Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/lLCgecXUbslxyhesWe_lNHAQ16U.roa
File: lLCgecXUbslxyhesWe_lNHAQ16U.roa (raw, json)
Hash identifier: QUQ0BPCpl3JoBfelkx1P1/mfBRurf0BlLOhN9uZ2KEE=
Subject key identifier: 94:B0:A0:79:C5:D4:6E:C9:71:CA:17:AC:59:EF:E5:34:70:10:D7:A5
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 018AD1D4A06EE3821B33DAA7A702FD03DE03
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/lLCgecXUbslxyhesWe_lNHAQ16U.roa
Signing time: Tue 26 Sep 2023 14:11:27 +0000
ROA not before: Tue 26 Sep 2023 14:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16633
IP address blocks: 185.201.17.0/24 maxlen: 24
185.201.18.0/24 maxlen: 24
193.200.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Oct 2023 17:18:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:d4:a0:6e:e3:82:1b:33:da:a7:a7:02:fd:03:de:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Sep 26 14:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94b0a079c5d46ec971ca17ac59efe5347010d7a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0d:9e:66:06:5a:50:2c:65:df:87:19:27:57:
f7:d1:ea:db:8c:0b:81:80:ef:e1:f5:04:d8:0a:36:
74:9f:d0:af:42:03:48:c4:68:7c:01:f8:17:47:68:
6d:71:07:ba:b0:b4:4f:d4:cd:24:9f:d4:c0:78:cc:
a1:59:2a:a4:4d:ce:9c:29:33:97:d6:7a:a3:dd:71:
7c:5b:d5:34:41:cf:ef:1e:36:46:48:62:1e:60:19:
78:a4:74:19:61:55:c0:c4:e9:cc:38:34:f5:56:91:
4d:38:7f:59:43:05:94:8f:9a:de:c2:61:76:d2:6e:
1e:f3:42:9c:55:41:d5:09:86:43:c6:ee:04:e2:4e:
a4:b7:8a:5b:2c:64:63:b0:ca:eb:8c:dd:75:f3:57:
76:08:92:d9:b2:01:30:87:fb:2c:b5:06:80:4b:10:
c7:1a:18:e1:2a:da:24:67:59:9e:b1:d6:5c:b0:96:
cb:c3:e3:bf:64:fe:5d:30:5a:a8:68:50:99:82:16:
b0:c6:7a:f8:08:9a:a1:5f:79:d6:0f:16:52:7b:74:
9b:2e:70:17:55:10:05:88:51:13:31:c2:73:16:58:
a4:d8:dd:da:0e:45:89:0c:f5:3a:e5:b6:2c:d0:34:
c9:a1:46:92:73:e8:66:e5:2a:95:6c:f0:0f:8e:60:
fa:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B0:A0:79:C5:D4:6E:C9:71:CA:17:AC:59:EF:E5:34:70:10:D7:A5
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/lLCgecXUbslxyhesWe_lNHAQ16U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.17.0-185.201.18.255
193.200.214.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:1f:0a:de:cc:86:a1:f0:67:2c:3d:d2:66:3a:6a:30:73:36:
be:f2:a8:f6:17:a1:e7:4d:6c:4a:14:a1:3d:29:45:9a:6b:8a:
a3:d0:03:a5:9f:35:47:5b:86:4a:ef:03:7e:15:4b:a1:72:10:
29:e1:98:e3:10:fd:ed:ee:73:36:bc:e1:59:ca:a4:79:4e:3b:
98:38:29:c5:a1:35:04:f3:13:bd:e8:97:81:19:70:71:7f:8e:
8f:c5:69:c7:06:05:d5:aa:1d:06:7e:4b:bf:1d:b1:69:f9:00:
4f:ae:2b:3a:2c:c2:97:0a:e6:88:9c:18:e1:46:bc:f1:81:e1:
84:5c:92:f0:b1:7f:61:c7:6e:9e:d5:1d:e9:11:dd:f8:65:c4:
13:ed:5f:1f:15:52:e6:4d:0f:41:09:60:7c:5c:2c:23:58:a3:
a6:75:d3:bc:dc:ed:b5:42:5a:24:4a:8f:5c:25:56:59:90:55:
42:e1:21:e0:54:78:ee:48:c1:d4:4d:1b:d4:a3:73:6d:20:61:
2e:bf:33:72:e2:89:a7:1d:37:61:cd:89:12:59:32:9f:89:38:
74:aa:4a:c0:3d:03:be:57:ba:df:88:62:2a:8d:9a:d8:34:88:
f1:e0:55:3d:8d:6c:89:98:fc:b9:c4:b8:d5:15:61:a2:60:b4:
59:b7:5d:b4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYrR1KBu44IbM9qnpwL9A94DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMwOTI2MTQxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGIwYTA3OWM1ZDQ2ZWM5NzFjYTE3YWM1OWVmZTUzNDcwMTBkN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ2eZgZaUCxl34cZJ1f30erbjAuB
gO/h9QTYCjZ0n9CvQgNIxGh8AfgXR2htcQe6sLRP1M0kn9TAeMyhWSqkTc6cKTOX
1nqj3XF8W9U0Qc/vHjZGSGIeYBl4pHQZYVXAxOnMODT1VpFNOH9ZQwWUj5rewmF2
0m4e80KcVUHVCYZDxu4E4k6kt4pbLGRjsMrrjN1181d2CJLZsgEwh/sstQaASxDH
GhjhKtokZ1mesdZcsJbLw+O/ZP5dMFqoaFCZghawxnr4CJqhX3nWDxZSe3SbLnAX
VRAFiFETMcJzFlik2N3aDkWJDPU65bYs0DTJoUaSc+hm5SqVbPAPjmD60QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJSwoHnF1G7JccoXrFnv5TRwENelMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvbExDZ2VjWFVic2x4eWhlc1dlX2xOSEFRMTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5yRED
BAC5yRIDBADByNYwDQYJKoZIhvcNAQELBQADggEBAKgfCt7MhqHwZyw90mY6ajBz
Nr7yqPYXoedNbEoUoT0pRZpriqPQA6WfNUdbhkrvA34VS6FyECnhmOMQ/e3ucza8
4VnKpHlOO5g4KcWhNQTzE73ol4EZcHF/jo/FaccGBdWqHQZ+S78dsWn5AE+uKzos
wpcK5oicGOFGvPGB4YRckvCxf2HHbp7VHekR3fhlxBPtXx8VUuZND0EJYHxcLCNY
o6Z107zc7bVCWiRKj1wlVlmQVULhIeBUeO5IwdRNG9Sjc20gYS6/M3LiiacdN2HN
iRJZMp+JOHSqSsA9A75Xut+IYiqNmtg0iPHgVT2NbImY/LnEuNUVYaJgtFm3XbQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:32 2024 by rpki-client on console-ams.rpki-client.org