Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/lynjyu1hLVh5idAigx5SqTzT1MY.roa
File: lynjyu1hLVh5idAigx5SqTzT1MY.roa (raw, json)
Hash identifier: li1O0Q0+0+yUxMIe2VmOp4EcPnobxom17vIpSpcfUWk=
Subject key identifier: 97:29:E3:CA:ED:61:2D:58:79:89:D0:22:83:1E:52:A9:3C:D3:D4:C6
Certificate issuer: /CN=699c581aff3d0a90178cfab565a388ccd9bc01ce
Certificate serial: 018571B0C54C1166C4040A8C4D72FD6DDAFB
Authority key identifier: 69:9C:58:1A:FF:3D:0A:90:17:8C:FA:B5:65:A3:88:CC:D9:BC:01:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/lynjyu1hLVh5idAigx5SqTzT1MY.roa
Signing time: Mon 02 Jan 2023 08:54:48 +0000
ROA not before: Mon 02 Jan 2023 08:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49206
IP address blocks: 185.41.48.0/24 maxlen: 24
185.41.51.0/24 maxlen: 24
185.41.50.0/24 maxlen: 24
185.41.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c5:4c:11:66:c4:04:0a:8c:4d:72:fd:6d:da:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=699c581aff3d0a90178cfab565a388ccd9bc01ce
Validity
Not Before: Jan 2 08:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9729e3caed612d587989d022831e52a93cd3d4c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fd:49:06:8b:42:b0:15:52:a1:a4:af:2f:1c:
a0:f6:bd:6f:3e:62:6d:55:af:e0:d9:22:b9:fb:ef:
91:f1:4b:4c:15:ba:55:e9:2b:f7:5d:6f:89:2c:03:
4a:1c:5e:a3:7f:b3:d6:12:75:c7:90:df:9a:59:e8:
f2:da:9f:23:a1:30:b6:37:f6:94:18:ee:2e:86:76:
32:89:f2:f9:3c:65:e6:19:f8:9d:12:e0:6c:a1:41:
25:bf:c2:22:23:cb:a8:75:09:8e:f6:45:2f:58:17:
7e:5b:68:bf:0c:3b:4e:14:66:44:37:59:1f:ac:ba:
0d:b6:e1:0f:ce:c8:f6:01:22:d9:0a:2d:d5:fb:fa:
77:04:a8:97:85:dd:0f:97:1d:04:bd:02:de:36:98:
9f:ce:51:7e:b5:3f:a0:ff:37:a0:0f:af:a3:83:b7:
8a:fa:d5:c3:65:0f:f4:25:50:15:db:e3:fb:21:29:
fb:ee:a0:69:e3:33:59:3b:f2:44:c2:b7:43:e7:e6:
b3:1f:d2:72:e4:a1:c0:07:8b:12:2c:ab:20:76:c7:
2b:a2:b1:a1:49:55:dc:55:64:22:b7:aa:74:46:81:
15:98:a8:6b:13:f0:3f:e9:1b:a3:36:79:85:d3:42:
40:12:ee:39:d7:35:b5:35:00:30:53:e9:b7:79:e7:
19:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:29:E3:CA:ED:61:2D:58:79:89:D0:22:83:1E:52:A9:3C:D3:D4:C6
X509v3 Authority Key Identifier:
keyid:69:9C:58:1A:FF:3D:0A:90:17:8C:FA:B5:65:A3:88:CC:D9:BC:01:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/lynjyu1hLVh5idAigx5SqTzT1MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.48.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:86:c7:7a:ab:24:51:30:da:a3:25:68:cf:fc:4e:d4:96:7c:
