Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/lfP2BihTypuT_5wFfd68UvLHb8o.roa
File: lfP2BihTypuT_5wFfd68UvLHb8o.roa (raw, json)
Hash identifier: Di61v0NiCVANU3PS32NYmUy6SN8u7bQBt++YiUYFRIw=
Subject key identifier: 95:F3:F6:06:28:53:CA:9B:93:FF:9C:05:7D:DE:BC:52:F2:C7:6F:CA
Certificate issuer: /CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Certificate serial: 01856C6F08B7382C1E568F89A34E41E37072
Authority key identifier: 59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/lfP2BihTypuT_5wFfd68UvLHb8o.roa
Signing time: Sun 01 Jan 2023 08:24:54 +0000
ROA not before: Sun 01 Jan 2023 08:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16236
IP address blocks: 194.104.191.0/24 maxlen: 24
194.104.190.0/24 maxlen: 24
194.104.188.0/24 maxlen: 24
194.104.189.0/24 maxlen: 24
2a00:ec20::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:08:b7:38:2c:1e:56:8f:89:a3:4e:41:e3:70:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Validity
Not Before: Jan 1 08:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95f3f6062853ca9b93ff9c057ddebc52f2c76fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cc:72:93:e7:e7:29:fc:f0:dc:4c:b6:2a:35:
3e:fd:a8:b0:db:0f:e6:9f:49:cf:33:2b:f5:aa:46:
ea:08:15:b1:3d:64:6a:d7:75:8e:65:0b:63:a7:db:
c1:ab:58:08:d7:46:a4:77:6f:ed:13:cc:14:13:f3:
fe:30:97:ac:05:ba:91:d1:a5:07:f4:b3:26:7c:5a:
b8:0c:69:e4:b3:6b:d9:ee:84:26:15:b3:4c:ab:9d:
f0:3c:20:6a:91:04:ca:f1:dd:c1:39:55:d7:ad:e1:
21:9b:1c:24:c0:ff:04:95:5c:9e:59:20:19:8d:a5:
3b:16:f0:28:d2:5d:b0:c0:da:d1:13:2c:75:c6:72:
e2:fd:79:3d:c7:01:7c:6f:46:94:0b:6c:ba:b9:de:
fe:6d:57:9b:3c:cd:80:5a:34:00:f3:d0:44:05:66:
2c:af:ad:58:41:81:87:a7:4b:9c:b4:c6:32:45:02:
7b:36:a8:f2:27:73:22:d4:b6:f8:b8:52:92:eb:93:
3b:74:60:0b:27:1c:f6:17:c7:0f:75:bc:1e:ab:a7:
74:31:a0:fa:46:cf:b2:b3:fb:36:74:44:f2:2c:e4:
c5:be:07:76:75:60:77:86:ad:9c:e6:94:f3:da:de:
bf:5b:7c:1e:03:66:0d:9a:7b:2a:5e:4b:fe:9d:25:
de:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F3:F6:06:28:53:CA:9B:93:FF:9C:05:7D:DE:BC:52:F2:C7:6F:CA
X509v3 Authority Key Identifier:
keyid:59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/lfP2BihTypuT_5wFfd68UvLHb8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/WUmzHrtuTLvQzHcMxvTVD3jw63s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.188.0/22
IPv6:
2a00:ec20::/32
Signature Algorithm: sha256WithRSAEncryption
79:4a:23:5a:71:37:7e:e8:5e:cd:6a:b1:38:75:ff:7d:2f:5a:
ca:03:b1:f5:50:65:05:e7:0c:b9:b4:d3:66:a2:99:65:01:7d:
77:9e:40:56:00:07:cb:df:de:6b:4f:cf:7a:93:96:8f:07:3c:
58:73:c2:71:66:d3:e0:37:16:a9:a1:ef:93:e3:93:77:06:e3:
c1:42:08:19:17:53:11:0a:b9:fd:71:24:be:6c:84:f0:8f:97:
1e:ef:99:c5:7f:2b:e2:50:d4:2b:7a:fc:fd:0d:c2:37:4b:ad:
3e:dc:e7:60:55:30:ac:f3:30:dd:a9:72:7f:b6:d2:b7:90:9b:
2e:96:0d:cc:b0:09:ff:0e:d8:79:9c:2a:35:7d:f1:d1:b0:22:
f6:35:a4:48:e8:f0:b3:fe:69:7b:af:4c:e0:43:a1:8a:cf:8e:
0f:63:9b:35:68:02:a0:9b:bc:7c:5a:ac:73:bd:10:36:85:8d:
b7:02:a6:98:0c:55:fa:af:06:1d:a1:0a:61:4e:49:8b:7b:ef:
b2:d7:06:37:a3:a7:8f:be:17:bd:60:46:15:5e:db:55:e1:ad:
f1:4f:cb:64:91:84:96:3c:b0:7b:a8:2d:8b:48:39:b0:47:1e:
ef:78:0e:75:aa:10:1a:b9:9c:4b:d5:0c:fb:06:de:c3:a6:11:
7a:00:df:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsbwi3OCweVo+Jo05B43ByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NDliMzFlYmI2ZTRjYmJkMGNjNzcwY2M2ZjRkNTBmNzhm
MGViN2IwHhcNMjMwMTAxMDgyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYzZjYwNjI4NTNjYTliOTNmZjljMDU3ZGRlYmM1MmYyYzc2ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicxyk+fnKfzw3Ey2KjU+/aiw2w/m
n0nPMyv1qkbqCBWxPWRq13WOZQtjp9vBq1gI10akd2/tE8wUE/P+MJesBbqR0aUH
9LMmfFq4DGnks2vZ7oQmFbNMq53wPCBqkQTK8d3BOVXXreEhmxwkwP8ElVyeWSAZ
jaU7FvAo0l2wwNrREyx1xnLi/Xk9xwF8b0aUC2y6ud7+bVebPM2AWjQA89BEBWYs
r61YQYGHp0uctMYyRQJ7NqjyJ3Mi1Lb4uFKS65M7dGALJxz2F8cPdbweq6d0MaD6
Rs+ys/s2dETyLOTFvgd2dWB3hq2c5pTz2t6/W3weA2YNmnsqXkv+nSXeSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJXz9gYoU8qbk/+cBX3evFLyx2/KMB8GA1UdIwQY
MBaAFFlJsx67bky70Mx3DMb01Q948Ot7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTkt
MzE4MGFlNDI3NGYzLzEvbGZQMkJpaFR5cHVUXzV3RmZkNjhVdkxIYjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTktMzE4MGFlNDI3NGYz
LzEvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwmi8MA0E
AgACMAcDBQAqAOwgMA0GCSqGSIb3DQEBCwUAA4IBAQB5SiNacTd+6F7NarE4df99
L1rKA7H1UGUF5wy5tNNmopllAX13nkBWAAfL395rT896k5aPBzxYc8JxZtPgNxap
oe+T45N3BuPBQggZF1MRCrn9cSS+bITwj5ce75nFfyviUNQrevz9DcI3S60+3Odg
VTCs8zDdqXJ/ttK3kJsulg3MsAn/Dth5nCo1ffHRsCL2NaRI6PCz/ml7r0zgQ6GK
z44PY5s1aAKgm7x8WqxzvRA2hY23AqaYDFX6rwYdoQphTkmLe++y1wY3o6ePvhe9
YEYVXttV4a3xT8tkkYSWPLB7qC2LSDmwRx7veA51qhAauZxL1Qz7Bt7DphF6AN9L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org