Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/iUvH6mQAepyuIUXDY0yK28Lsl88.roa
File: iUvH6mQAepyuIUXDY0yK28Lsl88.roa (raw, json)
Hash identifier: crJ2ZLFo8RSUsucVpP3fOP9kUXDGZ9CyDj0iPGvUmGk=
Subject key identifier: 89:4B:C7:EA:64:00:7A:9C:AE:21:45:C3:63:4C:8A:DB:C2:EC:97:CF
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018AF58B06D901D07C90A9D017E0F74AB18E
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/iUvH6mQAepyuIUXDY0yK28Lsl88.roa
Signing time: Tue 03 Oct 2023 12:37:23 +0000
ROA not before: Tue 03 Oct 2023 12:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.95.201.0/24 maxlen: 24
5.249.184.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:8b:06:d9:01:d0:7c:90:a9:d0:17:e0:f7:4a:b1:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Oct 3 12:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=894bc7ea64007a9cae2145c3634c8adbc2ec97cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a2:ac:e8:42:e2:c5:5e:6d:fb:48:1d:58:3f:
be:6b:7c:44:49:7e:c9:6b:c1:88:f8:de:8a:50:65:
50:43:dd:35:e3:ef:cd:8a:28:b3:91:1e:9a:c0:a7:
6f:af:65:d7:fa:80:12:e9:46:95:f7:92:4c:1d:aa:
86:30:02:d2:52:d1:f8:b1:c6:ec:e5:05:2e:a0:bb:
7a:ae:85:6e:cf:87:3b:c6:ab:0f:f6:b6:f6:3a:e1:
ee:03:4c:f2:3c:4c:e6:81:76:5f:7a:80:0d:82:b8:
fc:ab:32:53:b1:78:25:56:90:12:a0:1a:9f:51:ea:
16:09:c8:6b:53:4c:63:46:ec:c8:0f:0c:4e:73:ba:
c9:38:59:57:0b:b7:e4:8d:bc:cc:b3:aa:cf:90:c5:
b8:f1:8d:79:df:2d:c6:f1:7f:62:c9:c1:c1:ad:f5:
26:a6:b0:a1:89:1a:1c:35:76:5b:27:ea:ae:03:09:
98:8b:7e:54:5c:75:2f:4c:d1:9e:e5:b5:82:4b:16:
f2:d7:22:06:08:3c:61:37:1f:77:27:b0:b1:5d:65:
f2:e1:bd:15:34:90:fc:6a:e3:a5:dc:60:cd:b8:15:
44:9f:4f:7c:76:c2:04:55:d0:33:2c:b4:2d:03:70:
24:0a:ec:04:0a:d4:90:61:9b:36:9b:ad:34:52:72:
25:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4B:C7:EA:64:00:7A:9C:AE:21:45:C3:63:4C:8A:DB:C2:EC:97:CF
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/iUvH6mQAepyuIUXDY0yK28Lsl88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.184.0/22
195.95.201.0/24
Signature Algorithm: sha256WithRSAEncryption
17:47:ed:24:2d:33:56:48:82:a5:f3:87:77:d2:0f:30:c5:77:
74:51:c9:0b:8c:b6:3f:e4:14:ed:81:ee:bb:26:b5:7c:93:b0:
bf:b2:17:c1:93:71:96:4c:3b:16:d4:28:a1:51:d9:16:b6:b8:
7f:9f:68:58:b2:59:72:3e:d2:fa:9b:ce:98:f7:0c:9a:83:ae:
b2:cc:7c:6a:a2:e0:64:a7:c1:4c:2f:56:29:e0:14:7d:df:39:
6e:3d:8d:18:f3:d0:90:e1:88:6a:24:c0:5b:05:2b:f3:65:19:
32:c6:d2:3e:c4:d3:fc:0f:1b:50:f8:98:04:a3:f4:6f:f5:20:
7e:e4:27:23:f5:bc:25:c7:b7:5b:6f:cf:c2:d6:93:25:6d:d0:
46:e6:95:e8:a1:91:30:a4:df:e5:2d:e0:73:04:bb:e8:b7:ad:
c7:f1:9b:50:53:f9:77:f2:30:13:47:ea:bc:3b:73:d9:9e:60:
a0:24:7d:10:55:21:96:5b:13:d5:2a:27:c1:64:c6:82:c3:80:
69:09:31:e1:6e:4c:7b:a4:b6:e7:f4:89:93:83:7f:00:56:82:
be:f6:ec:3f:7c:18:e4:fb:37:8c:53:ee:be:d5:2b:29:81:76:
d3:91:84:74:7b:bd:3f:fb:61:ad:a9:1b:6b:64:91:1b:87:e4:
c7:3e:2b:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr1iwbZAdB8kKnQF+D3SrGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMxMDAzMTIzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTRiYzdlYTY0MDA3YTljYWUyMTQ1YzM2MzRjOGFkYmMyZWM5N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqKs6ELixV5t+0gdWD++a3xESX7J
a8GI+N6KUGVQQ9014+/NiiizkR6awKdvr2XX+oAS6UaV95JMHaqGMALSUtH4scbs
5QUuoLt6roVuz4c7xqsP9rb2OuHuA0zyPEzmgXZfeoANgrj8qzJTsXglVpASoBqf
UeoWCchrU0xjRuzIDwxOc7rJOFlXC7fkjbzMs6rPkMW48Y153y3G8X9iycHBrfUm
prChiRocNXZbJ+quAwmYi35UXHUvTNGe5bWCSxby1yIGCDxhNx93J7CxXWXy4b0V
NJD8auOl3GDNuBVEn098dsIEVdAzLLQtA3AkCuwECtSQYZs2m600UnIlhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIlLx+pkAHqcriFFw2NMitvC7JfPMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvaVV2SDZtUUFlcHl1SVVYRFkweUsyOExzbDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBfm4AwQA
w1/JMA0GCSqGSIb3DQEBCwUAA4IBAQAXR+0kLTNWSIKl84d30g8wxXd0UckLjLY/
5BTtge67JrV8k7C/shfBk3GWTDsW1CihUdkWtrh/n2hYsllyPtL6m86Y9wyag66y
zHxqouBkp8FML1Yp4BR93zluPY0Y89CQ4YhqJMBbBSvzZRkyxtI+xNP8DxtQ+JgE
o/Rv9SB+5Ccj9bwlx7dbb8/C1pMlbdBG5pXooZEwpN/lLeBzBLvot63H8ZtQU/l3
8jATR+q8O3PZnmCgJH0QVSGWWxPVKifBZMaCw4BpCTHhbkx7pLbn9ImTg38AVoK+
9uw/fBjk+zeMU+6+1SspgXbTkYR0e70/+2GtqRtrZJEbh+THPivq
-----END CERTIFICATE-----
Generated at Thu Nov 23 20:14:22 2023 by rpki-client on console-ams.rpki-client.org