Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/lqCdVVue7nYeA67Nr4LpsvDo9t4.roa
File: lqCdVVue7nYeA67Nr4LpsvDo9t4.roa (raw, json)
Hash identifier: LH+/aObF+Hf4oNVgMa/o1y4FvmjCxFwAQleaA4rrsl8=
Subject key identifier: 96:A0:9D:55:5B:9E:EE:76:1E:03:AE:CD:AF:82:E9:B2:F0:E8:F6:DE
Certificate issuer: /CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Certificate serial: 0185720C799172AC98C243CD55EAF0E7C719
Authority key identifier: 4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/lqCdVVue7nYeA67Nr4LpsvDo9t4.roa
Signing time: Mon 02 Jan 2023 10:34:58 +0000
ROA not before: Mon 02 Jan 2023 10:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13213
IP address blocks: 185.141.116.0/24 maxlen: 24
2a07:23c0::/48 maxlen: 48
2a07:23c0:8::/48 maxlen: 48
2a07:23c0:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:79:91:72:ac:98:c2:43:cd:55:ea:f0:e7:c7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Validity
Not Before: Jan 2 10:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96a09d555b9eee761e03aecdaf82e9b2f0e8f6de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b6:36:2a:f9:d4:ed:a1:e4:a9:59:54:30:7c:
3a:b4:6e:ee:21:25:16:1a:34:61:0e:0b:0b:da:90:
1a:ec:6f:e1:61:07:fa:3e:b4:65:3b:4f:eb:6b:4a:
d5:89:32:b9:9b:14:4c:fb:9a:03:1d:4b:95:9a:27:
35:ec:ec:21:a0:84:9a:2f:98:79:67:41:e3:79:52:
af:2b:53:b3:8a:46:e8:61:d6:b0:38:dc:fb:5f:49:
58:3a:e6:57:dc:a6:02:ce:75:1c:90:ab:98:50:cc:
16:28:86:54:f7:ff:8e:82:d1:ec:4a:e1:01:0d:0d:
15:f1:b3:8c:56:bc:22:75:03:42:0a:a6:47:09:75:
28:88:f1:73:23:d9:98:48:69:79:fd:ec:51:aa:a7:
1e:b4:d8:ca:b2:66:23:ed:a7:39:a9:f6:d1:27:07:
eb:a7:61:2b:e3:85:4e:3a:38:ea:ef:b9:67:f2:91:
b8:24:b3:79:e7:6b:68:a6:c6:ea:d2:df:31:f1:53:
54:a3:f3:03:e1:c7:d8:85:32:43:15:0c:e5:f8:f8:
ea:d6:70:82:99:f3:11:62:4d:c6:df:83:e1:90:99:
2c:2a:03:05:a0:c5:d0:86:5b:d3:66:e9:ff:17:46:
1a:71:67:ae:df:8e:88:f8:96:1f:30:76:d1:cb:f3:
d1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A0:9D:55:5B:9E:EE:76:1E:03:AE:CD:AF:82:E9:B2:F0:E8:F6:DE
X509v3 Authority Key Identifier:
keyid:4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/lqCdVVue7nYeA67Nr4LpsvDo9t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.116.0/24
IPv6:
2a07:23c0::/48
2a07:23c0:8::/47
Signature Algorithm: sha256WithRSAEncryption
0b:bf:d8:b0:4f:e3:b9:cc:de:58:21:e4:50:bd:d3:c2:31:e9:
8b:57:0e:de:1a:18:34:a7:9c:9a:46:f8:61:17:07:4b:27:b0:
46:43:f8:a5:20:13:c1:90:2b:2a:e2:dd:88:97:97:8b:4b:78:
d8:e8:03:e6:16:0b:68:1e:94:40:97:35:9c:db:ca:87:3b:62:
d2:76:87:30:08:6b:9c:c4:47:21:72:c7:ce:88:2b:58:27:6a:
e0:d9:85:07:92:21:a2:b4:7b:05:39:a9:69:f1:9f:d3:06:a7:
6b:7f:fe:49:10:3b:28:c2:16:f1:49:ff:e9:ec:21:9f:e5:4d:
dd:fa:ed:93:f7:8f:8a:94:6d:84:ba:80:65:32:55:ae:fe:15:
e6:51:63:89:25:0d:3b:20:c8:aa:a0:09:7b:2a:f7:d1:8a:62:
11:9f:00:ea:3f:27:30:fa:04:0e:56:15:c0:4a:30:f0:05:70:
6a:9f:de:ed:80:5f:fc:bc:fd:77:d2:07:24:ed:1b:02:eb:07:
ef:34:52:a7:f4:c3:c7:d2:31:6b:1c:28:94:09:69:33:7c:fa:
0a:22:1f:ca:5a:6f:59:60:f5:a9:51:d8:79:01:d6:ae:e2:d9:
0a:25:be:10:0d:2e:93:56:77:85:37:26:f1:9d:01:ae:60:73:
d0:d8:ba:56
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyDHmRcqyYwkPNVerw58cZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjJiYjdiYWQ1MGYxOTIxODEwYTAyOGU3OGVkZDY1Zjgx
ZjZhN2QwHhcNMjMwMTAyMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmEwOWQ1NTViOWVlZTc2MWUwM2FlY2RhZjgyZTliMmYwZThmNmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7Y2KvnU7aHkqVlUMHw6tG7uISUW
GjRhDgsL2pAa7G/hYQf6PrRlO0/ra0rViTK5mxRM+5oDHUuVmic17OwhoISaL5h5
Z0HjeVKvK1OzikboYdawONz7X0lYOuZX3KYCznUckKuYUMwWKIZU9/+OgtHsSuEB
DQ0V8bOMVrwidQNCCqZHCXUoiPFzI9mYSGl5/exRqqcetNjKsmYj7ac5qfbRJwfr
p2Er44VOOjjq77ln8pG4JLN552topsbq0t8x8VNUo/MD4cfYhTJDFQzl+Pjq1nCC
mfMRYk3G34PhkJksKgMFoMXQhlvTZun/F0YacWeu346I+JYfMHbRy/PR/wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJagnVVbnu52HgOuza+C6bLw6PbeMB8GA1UdIwQY
MBaAFE+yu3utUPGSGBCgKOeO3WX4H2p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYt
MjdmYmM5OWVhM2M2LzEvbHFDZFZWdWU3blllQTY3TnI0THBzdkRvOXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYtMjdmYmM5OWVhM2M2
LzEvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuY10MBgE
AgACMBIDBwAqByPAAAADBwEqByPAAAgwDQYJKoZIhvcNAQELBQADggEBAAu/2LBP
47nM3lgh5FC908Ix6YtXDt4aGDSnnJpG+GEXB0snsEZD+KUgE8GQKyri3YiXl4tL
eNjoA+YWC2gelECXNZzbyoc7YtJ2hzAIa5zERyFyx86IK1gnauDZhQeSIaK0ewU5
qWnxn9MGp2t//kkQOyjCFvFJ/+nsIZ/lTd367ZP3j4qUbYS6gGUyVa7+FeZRY4kl
DTsgyKqgCXsq99GKYhGfAOo/JzD6BA5WFcBKMPAFcGqf3u2AX/y8/XfSByTtGwLr
B+80Uqf0w8fSMWscKJQJaTN8+goiH8pab1lg9alR2HkB1q7i2QolvhANLpNWd4U3
JvGdAa5gc9DYulY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:59 2024 by rpki-client on console-fra.rpki-client.org