Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lknt3pUssRworKlq_iHLZuEqpaQ.roa
File: lknt3pUssRworKlq_iHLZuEqpaQ.roa (raw, json)
Hash identifier: NPpoIU8KjF2l4qwK9lABhIQ6HAz5hf072x90Tn3NN84=
Subject key identifier: 96:49:ED:DE:95:2C:B1:1C:28:AC:A9:6A:FE:21:CB:66:E1:2A:A5:A4
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189A60AB76FAC04F3972215A77B4AF52B26
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lknt3pUssRworKlq_iHLZuEqpaQ.roa
Signing time: Sun 30 Jul 2023 09:04:27 +0000
ROA not before: Sun 30 Jul 2023 09:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11938
IP address blocks: 85.133.228.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Aug 2023 08:39:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a6:0a:b7:6f:ac:04:f3:97:22:15:a7:7b:4a:f5:2b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 30 09:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9649edde952cb11c28aca96afe21cb66e12aa5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5d:43:20:41:60:b3:ff:e4:8b:19:86:b1:f3:
60:5a:90:ae:c5:f3:75:73:36:89:1f:27:23:a3:c4:
03:6d:4e:e1:ba:e2:88:c7:ac:b0:88:91:66:35:19:
b6:20:30:f6:cb:56:79:75:bc:0a:d7:7d:61:26:cf:
78:3b:65:c1:fe:73:68:6f:59:65:15:16:76:85:29:
51:cc:fa:e5:53:91:85:58:0b:a8:40:f6:a1:48:28:
8e:14:3b:94:f6:c2:56:4e:3a:e9:8f:8e:a9:c9:c3:
ea:cf:f5:48:65:7e:93:17:f1:45:c1:b6:2e:ff:16:
8c:a5:41:d4:fa:fa:7d:74:52:c1:0c:14:88:e5:4d:
0a:80:63:ba:89:a9:37:03:20:b3:f2:b3:39:c5:21:
0a:60:e4:3f:f6:da:12:9a:ad:01:ae:10:a9:ec:d0:
66:b9:de:5f:96:24:cd:ed:fd:b1:ce:95:2d:96:aa:
1f:d3:fc:a4:13:6a:75:44:4b:78:fc:48:d8:4a:50:
24:c4:b2:69:41:4a:e3:13:fb:46:35:b8:0c:d8:77:
c0:aa:bc:cf:e0:81:f8:11:5d:60:2b:bb:b9:58:b2:
96:7f:62:a4:1d:ad:2d:a0:e4:f3:58:de:f5:ce:81:
a4:f3:45:52:64:8e:b2:87:fd:65:f5:79:c8:5a:07:
55:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:49:ED:DE:95:2C:B1:1C:28:AC:A9:6A:FE:21:CB:66:E1:2A:A5:A4
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/lknt3pUssRworKlq_iHLZuEqpaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.153.0/24
85.133.228.0/24
85.133.241.0/24
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
02:91:12:17:bb:8c:05:1b:02:bb:22:89:dd:1e:f2:fd:8c:be:
97:df:23:31:98:d2:56:fb:36:ca:ea:60:6d:37:86:8c:15:bf:
56:79:3f:87:5d:9e:b3:a4:d6:e2:37:fd:2d:56:a2:40:d0:86:
5a:98:8e:48:d7:ff:40:ab:0a:28:39:7f:8c:99:ba:7e:dd:3b:
bf:91:83:68:64:c1:48:1f:3d:30:36:5e:da:93:e3:29:db:f7:
8b:d5:c7:bd:cc:49:1b:c6:93:3b:5e:04:13:a3:83:7f:9b:84:
6e:06:3f:39:a7:9a:6a:2e:7e:3c:cd:f3:d7:64:f0:4c:9b:89:
c1:f5:02:dc:02:43:94:ee:b6:04:d7:5f:57:cf:30:d6:5d:93:
16:1d:7a:2a:a2:a6:9c:c5:e3:17:37:53:c8:e7:fb:e2:72:b0:
a3:80:cb:c1:67:51:bc:f6:bd:4b:5b:71:df:0f:57:b4:af:0f:
59:f1:8b:38:37:ed:92:22:5c:63:08:48:88:50:e0:f4:ab:ea:
9b:95:87:29:41:a0:9f:6e:f1:ed:bc:95:bb:d1:93:0e:1a:36:
5f:06:3c:dd:ad:91:37:29:36:eb:98:8c:3f:b0:04:33:d4:00:
b3:44:d0:c3:71:73:9e:b6:5d:be:6c:ac:ae:da:63:da:a3:ff:
5f:7f:b7:a8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmmCrdvrATzlyIVp3tK9SsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzMwMDkwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQ5ZWRkZTk1MmNiMTFjMjhhY2E5NmFmZTIxY2I2NmUxMmFhNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj11DIEFgs//kixmGsfNgWpCuxfN1
czaJHycjo8QDbU7huuKIx6ywiJFmNRm2IDD2y1Z5dbwK131hJs94O2XB/nNob1ll
FRZ2hSlRzPrlU5GFWAuoQPahSCiOFDuU9sJWTjrpj46pycPqz/VIZX6TF/FFwbYu
/xaMpUHU+vp9dFLBDBSI5U0KgGO6iak3AyCz8rM5xSEKYOQ/9toSmq0BrhCp7NBm
ud5fliTN7f2xzpUtlqof0/ykE2p1REt4/EjYSlAkxLJpQUrjE/tGNbgM2HfAqrzP
4IH4EV1gK7u5WLKWf2KkHa0toOTzWN71zoGk80VSZI6yh/1l9XnIWgdVJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJZJ7d6VLLEcKKypav4hy2bhKqWkMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvbGtudDNwVXNzUndvcktscV9pSExadUVxcGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWZAwQA
VYXkAwQAVYXxAwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQACkRIXu4wFGwK7Iond
HvL9jL6X3yMxmNJW+zbK6mBtN4aMFb9WeT+HXZ6zpNbiN/0tVqJA0IZamI5I1/9A
qwooOX+Mmbp+3Tu/kYNoZMFIHz0wNl7ak+Mp2/eL1ce9zEkbxpM7XgQTo4N/m4Ru
Bj85p5pqLn48zfPXZPBMm4nB9QLcAkOU7rYE119XzzDWXZMWHXoqoqacxeMXN1PI
5/vicrCjgMvBZ1G89r1LW3HfD1e0rw9Z8Ys4N+2SIlxjCEiIUOD0q+qblYcpQaCf
bvHtvJW70ZMOGjZfBjzdrZE3KTbrmIw/sAQz1ACzRNDDcXOetl2+bKyu2mPao/9f
f7eo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org