Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/lcmiKdlu0bZDgnzCxE0Kd2B-K7c.roa
File: lcmiKdlu0bZDgnzCxE0Kd2B-K7c.roa (raw, json)
Hash identifier: pSUwRdoGLs8a8b5DsmRwcPEDVd5+IZQ7RmkDodKUsuk=
Subject key identifier: 95:C9:A2:29:D9:6E:D1:B6:43:82:7C:C2:C4:4D:0A:77:60:7E:2B:B7
Certificate issuer: /CN=e0e92a788a41057d27764f16f3b1d2a3ef6345d6
Certificate serial: 01856EC2252516BE314A8D9A00EAAF0D4D5F
Authority key identifier: E0:E9:2A:78:8A:41:05:7D:27:76:4F:16:F3:B1:D2:A3:EF:63:45:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4OkqeIpBBX0ndk8W87HSo-9jRdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/lcmiKdlu0bZDgnzCxE0Kd2B-K7c.roa
Signing time: Sun 01 Jan 2023 19:14:55 +0000
ROA not before: Sun 01 Jan 2023 19:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35157
IP address blocks: 85.119.136.0/23 maxlen: 23
85.119.138.0/24 maxlen: 24
85.119.142.0/24 maxlen: 24
85.119.141.0/24 maxlen: 24
85.119.140.0/24 maxlen: 24
2a01:8d80::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:25:25:16:be:31:4a:8d:9a:00:ea:af:0d:4d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0e92a788a41057d27764f16f3b1d2a3ef6345d6
Validity
Not Before: Jan 1 19:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95c9a229d96ed1b643827cc2c44d0a77607e2bb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c4:3d:5a:dd:f2:79:da:47:c2:8c:89:b9:ee:
30:62:d1:77:36:ea:84:36:90:cc:0f:4d:3a:82:e2:
d9:4d:23:9d:d3:2f:01:9a:05:41:8a:9a:9a:07:f0:
ee:6f:68:e9:a3:b0:96:3c:76:be:ee:06:9e:75:9b:
a1:85:ff:ee:65:4f:c4:9c:97:ea:61:41:ae:f7:db:
ab:01:40:ae:1e:22:c5:eb:9a:b7:52:c3:b5:f5:8b:
76:10:b0:46:b0:fc:e1:33:34:b8:e0:93:64:af:c5:
70:dc:b5:f2:10:0e:c5:7d:fa:a0:54:9b:6b:7a:d5:
b0:42:fb:9f:14:23:0d:19:ba:95:de:ed:98:b8:5e:
91:27:f1:9e:35:76:83:5b:fa:e0:5d:92:0f:3a:83:
79:0d:78:9d:34:eb:e4:aa:ec:01:5b:74:8b:99:d4:
2f:a3:7f:5b:24:3d:17:f8:8b:d9:07:1d:f5:79:29:
15:53:06:b4:e5:48:1b:5f:bc:6a:b1:36:98:9e:f5:
e5:b5:58:de:3e:98:52:cf:3a:5d:ed:d4:5a:79:91:
3b:a5:6a:2d:f9:71:b3:9e:b3:1c:1f:c4:4f:ec:44:
b6:e3:ba:5f:13:75:d8:5a:39:05:0e:76:66:b9:77:
17:a2:dd:a4:62:c5:75:ed:f2:87:f6:49:1c:f2:f3:
b0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C9:A2:29:D9:6E:D1:B6:43:82:7C:C2:C4:4D:0A:77:60:7E:2B:B7
X509v3 Authority Key Identifier:
keyid:E0:E9:2A:78:8A:41:05:7D:27:76:4F:16:F3:B1:D2:A3:EF:63:45:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4OkqeIpBBX0ndk8W87HSo-9jRdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/lcmiKdlu0bZDgnzCxE0Kd2B-K7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/4OkqeIpBBX0ndk8W87HSo-9jRdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.136.0-85.119.138.255
85.119.140.0-85.119.142.255
IPv6:
