Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/60447d-d305-4dea-9daa-26837038c688/1/LBCeZV4CUt43TuXJED82R83lbpY.roa
File: LBCeZV4CUt43TuXJED82R83lbpY.roa (raw, json)
Hash identifier: xFb3QUmSAlRgvHSokgM5sEMWgO5u0h5koE9pGUSQ1qM=
Subject key identifier: 2C:10:9E:65:5E:02:52:DE:37:4E:E5:C9:10:3F:36:47:CD:E5:6E:96
Certificate issuer: /CN=1bbc841b779a2bb2c28a8daee2b2d10d5a7c34d5
Certificate serial: 018CC9BB371C31CA8E34E4E74F793ABB644A
Authority key identifier: 1B:BC:84:1B:77:9A:2B:B2:C2:8A:8D:AE:E2:B2:D1:0D:5A:7C:34:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G7yEG3eaK7LCio2u4rLRDVp8NNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/60447d-d305-4dea-9daa-26837038c688/1/LBCeZV4CUt43TuXJED82R83lbpY.roa
Signing time: Tue 02 Jan 2024 10:32:18 +0000
ROA not before: Tue 02 Jan 2024 10:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56813
IP address blocks: 91.237.88.0/23 maxlen: 24
2001:67c:299c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:37:1c:31:ca:8e:34:e4:e7:4f:79:3a:bb:64:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bbc841b779a2bb2c28a8daee2b2d10d5a7c34d5
Validity
Not Before: Jan 2 10:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c109e655e0252de374ee5c9103f3647cde56e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f8:81:e3:6c:18:9c:c4:c3:ac:79:75:fd:18:
2c:7e:28:85:64:92:d8:97:e3:ce:20:92:f7:67:8d:
60:ec:a0:dc:36:13:5d:ed:4f:0d:3a:f9:b0:c7:55:
35:b3:36:60:bc:19:6a:fc:11:96:78:a5:68:3e:84:
76:f9:9e:1a:7d:15:65:88:c6:e0:32:86:50:e9:74:
ba:a6:23:2d:cf:96:72:ba:9d:0e:91:78:7a:eb:22:
d0:37:d4:72:a8:fb:1f:8b:55:b5:32:10:40:7d:31:
60:f8:90:d1:4b:57:25:bc:52:c8:b8:e8:e2:3c:90:
9f:3e:82:cf:9c:6b:15:56:0e:12:ac:a5:37:5f:23:
a9:f5:e9:8b:98:d8:d4:c4:e4:7b:b0:8c:d0:d4:a4:
a7:70:02:b8:0a:f3:ab:8a:d6:03:36:84:21:61:05:
b9:ea:ad:8f:1d:f8:d0:11:d9:d0:f6:0c:27:c3:bb:
2d:97:88:54:c7:f5:66:e2:2c:05:a4:19:14:73:0d:
88:2a:b3:b4:29:9e:1b:1d:8f:39:33:0c:d8:5b:23:
20:f3:ed:4f:40:76:c9:57:23:22:fc:ca:11:c2:1c:
12:f5:a4:8a:be:6c:ec:4e:31:e5:7b:e1:64:b8:4c:
83:8e:67:77:55:07:f6:76:3d:45:f1:07:e3:bf:6b:
2c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:10:9E:65:5E:02:52:DE:37:4E:E5:C9:10:3F:36:47:CD:E5:6E:96
X509v3 Authority Key Identifier:
keyid:1B:BC:84:1B:77:9A:2B:B2:C2:8A:8D:AE:E2:B2:D1:0D:5A:7C:34:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7yEG3eaK7LCio2u4rLRDVp8NNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/60447d-d305-4dea-9daa-26837038c688/1/LBCeZV4CUt43TuXJED82R83lbpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/60447d-d305-4dea-9daa-26837038c688/1/G7yEG3eaK7LCio2u4rLRDVp8NNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.88.0/23
