Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LHE8Yhq4k6Rd5zSf3crne_aDhio.roa
File: LHE8Yhq4k6Rd5zSf3crne_aDhio.roa (raw, json)
Hash identifier: z7vXJQE9MbdBQBOBj+r+kJ67cEW3T+UWBgz/VM9yXLE=
Subject key identifier: 2C:71:3C:62:1A:B8:93:A4:5D:E7:34:9F:DD:CA:E7:7B:F6:83:86:2A
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018B844EC2983643E871854450FCC22F8023
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LHE8Yhq4k6Rd5zSf3crne_aDhio.roa
Signing time: Tue 31 Oct 2023 05:57:15 +0000
ROA not before: Tue 31 Oct 2023 05:57:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20657
IP address blocks: 195.68.214.0/23 maxlen: 24
193.108.24.0/24 maxlen: 24
194.79.12.0/22 maxlen: 24
88.80.131.0/24 maxlen: 24
88.80.132.0/24 maxlen: 24
88.80.133.0/24 maxlen: 24
88.80.152.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 27 Nov 2023 20:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:4e:c2:98:36:43:e8:71:85:44:50:fc:c2:2f:80:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Oct 31 05:57:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c713c621ab893a45de7349fddcae77bf683862a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:80:2a:3e:33:07:62:f5:6d:b8:b3:fe:b0:3d:
b6:de:1d:77:42:ed:a0:7a:e0:7e:1d:6e:d9:9d:e8:
17:3e:0d:69:d5:15:6e:b4:18:f3:eb:d4:1f:85:6c:
b8:a4:3e:3a:93:a6:2d:f2:24:dd:1e:5b:4c:40:95:
b8:52:9e:26:f6:d9:5b:ca:86:51:ee:46:73:fb:af:
39:85:ed:65:ce:71:a2:28:1d:5e:06:c3:53:0f:0a:
4e:5e:f1:bf:05:56:cd:fb:b7:b8:77:f3:eb:31:ab:
ae:70:c5:12:b4:d0:fa:39:3e:b3:71:9c:f9:00:da:
4f:00:3a:fb:f5:2d:f9:d4:0c:67:97:e7:6b:47:be:
88:be:cf:67:de:e0:d5:49:d3:56:b2:34:53:c8:d8:
b0:cf:0b:0a:d1:2f:98:d0:a9:63:e2:fd:82:31:65:
be:ee:50:bd:3a:9b:e9:9e:47:e6:8b:01:dc:41:5a:
c5:7d:c2:53:c6:14:88:39:f8:80:e6:7f:1b:d5:f9:
1e:97:09:98:9a:8a:47:72:2a:c5:d4:4b:6a:4c:81:
0d:c8:96:23:3f:fa:4a:d0:a0:be:85:07:7a:d9:d5:
a3:52:15:d5:19:fe:ea:6b:cf:49:00:92:c0:62:ba:
17:92:f9:49:26:a3:2b:cf:78:dc:a6:16:4c:08:2b:
f8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:71:3C:62:1A:B8:93:A4:5D:E7:34:9F:DD:CA:E7:7B:F6:83:86:2A
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LHE8Yhq4k6Rd5zSf3crne_aDhio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.131.0-88.80.133.255
88.80.152.0/21
193.108.24.0/24
194.79.12.0/22
195.68.214.0/23
Signature Algorithm: sha256WithRSAEncryption
80:0e:6e:ae:cf:1b:e8:80:90:f9:f9:08:73:6e:0d:57:4c:0e:
25:8d:36:b6:5e:46:51:11:b9:0c:04:7f:f8:87:34:fc:2f:4b:
2d:70:aa:a8:2d:ea:62:c8:d2:43:6b:da:e0:88:6a:80:45:45:
85:84:6d:1b:8e:2d:c2:33:ea:23:ba:01:12:7d:5c:9b:95:d5:
6a:95:d6:14:d5:97:36:24:64:86:3e:17:f6:04:c5:48:9f:c6:
e6:a4:da:3e:11:21:03:39:dc:d3:c1:97:2a:ec:2d:67:66:c2:
79:d9:87:7f:0d:b0:6d:24:91:6a:16:56:33:16:6c:df:82:40:
86:80:63:30:35:67:6e:88:ef:99:9e:3b:48:6f:65:f0:86:24:
ff:d5:17:f1:15:56:8c:e9:b1:b6:bd:ff:a5:a5:dd:4b:0f:bc:
ac:e8:7e:68:d4:9a:ac:2e:a0:da:33:44:0b:b7:c4:1b:b7:f5:
e1:b4:be:c0:11:e8:fd:37:a0:2c:17:4c:83:ec:02:be:af:f3:
89:8f:59:8e:1d:da:b5:82:93:5d:1a:ab:81:62:2f:6c:c8:7c:
2e:cf:96:88:92:1a:cd:5e:7f:e4:82:81:32:36:20:5a:b2:03:
fe:23:92:22:aa:d7:19:0d:3a:81:4e:77:a7:27:44:f3:30:cd:
69:fe:c2:fe
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYuETsKYNkPocYVEUPzCL4AjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjMxMDMxMDU1NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzcxM2M2MjFhYjg5M2E0NWRlNzM0OWZkZGNhZTc3YmY2ODM4NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIAqPjMHYvVtuLP+sD223h13Qu2g
euB+HW7ZnegXPg1p1RVutBjz69QfhWy4pD46k6Yt8iTdHltMQJW4Up4m9tlbyoZR
7kZz+685he1lznGiKB1eBsNTDwpOXvG/BVbN+7e4d/PrMauucMUStND6OT6zcZz5
ANpPADr79S351Axnl+drR76Ivs9n3uDVSdNWsjRTyNiwzwsK0S+Y0Klj4v2CMWW+
7lC9OpvpnkfmiwHcQVrFfcJTxhSIOfiA5n8b1fkelwmYmopHcirF1EtqTIENyJYj
P/pK0KC+hQd62dWjUhXVGf7qa89JAJLAYroXkvlJJqMrz3jcphZMCCv4yQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCxxPGIauJOkXec0n93K53v2g4YqMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvTEhFOFlocTRrNlJkNXpTZjNjcm5lX2FEaGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABYUIMD
BAFYUIQDBANYUJgDBADBbBgDBALCTwwDBAHDRNYwDQYJKoZIhvcNAQELBQADggEB
AIAObq7PG+iAkPn5CHNuDVdMDiWNNrZeRlERuQwEf/iHNPwvSy1wqqgt6mLI0kNr
2uCIaoBFRYWEbRuOLcIz6iO6ARJ9XJuV1WqV1hTVlzYkZIY+F/YExUifxuak2j4R
IQM53NPBlyrsLWdmwnnZh38NsG0kkWoWVjMWbN+CQIaAYzA1Z26I75meO0hvZfCG
JP/VF/EVVozpsba9/6Wl3UsPvKzofmjUmqwuoNozRAu3xBu39eG0vsAR6P03oCwX
TIPsAr6v84mPWY4d2rWCk10aq4FiL2zIfC7PloiSGs1ef+SCgTI2IFqyA/4jkiKq
1xkNOoFOd6cnRPMwzWn+wv4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org