Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/lrOBNHA4IqS_WQz1AI_IBizcZv8.roa
File: lrOBNHA4IqS_WQz1AI_IBizcZv8.roa (raw, json)
Hash identifier: Hevsq6qAvZ7KMLB1eUifpot+JE8GgkIGCG1gSU715dM=
Subject key identifier: 96:B3:81:34:70:38:22:A4:BF:59:0C:F5:00:8F:C8:06:2C:DC:66:FF
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018C6EF087AF143957F03E6E0825571D02D3
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/lrOBNHA4IqS_WQz1AI_IBizcZv8.roa
Signing time: Fri 15 Dec 2023 19:25:06 +0000
ROA not before: Fri 15 Dec 2023 19:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207429
IP address blocks: 213.142.135.0/24 maxlen: 24
213.142.143.0/24 maxlen: 24
80.253.245.0/24 maxlen: 24
80.253.244.0/24 maxlen: 24
80.253.247.0/24 maxlen: 24
91.151.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6e:f0:87:af:14:39:57:f0:3e:6e:08:25:57:1d:02:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Dec 15 19:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96b38134703822a4bf590cf5008fc8062cdc66ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4d:2a:26:a7:ec:05:a0:70:75:c8:b3:2d:c0:
a4:5c:4a:4f:26:4a:21:7c:c1:92:87:93:46:68:33:
85:29:4b:08:ee:fc:36:5d:18:c6:26:d7:6e:ce:61:
8a:fe:6b:ad:17:49:0f:40:f9:12:5c:e1:b7:63:cd:
ac:c6:af:e9:a3:04:d6:78:eb:16:ae:0a:8d:65:e7:
50:51:ed:bf:a1:da:22:3e:f0:1e:dc:24:41:f2:d7:
ed:68:25:f4:ce:a5:7a:17:c9:00:10:b0:da:b1:2a:
94:21:e2:c2:51:06:49:6f:95:21:e6:23:86:54:df:
67:53:c5:e0:6d:42:76:76:4a:bd:5f:92:31:e2:b4:
df:4e:ad:29:b5:21:94:32:3b:b5:22:52:3e:c1:52:
ad:4b:47:8b:53:0c:ba:17:61:f6:2b:0e:78:95:06:
04:03:e6:3c:4f:32:08:3c:f0:d0:8d:ff:2d:1e:70:
6a:c1:83:a0:b2:66:2b:31:86:9a:51:0a:c8:02:91:
6a:ef:a9:1f:f0:91:b6:fd:71:d5:01:dc:95:6f:d6:
8e:1a:f7:dc:88:ec:99:06:a9:8e:8c:7c:7a:f0:2b:
6d:40:b8:f0:ce:0c:ce:9d:37:0a:72:1a:06:03:eb:
2c:33:25:3d:71:9d:1b:24:cd:0c:5e:f4:de:2f:f9:
43:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B3:81:34:70:38:22:A4:BF:59:0C:F5:00:8F:C8:06:2C:DC:66:FF
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/lrOBNHA4IqS_WQz1AI_IBizcZv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.244.0/23
80.253.247.0/24
91.151.81.0/24
213.142.135.0/24
213.142.143.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ec:fd:49:93:66:ff:e4:50:4d:06:21:02:27:da:f1:40:03:
43:20:77:8a:cb:45:0d:be:74:93:40:e1:53:2b:20:98:d3:06:
ab:14:d2:0f:46:46:19:9d:3d:d1:bf:28:73:68:0c:f6:dd:e5:
98:d9:08:18:93:e7:32:07:c2:a3:5a:fc:0f:39:d6:0e:99:53:
2d:cc:a8:14:dc:55:20:69:e4:83:22:1e:30:0a:41:32:f4:08:
81:66:5c:22:fd:af:4a:cf:85:ff:c5:4a:bc:ff:38:da:aa:fd:
5c:a1:88:23:2c:c3:be:f2:38:a8:41:64:1b:e8:03:b9:bf:08:
2d:e5:da:9a:bc:01:2a:2d:dd:96:72:51:30:54:c9:ea:48:ef:
e4:95:78:eb:9f:fc:2d:5f:7c:de:c2:ba:80:b1:88:ca:8e:6a:
a1:97:5b:af:2a:3f:29:38:45:e8:b4:19:c4:77:b7:ae:56:38:
9c:c1:6c:94:90:3e:a5:93:76:3d:29:02:06:d8:52:fc:d0:12:
1f:91:be:13:57:9b:ff:9d:c7:57:2e:90:a6:de:7c:39:12:8f:
20:d8:ec:85:b8:25:95:b9:c6:58:ac:63:77:15:21:b9:5e:88:
55:5a:2f:0e:fc:ac:47:c9:93:d4:67:4b:7e:2c:62:ae:39:ca:
60:56:bf:e1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxu8IevFDlX8D5uCCVXHQLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMjE1MTkyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmIzODEzNDcwMzgyMmE0YmY1OTBjZjUwMDhmYzgwNjJjZGM2NmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU0qJqfsBaBwdcizLcCkXEpPJkoh
fMGSh5NGaDOFKUsI7vw2XRjGJtduzmGK/mutF0kPQPkSXOG3Y82sxq/powTWeOsW
rgqNZedQUe2/odoiPvAe3CRB8tftaCX0zqV6F8kAELDasSqUIeLCUQZJb5Uh5iOG
VN9nU8XgbUJ2dkq9X5Ix4rTfTq0ptSGUMju1IlI+wVKtS0eLUwy6F2H2Kw54lQYE
A+Y8TzIIPPDQjf8tHnBqwYOgsmYrMYaaUQrIApFq76kf8JG2/XHVAdyVb9aOGvfc
iOyZBqmOjHx68CttQLjwzgzOnTcKchoGA+ssMyU9cZ0bJM0MXvTeL/lD1QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJazgTRwOCKkv1kM9QCPyAYs3Gb/MB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvbHJPQk5IQTRJcVNfV1F6MUFJX0lCaXpjWnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUP30AwQA
UP33AwQAW5dRAwQA1Y6HAwQA1Y6PMA0GCSqGSIb3DQEBCwUAA4IBAQAx7P1Jk2b/
5FBNBiECJ9rxQANDIHeKy0UNvnSTQOFTKyCY0warFNIPRkYZnT3RvyhzaAz23eWY
2QgYk+cyB8KjWvwPOdYOmVMtzKgU3FUgaeSDIh4wCkEy9AiBZlwi/a9Kz4X/xUq8
/zjaqv1coYgjLMO+8jioQWQb6AO5vwgt5dqavAEqLd2WclEwVMnqSO/klXjrn/wt
X3zewrqAsYjKjmqhl1uvKj8pOEXotBnEd7euVjicwWyUkD6lk3Y9KQIG2FL80BIf
kb4TV5v/ncdXLpCm3nw5Eo8g2OyFuCWVucZYrGN3FSG5XohVWi8O/KxHyZPUZ0t+
LGKuOcpgVr/h
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:35 2024 by rpki-client on console-ams.rpki-client.org