IPv6:
2001:67c:299c::/48
Signature Algorithm: sha256WithRSAEncryption
26:08:bf:69:1e:3a:bc:59:4e:1a:13:52:b9:6e:1d:06:71:58:
0b:02:96:92:e0:af:68:e0:68:3c:5e:68:05:10:aa:73:84:8b:
ec:57:3d:a7:34:9f:4a:73:02:e2:6a:28:6e:96:d4:21:db:b8:
ea:9a:29:33:0a:59:12:c1:3b:e4:fb:6d:8e:05:e0:b0:1b:04:
e1:bb:7b:70:2e:3c:77:e8:26:29:eb:73:a0:b8:4f:34:cf:de:
50:37:94:05:fc:ef:3d:3a:ce:25:ad:d4:84:9e:e3:98:29:b8:
8d:d2:b8:cb:42:f8:3a:df:b3:22:ad:b0:83:f7:c7:e0:92:59:
35:d0:7f:4a:92:1d:f1:88:e5:7f:89:59:32:16:de:a5:75:0c:
94:de:61:04:6d:1e:ba:02:81:9b:f3:04:11:20:58:d2:a9:98:
03:2f:a9:90:19:a1:49:17:c5:78:5f:b3:fa:f0:bf:53:12:6d:
3d:8f:21:00:55:38:a1:f1:bf:21:dc:96:b1:47:f8:27:eb:89:
74:42:25:40:81:4e:d6:85:24:57:9d:38:76:cc:1d:78:56:b9:
2a:74:ae:36:f7:47:74:60:79:c9:1c:9c:1d:d1:b4:d7:d6:3b:
14:02:18:52:26:10:a2:0d:c5:11:04:39:a3:ca:a5:2f:db:b0:
82:86:36:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJuzccMcqONOTnT3k6u2RKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYmM4NDFiNzc5YTJiYjJjMjhhOGRhZWUyYjJkMTBkNWE3
YzM0ZDUwHhcNMjQwMTAyMTAzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzEwOWU2NTVlMDI1MmRlMzc0ZWU1YzkxMDNmMzY0N2NkZTU2ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PiB42wYnMTDrHl1/RgsfiiFZJLY
l+POIJL3Z41g7KDcNhNd7U8NOvmwx1U1szZgvBlq/BGWeKVoPoR2+Z4afRVliMbg
MoZQ6XS6piMtz5Zyup0OkXh66yLQN9RyqPsfi1W1MhBAfTFg+JDRS1clvFLIuOji
PJCfPoLPnGsVVg4SrKU3XyOp9emLmNjUxOR7sIzQ1KSncAK4CvOritYDNoQhYQW5
6q2PHfjQEdnQ9gwnw7stl4hUx/Vm4iwFpBkUcw2IKrO0KZ4bHY85MwzYWyMg8+1P
QHbJVyMi/MoRwhwS9aSKvmzsTjHle+FkuEyDjmd3VQf2dj1F8Qfjv2ssIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCwQnmVeAlLeN07lyRA/NkfN5W6WMB8GA1UdIwQY
MBaAFBu8hBt3miuywoqNruKy0Q1afDTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzd5RUczZWFLN0xDaW8ydTRyTFJEVnA4Tk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82MDQ0N2QtZDMwNS00ZGVhLTlkYWEt
MjY4MzcwMzhjNjg4LzEvTEJDZVpWNENVdDQzVHVYSkVEODJSODNsYnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82MDQ0N2QtZDMwNS00ZGVhLTlkYWEtMjY4MzcwMzhjNjg4
LzEvRzd5RUczZWFLN0xDaW8ydTRyTFJEVnA4Tk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+1YMA8E
AgACMAkDBwAgAQZ8KZwwDQYJKoZIhvcNAQELBQADggEBACYIv2keOrxZThoTUrlu
HQZxWAsClpLgr2jgaDxeaAUQqnOEi+xXPac0n0pzAuJqKG6W1CHbuOqaKTMKWRLB
O+T7bY4F4LAbBOG7e3AuPHfoJinrc6C4TzTP3lA3lAX87z06ziWt1ISe45gpuI3S
uMtC+DrfsyKtsIP3x+CSWTXQf0qSHfGI5X+JWTIW3qV1DJTeYQRtHroCgZvzBBEg
WNKpmAMvqZAZoUkXxXhfs/rwv1MSbT2PIQBVOKHxvyHclrFH+CfriXRCJUCBTtaF
JFedOHbMHXhWuSp0rjb3R3RgeckcnB3RtNfWOxQCGFImEKINxREEOaPKpS/bsIKG
NuU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:35 2025 by rpki-client