Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/LDK613qHnsEptC3ln9E842_uHFY.roa
File: LDK613qHnsEptC3ln9E842_uHFY.roa (raw, json)
Hash identifier: Lj9q7nIeV4V9GJ31lRIyhQUnSOoHbxLiMOvkGNxwGLk=
Subject key identifier: 2C:32:BA:D7:7A:87:9E:C1:29:B4:2D:E5:9F:D1:3C:E3:6F:EE:1C:56
Certificate issuer: /CN=705e75dbcce5fcdd91d8a99e5a1b2c995b812775
Certificate serial: 0185715E8ED52432056957A963AEEC30ADD5
Authority key identifier: 70:5E:75:DB:CC:E5:FC:DD:91:D8:A9:9E:5A:1B:2C:99:5B:81:27:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF5128zl_N2R2KmeWhssmVuBJ3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/LDK613qHnsEptC3ln9E842_uHFY.roa
Signing time: Mon 02 Jan 2023 07:25:00 +0000
ROA not before: Mon 02 Jan 2023 07:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48309
IP address blocks: 188.136.137.0/24 maxlen: 24
188.136.136.0/24 maxlen: 24
188.136.139.0/24 maxlen: 24
188.136.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:8e:d5:24:32:05:69:57:a9:63:ae:ec:30:ad:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705e75dbcce5fcdd91d8a99e5a1b2c995b812775
Validity
Not Before: Jan 2 07:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c32bad77a879ec129b42de59fd13ce36fee1c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:08:01:f1:ea:fa:aa:34:47:d5:b5:b4:e8:19:
31:1f:b1:5d:bd:2d:68:a4:e0:b5:13:c2:19:c8:6d:
b3:56:54:e9:aa:f6:58:3a:02:fc:46:11:01:35:8b:
ac:8f:61:6e:fc:c1:e1:33:8f:77:05:20:15:91:da:
b5:a5:24:78:df:6a:18:e2:e4:55:a3:d3:06:4c:b5:
4f:81:37:2d:c6:a6:0d:28:8f:c2:36:fc:8f:cc:2f:
13:c0:86:b0:74:f6:0c:83:c1:f3:af:16:28:58:e5:
02:f4:61:96:58:1b:90:a3:5b:ae:09:c8:56:33:2e:
57:4d:a1:b4:e2:48:84:4b:55:89:3c:10:cc:b2:c4:
6d:9d:f2:1f:81:3f:67:7b:1a:94:c3:72:f5:22:84:
f2:3f:98:12:4c:39:47:ee:42:6c:6f:6e:84:1e:f0:
17:78:e7:8b:eb:1d:8f:9a:db:5c:f4:0f:a5:66:4d:
f0:e6:7b:37:ae:10:9c:ba:ad:8f:31:e5:27:31:9f:
91:4d:6d:6c:be:5c:e9:77:7a:08:fc:66:be:b1:b2:
70:32:49:3c:6f:4f:aa:c7:3a:7a:64:91:02:40:ef:
4c:94:e3:0a:3a:fe:5a:62:67:ec:45:be:86:de:e6:
e3:c5:3d:e5:f6:c2:07:d6:d4:d4:b1:33:d2:16:66:
dd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:32:BA:D7:7A:87:9E:C1:29:B4:2D:E5:9F:D1:3C:E3:6F:EE:1C:56
X509v3 Authority Key Identifier:
keyid:70:5E:75:DB:CC:E5:FC:DD:91:D8:A9:9E:5A:1B:2C:99:5B:81:27:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF5128zl_N2R2KmeWhssmVuBJ3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/LDK613qHnsEptC3ln9E842_uHFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.136.136.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:0e:de:0f:99:bd:8d:00:32:b0:f1:c5:c1:5c:53:7d:60:fe:
