Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/LMvwtljB7cWktgs0ijNrzz5MwIs.roa
File: LMvwtljB7cWktgs0ijNrzz5MwIs.roa (raw, json)
Hash identifier: +90WNsww+0xYICquLFpwlxgbTXDrMRt1c1BoAsU7ugk=
Subject key identifier: 2C:CB:F0:B6:58:C1:ED:C5:A4:B6:0B:34:8A:33:6B:CF:3E:4C:C0:8B
Certificate issuer: /CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Certificate serial: 018B8049B46C5D5EDA776D1F1E129BB1A31C
Authority key identifier: 4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/LMvwtljB7cWktgs0ijNrzz5MwIs.roa
Signing time: Mon 30 Oct 2023 11:13:15 +0000
ROA not before: Mon 30 Oct 2023 11:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12400
IP address blocks: 195.225.46.0/24 maxlen: 24
195.225.47.0/24 maxlen: 24
195.189.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:49:b4:6c:5d:5e:da:77:6d:1f:1e:12:9b:b1:a3:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Validity
Not Before: Oct 30 11:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ccbf0b658c1edc5a4b60b348a336bcf3e4cc08b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:66:0c:c3:f4:9a:32:c0:29:06:fe:ed:54:e4:
59:af:a0:4f:55:00:39:56:85:8c:ef:fc:50:4e:62:
45:01:f8:c7:21:eb:f8:79:59:90:d4:46:17:ef:4b:
e6:2a:d9:a8:e4:08:a1:f3:f8:b1:3a:8b:80:d7:7a:
16:c8:98:6d:72:19:1d:b7:f0:ef:b9:05:b5:e0:94:
ca:df:6d:76:9e:29:e6:05:82:24:8f:f2:fa:1e:88:
4c:01:4f:75:6a:5f:90:d9:fa:a7:73:23:c1:59:fa:
99:86:0b:d2:62:30:7c:e4:a5:cb:ad:bf:6c:5e:dd:
04:2c:a2:7f:8c:bf:aa:12:ab:d5:e7:ed:d2:ea:ff:
85:33:bc:80:8a:13:8d:2d:06:b0:9e:5e:93:80:81:
68:b0:44:25:15:34:9d:3d:30:d9:ae:2f:d3:41:81:
59:9f:5d:05:c8:74:db:fd:9e:69:fa:c2:40:e9:b2:
8e:8a:d6:f7:1e:c2:45:00:04:be:f4:51:93:91:17:
6a:0b:55:37:3f:e3:7b:24:8e:76:df:bd:74:d1:e8:
10:64:92:b6:83:77:e4:63:78:ac:a2:5c:f3:a0:09:
97:32:21:66:db:41:18:62:67:e9:46:72:43:5d:2f:
43:99:42:51:bf:b4:c0:36:33:3e:66:a9:5d:3d:30:
92:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CB:F0:B6:58:C1:ED:C5:A4:B6:0B:34:8A:33:6B:CF:3E:4C:C0:8B
X509v3 Authority Key Identifier:
keyid:4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/LMvwtljB7cWktgs0ijNrzz5MwIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.140.0/24
195.225.46.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:0a:73:12:b0:4f:11:11:ed:6e:0b:23:e0:69:96:39:c4:9f:
4a:6e:8d:9c:ec:13:a2:57:96:61:1b:b3:46:5c:05:63:b9:d8:
e2:b9:7d:69:fd:69:63:17:61:84:fa:8b:ec:50:42:f1:d5:94:
f3:27:e6:f5:58:a4:70:2d:72:16:29:72:60:c9:03:7b:ea:cc:
6d:17:b6:6a:38:e2:19:3a:b0:a4:ab:59:43:4a:42:9c:66:57:
c9:5f:a7:bf:6e:6f:ff:d2:6f:a4:b7:99:49:3c:86:c7:54:67:
d4:0b:f0:86:f0:05:2d:ae:e3:96:54:73:94:ce:9f:eb:83:2c:
13:4e:0d:9b:31:92:f8:a9:d5:de:58:92:6f:bb:30:a0:44:5a:
b8:5b:8e:6c:b6:89:d3:63:0c:fa:d3:c7:be:b1:44:7c:96:48:
a5:b3:07:8c:af:c5:b4:3a:52:8d:d8:69:40:37:5b:3b:90:50:
be:d3:9a:6f:03:c0:1e:35:77:39:02:1e:cf:b8:3d:3d:c9:d9:
1a:3a:a8:5b:1a:5e:50:ae:3c:07:20:8f:36:b2:e2:63:9f:fa:
3e:7c:2d:ad:ae:c2:69:77:0c:4b:d4:22:fa:59:a7:b3:bf:75:
86:fc:0f:29:35:0f:c3:86:05:de:24:bf:95:a1:0c:88:16:14:
23:96:eb:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuASbRsXV7ad20fHhKbsaMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMDFiMDg1MWI3Zjg5ZWE0YmIxMzJhN2Y1Mzk1YjlkMmFj
YTFjMDIwHhcNMjMxMDMwMTExMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2NiZjBiNjU4YzFlZGM1YTRiNjBiMzQ4YTMzNmJjZjNlNGNjMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGYMw/SaMsApBv7tVORZr6BPVQA5
VoWM7/xQTmJFAfjHIev4eVmQ1EYX70vmKtmo5Aih8/ixOouA13oWyJhtchkdt/Dv
uQW14JTK3212ninmBYIkj/L6HohMAU91al+Q2fqncyPBWfqZhgvSYjB85KXLrb9s
Xt0ELKJ/jL+qEqvV5+3S6v+FM7yAihONLQawnl6TgIFosEQlFTSdPTDZri/TQYFZ
n10FyHTb/Z5p+sJA6bKOitb3HsJFAAS+9FGTkRdqC1U3P+N7JI5237100egQZJK2
g3fkY3isolzzoAmXMiFm20EYYmfpRnJDXS9DmUJRv7TANjM+ZqldPTCSNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCzL8LZYwe3FpLYLNIoza88+TMCLMB8GA1UdIwQY
MBaAFEsBsIUbf4nqS7Eyp/U5W50qyhwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgt
YmQ1MDQzYzBkMWZiLzEvTE12d3RsakI3Y1drdGdzMGlqTnJ6ejVNd0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgtYmQ1MDQzYzBkMWZi
LzEvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw72MAwQB
w+EuMA0GCSqGSIb3DQEBCwUAA4IBAQAvCnMSsE8REe1uCyPgaZY5xJ9Kbo2c7BOi
V5ZhG7NGXAVjudjiuX1p/WljF2GE+ovsUELx1ZTzJ+b1WKRwLXIWKXJgyQN76sxt
F7ZqOOIZOrCkq1lDSkKcZlfJX6e/bm//0m+kt5lJPIbHVGfUC/CG8AUtruOWVHOU
zp/rgywTTg2bMZL4qdXeWJJvuzCgRFq4W45stonTYwz608e+sUR8lkilsweMr8W0
OlKN2GlAN1s7kFC+05pvA8AeNXc5Ah7PuD09ydkaOqhbGl5QrjwHII82suJjn/o+
fC2trsJpdwxL1CL6Waezv3WG/A8pNQ/DhgXeJL+VoQyIFhQjlutV
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:59 2024 by rpki-client on console-fra.rpki-client.org