Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/lrm3BsJCOkoCaOqofj_gQPBD_vk.roa
File: lrm3BsJCOkoCaOqofj_gQPBD_vk.roa (raw, json)
Hash identifier: 3RX+N96V7qPuvNtzw4XyEhM2uwkVvRagSo4I0hNOQDM=
Subject key identifier: 96:B9:B7:06:C2:42:3A:4A:02:68:EA:A8:7E:3F:E0:40:F0:43:FE:F9
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018CB0D24236D53EBA7271F7EB5FEFC171CD
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/lrm3BsJCOkoCaOqofj_gQPBD_vk.roa
Signing time: Thu 28 Dec 2023 14:26:58 +0000
ROA not before: Thu 28 Dec 2023 14:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12443
IP address blocks: 213.175.124.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:d2:42:36:d5:3e:ba:72:71:f7:eb:5f:ef:c1:71:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Dec 28 14:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96b9b706c2423a4a0268eaa87e3fe040f043fef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3f:52:4f:48:67:69:77:2f:fd:2e:b1:b3:a6:
53:5e:31:bd:84:d5:22:7d:76:6c:1f:a0:1f:fb:30:
1e:11:6f:90:54:21:56:18:ff:ed:f5:28:b8:30:3c:
0b:df:f9:fa:1d:c0:ce:e4:19:1e:93:6a:28:16:56:
d9:69:1e:eb:75:19:9f:b8:96:66:13:47:da:c5:c6:
f3:48:ec:96:be:e3:bd:8d:66:39:ad:c9:9b:67:40:
d5:d8:fa:f0:da:b2:d2:78:e5:01:09:59:d8:dd:4f:
88:c1:4b:9f:2a:f9:4e:3b:20:cd:b1:21:72:d6:e5:
f1:8a:24:56:a8:5c:a7:70:48:7a:63:32:3d:8e:04:
28:0d:7a:b9:fa:01:2e:65:b6:46:56:4e:a1:30:92:
cf:de:c6:68:a3:ee:fd:3f:66:fc:9f:bf:5e:08:06:
58:1f:d1:2f:46:72:a9:52:ba:34:a8:e3:83:91:f6:
ec:00:ed:8b:55:04:83:5e:c3:ae:56:0d:2c:39:d1:
2a:8a:f1:fb:54:a6:10:97:c2:2c:77:09:a2:42:5d:
28:80:94:87:cc:c0:a7:f9:30:0d:ea:30:8a:fc:7d:
df:f4:6f:3f:6c:45:5c:7e:bc:8a:55:b8:89:98:3c:
a1:02:5f:e3:f7:0e:f1:45:6a:2e:ba:35:1b:f8:50:
dc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B9:B7:06:C2:42:3A:4A:02:68:EA:A8:7E:3F:E0:40:F0:43:FE:F9
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/lrm3BsJCOkoCaOqofj_gQPBD_vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.175.124.0/22
Signature Algorithm: sha256WithRSAEncryption
56:ab:a9:88:84:a9:06:a7:12:e8:5e:33:50:f6:b0:70:ca:f4:
23:5e:a2:6a:54:8e:a8:f9:98:2b:0b:eb:02:d4:72:80:a0:c4:
20:4b:9d:a5:c4:28:8c:ac:00:b3:0e:66:92:f1:d1:39:d4:eb:
f7:88:a0:d0:ce:77:29:e5:e1:a6:45:5a:7f:a8:70:e0:20:7b:
5e:b5:64:47:11:2c:f6:a2:ac:68:fd:13:8a:f7:2e:14:2c:19:
31:47:ad:e6:99:bc:4a:52:fb:06:6d:b8:2c:4d:c4:ac:79:4f:
90:e4:27:67:08:d3:b2:cc:a2:5b:52:58:cf:97:ac:92:46:99:
3f:00:b1:34:c9:b3:f4:b2:65:5d:bf:7c:5e:d8:90:53:00:7f:
2e:e8:39:df:7c:8f:c4:69:a6:13:87:97:35:89:93:5f:56:08:
f6:a7:45:47:1d:03:62:5f:4f:8b:a3:5e:6c:70:a0:53:0f:98:
03:c9:8c:54:33:5c:76:18:fc:f7:c0:8c:f5:e9:d8:7b:a7:96:
e3:ed:f4:19:24:91:57:d3:a2:4f:8f:a1:14:00:17:07:34:c2:
98:a3:f0:91:51:5a:4a:38:0a:bf:3c:73:9d:96:8a:59:58:03:
09:43:ca:28:4a:e3:99:cf:84:8b:7c:24:39:39:e0:00:8f:9b:
be:a7:43:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyw0kI21T66cnH361/vwXHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMxMjI4MTQyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmI5YjcwNmMyNDIzYTRhMDI2OGVhYTg3ZTNmZTA0MGYwNDNmZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2z9ST0hnaXcv/S6xs6ZTXjG9hNUi
fXZsH6Af+zAeEW+QVCFWGP/t9Si4MDwL3/n6HcDO5Bkek2ooFlbZaR7rdRmfuJZm
E0faxcbzSOyWvuO9jWY5rcmbZ0DV2Prw2rLSeOUBCVnY3U+IwUufKvlOOyDNsSFy
1uXxiiRWqFyncEh6YzI9jgQoDXq5+gEuZbZGVk6hMJLP3sZoo+79P2b8n79eCAZY
H9EvRnKpUro0qOODkfbsAO2LVQSDXsOuVg0sOdEqivH7VKYQl8IsdwmiQl0ogJSH
zMCn+TAN6jCK/H3f9G8/bEVcfryKVbiJmDyhAl/j9w7xRWouujUb+FDcQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJa5twbCQjpKAmjqqH4/4EDwQ/75MB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvbHJtM0JzSkNPa29DYU9xb2ZqX2dRUEJEX3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1a98MA0G
CSqGSIb3DQEBCwUAA4IBAQBWq6mIhKkGpxLoXjNQ9rBwyvQjXqJqVI6o+ZgrC+sC
1HKAoMQgS52lxCiMrACzDmaS8dE51Ov3iKDQzncp5eGmRVp/qHDgIHtetWRHESz2
oqxo/ROK9y4ULBkxR63mmbxKUvsGbbgsTcSseU+Q5CdnCNOyzKJbUljPl6ySRpk/
ALE0ybP0smVdv3xe2JBTAH8u6DnffI/EaaYTh5c1iZNfVgj2p0VHHQNiX0+Lo15s
cKBTD5gDyYxUM1x2GPz3wIz16dh7p5bj7fQZJJFX06JPj6EUABcHNMKYo/CRUVpK
OAq/PHOdlopZWAMJQ8ooSuOZz4SLfCQ5OeAAj5u+p0OY
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:12 2024 by rpki-client on console-ams.rpki-client.org