Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lz7Nw3hlFctT6-vTDfwniR3bdJk.roa
File: lz7Nw3hlFctT6-vTDfwniR3bdJk.roa (raw, json)
Hash identifier: 9DLMaTZzxgYh4SbQRloak8Pac+mhAHXXbgP9SyO6zhw=
Subject key identifier: 97:3E:CD:C3:78:65:15:CB:53:EB:EB:D3:0D:FC:27:89:1D:DB:74:99
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C540A718272FB076A4E95ACADD3A965
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lz7Nw3hlFctT6-vTDfwniR3bdJk.roa
Signing time: Sun 01 Jan 2023 07:55:25 +0000
ROA not before: Sun 01 Jan 2023 07:55:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202301
IP address blocks: 194.156.158.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:0a:71:82:72:fb:07:6a:4e:95:ac:ad:d3:a9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=973ecdc3786515cb53ebebd30dfc27891ddb7499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2b:49:10:b1:62:8a:30:fd:d9:e7:40:7f:43:
38:d3:86:e6:59:9c:7b:72:20:d4:c2:fd:0e:60:1a:
48:3d:73:69:f1:1b:31:de:85:d1:36:82:0e:76:79:
8b:13:5e:50:82:7d:3f:c2:7f:c9:20:c2:40:09:0a:
57:bc:df:3e:6d:42:7c:d4:ff:83:5e:bd:57:ed:63:
c2:a2:1a:57:99:0b:06:be:8e:72:3b:d2:c4:ab:94:
08:09:bc:e4:84:d6:bc:7a:00:00:7f:ec:b8:c3:2f:
38:cc:c0:ce:93:f7:77:77:a4:42:d2:7e:6c:03:5f:
7f:32:f2:5e:4e:5d:60:98:9f:1a:ab:64:53:d5:59:
ed:84:e2:7b:b9:e2:5a:40:04:2f:14:cc:43:3f:ad:
3c:8d:7f:7e:a8:81:cb:c4:ab:dc:45:9d:85:99:ee:
53:42:b3:bf:a0:a4:99:c7:b5:2c:e1:79:26:ae:2b:
1b:9c:08:0f:92:ba:17:25:fc:c7:97:5d:3d:ff:69:
9b:59:e2:9a:01:da:30:03:2e:36:09:b1:17:00:3e:
a0:eb:f0:f1:a8:e5:d3:e2:be:83:7d:8e:23:99:79:
6d:1b:ca:b9:4e:52:8e:4d:4c:08:28:c7:08:ce:65:
cf:f0:e5:a3:a7:88:63:b4:7b:be:1d:c5:bd:e6:f5:
f6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3E:CD:C3:78:65:15:CB:53:EB:EB:D3:0D:FC:27:89:1D:DB:74:99
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lz7Nw3hlFctT6-vTDfwniR3bdJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.158.0/24
Signature Algorithm: sha256WithRSAEncryption
57:82:79:38:46:f5:45:e0:b1:55:be:dc:b3:23:09:d9:7a:f6:
06:b3:29:ad:62:bb:05:1c:dc:6f:b6:9c:3c:cf:ab:3d:24:6e:
07:b8:a0:61:3e:39:db:28:3f:5e:a9:9b:0c:23:81:db:3c:4b:
46:5e:ad:30:8a:d9:b6:be:f5:fc:c3:4f:eb:00:e1:9e:4b:2e:
a2:2d:15:e3:81:44:48:65:72:c0:94:e1:b7:96:6c:cb:43:ff:
57:cb:bb:53:23:84:00:92:17:b2:2b:e3:9f:7d:44:a2:3e:3a:
9c:e4:b5:d9:60:7e:41:21:78:69:78:07:03:bf:79:9a:ac:ab:
6c:57:32:f5:40:6c:85:a1:9e:7b:fa:11:e8:f3:5d:10:df:de:
ca:84:9d:5a:bc:3a:67:80:28:33:0e:62:90:fe:37:37:f6:2a:
a8:f3:94:36:0d:6e:d5:06:b9:e3:24:3e:75:62:de:10:5d:97:
86:3a:96:ad:46:4e:88:9b:20:ce:6b:80:fb:e9:96:d5:92:4e:
59:5d:06:b1:d7:33:96:ce:b6:ac:34:50:e0:0d:76:31:c0:3d:
83:45:8f:75:16:d3:32:75:2f:8a:78:a9:ba:d1:13:43:56:f8:
69:f5:0b:23:f7:b0:54:53:59:bf:63:16:f6:73:ab:88:72:36:
74:28:df:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVApxgnL7B2pOlayt06llMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzNlY2RjMzc4NjUxNWNiNTNlYmViZDMwZGZjMjc4OTFkZGI3NDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCtJELFiijD92edAf0M404bmWZx7
ciDUwv0OYBpIPXNp8Rsx3oXRNoIOdnmLE15Qgn0/wn/JIMJACQpXvN8+bUJ81P+D
Xr1X7WPCohpXmQsGvo5yO9LEq5QICbzkhNa8egAAf+y4wy84zMDOk/d3d6RC0n5s
A19/MvJeTl1gmJ8aq2RT1VnthOJ7ueJaQAQvFMxDP608jX9+qIHLxKvcRZ2Fme5T
QrO/oKSZx7Us4XkmrisbnAgPkroXJfzHl109/2mbWeKaAdowAy42CbEXAD6g6/Dx
qOXT4r6DfY4jmXltG8q5TlKOTUwIKMcIzmXP8OWjp4hjtHu+HcW95vX2/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJc+zcN4ZRXLU+vr0w38J4kd23SZMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbHo3TnczaGxGY3RUNi12VERmd25pUjNiZEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpyeMA0G
CSqGSIb3DQEBCwUAA4IBAQBXgnk4RvVF4LFVvtyzIwnZevYGsymtYrsFHNxvtpw8
z6s9JG4HuKBhPjnbKD9eqZsMI4HbPEtGXq0witm2vvX8w0/rAOGeSy6iLRXjgURI
ZXLAlOG3lmzLQ/9Xy7tTI4QAkheyK+OffUSiPjqc5LXZYH5BIXhpeAcDv3marKts
VzL1QGyFoZ57+hHo810Q397KhJ1avDpngCgzDmKQ/jc39iqo85Q2DW7VBrnjJD51
Yt4QXZeGOpatRk6ImyDOa4D76ZbVkk5ZXQax1zOWzrasNFDgDXYxwD2DRY91FtMy
dS+KeKm60RNDVvhp9Qsj97BUU1m/Yxb2c6uIcjZ0KN9U
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org