Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lc5-lbUuHO4qQxfEDIkP7nIB4a4.roa
File: lc5-lbUuHO4qQxfEDIkP7nIB4a4.roa (raw, json)
Hash identifier: BGGhuF5Wpj7TUe3mdKMsM3SCllA7mLrFqjgj6/dF+6s=
Subject key identifier: 95:CE:7E:95:B5:2E:1C:EE:2A:43:17:C4:0C:89:0F:EE:72:01:E1:AE
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42559C3DA436FFCAF8DC21974CD3397
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lc5-lbUuHO4qQxfEDIkP7nIB4a4.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30823
IP address blocks: 78.108.216.0/24 maxlen: 24
85.202.163.0/24 maxlen: 24
185.234.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 14:13:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:59:c3:da:43:6f:fc:af:8d:c2:19:74:cd:33:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95ce7e95b52e1cee2a4317c40c890fee7201e1ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ff:21:8c:c8:cf:40:35:ad:00:32:c4:40:72:
0b:61:e7:31:64:0a:c9:0b:a5:35:fa:90:72:04:e1:
d0:26:50:f3:b0:63:88:b9:2f:ea:e8:87:d8:0a:93:
f1:53:81:4f:ce:7e:e0:a6:ba:a6:c2:e8:64:6c:5e:
b9:48:64:86:08:d8:ce:c4:ec:dd:44:a6:c0:38:45:
75:87:ef:08:69:12:cf:e8:61:b2:0f:b5:db:a5:c4:
69:bf:9a:95:78:03:cd:6d:ba:6e:55:2c:82:12:34:
2e:ec:fb:e2:7c:6c:e1:f9:b1:6a:76:f2:5e:c4:c7:
51:68:a5:0e:c7:bf:aa:26:35:7f:fd:cd:3d:10:92:
91:7a:0f:32:a0:16:cd:a7:76:04:a6:3c:1b:84:ea:
40:f8:2f:69:b9:c8:77:fe:a1:8f:f2:12:c5:dd:82:
b0:ea:e2:c0:24:0b:f2:37:73:a3:87:5f:36:6f:d6:
e7:fd:c3:99:17:9c:55:11:48:3e:7a:28:30:80:9d:
61:ab:53:66:40:fb:2c:ef:29:57:ac:6d:81:a7:f0:
63:b7:4a:86:7d:5e:4f:7a:f1:e9:90:fc:13:03:a6:
a4:79:5d:26:78:06:e3:45:34:35:b3:35:77:23:91:
eb:e9:6c:af:1c:0d:29:f7:31:15:20:f8:78:39:a0:
23:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CE:7E:95:B5:2E:1C:EE:2A:43:17:C4:0C:89:0F:EE:72:01:E1:AE
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lc5-lbUuHO4qQxfEDIkP7nIB4a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.216.0/24
85.202.163.0/24
185.234.72.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:40:7c:51:c0:aa:7b:e7:92:d6:20:31:25:38:fa:63:6f:3a:
d2:19:58:ae:a2:b5:36:d3:6b:c3:a9:35:a1:08:86:e4:21:a5:
c7:ac:c2:5d:94:db:0d:76:a2:6b:16:ab:c0:81:ba:9b:8d:c0:
e5:9f:b5:c5:e9:cd:96:f9:3f:60:03:d9:0c:ca:4c:65:f2:1f:
28:35:fd:16:28:80:62:36:74:ca:45:8c:ee:d1:cf:64:81:b7:
8b:2b:7d:5b:f1:e8:08:2e:8c:db:40:48:5c:c4:3b:c8:82:1b:
da:8b:af:71:0b:50:ca:ce:13:a1:0e:bf:64:d3:61:4c:df:dd:
95:ab:26:19:58:04:92:87:4c:73:60:66:da:87:61:3c:52:c7:
35:ed:54:1d:0a:77:20:36:ca:3e:17:90:21:c5:d7:25:49:b2:
a3:44:86:ff:0f:25:03:4e:e0:e9:86:f3:a1:4c:9c:a5:32:ca:
b1:e6:11:d7:fc:90:80:ec:33:5d:e0:c3:f6:60:e5:65:11:93:
aa:0f:9e:50:cd:2a:f8:82:c6:61:40:09:7c:4d:65:74:50:96:
85:03:62:fe:18:c1:c4:9e:af:40:44:21:29:aa:8d:a5:7f:92:
fd:ef:16:9b:07:47:4d:54:aa:4e:14:a4:68:0d:b9:30:c0:f0:
03:05:e9:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJVnD2kNv/K+Nwhl0zTOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWNlN2U5NWI1MmUxY2VlMmE0MzE3YzQwYzg5MGZlZTcyMDFlMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv8hjMjPQDWtADLEQHILYecxZArJ
C6U1+pByBOHQJlDzsGOIuS/q6IfYCpPxU4FPzn7gprqmwuhkbF65SGSGCNjOxOzd
RKbAOEV1h+8IaRLP6GGyD7XbpcRpv5qVeAPNbbpuVSyCEjQu7PvifGzh+bFqdvJe
xMdRaKUOx7+qJjV//c09EJKReg8yoBbNp3YEpjwbhOpA+C9puch3/qGP8hLF3YKw
6uLAJAvyN3Ojh182b9bn/cOZF5xVEUg+eigwgJ1hq1NmQPss7ylXrG2Bp/Bjt0qG
fV5PevHpkPwTA6akeV0meAbjRTQ1szV3I5Hr6WyvHA0p9zEVIPh4OaAj2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJXOfpW1LhzuKkMXxAyJD+5yAeGuMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbGM1LWxiVXVITzRxUXhmRURJa1A3bklCNGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATmzYAwQA
VcqjAwQAuepIMA0GCSqGSIb3DQEBCwUAA4IBAQA7QHxRwKp755LWIDElOPpjbzrS
GViuorU202vDqTWhCIbkIaXHrMJdlNsNdqJrFqvAgbqbjcDln7XF6c2W+T9gA9kM
ykxl8h8oNf0WKIBiNnTKRYzu0c9kgbeLK31b8egILozbQEhcxDvIghvai69xC1DK
zhOhDr9k02FM392VqyYZWASSh0xzYGbah2E8Usc17VQdCncgNso+F5AhxdclSbKj
RIb/DyUDTuDphvOhTJylMsqx5hHX/JCA7DNd4MP2YOVlEZOqD55QzSr4gsZhQAl8
TWV0UJaFA2L+GMHEnq9ARCEpqo2lf5L97xabB0dNVKpOFKRoDbkwwPADBelM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org