:09:b1:c9:81:64:b7:ea:11:f9:a9:fb:de:
45:47:60:e2:db:63:ff:ee:c9:b6:5e:1e:c1:16:39:
94:97:c6:18:10:93:74:3d:6b:25:e2:97:35:18:5e:
44:ca:3e:4f:3a:51:0f:d6:d4:36:4d:62:ef:3b:6b:
12:78:44:ca:fd:de:e6:25:37:51:e5:72:55:f4:04:
92:0a:d2:06:79:96:2c:a7:ee:06:d9:ea:b9:c5:c2:
17:d9:58:a4:70:2f:9c:a4:f0:e0:e8:fe:6d:d2:14:
6d:a8:b4:f2:b7:e3:06:05:c8:43:11:4e:04:ae:03:
a7:37:95:c0:5d:60:97:31:cb:54:d8:55:49:e5:a2:
bf:1e:e4:76:3d:76:fa:6a:b0:3c:e7:11:93:bb:46:
5d:6b:bd:e5:24:ff:f1:3f:74:3a:4a:83:d9:00:98:
ae:97:20:31:8a:45:28:1a:05:57:4a:ea:65:95:a1:
2d:57:50:3f:dc:07:1d:34:78:fc:6f:6f:05:e8:bf:
75:01:1a:90:e2:e9:99:7c:a9:93:0c:9f:95:ce:c6:
e8:43:79:69:85:fb:f7:12:e4:b4:fc:87:95:45:ad:
c9:8b:69:3c:1b:35:e7:39:ea:ec:0c:7a:85:ed:b8:
9d:e2:ea:9c:ec:7c:f0:d4:56:bc:22:ba:ce:0e:1d:
3e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:73:A6:BC:D2:3F:55:11:33:68:FC:30:7B:8E:7F:39:C8:26:8D:27
X509v3 Authority Key Identifier:
keyid:08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/lHOmvNI_VREzaPwwe45_OcgmjSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.221.0/24
IPv6:
2a13:2440:a0::/44
Signature Algorithm: sha256WithRSAEncryption
6f:32:03:f3:bc:a5:f3:7b:91:a6:e6:64:9d:4d:75:6c:ed:ed:
25:00:80:a8:80:ac:ce:13:a3:78:66:73:dc:56:c3:1d:1e:3b:
84:c9:00:f7:ee:5a:0a:23:e1:a0:ee:10:3c:27:16:73:ae:e6:
5f:0d:6b:eb:ac:84:b7:09:91:45:90:d7:55:cc:e9:5d:e6:1e:
7d:e5:e0:18:92:2f:bb:4f:ee:54:94:ac:90:75:3b:09:9e:a8:
0d:e8:ee:c4:75:d6:3e:b4:f6:2a:55:02:05:9f:3b:4b:bb:94:
bc:7b:5c:ec:f2:7b:9c:e1:3f:f4:d1:fe:de:6f:29:cc:dd:0b:
57:b9:ed:79:a8:84:86:69:08:8e:f3:32:d3:bc:f5:64:5e:6f:
92:76:3e:e7:4b:de:63:b1:12:c1:a2:ba:9c:50:73:3f:b2:91:
73:9a:e4:b4:ae:91:33:3c:15:bd:65:98:ef:a1:52:88:6a:ab:
49:20:5d:26:cb:f4:4b:5e:4a:6e:e9:2c:02:74:95:f0:44:9d:
52:d0:21:e1:b4:3a:73:92:5f:d2:9e:1d:55:33:2c:67:5e:8e:
cc:3a:8a:43:48:9b:9f:f7:2c:97:9d:7e:fa:57:43:ad:47:e6:
29:ae:8d:a7:fe:4f:59:c6:64:75:fb:fb:47:4f:50:fe:97:6c:
38:70:a9:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtn0VAVwVgfUXLl78qDFCPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWM4YzdmMzM0MDUzYzhhOTBhMzQwODAwOWVmM2QzYjdh
ODJlM2QwHhcNMjMxMDI1MTcxMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDczYTZiY2QyM2Y1NTExMzM2OGZjMzA3YjhlN2YzOWM4MjY4ZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcQJscmBZLfqEfmp+95FR2Di22P/
7sm2Xh7BFjmUl8YYEJN0PWsl4pc1GF5Eyj5POlEP1tQ2TWLvO2sSeETK/d7mJTdR
5XJV9ASSCtIGeZYsp+4G2eq5xcIX2VikcC+cpPDg6P5t0hRtqLTyt+MGBchDEU4E
rgOnN5XAXWCXMctU2FVJ5aK/HuR2PXb6arA85xGTu0Zda73lJP/xP3Q6SoPZAJiu
lyAxikUoGgVXSupllaEtV1A/3AcdNHj8b28F6L91ARqQ4umZfKmTDJ+VzsboQ3lp
hfv3EuS0/IeVRa3Ji2k8GzXnOersDHqF7bid4uqc7Hzw1Fa8IrrODh0+cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJRzprzSP1URM2j8MHuOfznIJo0nMB8GA1UdIwQY
MBaAFAicjH8zQFPIqQo0CACe89O3qC49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYt
NmY3MDA5YmVlOTE1LzEvbEhPbXZOSV9WUkV6YVB3d2U0NV9PY2dtalNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYtNmY3MDA5YmVlOTE1
LzEvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4ndMA8E
AgACMAkDBwQqEyRAAKAwDQYJKoZIhvcNAQELBQADggEBAG8yA/O8pfN7kabmZJ1N
dWzt7SUAgKiArM4To3hmc9xWwx0eO4TJAPfuWgoj4aDuEDwnFnOu5l8Na+ushLcJ
kUWQ11XM6V3mHn3l4BiSL7tP7lSUrJB1OwmeqA3o7sR11j609ipVAgWfO0u7lLx7
XOzye5zhP/TR/t5vKczdC1e57XmohIZpCI7zMtO89WReb5J2PudL3mOxEsGiupxQ
cz+ykXOa5LSukTM8Fb1lmO+hUohqq0kgXSbL9EteSm7pLAJ0lfBEnVLQIeG0OnOS
X9KeHVUzLGdejsw6ikNIm5/3LJedfvpXQ61H5imujaf+T1nGZHX7+0dPUP6XbDhw
qWc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:47 2024 by rpki-client on console-fra.rpki-client.org