Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/Ldkma_bPPRECP0XLO4JmmDrz2-8.roa
File: Ldkma_bPPRECP0XLO4JmmDrz2-8.roa (raw, json)
Hash identifier: gSLt5877HSMOEaU1GzMQBzzxI49pKHdK94jC+ISRqnc=
Subject key identifier: 2D:D9:26:6B:F6:CF:3D:11:02:3F:45:CB:3B:82:66:98:3A:F3:DB:EF
Certificate issuer: /CN=705de152906664ae7ac9f2087ac4d00685a5d7f0
Certificate serial: 01856F5DC61DDBAFC7AF009620C0B6135848
Authority key identifier: 70:5D:E1:52:90:66:64:AE:7A:C9:F2:08:7A:C4:D0:06:85:A5:D7:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/Ldkma_bPPRECP0XLO4JmmDrz2-8.roa
Signing time: Sun 01 Jan 2023 22:04:54 +0000
ROA not before: Sun 01 Jan 2023 22:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50358
IP address blocks: 195.191.50.0/23 maxlen: 24
91.241.88.0/22 maxlen: 24
2001:67c:26a0::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:c6:1d:db:af:c7:af:00:96:20:c0:b6:13:58:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705de152906664ae7ac9f2087ac4d00685a5d7f0
Validity
Not Before: Jan 1 22:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dd9266bf6cf3d11023f45cb3b8266983af3dbef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2e:14:31:08:22:21:d8:a1:70:99:82:d1:50:
b1:c9:7b:e4:02:8c:16:e8:68:76:3f:bd:80:c9:65:
2a:ea:58:a1:4d:1a:34:30:0c:be:56:99:0e:03:fb:
d1:25:33:c3:49:40:29:2f:c8:b1:90:40:eb:2b:23:
83:0f:34:6f:39:50:d1:f1:61:ef:5e:98:61:45:df:
1a:99:66:b0:e6:5e:ee:af:82:3d:1c:7c:a3:40:8e:
e7:a6:67:53:0b:83:28:26:cc:1e:c3:3b:a5:52:e8:
d3:b5:2e:bf:9c:fe:63:5c:70:0b:56:46:21:7d:ea:
12:13:7b:8d:aa:c9:a4:3d:82:5c:66:52:a5:56:da:
ed:dd:22:a6:ea:85:66:3d:2b:22:e3:45:a4:88:f0:
d4:9f:9a:f1:a7:64:0a:ba:3e:cd:e5:9c:d4:e7:85:
03:5e:f6:9f:42:a6:56:35:f0:12:54:ad:08:41:02:
db:ef:16:d7:d9:7b:d0:2f:7b:1f:c5:a3:da:ab:b1:
aa:0f:a4:fc:06:a7:20:b4:e4:b6:6d:9a:e4:bb:99:
b5:d9:0e:5b:19:b9:51:18:00:72:66:e8:1c:89:b1:
d4:cf:dc:74:8e:b0:35:af:cd:6a:5b:46:5a:3b:a8:
38:51:e0:39:62:51:b5:37:0c:d1:04:cc:0c:44:5c:
bd:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D9:26:6B:F6:CF:3D:11:02:3F:45:CB:3B:82:66:98:3A:F3:DB:EF
X509v3 Authority Key Identifier:
keyid:70:5D:E1:52:90:66:64:AE:7A:C9:F2:08:7A:C4:D0:06:85:A5:D7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/Ldkma_bPPRECP0XLO4JmmDrz2-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.88.0/22
195.191.50.0/23
IPv6:
2001:67c:26a0::/48
Signature Algorithm: sha256WithRSAEncryption
86:00:3d:32:08:53:33:c3:e0:b3:83:ea:a7:12:fb:7a:75:6a:
