Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/LhSpmL0N83caeo0KJh6hpGU76G4.roa
File: LhSpmL0N83caeo0KJh6hpGU76G4.roa (raw, json)
Hash identifier: MZvAt8ivcYzKBlOMYF7bmQJsRR3PQj7Wso0gmPF4VoY=
Subject key identifier: 2E:14:A9:98:BD:0D:F3:77:1A:7A:8D:0A:26:1E:A1:A4:65:3B:E8:6E
Certificate issuer: /CN=687d9b562ba472618f9398e265ca0e7108f687a3
Certificate serial: 01856F020E2D67D6DF3F2ABB88C049C5F21F
Authority key identifier: 68:7D:9B:56:2B:A4:72:61:8F:93:98:E2:65:CA:0E:71:08:F6:87:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aH2bViukcmGPk5jiZcoOcQj2h6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/LhSpmL0N83caeo0KJh6hpGU76G4.roa
Signing time: Sun 01 Jan 2023 20:24:43 +0000
ROA not before: Sun 01 Jan 2023 20:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12360
IP address blocks: 194.55.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:0e:2d:67:d6:df:3f:2a:bb:88:c0:49:c5:f2:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687d9b562ba472618f9398e265ca0e7108f687a3
Validity
Not Before: Jan 1 20:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e14a998bd0df3771a7a8d0a261ea1a4653be86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:68:6d:9e:b1:4c:07:06:0e:37:59:69:d4:cb:
2b:6f:60:5e:ea:75:2e:f9:1c:4e:c0:79:b9:70:95:
ef:f7:1d:18:e3:72:02:b5:ef:fd:cc:50:9b:47:24:
e0:d8:ba:f5:e0:7a:7e:c4:89:16:e8:69:2a:23:77:
42:82:bc:80:37:97:76:27:fe:12:ac:6e:d3:ed:f1:
ad:20:cb:71:af:4a:6e:24:7a:55:20:39:9a:9f:4c:
c8:c0:6d:56:0e:54:77:27:3e:de:3c:90:b2:50:39:
aa:cf:b3:2c:ee:1d:1d:8e:7d:68:84:b7:52:a5:e7:
2a:36:ab:5e:88:dd:4e:3c:f1:0f:86:ba:ba:72:09:
34:f9:a5:2e:99:56:d4:af:42:7d:88:3d:5b:4a:58:
60:0f:24:5a:c7:87:69:b3:1f:04:62:69:4b:f3:b3:
47:ee:6a:03:fa:14:59:76:8f:9c:8a:23:90:4e:ca:
e4:dd:bd:1f:ac:5c:5e:85:5d:c4:50:41:ea:78:ef:
ec:7e:81:6e:f2:83:5f:df:e3:85:ab:98:2a:25:e6:
34:df:9a:f9:98:da:01:e1:46:c1:b8:50:c6:ac:de:
46:76:82:1e:a3:17:82:89:dc:5b:4e:9c:22:90:1d:
96:63:00:8c:20:6d:96:92:ea:08:9b:33:32:d9:93:
20:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:14:A9:98:BD:0D:F3:77:1A:7A:8D:0A:26:1E:A1:A4:65:3B:E8:6E
X509v3 Authority Key Identifier:
keyid:68:7D:9B:56:2B:A4:72:61:8F:93:98:E2:65:CA:0E:71:08:F6:87:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aH2bViukcmGPk5jiZcoOcQj2h6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/LhSpmL0N83caeo0KJh6hpGU76G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.138.0/24
Signature Algorithm: sha256WithRSAEncryption
68:66:c4:f7:bb:89:9d:71:0c:a8:e4:65:2f:d7:98:a5:8a:56:
