Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/LUjDiX50WGhpTdTyhvBrf4IAcKc.roa
File: LUjDiX50WGhpTdTyhvBrf4IAcKc.roa (raw, json)
Hash identifier: B6YVtEG15SagsLVS+qHcy2JKO3t5z3t7S8Fax93sBOk=
Subject key identifier: 2D:48:C3:89:7E:74:58:68:69:4D:D4:F2:86:F0:6B:7F:82:00:70:A7
Certificate issuer: /CN=9c721ac807a326f871bbaa184963cd602b5cc2d6
Certificate serial: 018570671712B48170E62EC8AF6E0F37C583
Authority key identifier: 9C:72:1A:C8:07:A3:26:F8:71:BB:AA:18:49:63:CD:60:2B:5C:C2:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/LUjDiX50WGhpTdTyhvBrf4IAcKc.roa
Signing time: Mon 02 Jan 2023 02:54:42 +0000
ROA not before: Mon 02 Jan 2023 02:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50877
IP address blocks: 159.255.128.0/21 maxlen: 21
185.182.208.0/22 maxlen: 22
2a0a:f980::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:17:12:b4:81:70:e6:2e:c8:af:6e:0f:37:c5:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c721ac807a326f871bbaa184963cd602b5cc2d6
Validity
Not Before: Jan 2 02:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d48c3897e745868694dd4f286f06b7f820070a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d6:95:24:09:1a:c3:13:27:e4:8f:2f:53:06:
64:e1:31:a1:ec:16:1b:3b:4f:b2:15:35:4e:b1:3c:
68:1e:a5:e8:b9:31:15:22:e6:e8:ca:f4:9c:df:9d:
c7:eb:54:7e:d0:05:1e:8d:47:1f:69:2b:2d:43:89:
54:18:57:a9:97:9e:04:8a:1a:c2:6c:8b:4a:69:03:
ee:36:a9:7d:7b:c5:30:32:10:3a:4a:18:d0:86:1d:
49:b8:a7:86:e1:39:fe:6a:c8:83:4c:34:70:fe:2b:
65:e6:9b:06:14:54:24:13:f0:2d:f9:df:e4:96:e0:
de:b3:22:d2:33:0e:72:40:17:21:cc:8f:c3:d8:89:
c7:04:d1:ce:01:c6:d5:96:6e:9e:07:50:f1:50:56:
7f:1e:38:6b:02:e3:0f:40:09:a4:5b:d2:bd:d2:ea:
1c:97:4f:57:1d:be:48:33:35:66:99:de:df:56:7b:
b6:a4:66:17:8a:41:66:01:78:7f:3c:45:ef:07:be:
36:88:37:a1:5e:8e:ba:e0:10:e0:20:30:0b:a5:23:
c7:42:e7:23:31:07:40:c3:2d:c4:ee:78:71:c7:17:
6e:4d:c3:95:0e:03:32:35:06:cd:59:b0:fe:30:78:
cc:2d:fd:78:60:eb:93:45:e8:a0:4a:b2:e8:b3:be:
90:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:48:C3:89:7E:74:58:68:69:4D:D4:F2:86:F0:6B:7F:82:00:70:A7
X509v3 Authority Key Identifier:
keyid:9C:72:1A:C8:07:A3:26:F8:71:BB:AA:18:49:63:CD:60:2B:5C:C2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/LUjDiX50WGhpTdTyhvBrf4IAcKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/nHIayAejJvhxu6oYSWPNYCtcwtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.128.0/21
185.182.208.0/22
IPv6:
2a0a:f980::/29
Signature Algorithm: sha256WithRSAEncryption
0b:9f:df:f5:96:e4:f5:8d:bf:96:f5:75:e4:a5:a0:9c:0e:c3:
