Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/LnQTC9gNUNA2dwsX_IY2WzI_ORY.roa
File: LnQTC9gNUNA2dwsX_IY2WzI_ORY.roa (raw, json)
Hash identifier: BeGAr1KOeO3X22DSkd9E8rXrwkOwpRGE1C+hD4ns/KA=
Subject key identifier: 2E:74:13:0B:D8:0D:50:D0:36:77:0B:17:FC:86:36:5B:32:3F:39:16
Certificate issuer: /CN=d894365b28a082834a751a97771b791124524dec
Certificate serial: 01856FA6E913459E4D129AA15E0C39BE0C59
Authority key identifier: D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/LnQTC9gNUNA2dwsX_IY2WzI_ORY.roa
Signing time: Sun 01 Jan 2023 23:24:47 +0000
ROA not before: Sun 01 Jan 2023 23:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19607
IP address blocks: 91.108.160.0/21 maxlen: 21
185.31.152.0/22 maxlen: 22
159.253.160.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:e9:13:45:9e:4d:12:9a:a1:5e:0c:39:be:0c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d894365b28a082834a751a97771b791124524dec
Validity
Not Before: Jan 1 23:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e74130bd80d50d036770b17fc86365b323f3916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e1:22:ac:6a:0b:01:be:0e:76:e8:b6:0d:79:
22:11:57:21:dd:fa:08:f0:af:b5:74:95:ea:d5:a8:
0e:e1:15:22:5c:d6:f9:51:70:59:11:aa:5b:94:50:
63:02:db:29:00:4d:2f:14:8f:93:39:60:5e:bd:45:
35:5e:95:d2:2e:7b:82:94:19:69:d6:e9:5a:ba:70:
19:5d:8f:53:d6:bf:40:b8:c6:d3:57:35:77:42:1f:
9e:c1:1c:8a:c7:80:ca:54:63:e1:d5:85:19:83:82:
fe:fc:30:66:72:bb:29:b5:4a:1d:e4:00:35:41:27:
c4:b6:0b:c5:0d:a5:10:c3:26:13:be:2e:ce:b8:d0:
67:b1:83:28:fc:b4:33:46:94:81:57:d6:25:35:c2:
5d:08:09:ea:89:ac:76:ac:20:e7:c3:1f:1e:b9:4b:
bd:87:ea:ac:d2:90:aa:ce:c2:91:93:62:15:d0:65:
2b:11:4f:90:ef:f9:26:d1:0c:24:8f:c4:3a:03:61:
f5:a2:55:f0:7d:c3:8f:02:4c:62:5f:a4:0d:1b:8b:
7b:fd:d4:b9:41:8c:fb:ea:d2:fb:35:18:9b:7b:c4:
64:a5:13:c1:39:d9:3b:57:37:00:f8:41:5d:e6:a5:
72:b2:a8:b7:88:0d:bc:a9:0d:80:80:42:21:22:fb:
97:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:74:13:0B:D8:0D:50:D0:36:77:0B:17:FC:86:36:5B:32:3F:39:16
X509v3 Authority Key Identifier:
keyid:D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/LnQTC9gNUNA2dwsX_IY2WzI_ORY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.160.0/21
159.253.160.0/21
185.31.152.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:df:61:c1:bb:df:64:68:d9:bb:b8:27:cd:d2:e1:e8:69:3f:
0c:65:3a:85:93:aa:6f:91:f1:af:08:2b:f9:32:03:a8:d0:df:
64:78:5f:04:3d:e5:bb:f7:76:1d:62:36:c7:a2:c2:61:9e:5b:
5b:0b:d6:3c:25:b0:34:83:b6:4e:ab:c6:d4:42:03:1e:c2:19:
ea:d0:5a:c6:8c:b2:c8:06:19:ca:fc:ec:bf:26:12:d3:c3:67:
11:d9:ee:9b:f6:4e:db:cf:a4:94:1c:dd:59:e9:98:1c:9b:b5:
03:8d:e4:ca:51:45:de:c2:75:ec:fb:6e:07:c4:0e:48:68:d4:
1d:e6:70:c4:44:f1:9d:b2:a7:2f:0f:9b:b6:6f:16:ce:d8:6a:
9c:4c:d8:53:3f:c7:a5:27:e6:43:bc:fb:17:31:9f:3e:68:9a:
1c:d6:6f:34:30:4e:63:7d:af:98:8d:ec:9a:90:6b:95:01:59:
ce:1b:7d:27:6b:a9:50:cb:6e:17:2a:d7:b0:1c:b2:4f:37:b7:
3e:1c:22:03:13:ab:5f:bb:24:dd:d8:0a:cf:b6:74:30:4d:cb:
dd:e1:9f:55:43:f0:d2:4a:7e:e3:ed:a8:ad:24:e2:92:30:09:
e5:95:26:9e:5a:62:36:ff:1e:1f:55:76:b1:b9:82:f4:ff:4b:
41:5b:d1:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvpukTRZ5NEpqhXgw5vgxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTQzNjViMjhhMDgyODM0YTc1MWE5Nzc3MWI3OTExMjQ1
MjRkZWMwHhcNMjMwMTAxMjMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTc0MTMwYmQ4MGQ1MGQwMzY3NzBiMTdmYzg2MzY1YjMyM2YzOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOEirGoLAb4Odui2DXkiEVch3foI
8K+1dJXq1agO4RUiXNb5UXBZEapblFBjAtspAE0vFI+TOWBevUU1XpXSLnuClBlp
1ulaunAZXY9T1r9AuMbTVzV3Qh+ewRyKx4DKVGPh1YUZg4L+/DBmcrsptUod5AA1
QSfEtgvFDaUQwyYTvi7OuNBnsYMo/LQzRpSBV9YlNcJdCAnqiax2rCDnwx8euUu9
h+qs0pCqzsKRk2IV0GUrEU+Q7/km0Qwkj8Q6A2H1olXwfcOPAkxiX6QNG4t7/dS5
QYz76tL7NRibe8RkpRPBOdk7VzcA+EFd5qVysqi3iA28qQ2AgEIhIvuXgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC50EwvYDVDQNncLF/yGNlsyPzkWMB8GA1UdIwQY
MBaAFNiUNlsooIKDSnUal3cbeREkUk3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEt
MjE0NjE3OWQ4ZTJiLzEvTG5RVEM5Z05VTkEyZHdzWF9JWTJXeklfT1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEtMjE0NjE3OWQ4ZTJi
LzEvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW2ygAwQD
n/2gAwQCuR+YMA0GCSqGSIb3DQEBCwUAA4IBAQC732HBu99kaNm7uCfN0uHoaT8M
ZTqFk6pvkfGvCCv5MgOo0N9keF8EPeW793YdYjbHosJhnltbC9Y8JbA0g7ZOq8bU
QgMewhnq0FrGjLLIBhnK/Oy/JhLTw2cR2e6b9k7bz6SUHN1Z6Zgcm7UDjeTKUUXe
wnXs+24HxA5IaNQd5nDERPGdsqcvD5u2bxbO2GqcTNhTP8elJ+ZDvPsXMZ8+aJoc
1m80ME5jfa+YjeyakGuVAVnOG30na6lQy24XKtewHLJPN7c+HCIDE6tfuyTd2ArP
tnQwTcvd4Z9VQ/DSSn7j7aitJOKSMAnllSaeWmI2/x4fVXaxuYL0/0tBW9Gj
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:36 2024 by rpki-client on console-fra.rpki-client.org