Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/LF8YWiiXK97h4UczSPsR2tRnoJo.roa
File: LF8YWiiXK97h4UczSPsR2tRnoJo.roa (raw, json)
Hash identifier: rAP7NQEXcw5KCLqLrhppn2yVD05mEbXAq//cLIjdCmE=
Subject key identifier: 2C:5F:18:5A:28:97:2B:DE:E1:E1:47:33:48:FB:11:DA:D4:67:A0:9A
Certificate issuer: /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial: 01874C96A845E8CD303A1AA148981EBF5462
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/LF8YWiiXK97h4UczSPsR2tRnoJo.roa
Signing time: Tue 04 Apr 2023 14:05:54 +0000
ROA not before: Tue 04 Apr 2023 14:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 193.92.8.0/22 maxlen: 24
213.16.192.0/20 maxlen: 24
194.219.218.0/23 maxlen: 24
185.4.88.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:96:a8:45:e8:cd:30:3a:1a:a1:48:98:1e:bf:54:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
Validity
Not Before: Apr 4 14:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c5f185a28972bdee1e1473348fb11dad467a09a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:42:28:11:a2:e0:cd:87:1c:a6:33:f0:65:0b:
cf:a7:b4:ce:e7:46:f3:95:81:aa:e1:c5:9c:36:08:
17:df:cc:c8:0c:ad:f7:98:6c:f6:2f:b4:05:21:06:
b4:f0:80:f2:62:fc:43:70:7d:86:67:60:7a:7f:8a:
e3:27:8c:c3:3a:f8:4c:bb:10:b5:ec:87:1e:5f:ff:
3e:3b:91:c7:87:b8:88:9b:92:b1:5d:47:f7:da:62:
9b:2f:82:db:ad:49:68:6b:12:c1:21:aa:f6:bb:7b:
0e:de:32:31:f5:f5:3c:43:8c:20:b9:ad:86:e5:c9:
4f:d5:b7:1c:35:11:cd:c5:9e:97:b7:f4:18:d1:61:
2c:27:09:f8:4d:6b:81:95:ae:7e:52:92:44:88:ad:
51:87:37:3a:26:1e:91:31:a4:6f:f3:63:b5:85:91:
3e:be:cf:e8:93:7d:74:cb:fa:39:86:e5:12:72:cd:
4b:12:20:52:01:04:31:83:a5:9a:18:54:e2:f1:50:
a1:d5:7e:87:f5:fc:a6:7e:5d:55:46:89:f2:89:a8:
75:92:91:ac:92:ec:f1:4a:63:c8:cd:72:85:01:22:
a7:67:ea:91:8c:83:a1:ec:bd:82:9a:84:ae:51:31:
df:92:23:6d:c4:97:14:dd:8d:85:52:94:db:c3:79:
f8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5F:18:5A:28:97:2B:DE:E1:E1:47:33:48:FB:11:DA:D4:67:A0:9A
X509v3 Authority Key Identifier:
keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/LF8YWiiXK97h4UczSPsR2tRnoJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.88.0/22
193.92.8.0/22
194.219.218.0/23
213.16.192.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:a9:36:42:11:77:ea:e3:d5:2a:38:5f:fa:34:0c:32:59:7d:
b6:d7:5f:24:4f:10:91:fb:1e:0b:e2:db:f4:96:0a:55:8b:5d:
b7:5c:1f:40:8a:b7:a8:53:cd:5b:70:f5:0f:d7:a5:65:0f:1c:
64:fb:a4:e4:c0:ec:18:b0:49:5e:12:4b:60:3f:c8:a1:b8:3a:
c3:bd:ce:e0:6f:9f:77:d1:c9:38:68:b7:93:38:65:92:c9:12:
0e:c7:7e:1e:64:47:0f:d6:e5:41:fe:c1:f8:df:bd:f8:bb:2e:
f0:75:bb:b9:18:63:4f:2c:67:90:86:e6:73:51:26:d7:20:58:
0d:9a:4a:2f:4b:bf:e7:db:63:a2:db:27:b1:b0:97:a3:ef:0a:
14:0a:d8:15:d8:3a:9c:76:c5:07:ae:59:ac:11:e2:3c:dc:bd:
90:db:7a:29:75:94:a7:95:79:74:e3:62:00:85:49:0a:6c:56:
25:77:87:bd:5c:23:12:13:f2:5c:e5:14:e1:1d:d2:78:4c:33:
7a:bc:ce:43:a6:69:6d:31:fd:33:62:a2:38:da:4e:54:5b:5f:
3d:c4:9e:0b:33:e9:d5:11:c0:d1:6e:d6:fd:b0:21:8a:ef:1f:
72:7d:c2:10:13:d1:90:4f:dc:1f:56:c5:50:46:63:8a:e9:7a:
f5:4d:28:b6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdMlqhF6M0wOhqhSJgev1RiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmYyYzYyMjlhZjc2M2E5OWY1MzQ5YTMyNTEwZGY0YTQ1
MjYxNDMwHhcNMjMwNDA0MTQwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzVmMTg1YTI4OTcyYmRlZTFlMTQ3MzM0OGZiMTFkYWQ0NjdhMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEIoEaLgzYccpjPwZQvPp7TO50bz
lYGq4cWcNggX38zIDK33mGz2L7QFIQa08IDyYvxDcH2GZ2B6f4rjJ4zDOvhMuxC1
7IceX/8+O5HHh7iIm5KxXUf32mKbL4LbrUloaxLBIar2u3sO3jIx9fU8Q4wgua2G
5clP1bccNRHNxZ6Xt/QY0WEsJwn4TWuBla5+UpJEiK1Rhzc6Jh6RMaRv82O1hZE+
vs/ok310y/o5huUScs1LEiBSAQQxg6WaGFTi8VCh1X6H9fymfl1VRonyiah1kpGs
kuzxSmPIzXKFASKnZ+qRjIOh7L2CmoSuUTHfkiNtxJcU3Y2FUpTbw3n4jQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCxfGFoolyve4eFHM0j7EdrUZ6CaMB8GA1UdIwQY
MBaAFPD/LGIpr3Y6mfU0mjJRDfSkUmFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYt
ZTY5ZjdhNWQyZDkwLzEvTEY4WVdpaVhLOTdoNFVjelNQc1IydFJub0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYtZTY5ZjdhNWQyZDkw
LzEvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuQRYAwQC
wVwIAwQBwtvaAwQE1RDAMA0GCSqGSIb3DQEBCwUAA4IBAQBPqTZCEXfq49UqOF/6
NAwyWX22118kTxCR+x4L4tv0lgpVi123XB9AireoU81bcPUP16VlDxxk+6TkwOwY
sEleEktgP8ihuDrDvc7gb5930ck4aLeTOGWSyRIOx34eZEcP1uVB/sH43734uy7w
dbu5GGNPLGeQhuZzUSbXIFgNmkovS7/n22Oi2yexsJej7woUCtgV2DqcdsUHrlms
EeI83L2Q23opdZSnlXl042IAhUkKbFYld4e9XCMSE/Jc5RThHdJ4TDN6vM5Dpmlt
Mf0zYqI42k5UW189xJ4LM+nVEcDRbtb9sCGK7x9yfcIQE9GQT9wfVsVQRmOK6Xr1
TSi2
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:52 2024 by rpki-client on console-ams.rpki-client.org