Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJgYHBCZ13rESoK6kMiSz8IDPkg.roa
File: LJgYHBCZ13rESoK6kMiSz8IDPkg.roa (raw, json)
Hash identifier: V0489wzYvlLFJHmTDkprXBVuCr6YjMLgcXPVX6F1CY4=
Subject key identifier: 2C:98:18:1C:10:99:D7:7A:C4:4A:82:BA:90:C8:92:CF:C2:03:3E:48
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018697C2A15E1C2411A9D6A52A64A098CAA5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJgYHBCZ13rESoK6kMiSz8IDPkg.roa
Signing time: Tue 28 Feb 2023 11:22:40 +0000
ROA not before: Tue 28 Feb 2023 11:22:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199700
IP address blocks: 194.5.85.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:c2:a1:5e:1c:24:11:a9:d6:a5:2a:64:a0:98:ca:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 28 11:22:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c98181c1099d77ac44a82ba90c892cfc2033e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bb:22:33:55:f4:c8:64:19:1f:5b:9c:fc:db:
79:23:e3:aa:7e:10:6a:11:be:82:cb:e2:3e:88:e0:
41:b2:dd:af:5f:49:48:88:78:b2:58:a0:74:da:34:
a4:a6:ce:b9:95:3c:28:09:88:5a:f6:29:c5:25:ce:
82:96:7d:d5:5b:1a:f1:d0:df:29:a4:db:9f:e5:b0:
02:cd:2b:b6:30:d1:a7:56:ae:39:07:09:24:1d:70:
a5:bc:de:eb:d1:3f:08:cf:ea:d5:92:74:53:ff:83:
d5:a7:0e:34:b8:6f:b2:cb:4e:a5:1e:f0:2d:5b:13:
d9:64:b5:f6:82:28:dd:e8:5c:53:e6:ef:db:c0:17:
fd:74:4c:df:0c:1a:38:4b:19:8f:2f:0a:20:85:80:
f1:cc:e1:ca:84:09:cb:5d:43:08:d7:9f:8a:57:dc:
e0:25:1d:60:40:11:c1:20:08:a8:e0:9c:90:14:cc:
92:3c:32:9a:6a:1d:6a:c4:4c:de:b4:fd:94:a8:04:
69:8f:0b:00:69:c7:84:c0:80:9c:40:93:81:d0:2d:
e3:66:eb:24:dc:28:d1:c0:a4:7f:8f:f6:f0:31:8d:
67:26:9a:3c:d8:e5:9f:4c:54:06:e3:ab:82:3b:2b:
55:e1:70:92:12:14:56:3f:de:84:49:b6:cc:22:44:
94:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:98:18:1C:10:99:D7:7A:C4:4A:82:BA:90:C8:92:CF:C2:03:3E:48
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJgYHBCZ13rESoK6kMiSz8IDPkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
27:ab:8f:7d:48:6a:17:3c:65:ff:4d:6c:5c:80:2f:ad:50:bf:
f4:07:22:f0:bd:9e:46:22:7a:eb:d7:13:5b:6c:f8:6d:83:23:
0e:fc:40:74:48:ac:06:53:29:ef:5d:2d:b1:96:57:81:da:22:
a9:f3:1f:1a:51:fa:db:36:df:15:ce:2a:a5:de:ae:4f:10:e3:
fb:ee:3f:43:10:74:9a:32:73:f9:f1:84:e9:86:5f:00:0a:f3:
3d:c6:c4:7c:fa:1e:bd:c1:b7:1a:bd:a0:1a:ed:c0:13:3e:0f:
0c:15:b0:53:6f:0a:33:ca:64:5d:17:75:88:8d:46:d4:19:31:
9f:1b:91:ca:d5:02:53:32:4c:f5:49:cb:e3:ec:83:67:fb:ac:
28:e4:49:3f:7e:96:73:91:94:99:a6:e0:a2:00:d6:b2:a9:af:
fe:70:48:a6:2c:75:ff:a7:16:0b:96:31:ca:f5:c4:7b:0b:ff:
35:23:4d:e0:1c:1f:40:5d:37:62:3f:95:9e:8f:28:e0:f9:a6:
15:8c:12:12:2a:29:d5:91:e9:81:dc:1c:7a:14:4e:ca:60:68:
21:45:e7:35:47:c8:37:e5:6a:5a:4a:70:46:42:45:da:6e:ab:
ee:d7:c0:4e:a3:0d:41:25:df:9d:4a:75:a5:20:3e:69:fc:4c:
ea:ad:b6:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaXwqFeHCQRqdalKmSgmMqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI4MTEyMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzk4MTgxYzEwOTlkNzdhYzQ0YTgyYmE5MGM4OTJjZmMyMDMzZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrsiM1X0yGQZH1uc/Nt5I+OqfhBq
Eb6Cy+I+iOBBst2vX0lIiHiyWKB02jSkps65lTwoCYha9inFJc6Cln3VWxrx0N8p
pNuf5bACzSu2MNGnVq45BwkkHXClvN7r0T8Iz+rVknRT/4PVpw40uG+yy06lHvAt
WxPZZLX2gijd6FxT5u/bwBf9dEzfDBo4SxmPLwoghYDxzOHKhAnLXUMI15+KV9zg
JR1gQBHBIAio4JyQFMySPDKaah1qxEzetP2UqARpjwsAaceEwICcQJOB0C3jZusk
3CjRwKR/j/bwMY1nJpo82OWfTFQG46uCOytV4XCSEhRWP96ESbbMIkSUWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCyYGBwQmdd6xEqCupDIks/CAz5IMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTEpnWUhCQ1oxM3JFU29LNmtNaVN6OElEUGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgVVMA0G
CSqGSIb3DQEBCwUAA4IBAQAnq499SGoXPGX/TWxcgC+tUL/0ByLwvZ5GInrr1xNb
bPhtgyMO/EB0SKwGUynvXS2xlleB2iKp8x8aUfrbNt8Vziql3q5PEOP77j9DEHSa
MnP58YTphl8ACvM9xsR8+h69wbcavaAa7cATPg8MFbBTbwozymRdF3WIjUbUGTGf
G5HK1QJTMkz1Scvj7INn+6wo5Ek/fpZzkZSZpuCiANayqa/+cEimLHX/pxYLljHK
9cR7C/81I03gHB9AXTdiP5Wejyjg+aYVjBISKinVkemB3Bx6FE7KYGghRec1R8g3
5WpaSnBGQkXabqvu18BOow1BJd+dSnWlID5p/Ezqrbbo
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org