Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/lcSjW9ZQXGgk7zXSFNttPfQTpw4.roa
File: lcSjW9ZQXGgk7zXSFNttPfQTpw4.roa (raw, json)
Hash identifier: M8ch8dJHjb3tx8E5kV1vubF8npJ+kDBulTkZhMCEq1g=
Subject key identifier: 95:C4:A3:5B:D6:50:5C:68:24:EF:35:D2:14:DB:6D:3D:F4:13:A7:0E
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 01856E6FA9811FD496D1D96F57E3BB12D19E
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/lcSjW9ZQXGgk7zXSFNttPfQTpw4.roa
Signing time: Sun 01 Jan 2023 17:44:49 +0000
ROA not before: Sun 01 Jan 2023 17:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205892
IP address blocks: 185.190.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jan 2023 09:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a9:81:1f:d4:96:d1:d9:6f:57:e3:bb:12:d1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Jan 1 17:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95c4a35bd6505c6824ef35d214db6d3df413a70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:10:b9:8a:47:b6:c7:94:23:ac:71:7c:a0:db:
21:5c:7b:85:f9:ce:39:69:b1:00:29:80:6e:4a:81:
be:36:ac:5d:85:91:41:ef:46:fb:01:ee:95:f4:17:
9a:b6:17:14:b6:4a:0f:83:f1:10:d0:3e:ae:bd:7d:
b2:22:ec:86:14:fa:76:15:94:81:07:fe:99:7b:08:
b8:30:90:02:7b:ec:7b:ac:df:89:2b:8b:b1:47:ca:
f8:57:3a:3d:41:fb:95:f2:19:25:a5:03:47:07:3d:
48:84:d0:b2:37:67:77:50:3a:48:46:fe:de:66:8c:
c5:13:46:e1:c1:10:34:11:3d:e1:c9:dc:be:4f:08:
9b:6c:b6:3c:7f:5b:c0:f0:d1:1f:b1:96:c0:f0:ec:
d0:8f:fe:44:99:02:4c:50:3c:3b:6d:60:71:ce:25:
1c:57:19:38:46:a8:11:0f:92:27:7d:23:09:fc:52:
f2:50:76:06:64:6d:81:ea:fe:cc:88:45:6e:0d:c1:
ee:87:15:a0:50:92:f5:a9:cf:8a:dd:61:41:82:41:
b4:0d:ed:69:c3:cc:f6:b9:a9:f8:c9:84:db:80:bb:
c6:07:eb:71:92:c5:4a:0c:e6:22:10:a2:4c:1f:db:
fe:5a:ef:47:d0:e9:71:46:d5:78:e4:c9:80:51:aa:
8f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C4:A3:5B:D6:50:5C:68:24:EF:35:D2:14:DB:6D:3D:F4:13:A7:0E
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/lcSjW9ZQXGgk7zXSFNttPfQTpw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.72.0/22
Signature Algorithm: sha256WithRSAEncryption
78:c9:da:fb:5d:7c:97:78:c7:85:1d:04:ca:29:55:f8:5b:87:
1d:07:62:bc:6e:08:f4:3b:bb:cc:7e:8f:ac:3c:40:87:8b:3c:
9f:1d:8f:51:16:45:8e:ae:2e:93:90:38:ac:b9:be:a2:ce:cd:
c8:f9:e1:54:af:71:fc:4d:7b:08:65:1e:ad:4b:ec:40:75:d2:
0a:1c:7b:2a:fb:94:61:63:ba:9e:86:9a:f5:a6:f1:61:b2:47:
ef:18:c6:7b:5e:45:42:81:ae:66:49:89:65:82:03:db:db:47:
cb:ad:25:47:b5:fc:e3:01:06:bb:bb:fa:1a:c8:38:f9:a2:7d:
55:81:79:19:1b:a6:1f:62:13:57:1c:29:43:3f:02:47:c0:e1:
9e:c5:b9:5c:63:2e:8b:79:68:7d:ab:b9:bc:28:b5:26:d6:17:
96:fe:3b:ee:68:f1:a7:e0:76:a3:7f:f1:84:a7:fe:87:e1:93:
ef:1d:7e:68:0d:86:bd:00:e6:45:2a:75:17:5d:9c:87:43:30:
27:c9:93:cf:2d:3c:2a:77:61:a3:0d:8e:61:97:70:1e:8f:ad:
fb:bb:55:98:48:38:d2:0f:d8:c4:67:83:48:17:f0:d5:e0:78:
85:f8:05:ef:ed:10:40:9d:6f:a3:50:d4:e2:7e:3d:cf:f7:63:
50:72:ab:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub6mBH9SW0dlvV+O7EtGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjMwMTAxMTc0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM0YTM1YmQ2NTA1YzY4MjRlZjM1ZDIxNGRiNmQzZGY0MTNhNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBC5ike2x5QjrHF8oNshXHuF+c45
abEAKYBuSoG+NqxdhZFB70b7Ae6V9BeathcUtkoPg/EQ0D6uvX2yIuyGFPp2FZSB
B/6Zewi4MJACe+x7rN+JK4uxR8r4Vzo9QfuV8hklpQNHBz1IhNCyN2d3UDpIRv7e
ZozFE0bhwRA0ET3hydy+TwibbLY8f1vA8NEfsZbA8OzQj/5EmQJMUDw7bWBxziUc
Vxk4RqgRD5InfSMJ/FLyUHYGZG2B6v7MiEVuDcHuhxWgUJL1qc+K3WFBgkG0De1p
w8z2uan4yYTbgLvGB+txksVKDOYiEKJMH9v+Wu9H0OlxRtV45MmAUaqPFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXEo1vWUFxoJO810hTbbT30E6cOMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvbGNTalc5WlFYR2drN3pYU0ZOdHRQZlFUcHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub5IMA0G
CSqGSIb3DQEBCwUAA4IBAQB4ydr7XXyXeMeFHQTKKVX4W4cdB2K8bgj0O7vMfo+s
PECHizyfHY9RFkWOri6TkDisub6izs3I+eFUr3H8TXsIZR6tS+xAddIKHHsq+5Rh
Y7qehpr1pvFhskfvGMZ7XkVCga5mSYllggPb20fLrSVHtfzjAQa7u/oayDj5on1V
gXkZG6YfYhNXHClDPwJHwOGexblcYy6LeWh9q7m8KLUm1heW/jvuaPGn4Hajf/GE
p/6H4ZPvHX5oDYa9AOZFKnUXXZyHQzAnyZPPLTwqd2GjDY5hl3Aej637u1WYSDjS
D9jEZ4NIF/DV4HiF+AXv7RBAnW+jUNTifj3P92NQcqsK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:00 2024 by rpki-client on console-ams.rpki-client.org