Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/lbvs0S6WSMtfhH5fTC3aB1iU7iY.roa
File: lbvs0S6WSMtfhH5fTC3aB1iU7iY.roa (raw, json)
Hash identifier: aJSf+wEO1ma7ej/PGW/ArKfpS8FYNgsWZS3x+YnQyOM=
Subject key identifier: 95:BB:EC:D1:2E:96:48:CB:5F:84:7E:5F:4C:2D:DA:07:58:94:EE:26
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019160103E3E4A4F4DA92F6B30C43E9D0D0C
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/lbvs0S6WSMtfhH5fTC3aB1iU7iY.roa
Signing time: Sat 17 Aug 2024 11:19:22 +0000
ROA not before: Sat 17 Aug 2024 11:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214967
IP address blocks: 2a06:b440::/29 maxlen: 32
2a0a:e2c0::/29 maxlen: 29
2a12:1900::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 21 Aug 2024 10:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:60:10:3e:3e:4a:4f:4d:a9:2f:6b:30:c4:3e:9d:0d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 17 11:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95bbecd12e9648cb5f847e5f4c2dda075894ee26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ad:0c:af:94:e8:04:6e:28:d4:18:59:a7:d8:
ac:71:f3:a8:a7:ad:2b:5f:33:9f:78:af:d6:91:a2:
97:80:4e:0b:66:04:9f:d7:d2:75:fa:d3:f6:c9:c4:
50:16:c4:24:96:0f:75:0a:aa:58:a4:62:b9:28:dd:
30:fa:1b:c5:6d:16:f2:95:85:d8:e6:35:2c:03:76:
7b:35:c7:bf:ef:d2:4c:f2:e4:f4:bb:29:28:6d:4a:
fa:64:67:0c:bf:bd:83:3b:e5:ec:58:82:2b:18:89:
54:7b:4a:4e:35:9a:45:08:15:24:20:20:a6:87:96:
ed:1f:4a:1a:2c:69:c4:d3:70:8f:49:70:69:1c:26:
c2:a8:35:c2:5a:57:16:20:fb:ab:f0:76:4b:31:7e:
40:18:19:af:e1:98:fa:8b:3c:ef:2e:f3:e6:bc:fe:
46:2b:03:9e:75:bf:f2:0b:10:2f:fa:d9:d7:b5:d5:
e2:75:bf:b7:d6:ed:cc:97:66:80:f0:20:dd:a9:1c:
83:5d:e3:b7:b0:fa:c7:28:50:cf:8b:36:b4:30:f8:
33:02:7f:04:e7:db:1b:4b:4a:fa:1c:43:03:0d:0b:
57:c2:f4:6d:66:7c:20:91:db:08:56:30:b1:cf:44:
2b:51:f1:6a:1a:b5:22:4f:96:b0:ba:25:78:7d:2e:
01:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BB:EC:D1:2E:96:48:CB:5F:84:7E:5F:4C:2D:DA:07:58:94:EE:26
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/lbvs0S6WSMtfhH5fTC3aB1iU7iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b440::/29
2a0a:e2c0::/29
2a12:1900::/29
2a12:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
70:06:d3:76:b7:11:67:04:c3:ce:56:7c:39:55:47:9a:65:ee:
fd:ab:73:52:cd:a1:91:d1:74:68:1e:e0:d2:d5:2e:2e:81:6c:
e0:58:1c:76:1d:bf:b0:44:1b:74:d7:35:9b:9a:7a:3a:24:7b:
6a:56:b9:9c:b4:7e:1c:31:ee:55:a9:37:af:37:ce:74:87:04:
14:54:2b:54:cd:c2:6e:4f:08:a6:37:85:8b:9b:84:ae:87:14:
84:57:d0:b7:bc:79:23:b4:04:3d:96:dc:19:4f:17:99:c8:a7:
19:b8:82:8d:c7:7a:e6:1a:a1:7e:27:79:08:47:38:8a:98:0c:
c1:bc:5f:b4:71:89:1e:45:e2:c3:4f:f8:e0:1b:27:3e:c2:49:
09:dc:0f:c7:34:de:28:cb:ec:34:4e:c4:0e:57:86:96:e6:2b:
6a:06:3d:b4:14:82:c6:4e:8f:33:c8:03:44:0a:50:e3:ea:3e:
98:b0:b3:04:71:91:79:c3:35:0c:5d:79:06:ba:34:92:3e:e6:
74:88:39:ee:e9:88:99:46:66:57:24:2e:41:8c:59:d4:94:0a:
59:86:68:64:63:59:2e:13:03:aa:15:61:c7:ad:13:87:db:21:
5c:7b:ae:da:4d:4b:2a:d3:ea:db:7e:89:d3:37:1a:54:93:29:
0e:99:b9:29
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZFgED4+Sk9NqS9rMMQ+nQ0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODE3MTExOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJiZWNkMTJlOTY0OGNiNWY4NDdlNWY0YzJkZGEwNzU4OTRlZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa0Mr5ToBG4o1BhZp9iscfOop60r
XzOfeK/WkaKXgE4LZgSf19J1+tP2ycRQFsQklg91CqpYpGK5KN0w+hvFbRbylYXY
5jUsA3Z7Nce/79JM8uT0uykobUr6ZGcMv72DO+XsWIIrGIlUe0pONZpFCBUkICCm
h5btH0oaLGnE03CPSXBpHCbCqDXCWlcWIPur8HZLMX5AGBmv4Zj6izzvLvPmvP5G
KwOedb/yCxAv+tnXtdXidb+31u3Ml2aA8CDdqRyDXeO3sPrHKFDPiza0MPgzAn8E
59sbS0r6HEMDDQtXwvRtZnwgkdsIVjCxz0QrUfFqGrUiT5awuiV4fS4B2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJW77NEulkjLX4R+X0wt2gdYlO4mMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvbGJ2czBTNldTTXRmaEg1ZlRDM2FCMWlVN2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKga0QAMF
AyoK4sADBQMqEhkAAwUDKhIowDANBgkqhkiG9w0BAQsFAAOCAQEAcAbTdrcRZwTD
zlZ8OVVHmmXu/atzUs2hkdF0aB7g0tUuLoFs4Fgcdh2/sEQbdNc1m5p6OiR7ala5
nLR+HDHuVak3rzfOdIcEFFQrVM3Cbk8IpjeFi5uErocUhFfQt7x5I7QEPZbcGU8X
mcinGbiCjcd65hqhfid5CEc4ipgMwbxftHGJHkXiw0/44BsnPsJJCdwPxzTeKMvs
NE7EDleGluYragY9tBSCxk6PM8gDRApQ4+o+mLCzBHGRecM1DF15Bro0kj7mdIg5
7umImUZmVyQuQYxZ1JQKWYZoZGNZLhMDqhVhx60Th9shXHuu2k1LKtPq236J0zca
VJMpDpm5KQ==
-----END CERTIFICATE-----
Generated at Wed Aug 21 16:34:19 2024 by rpki-client on console-fra.rpki-client.org