cd:67:cb:8c:96:ac:ed:0c:90:4f:6c:7d:fe:55:66:24:19:d1:
df:78:41:3d:32:2e:2a:8b:ca:fb:b3:98:59:be:a6:e4:a9:c7:
9f:0c:46:d4:4b:c6:de:28:bd:80:0c:d2:1a:11:f5:de:02:a0:
e3:b2:ac:1d:dc:ec:cb:17:ec:5a:8d:12:c9:d0:0b:74:03:35:
76:81:b6:8f:f0:b4:bd:f5:49:3a:3a:a9:65:d8:7b:11:c0:ab:
fe:f0:56:29:4a:3a:b3:b2:f2:a9:55:cd:35:db:1d:1f:16:85:
a9:20:e3:e6:c9:40:22:19:ca:2f:d4:a7:1f:01:6d:97:cb:39:
42:92:96:25:2f:10:9d:63:f9:c4:9f:d1:46:10:c2:04:36:43:
3a:e0:c9:b2:7b:35:c7:05:55:20:ee:f0:1a:ae:66:59:f4:ca:
96:81:0f:f3:6a:82:94:ef:2b:f1:8b:46:46:6c:f3:33:fb:ed:
7d:6c:7d:27:1d:89:7a:b1:2d:b1:04:86:27:38:9c:f8:ca:92:
5e:25:ab:1d:78:09:9c:17:ee:8b:aa:53:e3:70:5a:2a:1e:a7:
6e:a1:a9:94:9e:fd:f4:29:43:9f:7a:94:f4:67:6d:8d:5b:70:
ed:67:4e:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsMVMEWbEBAqMTXL9bdr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OWM1ODFhZmYzZDBhOTAxNzhjZmFiNTY1YTM4OGNjZDli
YzAxY2UwHhcNMjMwMTAyMDg1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI5ZTNjYWVkNjEyZDU4Nzk4OWQwMjI4MzFlNTJhOTNjZDNkNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv1JBotCsBVSoaSvLxyg9r1vPmJt
Va/g2SK5+++R8UtMFbpV6Sv3XW+JLANKHF6jf7PWEnXHkN+aWejy2p8joTC2N/aU
GO4uhnYyifL5PGXmGfidEuBsoUElv8IiI8uodQmO9kUvWBd+W2i/DDtOFGZEN1kf
rLoNtuEPzsj2ASLZCi3V+/p3BKiXhd0Plx0EvQLeNpifzlF+tT+g/zegD6+jg7eK
+tXDZQ/0JVAV2+P7ISn77qBp4zNZO/JEwrdD5+azH9Jy5KHAB4sSLKsgdscrorGh
SVXcVWQit6p0RoEVmKhrE/A/6RujNnmF00JAEu451zW1NQAwU+m3eecZEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcp48rtYS1YeYnQIoMeUqk809TGMB8GA1UdIwQY
MBaAFGmcWBr/PQqQF4z6tWWjiMzZvAHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVp4WUd2ODlDcEFYalBxMVphT0l6Tm04QWM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mYjlkNWUtYTYyOC00ZjIzLTg4YTUt
ZTVkZGQyYmI1MWM1LzEvbHluanl1MWhMVmg1aWRBaWd4NVNxVHpUMU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mYjlkNWUtYTYyOC00ZjIzLTg4YTUtZTVkZGQyYmI1MWM1
LzEvYVp4WUd2ODlDcEFYalBxMVphT0l6Tm04QWM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSkwMA0G
CSqGSIb3DQEBCwUAA4IBAQCPhsd6qyRRMNqjJWjP/E7UlnzNZ8uMlqztDJBPbH3+
VWYkGdHfeEE9Mi4qi8r7s5hZvqbkqcefDEbUS8beKL2ADNIaEfXeAqDjsqwd3OzL
F+xajRLJ0At0AzV2gbaP8LS99Uk6Oqll2HsRwKv+8FYpSjqzsvKpVc012x0fFoWp
IOPmyUAiGcov1KcfAW2XyzlCkpYlLxCdY/nEn9FGEMIENkM64MmyezXHBVUg7vAa
rmZZ9MqWgQ/zaoKU7yvxi0ZGbPMz++19bH0nHYl6sS2xBIYnOJz4ypJeJasdeAmc
F+6LqlPjcFoqHqduoamUnv30KUOfepT0Z22NW3DtZ07s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:51 2024 by rpki-client on console-ams.rpki-client.org