Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dNLiBTQnySfZXdoBC8zIdYuEeqs.roa
File: dNLiBTQnySfZXdoBC8zIdYuEeqs.roa (raw, json)
Hash identifier: gN3Aq4L8mvMZwMSTWQefzMEHaIm6iGk0YbhPBil3yXQ=
Subject key identifier: 74:D2:E2:05:34:27:C9:27:D9:5D:DA:01:0B:CC:C8:75:8B:84:7A:AB
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018805C13AFC41993C38263591054FAA5446
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dNLiBTQnySfZXdoBC8zIdYuEeqs.roa
Signing time: Wed 10 May 2023 13:02:09 +0000
ROA not before: Wed 10 May 2023 13:02:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.95.201.0/24 maxlen: 24
37.19.68.0/22 maxlen: 22
185.145.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 11:09:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:05:c1:3a:fc:41:99:3c:38:26:35:91:05:4f:aa:54:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: May 10 13:02:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74d2e2053427c927d95dda010bccc8758b847aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cb:9f:15:fd:28:fe:7e:3e:7f:16:ac:12:8a:
28:e2:e1:31:71:57:c2:07:2c:0a:fd:97:85:c4:4a:
d3:53:6f:e3:7c:7f:9d:47:87:8f:5e:e1:d3:42:92:
4d:93:eb:9b:1a:ec:ed:fb:2a:e0:51:24:af:8d:8d:
df:17:fe:5f:d5:ae:c3:e7:9f:a9:5d:27:07:2f:d2:
2f:10:2d:67:63:49:82:71:36:ba:7c:64:d6:da:7c:
77:6a:f8:e4:92:90:48:8a:a5:69:27:d6:e5:22:83:
f9:37:4f:a7:31:4b:16:77:50:1c:48:ed:81:d2:11:
91:37:58:a0:39:cd:4a:76:66:00:12:49:c9:45:11:
b1:27:e1:fd:c4:c4:0d:f2:54:92:5c:a1:a7:50:33:
4c:dc:83:db:2e:e6:5a:6e:99:b9:28:5d:a4:05:3d:
14:65:86:ae:97:0d:a1:40:b7:6c:5f:e8:37:94:77:
f9:d6:ac:35:90:34:ed:be:68:e4:10:3f:de:7a:25:
17:6d:88:52:0b:70:60:b3:80:a4:d8:15:7d:10:8e:
31:8a:88:ec:83:32:e1:4a:58:c9:f9:d2:05:9c:73:
93:83:6b:df:66:93:e1:cd:51:d1:ae:8a:74:de:97:
d7:fe:7c:f5:39:d9:38:7c:59:49:81:90:cf:6e:88:
b5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D2:E2:05:34:27:C9:27:D9:5D:DA:01:0B:CC:C8:75:8B:84:7A:AB
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dNLiBTQnySfZXdoBC8zIdYuEeqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.68.0/22
185.145.52.0/24
195.95.201.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:dd:a6:55:db:bc:df:ee:d9:cc:f6:4f:4f:6e:45:f7:17:9b:
32:3f:4e:92:ae:28:87:28:01:aa:c9:55:13:d5:7e:5c:15:66:
20:d6:4c:d4:f1:c2:80:f2:b9:35:95:d7:34:3c:41:1c:3a:4c:
6d:db:c1:d2:18:bb:f8:45:18:7a:f4:07:c4:0d:0c:cc:6f:49:
cb:d0:c4:f4:25:e0:8f:a3:8a:f4:a7:28:44:44:c6:34:ae:b1:
34:9d:81:45:fa:60:12:ba:19:bb:30:40:b1:73:0e:2f:e0:6a:
4f:02:e3:9f:ab:4c:d4:6f:93:ae:6a:7c:3b:48:eb:b8:e6:c9:
14:11:9f:e5:d0:fd:6b:7a:3a:04:fe:e2:e2:bd:94:ad:8b:7b:
78:34:1e:eb:34:5a:5f:c7:f5:ae:26:74:58:81:ca:eb:91:e7:
20:d6:b2:71:c6:22:6c:a7:51:d4:28:ec:41:40:f6:22:11:22:
8a:a9:a2:49:b6:90:f1:79:5c:0a:a9:25:51:e7:07:13:d0:f2:
44:38:1f:82:bc:98:e2:8f:f7:5c:01:d8:74:be:0b:e3:c7:19:
70:10:1b:f8:c8:ad:4e:c6:f5:1b:73:ca:93:89:0d:bb:f1:cf:
e3:db:4d:af:80:b8:ee:3d:0d:25:1c:0c:aa:34:7d:9e:2d:b4:
3a:c5:cd:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgFwTr8QZk8OCY1kQVPqlRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwNTEwMTMwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGQyZTIwNTM0MjdjOTI3ZDk1ZGRhMDEwYmNjYzg3NThiODQ3YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMufFf0o/n4+fxasEooo4uExcVfC
BywK/ZeFxErTU2/jfH+dR4ePXuHTQpJNk+ubGuzt+yrgUSSvjY3fF/5f1a7D55+p
XScHL9IvEC1nY0mCcTa6fGTW2nx3avjkkpBIiqVpJ9blIoP5N0+nMUsWd1AcSO2B
0hGRN1igOc1KdmYAEknJRRGxJ+H9xMQN8lSSXKGnUDNM3IPbLuZabpm5KF2kBT0U
ZYaulw2hQLdsX+g3lHf51qw1kDTtvmjkED/eeiUXbYhSC3Bgs4Ck2BV9EI4xiojs
gzLhSljJ+dIFnHOTg2vfZpPhzVHRrop03pfX/nz1Odk4fFlJgZDPboi1IQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHTS4gU0J8kn2V3aAQvMyHWLhHqrMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvZE5MaUJUUW55U2ZaWGRvQkM4eklkWXVFZXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJRNEAwQA
uZE0AwQAw1/JMA0GCSqGSIb3DQEBCwUAA4IBAQAM3aZV27zf7tnM9k9PbkX3F5sy
P06SriiHKAGqyVUT1X5cFWYg1kzU8cKA8rk1ldc0PEEcOkxt28HSGLv4RRh69AfE
DQzMb0nL0MT0JeCPo4r0pyhERMY0rrE0nYFF+mASuhm7MECxcw4v4GpPAuOfq0zU
b5Ouanw7SOu45skUEZ/l0P1rejoE/uLivZSti3t4NB7rNFpfx/WuJnRYgcrrkecg
1rJxxiJsp1HUKOxBQPYiESKKqaJJtpDxeVwKqSVR5wcT0PJEOB+CvJjij/dcAdh0
vgvjxxlwEBv4yK1OxvUbc8qTiQ278c/j202vgLjuPQ0lHAyqNH2eLbQ6xc2y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org