05:bf:31:7e:c1:ce:eb:e1:95:87:8d:a1:a1:3d:de:87:ab:eb:
4b:bc:f1:55:bd:70:a5:9f:80:4d:70:9f:d9:99:99:04:66:b3:
e3:cb:84:ae:d2:a4:42:19:b7:6e:75:03:b9:0d:6b:b4:89:da:
c3:a7:d1:af:96:e8:7b:e7:a3:b4:e0:92:3b:40:17:2a:e7:67:
e8:ec:15:ec:8e:3c:87:db:72:69:07:89:c8:15:b9:7b:71:88:
65:ed:82:bd:44:fc:63:c4:05:e6:63:98:fb:47:48:2b:6b:8d:
65:a8:10:b7:6f:e0:d2:12:3c:6b:62:ae:4c:07:f2:c5:e4:70:
69:e0:02:84:1e:aa:d7:85:95:6f:63:40:72:c1:63:75:7c:2c:
f2:d4:50:7d:27:6d:fb:fe:2a:72:9f:a0:6c:fd:d1:f4:69:e4:
08:b5:3f:eb:6b:3a:d1:51:e1:6a:0a:6e:6f:b4:c3:dd:3c:ff:
13:f5:0d:38:c5:c8:f4:3e:fb:5a:6d:b5:86:b0:b9:f4:00:03:
4a:75:4e:71:66:42:b7:6e:ed:f4:77:b6:a1:11:78:c8:ac:91:
08:14:85:36:80:c6:7d:92:a3:22:c2:ce:4b:ff:7c:7f:89:04:
2c:90:db:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXo7VJDIFaVepY67sMK3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWU3NWRiY2NlNWZjZGQ5MWQ4YTk5ZTVhMWIyYzk5NWI4
MTI3NzUwHhcNMjMwMTAyMDcyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzMyYmFkNzdhODc5ZWMxMjliNDJkZTU5ZmQxM2NlMzZmZWUxYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAgB8er6qjRH1bW06BkxH7FdvS1o
pOC1E8IZyG2zVlTpqvZYOgL8RhEBNYusj2Fu/MHhM493BSAVkdq1pSR432oY4uRV
o9MGTLVPgTctxqYNKI/CNvyPzC8TwIawdPYMg8HzrxYoWOUC9GGWWBuQo1uuCchW
My5XTaG04kiES1WJPBDMssRtnfIfgT9nexqUw3L1IoTyP5gSTDlH7kJsb26EHvAX
eOeL6x2Pmttc9A+lZk3w5ns3rhCcuq2PMeUnMZ+RTW1svlzpd3oI/Ga+sbJwMkk8
b0+qxzp6ZJECQO9MlOMKOv5aYmfsRb6G3ubjxT3l9sIH1tTUsTPSFmbdDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCwyutd6h57BKbQt5Z/RPONv7hxWMB8GA1UdIwQY
MBaAFHBeddvM5fzdkdipnlobLJlbgSd1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Y1MTI4emxfTjJSMkttZVdoc3NtVnVCSjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jMWY0NDgtODgwOC00YTJmLWJmZmEt
ZjhiNDhiYWNjZDliLzEvTERLNjEzcUhuc0VwdEMzbG45RTg0Ml91SEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9jMWY0NDgtODgwOC00YTJmLWJmZmEtZjhiNDhiYWNjZDli
LzEvY0Y1MTI4emxfTjJSMkttZVdoc3NtVnVCSjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvIiIMA0G
CSqGSIb3DQEBCwUAA4IBAQBcDt4Pmb2NADKw8cXBXFN9YP4FvzF+wc7r4ZWHjaGh
Pd6Hq+tLvPFVvXCln4BNcJ/ZmZkEZrPjy4Su0qRCGbdudQO5DWu0idrDp9Gvluh7
56O04JI7QBcq52fo7BXsjjyH23JpB4nIFbl7cYhl7YK9RPxjxAXmY5j7R0gra41l
qBC3b+DSEjxrYq5MB/LF5HBp4AKEHqrXhZVvY0BywWN1fCzy1FB9J237/ipyn6Bs
/dH0aeQItT/razrRUeFqCm5vtMPdPP8T9Q04xcj0PvtabbWGsLn0AANKdU5xZkK3
bu30d7ahEXjIrJEIFIU2gMZ9kqMiws5L/3x/iQQskNuz
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:09 2024 by rpki-client on console.sobornost.net