Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/1clAItDdWn3gUg-QDh2ZjZp-lus.roa
File: 1clAItDdWn3gUg-QDh2ZjZp-lus.roa (raw, json)
Hash identifier: Zx00tsVEjDK9iDH0WgbAkFdcnnO8xrW4EVevPW5ERrg=
Subject key identifier: D5:C9:40:22:D0:DD:5A:7D:E0:52:0F:90:0E:1D:99:8D:9A:7E:96:EB
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018C6096845FA4875150F15FC444E7899BDE
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/1clAItDdWn3gUg-QDh2ZjZp-lus.roa
Signing time: Wed 13 Dec 2023 00:32:06 +0000
ROA not before: Wed 13 Dec 2023 00:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.249.184.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:60:96:84:5f:a4:87:51:50:f1:5f:c4:44:e7:89:9b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Dec 13 00:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5c94022d0dd5a7de0520f900e1d998d9a7e96eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1d:e3:ba:3d:5b:52:3b:f4:48:9e:88:8c:ee:
3f:62:03:a4:b7:fa:50:b3:a8:ae:45:67:9d:26:b3:
50:d4:60:7f:33:85:7d:f5:c6:f4:f6:79:64:c7:6e:
4b:2e:ef:e3:e9:3e:88:79:29:6f:65:70:ff:b9:7f:
29:54:03:2f:53:cf:75:5a:89:70:90:6b:51:38:c4:
74:17:7c:d6:8a:3b:cb:4a:8e:45:d8:ff:df:d5:38:
b2:70:35:41:fd:ad:55:a5:84:94:64:3e:dc:c6:e8:
4f:d6:01:3b:9f:95:3b:cf:44:d7:33:3e:cc:1e:c5:
d9:9b:94:97:4c:b5:d3:3c:02:af:d9:ba:04:d3:ac:
84:9a:87:52:80:9f:33:9c:a8:a2:03:40:c9:4a:64:
40:85:c3:9a:41:3d:7b:4b:0a:9d:96:b0:77:39:7a:
01:af:20:25:78:5a:6e:a3:54:a6:9f:c0:16:e7:86:
33:5a:53:fc:d3:2a:8f:21:00:99:23:f2:d3:69:ae:
ee:8e:67:c1:ab:5f:8a:05:64:04:40:0f:82:e3:37:
e3:a9:b2:10:b8:e1:f4:04:7c:bc:df:c2:f1:a9:e2:
63:7c:2b:02:ef:a6:33:53:c0:88:42:2b:97:05:fb:
3a:c2:34:24:9f:d4:c9:d3:5f:74:d1:1b:51:5c:43:
16:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C9:40:22:D0:DD:5A:7D:E0:52:0F:90:0E:1D:99:8D:9A:7E:96:EB
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/1clAItDdWn3gUg-QDh2ZjZp-lus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.184.0/22
Signature Algorithm: sha256WithRSAEncryption
af:c1:56:64:81:cd:97:5a:b3:44:07:ac:90:e5:e6:81:87:98:
fc:f0:6c:36:41:3d:4b:f3:b5:8a:79:1d:d9:0f:89:ec:c3:c2:
37:7a:e7:a1:14:82:9e:bb:a2:9c:5f:b9:b6:eb:7b:06:5f:80:
5d:23:9b:99:87:bc:5c:f8:1e:9d:05:12:93:a7:41:09:f3:13:
01:f6:9f:33:50:af:7d:5f:80:eb:09:d0:5e:18:9f:b3:71:1e:
eb:44:f7:37:2f:33:98:02:fd:03:ff:9e:b6:8f:6d:f0:36:01:
ac:81:5b:c8:58:7a:fa:18:08:eb:f7:4c:f7:fe:ba:30:a7:1c:
bd:0d:97:f3:0f:ab:36:4c:2a:2d:b1:34:6d:56:7c:60:4a:50:
6a:15:e1:78:2a:b9:03:2d:ba:7c:0b:6e:3f:80:66:9c:39:ed:
0d:de:d4:ab:d4:ae:40:f3:57:d1:60:f2:e5:3e:14:2d:93:21:
2b:0e:17:c7:4f:f7:1e:64:3a:5c:cb:35:ef:5c:64:3d:c0:68:
7c:8b:4a:15:c3:ad:7f:a4:66:29:5f:aa:c6:25:2c:ec:b8:a3:
44:db:05:f9:7d:14:6b:80:88:fe:da:63:72:b9:13:c7:90:cf:
bc:aa:bf:b5:9c:f0:3d:ad:0c:1b:f3:4b:ac:cf:72:68:c7:a7:
e9:ec:d8:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxgloRfpIdRUPFfxETniZveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMxMjEzMDAzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM5NDAyMmQwZGQ1YTdkZTA1MjBmOTAwZTFkOTk4ZDlhN2U5NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix3juj1bUjv0SJ6IjO4/YgOkt/pQ
s6iuRWedJrNQ1GB/M4V99cb09nlkx25LLu/j6T6IeSlvZXD/uX8pVAMvU891Wolw
kGtROMR0F3zWijvLSo5F2P/f1TiycDVB/a1VpYSUZD7cxuhP1gE7n5U7z0TXMz7M
HsXZm5SXTLXTPAKv2boE06yEmodSgJ8znKiiA0DJSmRAhcOaQT17SwqdlrB3OXoB
ryAleFpuo1Smn8AW54YzWlP80yqPIQCZI/LTaa7ujmfBq1+KBWQEQA+C4zfjqbIQ
uOH0BHy838LxqeJjfCsC76YzU8CIQiuXBfs6wjQkn9TJ01900RtRXEMWVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXJQCLQ3Vp94FIPkA4dmY2afpbrMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvMWNsQUl0RGRXbjNnVWctUURoMlpqWnAtbHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfm4MA0G
CSqGSIb3DQEBCwUAA4IBAQCvwVZkgc2XWrNEB6yQ5eaBh5j88Gw2QT1L87WKeR3Z
D4nsw8I3euehFIKeu6KcX7m263sGX4BdI5uZh7xc+B6dBRKTp0EJ8xMB9p8zUK99
X4DrCdBeGJ+zcR7rRPc3LzOYAv0D/562j23wNgGsgVvIWHr6GAjr90z3/rowpxy9
DZfzD6s2TCotsTRtVnxgSlBqFeF4KrkDLbp8C24/gGacOe0N3tSr1K5A81fRYPLl
PhQtkyErDhfHT/ceZDpcyzXvXGQ9wGh8i0oVw61/pGYpX6rGJSzsuKNE2wX5fRRr
gIj+2mNyuRPHkM+8qr+1nPA9rQwb80usz3Jox6fp7Nj6
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:13 2024 by rpki-client on console-fra.rpki-client.org