Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/LA6TSKW0S0hfJLaaeUp0v8WAdRg.roa
File: LA6TSKW0S0hfJLaaeUp0v8WAdRg.roa (raw, json)
Hash identifier: 6qqseHXlJj8Oi5EhbOzf8svCrfzf6nmI0+JWxSQimNw=
Subject key identifier: 2C:0E:93:48:A5:B4:4B:48:5F:24:B6:9A:79:4A:74:BF:C5:80:75:18
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 018C4428D1D43C4EE2536025E9200FB3FE83
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/LA6TSKW0S0hfJLaaeUp0v8WAdRg.roa
Signing time: Thu 07 Dec 2023 12:02:54 +0000
ROA not before: Thu 07 Dec 2023 12:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 192.109.200.0/24 maxlen: 24
192.109.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:28:d1:d4:3c:4e:e2:53:60:25:e9:20:0f:b3:fe:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Dec 7 12:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c0e9348a5b44b485f24b69a794a74bfc5807518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f4:37:ed:79:64:51:45:b7:25:a8:b8:a6:94:
7a:de:72:94:ae:5c:d3:61:96:df:c1:f1:85:19:7b:
dd:f0:16:83:76:72:f2:dd:f5:79:1b:07:3b:97:f1:
6b:7f:6d:d3:be:e2:fc:7d:3e:d7:9d:a1:fd:1e:da:
c6:b4:ea:c5:f3:14:6d:1b:b2:b8:91:90:3f:8a:d1:
b3:09:1c:5d:65:2c:29:16:65:99:5c:96:9c:aa:1f:
ce:02:9b:94:d2:c8:69:87:6d:e6:4e:4a:87:6e:e8:
d0:e9:ce:73:db:24:13:9c:fb:81:03:65:7c:ef:c4:
7f:ad:36:9a:0a:4f:14:2c:8d:a0:7b:48:4b:d7:18:
39:a9:ab:84:69:87:6f:d1:74:3d:56:6e:8d:10:04:
2f:5a:3a:d6:f6:1c:90:9f:1a:cf:03:7f:bb:2d:40:
5c:f0:a4:65:9d:2f:a1:36:f9:9a:0b:63:5a:ab:94:
05:26:e2:f2:14:69:71:51:26:66:b3:31:96:bb:c3:
b2:6a:d4:f0:31:f9:1d:92:41:30:68:0e:4d:20:79:
27:22:17:ae:97:fd:7c:4b:d7:5c:7f:74:c9:b2:29:
27:9f:22:8f:d3:1a:10:8d:46:a1:18:38:a9:e9:20:
f0:be:a9:8b:e7:5b:b3:75:a2:ab:a0:8a:0f:0c:9d:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0E:93:48:A5:B4:4B:48:5F:24:B6:9A:79:4A:74:BF:C5:80:75:18
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/LA6TSKW0S0hfJLaaeUp0v8WAdRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:52:16:3e:a1:c3:d9:f9:f9:e6:80:2f:7f:ab:2b:e1:53:aa:
1e:c6:dc:2e:05:05:fa:34:a0:50:e6:53:ad:2a:31:6a:15:60:
8b:b3:61:80:c1:19:08:42:59:b6:be:2a:04:b2:a9:2f:78:06:
f2:f9:47:9b:e8:74:58:36:be:1c:c2:d5:3b:8e:58:fe:16:13:
e7:5b:3e:a4:67:cb:4d:58:dd:79:e6:ab:20:89:ac:ca:94:ce:
4e:1c:1e:b9:ac:4f:95:79:c3:78:ab:0b:83:b5:4b:67:9e:ad:
4c:1e:42:2d:c1:de:c0:d9:b8:5e:f7:ea:c4:ee:e7:8e:13:7e:
fa:f3:f6:9b:d9:89:3a:54:4b:fd:86:24:8a:f4:ad:94:1f:4a:
58:4f:9b:55:93:35:98:2c:97:0b:34:21:08:5a:e7:e4:42:83:
93:c7:77:0d:00:4c:27:02:e4:5f:37:ff:31:5c:52:ce:bb:8e:
61:1f:c0:cd:f2:32:d2:78:73:38:71:97:13:96:18:ec:db:ae:
b3:e7:49:f1:5c:7d:c3:4c:60:c4:79:cf:b3:c3:d3:e9:48:09:
86:46:f5:ab:e5:17:a6:6e:80:04:47:9b:a0:03:85:95:29:8b:
c6:22:40:ee:f4:3f:13:53:40:db:92:55:46:84:1c:52:f3:98:
64:44:f1:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxEKNHUPE7iU2Al6SAPs/6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjMxMjA3MTIwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzBlOTM0OGE1YjQ0YjQ4NWYyNGI2OWE3OTRhNzRiZmM1ODA3NTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPQ37XlkUUW3Jai4ppR63nKUrlzT
YZbfwfGFGXvd8BaDdnLy3fV5Gwc7l/Frf23TvuL8fT7XnaH9HtrGtOrF8xRtG7K4
kZA/itGzCRxdZSwpFmWZXJacqh/OApuU0shph23mTkqHbujQ6c5z2yQTnPuBA2V8
78R/rTaaCk8ULI2ge0hL1xg5qauEaYdv0XQ9Vm6NEAQvWjrW9hyQnxrPA3+7LUBc
8KRlnS+hNvmaC2Naq5QFJuLyFGlxUSZmszGWu8OyatTwMfkdkkEwaA5NIHknIheu
l/18S9dcf3TJsiknnyKP0xoQjUahGDip6SDwvqmL51uzdaKroIoPDJ3+LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCwOk0iltEtIXyS2mnlKdL/FgHUYMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvTEE2VFNLVzBTMGhmSkxhYWVVcDB2OFdBZFJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwG2LAwQA
wG3IMA0GCSqGSIb3DQEBCwUAA4IBAQAuUhY+ocPZ+fnmgC9/qyvhU6oextwuBQX6
NKBQ5lOtKjFqFWCLs2GAwRkIQlm2vioEsqkveAby+Ueb6HRYNr4cwtU7jlj+FhPn
Wz6kZ8tNWN155qsgiazKlM5OHB65rE+VecN4qwuDtUtnnq1MHkItwd7A2bhe9+rE
7ueOE3768/ab2Yk6VEv9hiSK9K2UH0pYT5tVkzWYLJcLNCEIWufkQoOTx3cNAEwn
AuRfN/8xXFLOu45hH8DN8jLSeHM4cZcTlhjs266z50nxXH3DTGDEec+zw9PpSAmG
RvWr5RemboAER5ugA4WVKYvGIkDu9D8TU0DbklVGhBxS85hkRPGf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org