b4:65:91:e4:35:4b:33:70:4f:5b:d1:8b:40:3e:05:86:6a:7c:
d7:aa:85:63:cf:cf:46:6e:57:1a:37:df:4a:b9:42:20:90:07:
32:f1:5c:7a:8a:6e:ab:35:a3:e6:4c:80:f9:be:e1:3f:ec:9d:
6a:a1:34:05:16:f7:58:6f:2c:b4:47:81:52:f8:a1:aa:7c:69:
f7:d4:02:91:02:db:b8:2b:0e:08:b2:dc:d2:5c:72:47:63:26:
7c:91:4d:33:01:2d:ba:a9:fc:c6:51:94:3b:3c:25:59:e0:aa:
68:21:da:3d:fd:53:77:c0:48:35:00:34:3e:bf:8f:e1:a3:e1:
f9:38:a2:70:02:3d:66:aa:20:5a:d9:15:b6:4c:70:91:5a:4d:
0d:d5:e5:39:9e:e9:5e:05:ca:db:0a:bc:8f:cc:97:cf:63:04:
75:21:8b:4c:4e:31:f8:02:94:a4:39:4b:02:cb:7d:9f:f1:a7:
a1:69:31:cf:5d:6f:01:95:3c:7c:9b:b0:3b:f2:7b:da:26:f3:
ff:b1:36:7c:73:42:7b:e1:57:5f:bb:02:29:05:c4:f0:a7:7d:
d7:27:a7:14:a8:df:1b:a8:6e:74:fc:45:c0:ad:aa:41:d1:c9:
da:19:a9:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAg4tZ9bfPyq7iMBJxfIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2Q5YjU2MmJhNDcyNjE4ZjkzOThlMjY1Y2EwZTcxMDhm
Njg3YTMwHhcNMjMwMTAxMjAyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTE0YTk5OGJkMGRmMzc3MWE3YThkMGEyNjFlYTFhNDY1M2JlODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGhtnrFMBwYON1lp1Msrb2Be6nUu
+RxOwHm5cJXv9x0Y43ICte/9zFCbRyTg2Lr14Hp+xIkW6GkqI3dCgryAN5d2J/4S
rG7T7fGtIMtxr0puJHpVIDman0zIwG1WDlR3Jz7ePJCyUDmqz7Ms7h0djn1ohLdS
pecqNqteiN1OPPEPhrq6cgk0+aUumVbUr0J9iD1bSlhgDyRax4dpsx8EYmlL87NH
7moD+hRZdo+ciiOQTsrk3b0frFxehV3EUEHqeO/sfoFu8oNf3+OFq5gqJeY035r5
mNoB4UbBuFDGrN5GdoIeoxeCidxbTpwikB2WYwCMIG2WkuoImzMy2ZMgfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4UqZi9DfN3GnqNCiYeoaRlO+huMB8GA1UdIwQY
MBaAFGh9m1YrpHJhj5OY4mXKDnEI9oejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUgyYlZpdWtjbUdQazVqaVpjb09jUWoyaDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iODljMWYtOGRjYi00MzhiLThhZmQt
NjA1ZDEzNTEzNmY3LzEvTGhTcG1MME44M2NhZW8wS0poNmhwR1U3Nkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iODljMWYtOGRjYi00MzhiLThhZmQtNjA1ZDEzNTEzNmY3
LzEvYUgyYlZpdWtjbUdQazVqaVpjb09jUWoyaDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjeKMA0G
CSqGSIb3DQEBCwUAA4IBAQBoZsT3u4mdcQyo5GUv15ilila0ZZHkNUszcE9b0YtA
PgWGanzXqoVjz89GblcaN99KuUIgkAcy8Vx6im6rNaPmTID5vuE/7J1qoTQFFvdY
byy0R4FS+KGqfGn31AKRAtu4Kw4IstzSXHJHYyZ8kU0zAS26qfzGUZQ7PCVZ4Kpo
Ido9/VN3wEg1ADQ+v4/ho+H5OKJwAj1mqiBa2RW2THCRWk0N1eU5nuleBcrbCryP
zJfPYwR1IYtMTjH4ApSkOUsCy32f8aehaTHPXW8BlTx8m7A78nvaJvP/sTZ8c0J7
4VdfuwIpBcTwp33XJ6cUqN8bqG50/EXArapB0cnaGakh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:43 2024 by rpki-client on console-ams.rpki-client.org