Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/lckqe6B7cUzfzZYOXvi_ldwBKbM.roa
File: lckqe6B7cUzfzZYOXvi_ldwBKbM.roa (raw, json)
Hash identifier: NVLtdxxziGaphe+qRe4ah8WuKiFhdvW6vnRG5Vuxewc=
Subject key identifier: 95:C9:2A:7B:A0:7B:71:4C:DF:CD:96:0E:5E:F8:BF:95:DC:01:29:B3
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 0188E7B14CBDBCE6379BBDDCC537D8F4976E
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/lckqe6B7cUzfzZYOXvi_ldwBKbM.roa
Signing time: Fri 23 Jun 2023 09:58:56 +0000
ROA not before: Fri 23 Jun 2023 09:58:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.146.152.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Jun 2023 11:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e7:b1:4c:bd:bc:e6:37:9b:bd:dc:c5:37:d8:f4:97:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jun 23 09:58:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95c92a7ba07b714cdfcd960e5ef8bf95dc0129b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2c:7f:0b:29:62:33:e8:c9:2a:eb:43:97:2d:
1a:32:39:35:e9:a9:a6:85:d2:20:8e:19:a3:56:43:
00:b6:84:f5:14:f0:3d:07:d7:37:f8:8d:f6:25:da:
06:e5:83:1e:f3:c2:98:83:19:0f:42:36:0f:26:22:
ae:df:24:d2:ca:9a:58:64:c2:a6:0f:90:23:29:de:
b6:c1:5a:66:9c:37:12:95:08:33:64:d8:ac:b6:3b:
44:21:36:25:60:4d:52:15:e6:fa:e7:19:bf:f1:b5:
4b:27:93:15:c7:51:af:be:49:36:fa:3b:0a:4f:b5:
d6:58:9a:d6:0f:30:c9:20:2d:99:aa:47:7b:06:a4:
e6:9e:cb:bd:9f:16:b5:b1:71:ec:ed:c5:51:56:87:
93:9e:bb:e2:eb:fa:9e:e9:26:7a:a5:59:f8:93:66:
db:91:cb:84:1e:c5:45:b5:2d:e4:dc:cb:cb:d0:2a:
d6:90:c8:91:99:e5:1e:dd:9c:93:36:87:bc:bd:02:
74:6b:28:3d:6e:33:7a:39:e9:aa:70:2c:bf:ba:78:
32:aa:bd:69:6c:a0:ec:fa:43:60:e2:81:5e:03:18:
cc:e9:eb:fc:f5:1f:82:3a:1b:37:94:7a:a3:5c:c5:
c6:c7:9c:e2:9f:4c:93:4b:e7:a3:f5:99:24:de:48:
d8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C9:2A:7B:A0:7B:71:4C:DF:CD:96:0E:5E:F8:BF:95:DC:01:29:B3
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/lckqe6B7cUzfzZYOXvi_ldwBKbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::/43
Signature Algorithm: sha256WithRSAEncryption
6b:69:fd:1f:6b:ea:14:ae:02:04:72:8b:65:29:3d:4f:aa:4a:
ea:f3:25:03:31:e4:5b:0d:e8:1c:25:29:07:b3:4f:5a:41:96:
16:bf:08:62:82:3a:93:d8:31:7a:49:af:af:02:dc:28:05:0f:
e1:22:eb:4e:78:a7:b4:6c:20:84:f3:0f:df:ee:35:cd:94:34:
f7:bc:ca:1d:1c:41:f8:91:b5:78:79:7d:17:fb:15:bc:29:7b:
c2:61:ba:88:e6:bc:12:db:7e:35:c2:f2:fa:03:e0:3a:1f:1e:
5f:f5:37:b2:36:cc:f7:4d:cc:dc:33:82:09:8d:0f:4f:75:bc:
7a:f2:f7:45:0c:12:71:7d:32:f1:1a:bf:1e:5e:95:3d:82:f3:
ce:83:34:4b:99:c8:d0:18:a1:77:5e:d8:e9:5b:36:86:41:3e:
d7:a8:e0:6a:9a:22:d6:9f:7c:1e:2d:3b:3c:00:ef:0e:31:12:
ad:14:93:0e:d8:a7:11:95:d6:92:bd:f3:41:fe:21:31:99:3c:
14:82:6c:41:27:c0:58:56:62:3d:84:ed:2a:48:0a:54:10:44:
03:55:0c:a2:bf:ec:51:84:08:35:78:0e:40:b2:12:32:c0:43:
32:c7:4c:1e:cd:6a:2e:e8:92:a6:d2:9c:52:e0:1f:9f:5a:3a:
54:6f:83:ef
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYjnsUy9vOY3m73cxTfY9JduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjMwNjIzMDk1ODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM5MmE3YmEwN2I3MTRjZGZjZDk2MGU1ZWY4YmY5NWRjMDEyOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyx/CyliM+jJKutDly0aMjk16amm
hdIgjhmjVkMAtoT1FPA9B9c3+I32JdoG5YMe88KYgxkPQjYPJiKu3yTSyppYZMKm
D5AjKd62wVpmnDcSlQgzZNistjtEITYlYE1SFeb65xm/8bVLJ5MVx1Gvvkk2+jsK
T7XWWJrWDzDJIC2Zqkd7BqTmnsu9nxa1sXHs7cVRVoeTnrvi6/qe6SZ6pVn4k2bb
kcuEHsVFtS3k3MvL0CrWkMiRmeUe3ZyTNoe8vQJ0ayg9bjN6OemqcCy/ungyqr1p
bKDs+kNg4oFeAxjM6ev89R+COhs3lHqjXMXGx5zin0yTS+ej9Zkk3kjYuwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJXJKnuge3FM382WDl74v5XcASmzMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvbGNrcWU2QjdjVXpmelpZT1h2aV9sZHdCS2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuZKYAwQB
uZKaMA8EAgACMAkDBwUqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBAGtp/R9r6hSu
AgRyi2UpPU+qSurzJQMx5FsN6BwlKQezT1pBlha/CGKCOpPYMXpJr68C3CgFD+Ei
6054p7RsIITzD9/uNc2UNPe8yh0cQfiRtXh5fRf7Fbwpe8JhuojmvBLbfjXC8voD
4DofHl/1N7I2zPdNzNwzggmND091vHry90UMEnF9MvEavx5elT2C886DNEuZyNAY
oXde2OlbNoZBPteo4GqaItaffB4tOzwA7w4xEq0Ukw7YpxGV1pK980H+ITGZPBSC
bEEnwFhWYj2E7SpIClQQRANVDKK/7FGECDV4DkCyEjLAQzLHTB7Nai7okqbSnFLg
H59aOlRvg+8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org