Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/LBMCPLWcSBaFW4dZam39r9ooNoA.roa
File: LBMCPLWcSBaFW4dZam39r9ooNoA.roa (raw, json)
Hash identifier: RYVwqcDqz+UlKW2BvV5cX6avB8dKJA6MYk8HVIKmuMo=
Subject key identifier: 2C:13:02:3C:B5:9C:48:16:85:5B:87:59:6A:6D:FD:AF:DA:28:36:80
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0188705C6B85DF7560023F72BF56CEF1E510
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/LBMCPLWcSBaFW4dZam39r9ooNoA.roa
Signing time: Wed 31 May 2023 05:51:24 +0000
ROA not before: Wed 31 May 2023 05:51:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4651
IP address blocks: 163.171.105.0/24 maxlen: 24
163.171.108.0/24 maxlen: 24
163.171.106.0/24 maxlen: 24
163.171.121.0/24 maxlen: 24
163.171.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:70:5c:6b:85:df:75:60:02:3f:72:bf:56:ce:f1:e5:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: May 31 05:51:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c13023cb59c4816855b87596a6dfdafda283680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6d:b5:98:ae:8e:d4:c3:8a:9d:86:9a:12:73:
9d:58:f9:c6:42:8b:39:a4:c6:8c:87:5c:e9:bd:3b:
b1:f0:2e:c2:3e:c5:37:67:b5:15:91:d6:ec:28:8b:
90:7e:69:97:62:a9:88:57:e5:37:66:3d:11:3b:25:
e3:d4:6a:8e:ae:2a:22:0d:f0:ca:74:cc:63:30:23:
a1:f6:75:78:5f:38:c6:82:63:99:25:cf:e2:fc:a2:
0a:42:59:57:88:80:f5:1b:eb:69:aa:83:fc:fd:08:
dc:ca:03:d0:98:cb:88:b5:98:5d:21:1e:70:b2:0e:
1c:ef:20:aa:8b:76:6d:54:10:c3:83:0f:d8:03:d1:
c4:2d:8c:19:06:e9:54:cd:19:ee:73:2a:a1:e7:2a:
e3:32:f0:43:66:2f:91:b7:1b:17:c3:46:2c:e7:14:
2a:28:fb:23:9b:ae:10:aa:5d:de:90:33:6f:e9:68:
66:a8:5c:1e:13:ba:92:ad:31:40:21:3c:fe:fc:2c:
70:7b:f4:1c:c3:1f:d3:e9:c6:18:4a:bc:68:e5:0d:
3f:47:69:ac:53:24:7c:11:80:a3:df:93:ff:42:33:
29:7e:f5:c1:e3:8a:0e:4e:b4:c8:ec:db:e7:36:19:
12:56:82:82:b3:82:c7:9d:d0:ca:bc:08:a0:19:a4:
ff:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:13:02:3C:B5:9C:48:16:85:5B:87:59:6A:6D:FD:AF:DA:28:36:80
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/LBMCPLWcSBaFW4dZam39r9ooNoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.171.105.0-163.171.106.255
163.171.108.0/24
163.171.120.0/23
Signature Algorithm: sha256WithRSAEncryption
16:7c:d4:80:a4:4d:cc:d2:08:90:cb:f2:13:7a:8c:40:92:30:
a0:12:03:0a:68:59:a3:fb:01:fa:50:20:cb:f0:0b:e6:7e:fd:
e5:e7:53:5c:b1:5e:32:61:f1:47:ef:45:24:1b:56:fc:c9:19:
21:ce:ab:a1:3b:4c:80:28:dd:d1:77:bb:9d:4c:7c:75:ea:21:
fb:0a:3b:85:44:30:f9:dd:c4:8d:c8:1b:10:22:f9:4c:54:ee:
de:94:3b:cd:43:e3:c9:ea:41:98:cc:0a:ce:2d:02:d6:76:35:
15:dc:05:fb:0c:d3:9b:93:d8:69:83:c5:77:44:86:84:6a:9c:
ab:17:ab:55:54:77:8c:64:4c:43:ef:31:9b:dd:4b:b4:ea:80:
d8:a7:ca:30:88:ff:01:d1:ce:72:b8:94:b0:b5:c9:7d:06:38:
c4:69:9c:f4:eb:9d:7f:37:86:5f:22:9c:01:48:92:b3:68:19:
65:52:03:46:1e:81:4a:68:02:7e:4c:d5:88:14:57:46:8d:da:
ac:f4:d9:14:6f:8e:7d:d7:7e:87:c8:26:78:56:17:e7:6c:0a:
b6:61:3b:6b:b9:eb:a6:ce:82:d8:a7:4b:7f:0d:b8:5b:69:f8:
82:de:19:a9:6b:5d:d2:7f:fb:44:ec:5f:a4:cf:1e:55:fe:b4:
1b:64:bf:7c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYhwXGuF33VgAj9yv1bO8eUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwNTMxMDU1MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzEzMDIzY2I1OWM0ODE2ODU1Yjg3NTk2YTZkZmRhZmRhMjgzNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm21mK6O1MOKnYaaEnOdWPnGQos5
pMaMh1zpvTux8C7CPsU3Z7UVkdbsKIuQfmmXYqmIV+U3Zj0ROyXj1GqOrioiDfDK
dMxjMCOh9nV4XzjGgmOZJc/i/KIKQllXiID1G+tpqoP8/QjcygPQmMuItZhdIR5w
sg4c7yCqi3ZtVBDDgw/YA9HELYwZBulUzRnucyqh5yrjMvBDZi+RtxsXw0Ys5xQq
KPsjm64Qql3ekDNv6WhmqFweE7qSrTFAITz+/Cxwe/Qcwx/T6cYYSrxo5Q0/R2ms
UyR8EYCj35P/QjMpfvXB44oOTrTI7NvnNhkSVoKCs4LHndDKvAigGaT/gwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCwTAjy1nEgWhVuHWWpt/a/aKDaAMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvTEJNQ1BMV2NTQmFGVzRkWmFtMzlyOW9vTm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACjq2kD
BACjq2oDBACjq2wDBAGjq3gwDQYJKoZIhvcNAQELBQADggEBABZ81ICkTczSCJDL
8hN6jECSMKASAwpoWaP7AfpQIMvwC+Z+/eXnU1yxXjJh8UfvRSQbVvzJGSHOq6E7
TIAo3dF3u51MfHXqIfsKO4VEMPndxI3IGxAi+UxU7t6UO81D48nqQZjMCs4tAtZ2
NRXcBfsM05uT2GmDxXdEhoRqnKsXq1VUd4xkTEPvMZvdS7TqgNinyjCI/wHRznK4
lLC1yX0GOMRpnPTrnX83hl8inAFIkrNoGWVSA0YegUpoAn5M1YgUV0aN2qz02RRv
jn3XfofIJnhWF+dsCrZhO2u566bOgtinS38NuFtp+ILeGalrXdJ/+0TsX6TPHlX+
tBtkv3w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org