Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/ljuhI7zYId2_pc9ZtHga0E54rIY.roa
File: ljuhI7zYId2_pc9ZtHga0E54rIY.roa (raw, json)
Hash identifier: LT+nsYhu1oC0hKoAqTOQ8Dn/NKPu62L3bJjsDyTeHuI=
Subject key identifier: 96:3B:A1:23:BC:D8:21:DD:BF:A5:CF:59:B4:78:1A:D0:4E:78:AC:86
Certificate issuer: /CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Certificate serial: 018CAB16A9E24DE3B6AF7E91D06B020038FB
Authority key identifier: D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/ljuhI7zYId2_pc9ZtHga0E54rIY.roa
Signing time: Wed 27 Dec 2023 11:43:58 +0000
ROA not before: Wed 27 Dec 2023 11:43:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39402
IP address blocks: 185.118.25.0/24 maxlen: 24
185.118.27.0/24 maxlen: 24
185.118.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:16:a9:e2:4d:e3:b6:af:7e:91:d0:6b:02:00:38:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Validity
Not Before: Dec 27 11:43:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=963ba123bcd821ddbfa5cf59b4781ad04e78ac86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9b:bc:d6:5a:3c:69:25:2a:00:40:d7:ec:4e:
e6:90:f0:84:f3:f0:7e:5e:91:22:03:c7:71:fd:b5:
d4:ec:23:9f:f2:ae:c0:43:b1:80:3f:47:0c:ca:5e:
bd:3e:4a:d5:a4:35:90:10:7e:01:ac:ed:0f:b3:96:
3b:7a:b4:60:3b:0e:2f:6d:35:4c:ca:50:09:9e:b5:
cd:71:dc:a4:9a:ce:56:f1:e8:52:7a:3e:72:e2:65:
c4:57:2a:1a:a4:47:61:7a:80:93:e4:4f:5a:ad:03:
f4:08:41:b3:1e:14:ca:7e:1b:7e:06:ed:bd:5a:02:
81:c4:8a:9e:5b:e7:f9:0f:8f:07:ee:97:59:45:a8:
7d:36:5c:50:7b:92:8e:4d:3e:ef:b1:6b:de:ad:63:
c7:e6:ea:ae:1e:04:bc:04:8e:61:ae:8e:48:70:88:
c3:6f:ec:b5:32:2b:cb:f7:45:68:17:b2:8f:5b:ea:
11:d5:79:7c:d8:ed:63:61:0c:61:d4:c5:6c:68:c7:
ff:81:4d:35:94:6f:24:0d:62:fc:8a:77:9f:c0:37:
e0:64:0b:ed:0a:86:6b:00:fc:6a:72:bd:ce:f5:af:
5a:c6:3a:95:af:64:93:30:bb:5b:2f:87:a0:32:0b:
ca:6f:46:4c:bb:c1:27:78:09:2e:30:a2:ba:b0:24:
56:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3B:A1:23:BC:D8:21:DD:BF:A5:CF:59:B4:78:1A:D0:4E:78:AC:86
X509v3 Authority Key Identifier:
keyid:D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/ljuhI7zYId2_pc9ZtHga0E54rIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/1_fxawWhEjFRpnekesLY2QYd85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.24.0/23
185.118.27.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:3f:34:38:21:fa:e2:ad:22:ae:f9:54:96:7f:4b:4b:9a:a0:
23:7a:3e:02:74:8d:14:28:b5:99:c9:80:ea:b0:e9:d2:40:37:
7c:1f:8d:8f:f3:49:58:f2:56:cd:91:f1:f7:fb:45:29:b9:bb:
b3:37:63:d4:78:15:9a:db:20:67:7f:4c:84:14:fe:d9:02:a4:
d4:3f:79:8e:ef:b4:32:26:a6:0c:e5:bf:c8:8f:41:e5:ae:7b:
c4:56:f3:cb:32:ac:d4:86:aa:66:3a:b8:61:f0:87:0e:69:be:
c3:f3:eb:f3:6d:03:7b:8f:b3:f3:59:bb:c1:21:59:35:33:cf:
87:37:d4:b8:77:86:4f:7b:2e:a0:ac:29:a6:d6:97:e7:92:0b:
75:4d:78:06:e6:a4:0e:3b:9d:54:dc:0b:9a:94:48:97:8c:31:
d8:43:c5:61:bd:3d:00:fa:d0:6f:18:73:b9:33:41:c8:91:4c:
a4:de:45:3f:7e:18:35:ee:78:38:4a:75:b6:f5:3b:bc:a7:33:
1c:d0:76:b5:4d:98:af:79:05:01:16:30:56:f1:a2:ff:37:33:
61:b5:ce:8c:95:6a:b5:c2:5a:49:c3:37:57:41:39:fd:7b:5a:
05:d5:cd:15:8e:65:24:79:ef:83:30:e1:43:40:bb:d4:7c:30:
b9:63:4e:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyrFqniTeO2r36R0GsCADj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZjdmMTZiMDVhMTEyMzE1MWE2NzdhNDdhYzJkOGQ5MDYx
ZGYzOTAwHhcNMjMxMjI3MTE0MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjNiYTEyM2JjZDgyMWRkYmZhNWNmNTliNDc4MWFkMDRlNzhhYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZu81lo8aSUqAEDX7E7mkPCE8/B+
XpEiA8dx/bXU7COf8q7AQ7GAP0cMyl69PkrVpDWQEH4BrO0Ps5Y7erRgOw4vbTVM
ylAJnrXNcdykms5W8ehSej5y4mXEVyoapEdheoCT5E9arQP0CEGzHhTKfht+Bu29
WgKBxIqeW+f5D48H7pdZRah9NlxQe5KOTT7vsWverWPH5uquHgS8BI5hro5IcIjD
b+y1MivL90VoF7KPW+oR1Xl82O1jYQxh1MVsaMf/gU01lG8kDWL8inefwDfgZAvt
CoZrAPxqcr3O9a9axjqVr2STMLtbL4egMgvKb0ZMu8EneAkuMKK6sCRWYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJY7oSO82CHdv6XPWbR4GtBOeKyGMB8GA1UdIwQY
MBaAFNf38WsFoRIxUaZ3pHrC2NkGHfOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYt
NmNiZTk0OTUzMmU0LzEvbGp1aEk3ellJZDJfcGM5WnRIZ2EwRTU0cklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYtNmNiZTk0OTUzMmU0
LzEvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuXYYAwQA
uXYbMA0GCSqGSIb3DQEBCwUAA4IBAQCmPzQ4IfrirSKu+VSWf0tLmqAjej4CdI0U
KLWZyYDqsOnSQDd8H42P80lY8lbNkfH3+0UpubuzN2PUeBWa2yBnf0yEFP7ZAqTU
P3mO77QyJqYM5b/Ij0HlrnvEVvPLMqzUhqpmOrhh8IcOab7D8+vzbQN7j7PzWbvB
IVk1M8+HN9S4d4ZPey6grCmm1pfnkgt1TXgG5qQOO51U3AualEiXjDHYQ8VhvT0A
+tBvGHO5M0HIkUyk3kU/fhg17ng4SnW29Tu8pzMc0Ha1TZiveQUBFjBW8aL/NzNh
tc6MlWq1wlpJwzdXQTn9e1oF1c0VjmUkee+DMOFDQLvUfDC5Y05/
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:04 2024 by rpki-client on console-fra.rpki-client.org