2a01:8d80::/48
Signature Algorithm: sha256WithRSAEncryption
26:54:66:36:75:05:28:86:fb:dd:89:d6:18:0a:01:61:ca:5f:
64:fa:73:5d:4f:12:05:f8:ab:a9:61:03:d7:74:df:2a:ab:b9:
38:56:6f:fd:c2:f2:d9:84:ca:23:4f:27:11:57:b5:b4:f3:4e:
58:0a:a7:a8:17:c4:13:bf:f0:08:9e:16:3b:fa:52:3a:49:a1:
1c:7f:90:53:f8:18:3f:1c:62:00:0b:7c:0c:c8:72:99:60:08:
98:44:1d:ae:93:04:72:cf:11:59:53:fb:30:07:1b:3e:92:bd:
55:6c:ca:99:b1:22:ac:56:94:d4:a6:3c:3d:99:03:a4:00:9f:
90:a3:ac:0c:a0:9c:ff:ac:2a:0d:4f:0d:e6:4d:5c:60:a8:b3:
7f:19:fb:ad:43:23:1f:93:de:6d:be:59:23:cb:5c:3e:e2:66:
dc:14:6e:70:50:c8:cd:ad:c5:31:3b:8a:25:d3:52:d0:e1:e7:
b3:05:dd:23:ea:09:ea:6b:f1:0b:88:fb:e4:02:bf:9a:81:4c:
c9:f8:82:30:9e:76:56:d7:2d:48:99:bf:a0:42:53:be:56:ba:
08:3f:d7:46:34:7d:e4:cf:20:11:31:8c:69:48:9c:4d:50:ac:
01:5b:aa:64:65:27:a6:b0:c5:71:e2:b3:90:29:bb:e3:ea:3c:
e5:4b:95:19
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVuwiUlFr4xSo2aAOqvDU1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZTkyYTc4OGE0MTA1N2QyNzc2NGYxNmYzYjFkMmEzZWY2
MzQ1ZDYwHhcNMjMwMTAxMTkxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM5YTIyOWQ5NmVkMWI2NDM4MjdjYzJjNDRkMGE3NzYwN2UyYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8Q9Wt3yedpHwoyJue4wYtF3NuqE
NpDMD006guLZTSOd0y8BmgVBipqaB/Dub2jpo7CWPHa+7gaedZuhhf/uZU/EnJfq
YUGu99urAUCuHiLF65q3UsO19Yt2ELBGsPzhMzS44JNkr8Vw3LXyEA7FffqgVJtr
etWwQvufFCMNGbqV3u2YuF6RJ/GeNXaDW/rgXZIPOoN5DXidNOvkquwBW3SLmdQv
o39bJD0X+IvZBx31eSkVUwa05UgbX7xqsTaYnvXltVjePphSzzpd7dRaeZE7pWot
+XGznrMcH8RP7ES247pfE3XYWjkFDnZmuXcXot2kYsV17fKH9kkc8vOwYQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJXJoinZbtG2Q4J8wsRNCndgfiu3MB8GA1UdIwQY
MBaAFODpKniKQQV9J3ZPFvOx0qPvY0XWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE9rcWVJcEJCWDBuZGs4Vzg3SFNvLTlqUmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kNDY0ODctNDNmZi00NWVlLTgyMjgt
YmE1OWZiMmM0NjEwLzEvbGNtaUtkbHUwYlpEZ256Q3hFMEtkMkItSzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kNDY0ODctNDNmZi00NWVlLTgyMjgtYmE1OWZiMmM0NjEw
LzEvNE9rcWVJcEJCWDBuZGs4Vzg3SFNvLTlqUmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcMAwDBANVd4gD
BABVd4owDAMEAlV3jAMEAFV3jjAPBAIAAjAJAwcAKgGNgAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQAmVGY2dQUohvvdidYYCgFhyl9k+nNdTxIF+KupYQPXdN8qq7k4Vm/9
wvLZhMojTycRV7W0805YCqeoF8QTv/AInhY7+lI6SaEcf5BT+Bg/HGIAC3wMyHKZ
YAiYRB2ukwRyzxFZU/swBxs+kr1VbMqZsSKsVpTUpjw9mQOkAJ+Qo6wMoJz/rCoN
Tw3mTVxgqLN/GfutQyMfk95tvlkjy1w+4mbcFG5wUMjNrcUxO4ol01LQ4eezBd0j
6gnqa/ELiPvkAr+agUzJ+IIwnnZW1y1Imb+gQlO+VroIP9dGNH3kzyARMYxpSJxN
UKwBW6pkZSemsMVx4rOQKbvj6jzlS5UZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:21 2024 by rpki-client on console-ams.rpki-client.org