Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/lpiz3b-r5QSudACPIfSkKlAYO6k.roa
File: lpiz3b-r5QSudACPIfSkKlAYO6k.roa (raw, json)
Hash identifier: f7QXPgxNy07OgWK6kA2Cagj6ga91QkmRdRNHObAFgKI=
Subject key identifier: 96:98:B3:DD:BF:AB:E5:04:AE:74:00:8F:21:F4:A4:2A:50:18:3B:A9
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 018570675F6B0DF21B761389F1EF9796B70D
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/lpiz3b-r5QSudACPIfSkKlAYO6k.roa
Signing time: Mon 02 Jan 2023 02:55:00 +0000
ROA not before: Mon 02 Jan 2023 02:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60261
IP address blocks: 178.79.216.0/23 maxlen: 23
46.183.90.0/24 maxlen: 24
2a02:3d0:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Nov 2023 01:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:5f:6b:0d:f2:1b:76:13:89:f1:ef:97:96:b7:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Jan 2 02:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9698b3ddbfabe504ae74008f21f4a42a50183ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:69:44:33:4b:0b:15:45:01:dc:b3:25:df:0c:
3b:2a:c7:ca:cd:dd:2a:f3:4d:df:10:3c:c1:be:0f:
85:df:29:40:81:32:82:a9:67:d6:2e:42:d0:78:0c:
dd:47:ff:cb:15:e6:77:c0:51:cf:55:d1:f5:4d:7c:
4c:4b:8d:10:a5:2e:1b:40:bb:6a:b3:b1:37:5a:31:
56:70:1e:5c:5a:44:ff:98:45:e3:d9:b1:1f:b6:cb:
db:7d:49:84:a9:7e:bc:ce:e2:34:ad:48:f0:00:4a:
67:6a:71:e1:67:b8:05:aa:e8:24:9d:93:e0:8b:63:
7c:da:c0:01:f3:80:e0:22:5a:ca:b1:bc:da:42:cf:
13:f9:c5:91:7a:06:56:96:f0:8b:9d:84:a4:4f:cb:
cb:7c:da:d3:13:9f:88:d0:26:bb:0e:01:fb:df:93:
01:b2:12:49:4e:ea:98:1c:47:8e:ad:34:47:f7:3e:
0c:bb:82:93:b7:5b:04:87:a2:32:58:e6:55:91:57:
f5:9f:a8:6a:12:da:8b:7d:c1:97:04:a4:68:2e:fa:
0c:df:ca:70:61:26:ce:0b:ba:ec:f6:14:63:07:0d:
e3:7b:43:6a:03:93:52:eb:cf:8b:1b:fd:38:3e:68:
5a:dd:0d:a4:2c:47:81:bd:5f:d5:d2:31:58:25:95:
e2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:98:B3:DD:BF:AB:E5:04:AE:74:00:8F:21:F4:A4:2A:50:18:3B:A9
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/lpiz3b-r5QSudACPIfSkKlAYO6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.90.0/24
178.79.216.0/23
IPv6:
2a02:3d0:a::/48
Signature Algorithm: sha256WithRSAEncryption
45:ca:42:4c:d2:b6:da:26:eb:c8:ba:74:fe:ee:48:8d:6e:30:
fa:46:f7:3d:76:97:08:8f:f1:d8:8e:14:83:59:13:ca:aa:6b:
fd:ac:a1:2b:81:50:60:d7:96:dd:c1:4c:3d:e7:e6:14:40:cb:
53:07:d5:73:92:f5:f8:8f:00:c4:67:0a:b3:3b:87:7c:36:98:
33:fb:aa:5a:e1:43:c7:8b:f2:35:52:55:2a:14:7f:9f:be:c2:
51:d1:f0:eb:f1:88:00:fa:9b:7d:3c:f5:c8:a0:55:91:71:17:
c2:65:bc:3d:b9:cc:eb:f7:b7:8d:4e:04:d2:5f:fb:1d:4b:4c:
2b:88:6c:1f:68:09:15:f9:ca:b5:d7:54:03:db:92:43:45:8a:
59:fe:e8:f0:d3:64:f0:77:df:d3:fe:0b:0e:bb:39:64:c1:48:
bb:9a:ca:62:c6:a1:58:4a:0b:89:6e:42:a0:6d:a7:37:d7:f6:
09:1d:af:46:df:a9:2f:de:30:03:d0:f4:e1:73:57:bd:ab:dd:
e2:6b:66:68:2e:6d:a0:66:06:bf:d8:ed:02:3e:ce:aa:51:d2:
28:08:15:0f:51:77:e9:a2:2f:3d:27:4d:ba:8c:2f:f9:91:92:
c4:e9:53:3f:db:54:36:1a:0b:22:84:3b:52:ae:e4:f7:c1:8a:
5d:a1:b7:dd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwZ19rDfIbdhOJ8e+XlrcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjMwMTAyMDI1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njk4YjNkZGJmYWJlNTA0YWU3NDAwOGYyMWY0YTQyYTUwMTgzYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomlEM0sLFUUB3LMl3ww7KsfKzd0q
803fEDzBvg+F3ylAgTKCqWfWLkLQeAzdR//LFeZ3wFHPVdH1TXxMS40QpS4bQLtq
s7E3WjFWcB5cWkT/mEXj2bEftsvbfUmEqX68zuI0rUjwAEpnanHhZ7gFqugknZPg
i2N82sAB84DgIlrKsbzaQs8T+cWRegZWlvCLnYSkT8vLfNrTE5+I0Ca7DgH735MB
shJJTuqYHEeOrTRH9z4Mu4KTt1sEh6IyWOZVkVf1n6hqEtqLfcGXBKRoLvoM38pw
YSbOC7rs9hRjBw3je0NqA5NS68+LG/04Pmha3Q2kLEeBvV/V0jFYJZXi0QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJaYs92/q+UErnQAjyH0pCpQGDupMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEvbHBpejNiLXI1UVN1ZEFDUElmU2tLbEFZTzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALrdaAwQB
sk/YMA8EAgACMAkDBwAqAgPQAAowDQYJKoZIhvcNAQELBQADggEBAEXKQkzSttom
68i6dP7uSI1uMPpG9z12lwiP8diOFINZE8qqa/2soSuBUGDXlt3BTD3n5hRAy1MH
1XOS9fiPAMRnCrM7h3w2mDP7qlrhQ8eL8jVSVSoUf5++wlHR8OvxiAD6m3089cig
VZFxF8JlvD25zOv3t41OBNJf+x1LTCuIbB9oCRX5yrXXVAPbkkNFiln+6PDTZPB3
39P+Cw67OWTBSLuaymLGoVhKC4luQqBtpzfX9gkdr0bfqS/eMAPQ9OFzV72r3eJr
ZmgubaBmBr/Y7QI+zqpR0igIFQ9Rd+miLz0nTbqML/mRksTpUz/bVDYaCyKEO1Ku
5PfBil2ht90=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:18 2024 by rpki-client on console-fra.rpki-client.org