Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/LdSiqYlkTEQCiDs-xIbTOc30FCk.roa
File: LdSiqYlkTEQCiDs-xIbTOc30FCk.roa (raw, json)
Hash identifier: mw3H8+b0mFe3lJ3k1Hg0xFHcOjDUzL4TfKBuEFHr3XQ=
Subject key identifier: 2D:D4:A2:A9:89:64:4C:44:02:88:3B:3E:C4:86:D3:39:CD:F4:14:29
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 018571FA41AB45ED2A059B6022D8685A5A2C
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/LdSiqYlkTEQCiDs-xIbTOc30FCk.roa
Signing time: Mon 02 Jan 2023 10:15:04 +0000
ROA not before: Mon 02 Jan 2023 10:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207353
IP address blocks: 217.199.213.0/24 maxlen: 24
193.243.161.0/24 maxlen: 24
89.248.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 12:12:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:41:ab:45:ed:2a:05:9b:60:22:d8:68:5a:5a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Jan 2 10:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dd4a2a989644c4402883b3ec486d339cdf41429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cb:95:a9:a1:43:80:42:b9:84:b7:99:b9:9b:
08:2a:76:9b:44:54:4f:e4:ad:f7:ea:8d:56:0b:f6:
4f:a9:20:55:45:63:0d:b5:12:b6:b8:ff:95:2a:1c:
f8:99:45:93:b0:14:66:c5:9f:07:3b:57:d5:04:af:
19:35:7c:01:85:b0:4e:64:aa:f5:04:37:57:b0:d2:
4c:fb:c8:4e:ff:c1:88:7b:c0:da:13:5b:99:34:09:
45:3b:1a:d4:63:52:14:8e:ba:5a:6c:2a:4e:6f:f2:
c3:8a:93:8a:7e:58:6a:05:60:aa:58:1e:73:85:ca:
3a:ab:e1:c0:7f:08:4f:78:92:55:80:5f:a4:89:5a:
9d:10:ad:12:95:ae:f1:9a:8e:f9:a2:29:4e:63:5d:
ab:c4:97:07:62:37:b6:2c:90:86:f8:58:1f:bb:cd:
b3:74:5e:a5:2f:df:a4:86:e1:08:c2:cb:9b:cb:ab:
6c:12:57:76:30:39:f9:66:98:a8:77:90:5e:d7:0f:
05:97:39:ff:80:dd:68:a0:6e:de:f6:de:d6:c9:8f:
a5:6c:8f:eb:58:09:e6:d4:be:22:aa:60:81:7b:c6:
aa:c8:76:f6:b7:72:55:2a:22:8a:c1:90:12:e3:be:
c0:dd:80:6e:78:d6:7b:93:b6:04:0a:9d:ba:f2:01:
30:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D4:A2:A9:89:64:4C:44:02:88:3B:3E:C4:86:D3:39:CD:F4:14:29
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/LdSiqYlkTEQCiDs-xIbTOc30FCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.230.0/24
193.243.161.0/24
217.199.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:5d:86:f1:8b:98:37:65:37:31:14:98:2f:7d:df:8f:07:6a:
0a:ba:4d:4a:f8:2e:87:e8:a8:8d:ac:96:a4:74:58:ff:90:3a:
07:9c:e1:c4:33:2d:09:17:98:e5:b8:cf:86:68:05:b2:18:01:
af:ad:5b:a8:d0:2b:20:68:ca:1d:d7:20:d3:56:ed:f7:ac:48:
95:01:10:6d:da:49:5b:7a:79:75:aa:db:9e:b3:e6:c5:49:c2:
ea:ee:12:b9:85:67:21:1d:ca:90:88:e8:c3:4e:92:1b:94:e6:
4a:84:33:49:4f:b1:68:56:05:41:6c:c8:54:68:bb:77:ce:a2:
29:5c:9e:7e:9f:84:76:fd:e5:2b:b9:e4:99:26:f6:ae:2c:2b:
ec:a0:0f:d6:90:75:c6:66:1d:9e:65:e6:f7:bb:96:af:a0:56:
82:38:5a:4e:75:6b:9d:f2:72:3d:c3:e7:33:fc:0e:8f:94:6b:
a3:7d:36:5c:85:1b:23:dd:32:9b:8a:01:b1:a0:16:66:1c:dc:
20:bd:5c:2f:4f:45:e6:9c:22:a1:93:7e:08:27:d6:c5:01:3d:
e6:3e:16:f8:ac:06:8f:df:57:c1:d6:73:1e:7c:1a:84:ce:a5:
de:f4:a1:51:02:14:77:c9:76:64:b8:19:91:05:68:fe:4b:d0:
d2:e2:9d:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx+kGrRe0qBZtgIthoWlosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjMwMTAyMTAxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ0YTJhOTg5NjQ0YzQ0MDI4ODNiM2VjNDg2ZDMzOWNkZjQxNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8uVqaFDgEK5hLeZuZsIKnabRFRP
5K336o1WC/ZPqSBVRWMNtRK2uP+VKhz4mUWTsBRmxZ8HO1fVBK8ZNXwBhbBOZKr1
BDdXsNJM+8hO/8GIe8DaE1uZNAlFOxrUY1IUjrpabCpOb/LDipOKflhqBWCqWB5z
hco6q+HAfwhPeJJVgF+kiVqdEK0Sla7xmo75oilOY12rxJcHYje2LJCG+Fgfu82z
dF6lL9+khuEIwsuby6tsEld2MDn5Zpiod5Be1w8Flzn/gN1ooG7e9t7WyY+lbI/r
WAnm1L4iqmCBe8aqyHb2t3JVKiKKwZAS477A3YBueNZ7k7YECp268gEw9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC3UoqmJZExEAog7PsSG0znN9BQpMB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvTGRTaXFZbGtURVFDaURzLXhJYlRPYzMwRkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfjmAwQA
wfOhAwQA2cfVMA0GCSqGSIb3DQEBCwUAA4IBAQBPXYbxi5g3ZTcxFJgvfd+PB2oK
uk1K+C6H6KiNrJakdFj/kDoHnOHEMy0JF5jluM+GaAWyGAGvrVuo0CsgaMod1yDT
Vu33rEiVARBt2klbenl1qtues+bFScLq7hK5hWchHcqQiOjDTpIblOZKhDNJT7Fo
VgVBbMhUaLt3zqIpXJ5+n4R2/eUrueSZJvauLCvsoA/WkHXGZh2eZeb3u5avoFaC
OFpOdWud8nI9w+cz/A6PlGujfTZchRsj3TKbigGxoBZmHNwgvVwvT0XmnCKhk34I
J9bFAT3mPhb4rAaP31fB1nMefBqEzqXe9KFRAhR3yXZkuBmRBWj+S9DS4p3W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:00 2024 by rpki-client on console-ams.rpki-client.org