Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/LeBgyqDoTlwXeysZUIlpcOKM7WA.roa
File: LeBgyqDoTlwXeysZUIlpcOKM7WA.roa (raw, json)
Hash identifier: riRjWP0jDf34ETosAwZz8tRXuj4mm16kt4V/GEkmhSI=
Subject key identifier: 2D:E0:60:CA:A0:E8:4E:5C:17:7B:2B:19:50:89:69:70:E2:8C:ED:60
Certificate issuer: /CN=8323b9731b196b1acbc829f5b28b325fd9d3e3d4
Certificate serial: 01856EC1FF9ABF2935CA6E36D0296D1A32C4
Authority key identifier: 83:23:B9:73:1B:19:6B:1A:CB:C8:29:F5:B2:8B:32:5F:D9:D3:E3:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyO5cxsZaxrLyCn1sosyX9nT49Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/LeBgyqDoTlwXeysZUIlpcOKM7WA.roa
Signing time: Sun 01 Jan 2023 19:14:45 +0000
ROA not before: Sun 01 Jan 2023 19:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206332
IP address blocks: 185.171.201.0/24 maxlen: 24
185.146.47.0/24 maxlen: 24
185.146.46.0/24 maxlen: 24
2a07:4d80::/32 maxlen: 32
2a10:55c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:ff:9a:bf:29:35:ca:6e:36:d0:29:6d:1a:32:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8323b9731b196b1acbc829f5b28b325fd9d3e3d4
Validity
Not Before: Jan 1 19:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2de060caa0e84e5c177b2b1950896970e28ced60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:84:82:06:cd:2f:41:bf:7d:40:f5:9c:61:36:
c3:1a:73:73:34:c7:cf:d7:42:8d:32:84:72:82:c3:
d9:e9:25:71:dc:32:98:bc:17:04:fa:63:cc:a2:55:
65:d1:47:0f:f4:6c:9f:ee:10:23:0e:18:c4:d4:d8:
21:8b:b1:b7:ac:15:2b:d1:52:da:02:07:00:61:98:
16:43:90:6a:ae:4a:ca:2e:b7:a9:ec:8e:57:cc:1e:
75:c1:ee:24:3b:75:ab:87:ba:b2:f0:f0:a9:63:65:
71:f1:6c:61:40:b4:b6:a1:10:7c:7a:68:83:01:26:
36:6c:5f:cd:4d:a1:b8:7a:9b:92:06:a0:04:74:26:
83:4b:49:d9:c4:ef:cd:fc:ee:4a:e1:e2:d3:24:f1:
01:c5:77:ff:45:5f:9b:0e:fb:df:40:56:4f:9c:0b:
c6:95:6a:9e:98:31:71:45:85:a1:c4:f2:f6:1e:74:
32:7b:2f:79:2e:e8:57:ab:00:79:27:11:3e:1d:a1:
ff:f1:cf:f1:11:a8:b6:a5:ef:80:b8:ab:05:80:84:
0b:fd:7b:d5:74:4f:51:53:1a:e3:90:14:1b:4d:3c:
3e:ad:72:3b:75:56:cf:4f:39:c3:a8:4d:87:90:78:
0e:d1:ff:0f:e3:b7:1b:bc:53:1d:94:58:7c:f4:96:
df:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E0:60:CA:A0:E8:4E:5C:17:7B:2B:19:50:89:69:70:E2:8C:ED:60
X509v3 Authority Key Identifier:
keyid:83:23:B9:73:1B:19:6B:1A:CB:C8:29:F5:B2:8B:32:5F:D9:D3:E3:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyO5cxsZaxrLyCn1sosyX9nT49Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/LeBgyqDoTlwXeysZUIlpcOKM7WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/gyO5cxsZaxrLyCn1sosyX9nT49Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.46.0/23
185.171.201.0/24
IPv6:
