Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/LflE2rQFhsUucbuS36PUHtYNBrs.roa
File: LflE2rQFhsUucbuS36PUHtYNBrs.roa (raw, json)
Hash identifier: svuE9tAWios4nCdha3ov0tptNsB+OawSyoikZWvC9+U=
Subject key identifier: 2D:F9:44:DA:B4:05:86:C5:2E:71:BB:92:DF:A3:D4:1E:D6:0D:06:BB
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 0186E0352F7F1629A5F9E389601BCE9A4FA9
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/LflE2rQFhsUucbuS36PUHtYNBrs.roa
Signing time: Tue 14 Mar 2023 13:00:27 +0000
ROA not before: Tue 14 Mar 2023 13:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211970
IP address blocks: 188.72.56.0/24 maxlen: 24
185.234.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 May 2023 12:21:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:35:2f:7f:16:29:a5:f9:e3:89:60:1b:ce:9a:4f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Mar 14 13:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2df944dab40586c52e71bb92dfa3d41ed60d06bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a6:a4:ef:f5:a2:bf:a0:40:92:78:79:b8:4b:
41:3a:42:63:e8:ce:98:61:ec:2a:0b:e0:20:7c:d2:
08:64:36:34:fb:a5:e6:f6:a6:10:4e:66:ad:d9:80:
22:6b:d0:a0:f5:24:cd:bf:87:dd:30:64:6f:6c:bd:
b8:d3:44:10:47:1a:da:6d:a8:bb:fb:e9:a4:ca:cf:
bc:db:a9:5a:30:45:5a:4d:78:cb:ab:30:b8:b2:23:
4f:59:74:5c:db:1f:22:28:3a:33:9c:24:ca:1b:ed:
a6:f6:bd:d5:2c:1e:a1:e8:fc:3a:dd:f4:c0:f8:b1:
2d:8a:d7:19:83:71:4d:d6:1b:6b:32:05:77:a7:fa:
fb:e2:0a:4e:77:1d:5c:07:29:ae:a8:38:07:fd:d7:
64:a9:66:6f:27:7f:7b:b1:30:a5:54:92:ae:2f:2b:
a9:de:47:e0:8c:3b:5e:4c:2c:18:ea:a2:4a:57:0f:
51:9c:01:0a:2f:1d:db:4d:c3:d7:9c:cb:51:7a:1e:
83:0a:f5:38:9a:d3:ca:78:68:d1:75:b7:d9:0c:b1:
7f:0e:82:7b:92:31:83:5c:1b:11:0b:bf:cc:88:2d:
b1:89:99:8e:5d:a9:34:8f:b8:a9:2e:ac:cb:b6:38:
15:d3:71:5d:8e:8d:ea:98:6b:4f:5a:9e:4c:57:92:
29:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F9:44:DA:B4:05:86:C5:2E:71:BB:92:DF:A3:D4:1E:D6:0D:06:BB
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/LflE2rQFhsUucbuS36PUHtYNBrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.245.0/24
188.72.56.0/24
Signature Algorithm: sha256WithRSAEncryption
30:cb:36:b6:f1:79:bf:30:50:21:b0:c3:e9:f1:33:1a:33:ab:
9b:22:ae:3f:14:f3:69:35:8f:88:41:e2:45:3d:c6:4f:ca:86:
35:84:14:d0:c7:29:89:ee:e2:c3:b4:ff:92:73:70:f3:6c:84:
fa:b0:13:46:a5:8c:d0:42:48:2e:49:58:b3:db:38:d3:0a:a3:
3b:b7:0c:b8:c0:4c:96:e6:82:13:fd:41:e2:c0:12:86:a3:e9:
dc:31:d0:5c:31:47:a2:a6:38:07:0e:23:7c:c3:dc:58:55:0c:
a0:9a:7b:66:62:4d:9b:45:7f:2e:0e:1b:ba:4a:26:18:90:a6:
6f:75:28:b6:b3:3e:af:2b:20:d0:71:d4:e6:79:bd:1d:82:11:
c4:d1:91:da:19:31:af:06:37:ad:2a:0b:a4:7c:4e:d5:24:5a:
d9:93:52:00:d8:25:04:ed:9a:29:33:18:ed:1f:4c:e2:b8:cf:
ad:6e:24:70:96:ed:5a:ae:13:29:d5:ba:fa:c4:57:4a:40:91:
e1:a0:88:dd:6c:bd:b0:37:9f:37:8b:77:0f:29:68:5c:ea:cb:
66:13:24:68:ea:88:55:df:d5:75:a9:a9:1b:9c:30:66:90:14:
7d:36:b3:91:2e:07:bf:d6:cf:3f:40:37:fb:4e:ce:6f:18:2e:
c8:12:f8:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbgNS9/Fiml+eOJYBvOmk+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjMwMzE0MTMwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGY5NDRkYWI0MDU4NmM1MmU3MWJiOTJkZmEzZDQxZWQ2MGQwNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Kak7/Wiv6BAknh5uEtBOkJj6M6Y
YewqC+AgfNIIZDY0+6Xm9qYQTmat2YAia9Cg9STNv4fdMGRvbL2400QQRxrabai7
++mkys+826laMEVaTXjLqzC4siNPWXRc2x8iKDoznCTKG+2m9r3VLB6h6Pw63fTA
+LEtitcZg3FN1htrMgV3p/r74gpOdx1cBymuqDgH/ddkqWZvJ397sTClVJKuLyup
3kfgjDteTCwY6qJKVw9RnAEKLx3bTcPXnMtReh6DCvU4mtPKeGjRdbfZDLF/DoJ7
kjGDXBsRC7/MiC2xiZmOXak0j7ipLqzLtjgV03Fdjo3qmGtPWp5MV5IptwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC35RNq0BYbFLnG7kt+j1B7WDQa7MB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvTGZsRTJyUUZoc1V1Y2J1UzM2UFVIdFlOQnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuer1AwQA
vEg4MA0GCSqGSIb3DQEBCwUAA4IBAQAwyza28Xm/MFAhsMPp8TMaM6ubIq4/FPNp
NY+IQeJFPcZPyoY1hBTQxymJ7uLDtP+Sc3DzbIT6sBNGpYzQQkguSViz2zjTCqM7
twy4wEyW5oIT/UHiwBKGo+ncMdBcMUeipjgHDiN8w9xYVQygmntmYk2bRX8uDhu6
SiYYkKZvdSi2sz6vKyDQcdTmeb0dghHE0ZHaGTGvBjetKgukfE7VJFrZk1IA2CUE
7ZopMxjtH0ziuM+tbiRwlu1arhMp1br6xFdKQJHhoIjdbL2wN583i3cPKWhc6stm
EyRo6ohV39V1qakbnDBmkBR9NrORLge/1s8/QDf7Ts5vGC7IEvgy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:06 2024 by rpki-client on console-fra.rpki-client.org