Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/lKSHq4SMXW6mid00CElcvkGccxU.roa
File: lKSHq4SMXW6mid00CElcvkGccxU.roa (raw, json)
Hash identifier: z5spwJ2CF5ZmosyexrNA7JGQYiq4j2ssr5hcxiwIF2Y=
Subject key identifier: 94:A4:87:AB:84:8C:5D:6E:A6:89:DD:34:08:49:5C:BE:41:9C:73:15
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018572B41838205976785DE5FECAB1285655
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/lKSHq4SMXW6mid00CElcvkGccxU.roa
Signing time: Mon 02 Jan 2023 13:38:03 +0000
ROA not before: Mon 02 Jan 2023 13:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Jun 2023 09:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:18:38:20:59:76:78:5d:e5:fe:ca:b1:28:56:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 2 13:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94a487ab848c5d6ea689dd3408495cbe419c7315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d9:1b:6e:f8:33:3a:85:16:b7:82:70:ec:77:
43:ba:c0:1c:dc:a8:73:ca:20:31:eb:e7:e9:bd:7e:
5e:34:d0:34:da:0c:34:10:2b:4b:97:b6:0c:a8:4e:
33:4a:20:55:8d:fb:ab:30:3c:1e:0a:01:a3:c3:8c:
a0:68:a7:04:91:94:c8:c2:28:5e:24:1c:ca:3a:55:
e2:7e:1f:8f:a6:46:4e:03:5d:8e:47:26:2f:a2:6a:
59:93:db:d4:e1:0c:9e:bc:05:da:e5:ae:39:0a:dc:
65:f6:cd:b7:e0:6d:f6:cd:46:04:f7:6b:50:df:2b:
1c:18:2c:ea:6e:6b:fb:4f:1f:83:7e:2d:32:ec:bd:
8b:63:a7:ec:d1:45:54:75:f3:e4:85:d5:a5:89:3e:
3a:28:34:e9:7c:ea:5c:d9:77:51:65:c0:76:93:9e:
2f:67:42:a3:d3:56:96:e4:54:97:c5:06:fd:dd:f8:
51:fc:9a:84:98:78:97:7f:c9:ef:26:90:53:9c:4b:
f5:a7:61:17:50:0c:bd:d7:fb:05:48:aa:3c:1c:92:
1a:8a:23:2c:75:76:10:27:ac:e4:8b:ec:f8:3b:c3:
44:11:5e:30:0c:01:19:c9:26:dc:f2:77:0e:71:42:
41:9f:65:5b:0f:f7:31:ba:de:4b:43:ca:ef:59:63:
a6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A4:87:AB:84:8C:5D:6E:A6:89:DD:34:08:49:5C:BE:41:9C:73:15
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/lKSHq4SMXW6mid00CElcvkGccxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.154.0/23
IPv6:
2a07:4f80::/43
Signature Algorithm: sha256WithRSAEncryption
45:35:6c:3e:1e:67:63:dc:cb:77:33:27:4a:99:b6:d3:29:23:
14:1b:1e:16:bc:78:8f:20:2f:7d:49:a1:7c:fa:9b:dd:88:c5:
4f:a3:d4:b7:94:2c:49:4f:98:6f:59:a0:44:9b:b9:60:e4:71:
6c:4f:f0:01:8a:65:d7:e6:f2:4e:e6:18:46:74:e4:8c:97:6b:
e5:ab:57:5d:a1:a5:25:39:75:9a:91:87:bc:fa:01:2b:84:cf:
b7:35:a9:b2:c4:71:0c:20:77:f9:6c:0f:b0:a7:01:37:dd:2b:
30:ca:14:8b:4b:3e:20:5f:c3:e6:a5:dc:0d:fe:c9:6b:c8:0c:
3e:5d:fd:94:1f:46:6f:5c:03:a6:01:a8:15:98:79:0b:fb:ad:
5d:43:c3:40:7f:a5:d3:c7:a2:2b:cd:61:fe:10:a7:e2:5a:88:
27:a2:92:8f:30:91:2f:65:df:de:44:68:0a:7f:8d:44:e5:82:
f0:23:32:d9:2b:0e:01:c6:4d:b8:09:56:0f:1e:0d:c7:c7:52:
0e:48:25:70:2e:d9:43:ef:67:b3:96:cd:55:d2:fb:91:10:42:
65:d4:4a:7a:48:38:0d:a8:c0:b2:00:fa:82:cf:55:9a:f0:4b:
e9:cd:13:0c:5f:28:c8:52:0a:86:e1:b0:46:f5:30:44:31:50:
11:cb:50:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVytBg4IFl2eF3l/sqxKFZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjMwMTAyMTMzODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGE0ODdhYjg0OGM1ZDZlYTY4OWRkMzQwODQ5NWNiZTQxOWM3MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtkbbvgzOoUWt4Jw7HdDusAc3Khz
yiAx6+fpvX5eNNA02gw0ECtLl7YMqE4zSiBVjfurMDweCgGjw4ygaKcEkZTIwihe
JBzKOlXifh+PpkZOA12ORyYvompZk9vU4QyevAXa5a45Ctxl9s234G32zUYE92tQ
3yscGCzqbmv7Tx+Dfi0y7L2LY6fs0UVUdfPkhdWliT46KDTpfOpc2XdRZcB2k54v
Z0Kj01aW5FSXxQb93fhR/JqEmHiXf8nvJpBTnEv1p2EXUAy91/sFSKo8HJIaiiMs
dXYQJ6zki+z4O8NEEV4wDAEZySbc8ncOcUJBn2VbD/cxut5LQ8rvWWOmFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJSkh6uEjF1upondNAhJXL5BnHMVMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvbEtTSHE0U01YVzZtaWQwMENFbGN2a0djY3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZKaMA8E
AgACMAkDBwUqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBAEU1bD4eZ2Pcy3czJ0qZ
ttMpIxQbHha8eI8gL31JoXz6m92IxU+j1LeULElPmG9ZoESbuWDkcWxP8AGKZdfm
8k7mGEZ05IyXa+WrV12hpSU5dZqRh7z6ASuEz7c1qbLEcQwgd/lsD7CnATfdKzDK
FItLPiBfw+al3A3+yWvIDD5d/ZQfRm9cA6YBqBWYeQv7rV1Dw0B/pdPHoivNYf4Q
p+JaiCeiko8wkS9l395EaAp/jUTlgvAjMtkrDgHGTbgJVg8eDcfHUg5IJXAu2UPv
Z7OWzVXS+5EQQmXUSnpIOA2owLIA+oLPVZrwS+nNEwxfKMhSCobhsEb1MEQxUBHL
UHE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org