Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/lt4HRN0tmAIWpLlZIdL2bEth2uk.roa
File: lt4HRN0tmAIWpLlZIdL2bEth2uk.roa (raw, json)
Hash identifier: 1Y/2vKwtdCTvNbQnRh/HC0mpYBhVn+hT4+IKNDm42+o=
Subject key identifier: 96:DE:07:44:DD:2D:98:02:16:A4:B9:59:21:D2:F6:6C:4B:61:DA:E9
Certificate issuer: /CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Certificate serial: 018B46F868F7269212ED7292DF4C49BC648A
Authority key identifier: 71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/lt4HRN0tmAIWpLlZIdL2bEth2uk.roa
Signing time: Thu 19 Oct 2023 08:06:06 +0000
ROA not before: Thu 19 Oct 2023 08:06:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209510
IP address blocks: 152.89.172.0/23 maxlen: 23
152.89.174.0/23 maxlen: 23
2a09:35c0:200::/40 maxlen: 40
2a09:35c0:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:46:f8:68:f7:26:92:12:ed:72:92:df:4c:49:bc:64:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Validity
Not Before: Oct 19 08:06:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96de0744dd2d980216a4b95921d2f66c4b61dae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:26:5b:1a:c6:25:6d:e6:5b:4e:bf:fd:67:79:
42:d2:5a:0b:7a:19:bb:f7:44:9f:3a:88:9a:a4:03:
ec:a7:74:df:7d:e1:a0:32:f2:4b:48:e8:fa:5b:24:
08:0e:e9:1c:8d:d3:2d:5a:86:a5:d2:d6:9d:6e:f4:
36:ca:66:5d:7a:09:f7:34:2b:74:eb:6f:0f:4d:f1:
4d:ac:a1:ea:6a:33:ca:43:45:59:b1:76:de:ae:7d:
7f:fd:83:9d:32:65:d0:98:df:27:be:8b:da:31:4c:
37:5f:a9:ed:0c:27:f8:47:9f:fa:bf:c7:fb:ed:ba:
2d:11:92:14:0f:ac:2b:87:b4:a5:fa:c7:85:fa:8a:
22:9e:2c:73:35:51:dc:52:0d:0a:af:78:f3:06:04:
53:87:21:dd:71:f7:e2:91:10:1c:b9:b9:32:91:3c:
db:0c:c7:aa:ce:2e:72:bb:fb:58:60:05:d3:70:ac:
03:3e:c0:3d:29:3b:47:c9:77:9d:27:dd:6c:1d:35:
c4:07:73:8f:40:2f:bc:5f:42:ab:01:0d:97:70:20:
c2:44:d6:cd:14:69:9a:21:7a:fb:5f:1c:01:1b:00:
36:8d:6c:b3:2f:b2:7f:68:24:e8:c4:bf:15:82:ca:
97:c3:36:b2:f0:53:8b:ad:86:e3:ad:8b:73:b0:57:
18:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DE:07:44:DD:2D:98:02:16:A4:B9:59:21:D2:F6:6C:4B:61:DA:E9
X509v3 Authority Key Identifier:
keyid:71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/lt4HRN0tmAIWpLlZIdL2bEth2uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/cQUbDizppMnmEh6YPRZf6rh-w1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.172.0/22
IPv6:
2a09:35c0:100::-2a09:35c0:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a1:ae:f9:a1:05:b3:70:a3:d0:bf:b1:61:79:7b:e1:1a:97:a1:
2f:52:2d:00:6d:f4:6d:52:67:c7:1c:12:bf:6e:49:4b:50:9b:
53:a4:a0:d4:ec:b6:69:7b:76:f1:3c:dc:9e:82:03:fb:4c:09:
65:9e:2b:03:48:bb:a6:6d:80:be:bf:c1:8e:7a:a6:e8:82:fd:
3c:e4:48:32:28:20:39:61:41:9a:2d:8c:e4:ba:ba:86:67:29:
4e:e3:2c:f3:77:84:00:3c:e3:33:f9:70:c4:32:da:5c:83:8d:
e5:95:64:83:4a:75:b5:a8:87:35:38:ff:1b:2a:65:0c:43:bc:
7d:38:2d:ba:ef:7e:ab:07:e7:12:6b:68:7e:25:34:51:43:4f:
a9:ef:12:40:32:23:54:d4:0b:0b:4d:80:93:9b:6b:3a:7d:12:
78:08:37:04:6d:cb:b3:17:70:f2:ae:be:9f:af:4b:7b:e2:2b:
be:23:9e:01:40:0e:ac:d2:1f:8f:55:af:af:2c:18:4c:ec:3c:
55:07:f6:24:17:dc:6b:f2:80:60:2d:0c:ea:2f:da:0f:9e:65:
ea:83:2c:d1:83:4d:59:79:47:29:cd:b9:3c:03:9f:40:f0:d5:
8d:97:ad:99:14:b1:8a:c2:14:75:0e:2e:b2:e5:92:00:3b:0a:
43:b9:f6:02
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYtG+Gj3JpIS7XKS30xJvGSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDUxYjBlMmNlOWE0YzllNjEyMWU5ODNkMTY1ZmVhYjg3
ZWMzNTQwHhcNMjMxMDE5MDgwNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRlMDc0NGRkMmQ5ODAyMTZhNGI5NTkyMWQyZjY2YzRiNjFkYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSZbGsYlbeZbTr/9Z3lC0loLehm7
90SfOoiapAPsp3TffeGgMvJLSOj6WyQIDukcjdMtWoal0tadbvQ2ymZdegn3NCt0
628PTfFNrKHqajPKQ0VZsXbern1//YOdMmXQmN8nvovaMUw3X6ntDCf4R5/6v8f7
7botEZIUD6wrh7Sl+seF+ooinixzNVHcUg0Kr3jzBgRThyHdcffikRAcubkykTzb
DMeqzi5yu/tYYAXTcKwDPsA9KTtHyXedJ91sHTXEB3OPQC+8X0KrAQ2XcCDCRNbN
FGmaIXr7XxwBGwA2jWyzL7J/aCToxL8VgsqXwzay8FOLrYbjrYtzsFcYwQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJbeB0TdLZgCFqS5WSHS9mxLYdrpMB8GA1UdIwQY
MBaAFHEFGw4s6aTJ5hIemD0WX+q4fsNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAt
NzM2YWI4MzQ5NGFjLzEvbHQ0SFJOMHRtQUlXcExsWklkTDJiRXRoMnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAtNzM2YWI4MzQ5NGFj
LzEvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCmFmsMBgE
AgACMBIwEAMGACoJNcABAwYAKgk1wAIwDQYJKoZIhvcNAQELBQADggEBAKGu+aEF
s3Cj0L+xYXl74RqXoS9SLQBt9G1SZ8ccEr9uSUtQm1OkoNTstml7dvE83J6CA/tM
CWWeKwNIu6ZtgL6/wY56puiC/TzkSDIoIDlhQZotjOS6uoZnKU7jLPN3hAA84zP5
cMQy2lyDjeWVZINKdbWohzU4/xsqZQxDvH04LbrvfqsH5xJraH4lNFFDT6nvEkAy
I1TUCwtNgJObazp9EngINwRty7MXcPKuvp+vS3viK74jngFADqzSH49Vr68sGEzs
PFUH9iQX3GvygGAtDOov2g+eZeqDLNGDTVl5RynNuTwDn0Dw1Y2XrZkUsYrCFHUO
LrLlkgA7CkO59gI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:53 2024 by rpki-client on console-fra.rpki-client.org