Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/lkiYgTwYdCTNTPw3jjwek0s2qQw.roa
File: lkiYgTwYdCTNTPw3jjwek0s2qQw.roa (raw, json)
Hash identifier: lkOD7B3Gut0bowm/BPDeqLXIk4QAhcEAYnRKV7R5kgk=
Subject key identifier: 96:48:98:81:3C:18:74:24:CD:4C:FC:37:8E:3C:1E:93:4B:36:A9:0C
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 019056303667FBD8477F9F7C3A419C782E2D
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/lkiYgTwYdCTNTPw3jjwek0s2qQw.roa
Signing time: Wed 26 Jun 2024 20:15:18 +0000
ROA not before: Wed 26 Jun 2024 20:15:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 146.19.50.0/24 maxlen: 24
146.19.142.0/24 maxlen: 24
185.218.184.0/24 maxlen: 24
185.253.3.0/24 maxlen: 24
194.26.218.0/24 maxlen: 24
213.134.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:56:30:36:67:fb:d8:47:7f:9f:7c:3a:41:9c:78:2e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Jun 26 20:15:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=964898813c187424cd4cfc378e3c1e934b36a90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ba:0a:41:f1:28:3d:f0:5c:78:ec:3f:c5:cc:
68:21:19:00:58:6e:04:03:97:3a:88:9c:f2:38:8c:
fa:99:5c:9b:ce:c6:f5:7c:b1:f2:b9:fe:d1:75:7a:
19:a6:ca:02:34:eb:ad:2b:3b:fd:4e:5c:f5:8d:cb:
89:2f:b9:5b:35:d4:1e:74:58:95:a6:e6:76:2a:13:
ae:b9:bc:f2:8e:1e:f9:9b:40:80:e1:9e:be:06:ef:
50:12:c4:59:f7:02:8d:4a:c7:a8:ce:0e:c1:9f:c1:
64:37:49:8d:fb:21:94:da:33:52:9c:34:c7:06:dc:
2a:06:88:6c:31:54:b0:33:64:da:02:c3:49:b3:75:
85:0f:a2:40:47:92:1d:63:b0:1d:2a:ba:91:f7:60:
04:67:47:23:a3:4b:76:00:2d:ef:9d:20:9d:86:64:
29:58:ff:39:17:ef:f7:25:c7:d1:3e:1b:e3:f1:17:
26:da:9c:a5:82:e8:83:a3:5f:9f:06:95:79:5b:b7:
71:db:06:d7:5c:3c:26:08:53:f9:9b:be:43:2a:d0:
14:af:02:a6:24:35:53:e7:75:0c:44:ba:f1:d3:69:
26:63:b1:f0:59:4f:12:ea:6a:6f:ba:d2:83:5b:87:
26:76:af:d9:c4:31:15:24:56:38:e6:78:cf:be:18:
1d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:48:98:81:3C:18:74:24:CD:4C:FC:37:8E:3C:1E:93:4B:36:A9:0C
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/lkiYgTwYdCTNTPw3jjwek0s2qQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.50.0/24
146.19.142.0/24
185.218.184.0/24
185.253.3.0/24
194.26.218.0/24
213.134.25.0/24
Signature Algorithm: sha256WithRSAEncryption
80:d2:78:da:bb:5a:e4:ce:56:e6:95:1d:d1:eb:82:49:9f:a2:
5c:fd:5f:96:65:89:10:d4:bd:4e:78:e0:07:4f:e4:2e:91:9e:
30:7b:ce:3d:2f:d6:74:6d:7c:9d:fb:cf:dd:e0:68:2d:92:9c:
dc:d0:5c:ee:7d:f7:89:90:24:17:ea:34:22:bc:6c:68:7c:53:
9f:86:60:3d:41:f8:aa:a4:ca:05:90:2e:36:b1:29:c9:6a:2c:
28:a0:95:df:a1:87:f3:fc:e8:ff:c2:6a:23:a7:54:6a:98:54:
6b:2d:6c:36:b0:ba:3f:03:5c:a3:b8:53:7f:44:ef:95:b0:59:
9e:d6:a5:42:fe:43:62:57:b7:6a:4d:cf:0a:e8:33:b5:d2:c0:
6c:c6:d7:2e:89:f1:4d:93:b7:84:ed:6c:df:95:58:c8:f4:51:
ff:83:5f:4d:f6:ab:c9:ef:ed:d9:f7:38:b5:0b:cb:93:e3:7f:
4a:b8:4d:8a:d5:80:6a:02:91:e4:f7:b6:9f:2f:46:ad:99:bb:
1d:6c:8c:87:16:b2:b6:d3:da:c1:a1:de:3a:58:bd:75:d1:9b:
e6:c3:b8:fc:36:f0:c1:78:09:63:ba:33:93:e9:cf:0a:e4:13:
e1:f1:6a:ad:04:d1:46:81:b7:6b:9e:c4:8f:c2:ed:2f:92:ec:
00:ae:5c:d2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZBWMDZn+9hHf598OkGceC4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwNjI2MjAxNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQ4OTg4MTNjMTg3NDI0Y2Q0Y2ZjMzc4ZTNjMWU5MzRiMzZhOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtboKQfEoPfBceOw/xcxoIRkAWG4E
A5c6iJzyOIz6mVybzsb1fLHyuf7RdXoZpsoCNOutKzv9Tlz1jcuJL7lbNdQedFiV
puZ2KhOuubzyjh75m0CA4Z6+Bu9QEsRZ9wKNSseozg7Bn8FkN0mN+yGU2jNSnDTH
BtwqBohsMVSwM2TaAsNJs3WFD6JAR5IdY7AdKrqR92AEZ0cjo0t2AC3vnSCdhmQp
WP85F+/3JcfRPhvj8Rcm2pylguiDo1+fBpV5W7dx2wbXXDwmCFP5m75DKtAUrwKm
JDVT53UMRLrx02kmY7HwWU8S6mpvutKDW4cmdq/ZxDEVJFY45njPvhgdZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJZImIE8GHQkzUz8N448HpNLNqkMMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvbGtpWWdUd1lkQ1ROVFB3M2pqd2VrMHMycVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAkhMyAwQA
khOOAwQAudq4AwQAuf0DAwQAwhraAwQA1YYZMA0GCSqGSIb3DQEBCwUAA4IBAQCA
0njau1rkzlbmlR3R64JJn6Jc/V+WZYkQ1L1OeOAHT+QukZ4we849L9Z0bXyd+8/d
4Ggtkpzc0FzuffeJkCQX6jQivGxofFOfhmA9QfiqpMoFkC42sSnJaiwooJXfoYfz
/Oj/wmojp1RqmFRrLWw2sLo/A1yjuFN/RO+VsFme1qVC/kNiV7dqTc8K6DO10sBs
xtcuifFNk7eE7WzflVjI9FH/g19N9qvJ7+3Z9zi1C8uT439KuE2K1YBqApHk97af
L0atmbsdbIyHFrK209rBod46WL110Zvmw7j8NvDBeAljujOT6c8K5BPh8WqtBNFG
gbdrnsSPwu0vkuwArlzS
-----END CERTIFICATE-----
Generated at Wed Sep 11 19:10:20 2024 by rpki-client on console-fra.rpki-client.org