Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/1LqretNV1bZvfI58WQLyxPKMKDs.roa
File: 1LqretNV1bZvfI58WQLyxPKMKDs.roa (raw, json)
Hash identifier: JeaaDVGvdipxBJvAnra6aUoOXoRjyJHDznWXIJHpHdw=
Subject key identifier: D4:BA:AB:7A:D3:55:D5:B6:6F:7C:8E:7C:59:02:F2:C4:F2:8C:28:3B
Certificate issuer: /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial: 018CC94DB04B23AA657D3A2284ADA5753D39
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/1LqretNV1bZvfI58WQLyxPKMKDs.roa
Signing time: Tue 02 Jan 2024 08:32:40 +0000
ROA not before: Tue 02 Jan 2024 08:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.138.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 02:22:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b0:4b:23:aa:65:7d:3a:22:84:ad:a5:75:3d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Validity
Not Before: Jan 2 08:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4baab7ad355d5b66f7c8e7c5902f2c4f28c283b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e5:ed:32:da:e9:3c:84:99:56:c1:58:64:0e:
b1:e7:a2:56:4a:bb:6c:d8:3e:8f:40:bb:fc:79:51:
a5:c8:9b:fe:dc:c3:78:52:a2:5c:7f:bb:b6:7a:03:
aa:95:bf:b8:57:18:a0:8e:aa:4d:a9:a4:9c:8b:c1:
78:ce:96:29:be:af:d2:ed:04:ba:41:ce:41:25:4c:
db:bb:da:a3:b2:90:3e:9b:34:e6:e6:fa:3a:b0:32:
5d:e9:ee:a3:29:20:01:cd:2b:d4:ab:d3:33:92:0f:
6c:de:8b:f3:32:16:a8:f3:ca:10:c9:f5:4f:51:e6:
df:7e:17:2c:60:af:66:8c:73:ff:96:2d:a0:f2:a1:
4e:50:99:4c:83:ff:d6:3b:9d:b2:ea:47:03:20:22:
8b:61:28:4b:e0:ed:f5:5d:fa:35:40:ff:ad:ae:af:
77:ce:24:a3:f6:fe:07:87:a9:8d:f8:04:d3:c5:80:
68:2a:3c:b6:df:22:51:3f:b6:f4:0f:0c:d4:6e:e3:
e8:87:ef:f2:22:db:1f:88:95:52:e9:9f:e2:cc:4f:
02:58:0a:67:25:81:73:6e:73:2e:65:d1:c7:c9:5e:
54:17:a4:33:d9:c6:41:df:1d:c1:19:5f:23:50:a2:
66:35:ae:12:1e:68:73:1d:11:9c:c5:e7:93:06:71:
b9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:BA:AB:7A:D3:55:D5:B6:6F:7C:8E:7C:59:02:F2:C4:F2:8C:28:3B
X509v3 Authority Key Identifier:
keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/1LqretNV1bZvfI58WQLyxPKMKDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.234.0/24
Signature Algorithm: sha256WithRSAEncryption
87:89:10:57:6c:c3:78:e2:88:84:f6:a4:6d:f2:c4:35:2b:05:
c7:56:ec:8c:0c:0b:d4:16:93:6d:78:86:71:98:ca:b8:d2:a4:
da:bd:3d:cd:ce:23:14:52:65:96:70:fc:34:be:de:ac:13:5b:
1b:68:ca:81:60:f2:78:bd:7e:34:8e:b1:78:00:81:65:3a:34:
24:cc:29:4c:2b:04:ee:81:81:7a:6e:b4:4b:58:1f:49:62:89:
00:f8:21:4b:39:aa:b3:6f:d9:3c:b3:0f:36:0d:31:38:03:31:
2b:f0:20:15:00:3e:22:1e:2a:f6:52:2d:c5:ad:8d:96:07:42:
d9:de:1e:3a:0f:b8:86:17:2c:62:54:a3:ca:44:b5:7c:1b:3f:
ca:9c:2d:50:27:98:fb:00:3c:05:27:d8:d1:f7:11:01:d4:d8:
18:b1:26:c2:86:3b:db:dc:d3:a9:68:5d:8f:3c:22:6f:6d:b7:
1c:e9:8e:37:70:32:5a:77:03:42:bc:67:ac:e7:49:6a:88:47:
e0:1d:1e:6e:e0:ee:6c:c9:47:37:75:dc:e5:63:c6:9c:ab:2c:
04:a3:61:86:9e:7c:67:ca:47:6b:b7:a3:65:0d:86:a9:f1:0c:
cf:a5:81:46:a3:88:0d:68:34:94:a7:50:72:1b:53:f5:42:05:
26:37:6e:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTbBLI6plfToihK2ldT05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjQwMTAyMDgzMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGJhYWI3YWQzNTVkNWI2NmY3YzhlN2M1OTAyZjJjNGYyOGMyODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+XtMtrpPISZVsFYZA6x56JWSrts
2D6PQLv8eVGlyJv+3MN4UqJcf7u2egOqlb+4VxigjqpNqaSci8F4zpYpvq/S7QS6
Qc5BJUzbu9qjspA+mzTm5vo6sDJd6e6jKSABzSvUq9Mzkg9s3ovzMhao88oQyfVP
UebffhcsYK9mjHP/li2g8qFOUJlMg//WO52y6kcDICKLYShL4O31Xfo1QP+trq93
ziSj9v4Hh6mN+ATTxYBoKjy23yJRP7b0DwzUbuPoh+/yItsfiJVS6Z/izE8CWApn
JYFzbnMuZdHHyV5UF6Qz2cZB3x3BGV8jUKJmNa4SHmhzHRGcxeeTBnG5kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNS6q3rTVdW2b3yOfFkC8sTyjCg7MB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEvMUxxcmV0TlYxYlp2Zkk1OFdRTHl4UEtNS0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYrqMA0G
CSqGSIb3DQEBCwUAA4IBAQCHiRBXbMN44oiE9qRt8sQ1KwXHVuyMDAvUFpNteIZx
mMq40qTavT3NziMUUmWWcPw0vt6sE1sbaMqBYPJ4vX40jrF4AIFlOjQkzClMKwTu
gYF6brRLWB9JYokA+CFLOaqzb9k8sw82DTE4AzEr8CAVAD4iHir2Ui3FrY2WB0LZ
3h46D7iGFyxiVKPKRLV8Gz/KnC1QJ5j7ADwFJ9jR9xEB1NgYsSbChjvb3NOpaF2P
PCJvbbcc6Y43cDJadwNCvGes50lqiEfgHR5u4O5syUc3ddzlY8acqywEo2GGnnxn
ykdrt6NlDYap8QzPpYFGo4gNaDSUp1ByG1P1QgUmN247
-----END CERTIFICATE-----
Generated at Wed Aug 28 04:26:56 2024 by rpki-client on console-fra.rpki-client.org