Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/lnHvPK4XzB6Jr_ZBlfBYuIvPYCI.roa
File: lnHvPK4XzB6Jr_ZBlfBYuIvPYCI.roa (raw, json)
Hash identifier: TwjR3vwtuV5XN85QvOb2vT2DTqmVJP0HLrI7pl9jNxk=
Subject key identifier: 96:71:EF:3C:AE:17:CC:1E:89:AF:F6:41:95:F0:58:B8:8B:CF:60:22
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 01857190A6FD174226B5C06944E2B4E9B160
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/lnHvPK4XzB6Jr_ZBlfBYuIvPYCI.roa
Signing time: Mon 02 Jan 2023 08:19:43 +0000
ROA not before: Mon 02 Jan 2023 08:19:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39365
IP address blocks: 185.144.184.0/22 maxlen: 22
79.135.128.0/20 maxlen: 20
79.135.144.0/21 maxlen: 21
79.135.152.0/22 maxlen: 22
79.135.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Feb 2023 11:26:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:90:a6:fd:17:42:26:b5:c0:69:44:e2:b4:e9:b1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Jan 2 08:19:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9671ef3cae17cc1e89aff64195f058b88bcf6022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4e:fe:12:44:da:83:eb:c5:ae:98:82:50:81:
a6:de:d5:83:79:41:db:c0:b3:28:ec:26:fa:2e:c8:
ba:bf:6e:8c:bb:6b:a8:c3:9b:88:7a:c2:c2:1a:ac:
d4:5a:1f:a8:18:79:85:6b:90:7e:e4:7d:f6:e1:ad:
14:77:b6:08:43:a5:23:a3:c7:48:0b:b3:8f:bb:36:
ba:3f:68:e8:74:35:0c:80:c2:3c:e5:84:fc:36:73:
67:0a:eb:2a:ce:14:88:67:a8:8c:18:5c:88:92:b5:
61:04:19:a5:bc:0b:7e:4d:13:11:37:a3:cc:37:18:
4f:10:2e:4d:2e:94:b0:5d:9b:ae:87:ae:7c:21:1f:
90:42:d7:d6:80:45:ae:9d:ad:3e:31:ea:da:93:84:
cb:e6:58:29:cf:c7:d0:c1:dd:6d:c9:d9:3e:9f:af:
ec:59:e0:0f:ec:e2:6b:00:b0:7c:52:78:e1:25:16:
b3:b7:c1:b8:3c:f0:ac:66:8d:c5:1c:d1:5f:7a:0a:
27:68:b6:ad:ec:2b:a5:00:ca:21:e2:87:67:c1:1d:
d0:80:4e:6c:7b:14:fc:6c:02:19:22:ca:e8:23:b9:
11:71:ce:00:d3:9b:1d:e6:29:8d:9f:59:3a:26:10:
7d:7d:b9:07:ba:c6:66:62:3a:32:a6:d5:ce:b0:e1:
e0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:71:EF:3C:AE:17:CC:1E:89:AF:F6:41:95:F0:58:B8:8B:CF:60:22
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/lnHvPK4XzB6Jr_ZBlfBYuIvPYCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.128.0/19
185.144.184.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:ba:d1:b5:03:2a:ee:04:76:d2:21:be:bc:6d:54:b2:c8:74:
b5:a7:4b:11:45:d8:71:87:78:c6:58:57:b7:ea:80:2d:32:41:
5d:68:7d:8e:be:1c:f7:21:b7:29:96:0e:0a:48:d2:51:18:12:
21:14:54:78:67:98:46:a4:14:c8:11:08:03:38:b8:85:b8:89:
e9:08:8a:2a:90:d6:38:dc:a8:03:86:aa:ae:38:38:c4:38:36:
ba:0b:bf:dd:46:e2:33:3d:04:64:5f:7a:b2:ad:8c:69:9d:03:
f9:e6:99:b6:d7:37:2b:39:02:cd:43:97:00:20:1e:18:7d:33:
c6:07:a8:c0:a1:a8:c4:61:e7:b0:73:58:5f:7a:ea:30:2b:62:
a4:77:29:32:91:90:69:eb:42:d6:b1:9b:2a:b3:32:36:8f:55:
cc:af:19:4c:4d:ed:cd:da:6e:5a:b7:a1:62:56:20:d3:0d:f3:
bb:bf:c9:2c:c4:65:96:ec:c2:d1:aa:01:e5:7d:a3:67:2c:46:
df:71:7b:b7:44:ad:fb:d3:52:b4:63:2f:de:21:5b:52:fb:24:
88:2f:b1:8d:b5:4b:56:67:5c:c8:a2:92:7a:7f:18:d0:b0:f2:
9d:b4:ad:96:e1:78:a7:30:b0:90:82:d5:b5:cf:dd:18:88:ee:
6a:ff:d2:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxkKb9F0ImtcBpROK06bFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjMwMTAyMDgxOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjcxZWYzY2FlMTdjYzFlODlhZmY2NDE5NWYwNThiODhiY2Y2MDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk7+EkTag+vFrpiCUIGm3tWDeUHb
wLMo7Cb6Lsi6v26Mu2uow5uIesLCGqzUWh+oGHmFa5B+5H324a0Ud7YIQ6Ujo8dI
C7OPuza6P2jodDUMgMI85YT8NnNnCusqzhSIZ6iMGFyIkrVhBBmlvAt+TRMRN6PM
NxhPEC5NLpSwXZuuh658IR+QQtfWgEWuna0+Merak4TL5lgpz8fQwd1tydk+n6/s
WeAP7OJrALB8UnjhJRazt8G4PPCsZo3FHNFfegonaLat7CulAMoh4odnwR3QgE5s
exT8bAIZIsroI7kRcc4A05sd5imNn1k6JhB9fbkHusZmYjoyptXOsOHg6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJZx7zyuF8weia/2QZXwWLiLz2AiMB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvbG5IdlBLNFh6QjZKcl9aQmxmQll1SXZQWUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFT4eAAwQC
uZC4MA0GCSqGSIb3DQEBCwUAA4IBAQALutG1AyruBHbSIb68bVSyyHS1p0sRRdhx
h3jGWFe36oAtMkFdaH2Ovhz3Ibcplg4KSNJRGBIhFFR4Z5hGpBTIEQgDOLiFuInp
CIoqkNY43KgDhqquODjEODa6C7/dRuIzPQRkX3qyrYxpnQP55pm21zcrOQLNQ5cA
IB4YfTPGB6jAoajEYeewc1hfeuowK2KkdykykZBp60LWsZsqszI2j1XMrxlMTe3N
2m5at6FiViDTDfO7v8ksxGWW7MLRqgHlfaNnLEbfcXu3RK3701K0Yy/eIVtS+ySI
L7GNtUtWZ1zIopJ6fxjQsPKdtK2W4XinMLCQgtW1z90YiO5q/9Js
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:27 2024 by rpki-client on console-fra.rpki-client.org