2a07:4d80::/32
2a10:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:3a:4b:23:30:fe:35:bc:bd:3b:cf:f8:16:5d:90:0c:1a:f8:
9e:c2:97:a2:90:d6:26:e8:66:0a:dd:41:1e:35:c9:0d:d5:1b:
14:c6:59:22:29:86:64:15:50:4f:c6:78:3d:f3:4c:4f:66:54:
9c:c3:71:b8:57:36:8e:15:68:82:8d:b0:37:22:fa:19:54:0f:
29:86:d6:88:30:48:02:92:3d:78:1c:e8:d6:b9:95:16:6c:ae:
8b:44:65:56:06:51:78:6b:bb:14:e0:64:67:2c:81:e7:da:43:
2a:d2:c1:87:f4:65:61:14:3b:4d:ee:0f:9a:66:90:4a:39:54:
15:c2:29:1a:c2:ae:a8:93:51:34:86:19:ec:2c:98:b0:54:3f:
51:bc:5e:09:dd:aa:d9:b2:69:9c:7c:b7:f5:71:9d:8c:e4:87:
a0:86:67:77:3d:9a:c7:03:ee:ff:14:b7:58:0e:49:5d:7e:95:
62:d8:eb:0e:91:a6:bf:0a:c4:d7:08:c2:ab:31:ca:e6:8d:9d:
78:bd:ec:a7:3b:b2:46:05:c4:9b:a1:f9:05:9a:3d:9d:a4:3b:
db:cc:91:28:c8:05:09:3d:4e:3f:d8:e9:de:58:20:1a:29:e9:
54:7f:de:bf:89:fd:0f:b7:8f:a0:04:1e:43:83:a5:1c:3c:52:
67:b2:70:f8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVuwf+avyk1ym420CltGjLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjNiOTczMWIxOTZiMWFjYmM4MjlmNWIyOGIzMjVmZDlk
M2UzZDQwHhcNMjMwMTAxMTkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGUwNjBjYWEwZTg0ZTVjMTc3YjJiMTk1MDg5Njk3MGUyOGNlZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4SCBs0vQb99QPWcYTbDGnNzNMfP
10KNMoRygsPZ6SVx3DKYvBcE+mPMolVl0UcP9Gyf7hAjDhjE1Nghi7G3rBUr0VLa
AgcAYZgWQ5BqrkrKLrep7I5XzB51we4kO3Wrh7qy8PCpY2Vx8WxhQLS2oRB8emiD
ASY2bF/NTaG4epuSBqAEdCaDS0nZxO/N/O5K4eLTJPEBxXf/RV+bDvvfQFZPnAvG
lWqemDFxRYWhxPL2HnQyey95LuhXqwB5JxE+HaH/8c/xEai2pe+AuKsFgIQL/XvV
dE9RUxrjkBQbTTw+rXI7dVbPTznDqE2HkHgO0f8P47cbvFMdlFh89JbfuwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFC3gYMqg6E5cF3srGVCJaXDijO1gMB8GA1UdIwQY
MBaAFIMjuXMbGWsay8gp9bKLMl/Z0+PUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lPNWN4c1pheHJMeUNuMXNvc3lYOW5UNDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kYTFmMjMtMzY5NC00ZjU5LTg1Y2Yt
Y2ExZTVmMDgxOTUwLzEvTGVCZ3lxRG9UbHdYZXlzWlVJbHBjT0tNN1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kYTFmMjMtMzY5NC00ZjU5LTg1Y2YtY2ExZTVmMDgxOTUw
LzEvZ3lPNWN4c1pheHJMeUNuMXNvc3lYOW5UNDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBuZIuAwQA
uavJMBQEAgACMA4DBQAqB02AAwUDKhBVwDANBgkqhkiG9w0BAQsFAAOCAQEAOTpL
IzD+Nby9O8/4Fl2QDBr4nsKXopDWJuhmCt1BHjXJDdUbFMZZIimGZBVQT8Z4PfNM
T2ZUnMNxuFc2jhVogo2wNyL6GVQPKYbWiDBIApI9eBzo1rmVFmyui0RlVgZReGu7
FOBkZyyB59pDKtLBh/RlYRQ7Te4PmmaQSjlUFcIpGsKuqJNRNIYZ7CyYsFQ/Ubxe
Cd2q2bJpnHy39XGdjOSHoIZndz2axwPu/xS3WA5JXX6VYtjrDpGmvwrE1wjCqzHK
5o2deL3spzuyRgXEm6H5BZo9naQ728yRKMgFCT1OP9jp3lggGinpVH/ev4n9D7eP
oAQeQ4OlHDxSZ7Jw+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:23 2024 by rpki-client on console-fra.rpki-client.org