a3:f6:17:51:cd:a6:88:d6:b8:1b:84:ba:f3:4c:f7:e1:88:a2:
9a:8c:11:94:01:83:96:66:a0:bf:32:f0:28:57:07:75:67:e1:
3d:c1:c3:d5:e0:f4:a1:e2:01:4e:db:2f:bc:01:04:5d:c7:00:
d3:af:ee:77:f6:f8:da:3c:58:be:3e:b9:f5:7d:74:4c:81:11:
3a:cc:21:ff:45:cc:b0:1b:f8:e0:31:65:24:4a:c2:aa:a6:a9:
80:ea:0b:4a:69:3b:eb:08:8c:71:a3:40:c3:20:28:7d:56:0a:
11:97:8d:1c:6b:22:85:8b:69:d7:4a:59:d2:8c:70:70:17:c8:
d2:0d:3a:33:44:e7:24:f1:6a:45:f9:eb:35:04:b9:88:e4:d5:
f0:9b:32:4b:61:7d:b5:b0:56:9c:c8:91:b2:1e:66:0a:60:57:
f0:ee:53:b6:93:42:2a:99:ac:6a:13:f6:61:e3:b3:88:46:1e:
8f:b8:65:fd:20:d9:74:2e:ce:dd:fe:38:14:66:ab:14:6f:f0:
a8:10:94:f5:59:ff:a9:f8:eb:db:d5:8c:80:2e:22:19:58:e4:
45:0e:dd:db:45:a0:1c:6d:3d:bf:ee:86:c3:26:8a:1c:7e:fd:
15:46:e8:c8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvXcYd26/HrwCWIMC2E1hIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWRlMTUyOTA2NjY0YWU3YWM5ZjIwODdhYzRkMDA2ODVh
NWQ3ZjAwHhcNMjMwMTAxMjIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ5MjY2YmY2Y2YzZDExMDIzZjQ1Y2IzYjgyNjY5ODNhZjNkYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS4UMQgiIdihcJmC0VCxyXvkAowW
6Gh2P72AyWUq6lihTRo0MAy+VpkOA/vRJTPDSUApL8ixkEDrKyODDzRvOVDR8WHv
XphhRd8amWaw5l7ur4I9HHyjQI7npmdTC4MoJswewzulUujTtS6/nP5jXHALVkYh
feoSE3uNqsmkPYJcZlKlVtrt3SKm6oVmPSsi40WkiPDUn5rxp2QKuj7N5ZzU54UD
XvafQqZWNfASVK0IQQLb7xbX2XvQL3sfxaPaq7GqD6T8BqcgtOS2bZrku5m12Q5b
GblRGAByZugcibHUz9x0jrA1r81qW0ZaO6g4UeA5YlG1NwzRBMwMRFy9xwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC3ZJmv2zz0RAj9FyzuCZpg689vvMB8GA1UdIwQY
MBaAFHBd4VKQZmSuesnyCHrE0AaFpdfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0YzaFVwQm1aSzU2eWZJSWVzVFFCb1dsMV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMTJhNzYtNzkzNC00Y2MxLTgyYzQt
ZjU2MTg0NzdmOGQ0LzEvTGRrbWFfYlBQUkVDUDBYTE80Sm1tRHJ6Mi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMTJhNzYtNzkzNC00Y2MxLTgyYzQtZjU2MTg0NzdmOGQ0
LzEvY0YzaFVwQm1aSzU2eWZJSWVzVFFCb1dsMV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW/FYAwQB
w78yMA8EAgACMAkDBwAgAQZ8JqAwDQYJKoZIhvcNAQELBQADggEBAIYAPTIIUzPD
4LOD6qcS+3p1aqP2F1HNpojWuBuEuvNM9+GIopqMEZQBg5ZmoL8y8ChXB3Vn4T3B
w9Xg9KHiAU7bL7wBBF3HANOv7nf2+No8WL4+ufV9dEyBETrMIf9FzLAb+OAxZSRK
wqqmqYDqC0ppO+sIjHGjQMMgKH1WChGXjRxrIoWLaddKWdKMcHAXyNINOjNE5yTx
akX56zUEuYjk1fCbMkthfbWwVpzIkbIeZgpgV/DuU7aTQiqZrGoT9mHjs4hGHo+4
Zf0g2XQuzt3+OBRmqxRv8KgQlPVZ/6n469vVjIAuIhlY5EUO3dtFoBxtPb/uhsMm
ihx+/RVG6Mg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:56 2024 by rpki-client on console-ams.rpki-client.org