Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/LMR9hPw9WrilQM1s7fxcEAMgACg.roa
File: LMR9hPw9WrilQM1s7fxcEAMgACg.roa (raw, json)
Hash identifier: y2lz0HQKNC43eKcBEpj8+rlTnHIoo2Ttw2X4iC8VANY=
Subject key identifier: 2C:C4:7D:84:FC:3D:5A:B8:A5:40:CD:6C:ED:FC:5C:10:03:20:00:28
Certificate issuer: /CN=c8e50ca17134837a50d3063d43d443385abe6f49
Certificate serial: 0185724C5F735A64D34F5FD3758159780767
Authority key identifier: C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/LMR9hPw9WrilQM1s7fxcEAMgACg.roa
Signing time: Mon 02 Jan 2023 11:44:45 +0000
ROA not before: Mon 02 Jan 2023 11:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27630
IP address blocks: 193.28.106.0/24 maxlen: 24
193.28.57.0/24 maxlen: 24
193.28.60.0/24 maxlen: 24
193.28.93.0/24 maxlen: 24
2a10:3680::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:5f:73:5a:64:d3:4f:5f:d3:75:81:59:78:07:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8e50ca17134837a50d3063d43d443385abe6f49
Validity
Not Before: Jan 2 11:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cc47d84fc3d5ab8a540cd6cedfc5c1003200028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:41:ce:03:4c:78:3a:01:b8:d7:6b:96:6e:eb:
9e:66:83:93:af:56:44:e1:a4:54:ee:1b:34:11:76:
6b:55:87:f7:6c:f4:9f:5e:29:f4:e4:95:76:9c:0e:
61:4b:67:a5:7c:6a:dc:e8:60:7e:da:2c:54:17:a1:
7d:f9:34:69:ee:db:7c:32:b1:0e:50:2b:ed:c1:3e:
3d:3b:cc:4a:66:cc:d7:5d:87:7a:1d:1a:b8:d6:6b:
3b:10:09:03:d0:44:53:1d:da:d8:fc:96:fd:73:28:
0c:15:dc:11:35:58:2d:cb:a5:89:3e:9b:7e:39:c0:
7c:3b:72:6d:4c:2e:d1:92:ae:9f:de:90:4c:89:f7:
41:db:c7:df:d7:91:ba:ac:df:26:c4:77:b9:9b:3f:
23:16:5c:05:ec:78:f6:74:0b:59:0b:af:ba:bc:af:
26:0d:d7:56:9b:26:ef:29:a0:eb:d9:57:00:01:53:
71:ab:ef:ad:4f:30:b7:d6:b6:e3:21:8b:9d:c2:c0:
5a:a9:2e:03:6d:76:6e:4a:a3:83:c9:85:b0:73:0c:
e7:98:f7:8e:47:f3:98:cf:c0:c6:57:94:cf:bf:e5:
4f:61:56:d0:2f:d5:18:ff:b9:e1:e7:8d:bb:73:13:
ea:d5:b1:c0:5c:c0:9b:a7:a2:b0:ab:20:82:e1:13:
a4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C4:7D:84:FC:3D:5A:B8:A5:40:CD:6C:ED:FC:5C:10:03:20:00:28
X509v3 Authority Key Identifier:
keyid:C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/LMR9hPw9WrilQM1s7fxcEAMgACg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.57.0/24
193.28.60.0/24
193.28.93.0/24
193.28.106.0/24
IPv6:
2a10:3680::/29
Signature Algorithm: sha256WithRSAEncryption