a9:5e:86:d5:0e:9d:9f:09:29:9b:48:e5:f7:c2:db:23:81:71:
d2:33:18:63:34:f2:2c:82:5b:01:77:22:8d:d5:6d:c3:fe:02:
1c:aa:78:c8:26:e6:51:2a:e3:c0:e8:40:c3:a3:99:ca:94:f1:
2c:11:40:f9:9b:49:8d:5a:a9:2a:7e:33:ec:1d:e8:47:ef:c5:
16:66:28:aa:54:e7:f9:9c:9e:80:fa:44:42:5c:a6:6d:12:e0:
65:e8:51:8e:ec:57:d1:37:41:ba:f9:8f:9e:2d:5c:65:19:8e:
c3:38:54:d1:74:98:a6:87:a3:55:42:9a:b2:3f:01:2a:9d:23:
56:70:f1:e1:89:6c:ca:fa:73:bf:d3:35:e4:06:53:7e:77:70:
14:28:89:a6:ed:c9:f9:3c:16:80:95:8a:e8:c5:73:24:aa:34:
d8:78:98:e8:48:c7:38:82:ba:df:4d:39:1c:34:54:45:04:9e:
d5:93:3c:a6:a1:f9:b5:d4:7e:00:c2:7f:7a:ed:b7:d4:c2:74:
82:fe:23:aa:f9:db:70:1f:43:26:b1:a5:da:c7:76:b9:55:3f:
e7:0d:3d:d1:d4:18:28:97:ba:27:eb:36:24:de:e6:38:1c:61:
66:12:c8:9c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwZxcStIFw5i7Ir24PN8WDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzIxYWM4MDdhMzI2Zjg3MWJiYWExODQ5NjNjZDYwMmI1
Y2MyZDYwHhcNMjMwMTAyMDI1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDQ4YzM4OTdlNzQ1ODY4Njk0ZGQ0ZjI4NmYwNmI3ZjgyMDA3MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNaVJAkawxMn5I8vUwZk4TGh7BYb
O0+yFTVOsTxoHqXouTEVIuboyvSc353H61R+0AUejUcfaSstQ4lUGFepl54EihrC
bItKaQPuNql9e8UwMhA6ShjQhh1JuKeG4Tn+asiDTDRw/itl5psGFFQkE/At+d/k
luDesyLSMw5yQBchzI/D2InHBNHOAcbVlm6eB1DxUFZ/HjhrAuMPQAmkW9K90uoc
l09XHb5IMzVmmd7fVnu2pGYXikFmAXh/PEXvB742iDehXo664BDgIDALpSPHQucj
MQdAwy3E7nhxxxduTcOVDgMyNQbNWbD+MHjMLf14YOuTReigSrLos76QKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC1Iw4l+dFhoaU3U8obwa3+CAHCnMB8GA1UdIwQY
MBaAFJxyGsgHoyb4cbuqGEljzWArXMLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhJYXlBZWpKdmh4dTZvWVNXUE5ZQ3Rjd3RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NjQyNjAtOGQ3ZS00NTA3LWI0NGIt
Mjg2NDcwN2IyYjNmLzEvTFVqRGlYNTBXR2hwVGRUeWh2QnJmNElBY0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80NjQyNjAtOGQ3ZS00NTA3LWI0NGItMjg2NDcwN2IyYjNm
LzEvbkhJYXlBZWpKdmh4dTZvWVNXUE5ZQ3Rjd3RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDn/+AAwQC
ubbQMA0EAgACMAcDBQMqCvmAMA0GCSqGSIb3DQEBCwUAA4IBAQALn9/1luT1jb+W
9XXkpaCcDsOpXobVDp2fCSmbSOX3wtsjgXHSMxhjNPIsglsBdyKN1W3D/gIcqnjI
JuZRKuPA6EDDo5nKlPEsEUD5m0mNWqkqfjPsHehH78UWZiiqVOf5nJ6A+kRCXKZt
EuBl6FGO7FfRN0G6+Y+eLVxlGY7DOFTRdJimh6NVQpqyPwEqnSNWcPHhiWzK+nO/
0zXkBlN+d3AUKImm7cn5PBaAlYroxXMkqjTYeJjoSMc4grrfTTkcNFRFBJ7Vkzym
ofm11H4Awn967bfUwnSC/iOq+dtwH0MmsaXax3a5VT/nDT3R1Bgol7on6zYk3uY4
HGFmEsic
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:47 2024 by rpki-client on console-ams.rpki-client.org