Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/lSUeyLwj5obHbYUzxLX0MD6Y1To.roa
File: lSUeyLwj5obHbYUzxLX0MD6Y1To.roa (raw, json)
Hash identifier: f7t5VrdtQHekJc22hMLQN+cMPXSHdbngPvqtcoipOak=
Subject key identifier: 95:25:1E:C8:BC:23:E6:86:C7:6D:85:33:C4:B5:F4:30:3E:98:D5:3A
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 018CA2D689DA6C9C1F7C787EE0214F637C23
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/lSUeyLwj5obHbYUzxLX0MD6Y1To.roa
Signing time: Mon 25 Dec 2023 21:16:58 +0000
ROA not before: Mon 25 Dec 2023 21:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210539
IP address blocks: 185.196.221.0/24 maxlen: 24
185.162.90.0/24 maxlen: 24
185.170.130.0/24 maxlen: 24
185.170.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a2:d6:89:da:6c:9c:1f:7c:78:7e:e0:21:4f:63:7c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Dec 25 21:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95251ec8bc23e686c76d8533c4b5f4303e98d53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:63:ff:db:f2:59:75:da:1e:d9:05:30:a0:31:
f9:ea:33:be:d9:5d:a7:62:f9:80:38:cd:0b:a9:18:
c9:8f:5f:4f:d7:fe:f0:33:d2:02:ff:0c:82:0b:28:
2f:be:87:a6:86:3d:d6:9e:85:90:d7:6b:d0:0a:75:
bc:15:4f:62:19:ef:82:27:38:8d:c8:4e:dc:60:0a:
5d:f5:7f:f8:6b:27:68:e4:bc:15:d4:ec:7e:63:84:
67:d3:28:fa:65:66:ba:f5:d4:de:13:c8:9e:a7:93:
45:d7:52:ed:79:52:86:2e:26:f2:7e:10:9f:47:09:
cf:f2:cb:8a:4f:67:be:64:50:ed:42:83:b4:bd:e3:
eb:72:42:c1:7c:39:76:96:29:dd:6d:da:53:bc:50:
29:04:0f:c8:47:36:93:0b:85:8d:60:6b:c1:78:02:
c8:b9:95:92:19:5f:44:8a:bc:b7:d4:15:34:f8:f5:
9b:90:92:bd:c6:3a:bf:63:7b:ce:44:18:c6:4f:34:
ab:1b:17:ba:c7:f9:0f:bb:e5:4d:bb:34:15:49:6b:
80:cd:54:db:a9:9d:f9:bb:f8:85:de:23:b0:54:fd:
90:e6:ca:63:af:1c:72:1f:f3:54:ec:c6:ee:f1:ab:
b7:e3:38:8e:eb:5d:92:3b:dc:d4:05:b8:fd:fb:89:
5b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:25:1E:C8:BC:23:E6:86:C7:6D:85:33:C4:B5:F4:30:3E:98:D5:3A
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/lSUeyLwj5obHbYUzxLX0MD6Y1To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.90.0/24
185.170.128.0/24
185.170.130.0/24
185.196.221.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:02:03:60:60:9e:9c:b9:1d:fc:68:dd:28:0b:05:fa:f2:e8:
e2:a0:cf:67:06:46:9f:a3:60:c6:5b:33:46:d4:93:47:8b:5a:
e2:a4:4c:29:6e:33:7c:08:73:a1:4f:1c:ab:f7:b9:d9:9b:6f:
03:37:af:9a:f8:db:38:49:39:8b:a1:02:4e:6a:cd:d1:98:e7:
f2:13:d3:ec:e4:ff:8c:d8:18:ea:81:30:29:d1:e4:9e:ff:0d:
a7:97:3a:4c:d4:a7:2d:d7:05:31:9f:12:76:d4:de:f3:08:30:
fd:d2:b8:a5:c6:55:22:0c:d4:dd:0b:b2:43:92:5a:5d:57:90:
c5:82:50:bc:2d:06:29:4a:a1:a0:b4:14:c5:ec:79:10:86:08:
58:b0:83:75:e7:0f:61:03:af:d8:20:72:22:12:f4:7f:83:c7:
6a:c4:64:51:f1:23:f2:0a:12:37:02:a4:e6:53:f3:69:89:15:
42:43:ef:89:99:5f:81:a9:64:fc:9a:9c:47:29:cb:bc:f1:34:
69:e5:b7:fb:cb:55:36:f3:5d:c2:b8:dc:9e:15:93:ff:b5:ec:
d9:42:e7:b9:95:39:71:f0:1a:5a:c0:ad:e9:80:ad:89:97:75:
4c:89:98:c7:c6:01:8b:06:3d:d0:1d:ab:8c:73:04:7f:5e:1f:
c5:78:98:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyi1onabJwffHh+4CFPY3wjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjMxMjI1MjExNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTI1MWVjOGJjMjNlNjg2Yzc2ZDg1MzNjNGI1ZjQzMDNlOThkNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GP/2/JZddoe2QUwoDH56jO+2V2n
YvmAOM0LqRjJj19P1/7wM9IC/wyCCygvvoemhj3WnoWQ12vQCnW8FU9iGe+CJziN
yE7cYApd9X/4aydo5LwV1Ox+Y4Rn0yj6ZWa69dTeE8iep5NF11LteVKGLibyfhCf
RwnP8suKT2e+ZFDtQoO0vePrckLBfDl2lindbdpTvFApBA/IRzaTC4WNYGvBeALI
uZWSGV9Eiry31BU0+PWbkJK9xjq/Y3vORBjGTzSrGxe6x/kPu+VNuzQVSWuAzVTb
qZ35u/iF3iOwVP2Q5spjrxxyH/NU7Mbu8au34ziO612SO9zUBbj9+4lbbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJUlHsi8I+aGx22FM8S19DA+mNU6MB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvbFNVZXlMd2o1b2JIYllVenhMWDBNRDZZMVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuaJaAwQA
uaqAAwQAuaqCAwQAucTdMA0GCSqGSIb3DQEBCwUAA4IBAQAKAgNgYJ6cuR38aN0o
CwX68ujioM9nBkafo2DGWzNG1JNHi1ripEwpbjN8CHOhTxyr97nZm28DN6+a+Ns4
STmLoQJOas3RmOfyE9Ps5P+M2BjqgTAp0eSe/w2nlzpM1Kct1wUxnxJ21N7zCDD9
0rilxlUiDNTdC7JDklpdV5DFglC8LQYpSqGgtBTF7HkQhghYsIN15w9hA6/YIHIi
EvR/g8dqxGRR8SPyChI3AqTmU/NpiRVCQ++JmV+BqWT8mpxHKcu88TRp5bf7y1U2
813CuNyeFZP/tezZQue5lTlx8BpawK3pgK2Jl3VMiZjHxgGLBj3QHauMcwR/Xh/F
eJjm
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:39 2024 by rpki-client on console-fra.rpki-client.org