91:75:32:bc:d9:2c:e4:51:ae:97:bc:17:19:5a:95:5c:52:e6:
f0:94:f1:08:e1:da:14:26:f3:7a:2a:93:61:6e:d7:96:7e:ce:
b1:c7:30:07:52:03:cd:93:6c:32:5d:0f:2b:0a:e9:68:24:64:
cb:3b:06:99:22:7e:51:99:ea:b8:78:25:ba:59:32:25:f5:39:
32:29:f5:f9:13:58:32:73:2d:ee:cb:85:1c:d3:ec:bb:35:25:
ea:32:86:66:6d:6c:9c:53:a6:ef:c5:af:cf:d4:d8:82:aa:13:
2f:5d:6a:d4:a9:58:cc:a9:3f:57:1f:58:21:2c:94:47:84:f1:
d4:f6:cf:9f:9b:f3:c0:b2:cf:b7:39:03:eb:c7:38:84:28:31:
81:1a:0e:a9:ac:58:8f:2d:b3:78:5b:4e:88:71:55:df:4a:21:
8e:a8:7c:6e:f5:35:cf:18:8c:c5:d7:06:e3:e0:c4:02:4a:28:
dd:e4:87:5b:25:54:a2:9c:ed:64:f7:14:08:d3:9f:e6:f8:37:
f9:d0:4d:5c:fc:9d:db:8b:37:a6:88:7e:e3:de:41:25:eb:e0:
47:5c:00:09:74:59:7d:15:d9:b5:33:1c:02:c4:cc:f6:41:e7:
19:8a:41:67:e4:2a:cd:92:b8:2f:01:2a:70:26:b2:5d:21:ca:
08:2f:10:f2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyTF9zWmTTT1/TdYFZeAdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZTUwY2ExNzEzNDgzN2E1MGQzMDYzZDQzZDQ0MzM4NWFi
ZTZmNDkwHhcNMjMwMTAyMTE0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M0N2Q4NGZjM2Q1YWI4YTU0MGNkNmNlZGZjNWMxMDAzMjAwMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkHOA0x4OgG412uWbuueZoOTr1ZE
4aRU7hs0EXZrVYf3bPSfXin05JV2nA5hS2elfGrc6GB+2ixUF6F9+TRp7tt8MrEO
UCvtwT49O8xKZszXXYd6HRq41ms7EAkD0ERTHdrY/Jb9cygMFdwRNVgty6WJPpt+
OcB8O3JtTC7Rkq6f3pBMifdB28ff15G6rN8mxHe5mz8jFlwF7Hj2dAtZC6+6vK8m
DddWmybvKaDr2VcAAVNxq++tTzC31rbjIYudwsBaqS4DbXZuSqODyYWwcwznmPeO
R/OYz8DGV5TPv+VPYVbQL9UY/7nh5427cxPq1bHAXMCbp6KwqyCC4ROkdwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCzEfYT8PVq4pUDNbO38XBADIAAoMB8GA1UdIwQY
MBaAFMjlDKFxNIN6UNMGPUPUQzhavm9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUt
NWVmZjczZTg5ZmJiLzEvTE1SOWhQdzlXcmlsUU0xczdmeGNFQU1nQUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUtNWVmZjczZTg5ZmJi
LzEveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRw5AwQA
wRw8AwQAwRxdAwQAwRxqMA0EAgACMAcDBQMqEDaAMA0GCSqGSIb3DQEBCwUAA4IB
AQCRdTK82SzkUa6XvBcZWpVcUubwlPEI4doUJvN6KpNhbteWfs6xxzAHUgPNk2wy
XQ8rCuloJGTLOwaZIn5Rmeq4eCW6WTIl9TkyKfX5E1gycy3uy4Uc0+y7NSXqMoZm
bWycU6bvxa/P1NiCqhMvXWrUqVjMqT9XH1ghLJRHhPHU9s+fm/PAss+3OQPrxziE
KDGBGg6prFiPLbN4W06IcVXfSiGOqHxu9TXPGIzF1wbj4MQCSijd5IdbJVSinO1k
9xQI05/m+Df50E1c/J3bizemiH7j3kEl6+BHXAAJdFl9Fdm1MxwCxMz2QecZikFn
5CrNkrgvASpwJrJdIcoILxDy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:57 2024 by rpki-client on console-fra.rpki-client.org