Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3de8cc-db79-4a9b-b79a-4ef488dc6dc4/1/LC9QKpnk-wmD4D9-GLngtQphimo.roa
File: LC9QKpnk-wmD4D9-GLngtQphimo.roa (raw, json)
Hash identifier: MdegoGLMBnB1/EnXI+xYGzT7Tkvh7DbzkLg7Jtv0pvw=
Subject key identifier: 2C:2F:50:2A:99:E4:FB:09:83:E0:3F:7E:18:B9:E0:B5:0A:61:8A:6A
Certificate issuer: /CN=234d9395a2ba239cb9d278eb589b72ed5c9672d1
Certificate serial: 018571B0E603B58489AD8201895AD38A7443
Authority key identifier: 23:4D:93:95:A2:BA:23:9C:B9:D2:78:EB:58:9B:72:ED:5C:96:72:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I02TlaK6I5y50njrWJty7VyWctE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3de8cc-db79-4a9b-b79a-4ef488dc6dc4/1/LC9QKpnk-wmD4D9-GLngtQphimo.roa
Signing time: Mon 02 Jan 2023 08:54:56 +0000
ROA not before: Mon 02 Jan 2023 08:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203427
IP address blocks: 185.135.54.0/24 maxlen: 24
185.135.52.0/24 maxlen: 24
185.135.53.0/24 maxlen: 24
2a02:faa0:1::/48 maxlen: 48
2a02:faa0:2::/48 maxlen: 48
2a02:faa0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:e6:03:b5:84:89:ad:82:01:89:5a:d3:8a:74:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234d9395a2ba239cb9d278eb589b72ed5c9672d1
Validity
Not Before: Jan 2 08:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c2f502a99e4fb0983e03f7e18b9e0b50a618a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ff:af:17:26:b6:23:cb:37:55:85:66:f1:4e:
6e:c1:73:17:7f:02:ba:3a:77:55:b2:53:93:ce:60:
8c:93:72:99:a8:0f:fb:ed:4a:37:bf:e9:b5:0e:bf:
29:cc:20:4f:37:c6:26:52:2b:8e:e8:72:5b:88:0a:
fa:14:a8:89:a0:5c:7c:f2:2e:d6:85:a1:5e:16:b5:
f4:ff:ef:f5:4d:24:7a:5e:74:20:b9:73:05:96:65:
4f:9d:46:b8:3b:82:87:81:f9:ff:fb:9c:22:d6:be:
93:76:a3:1c:86:71:70:d8:15:bf:3a:71:1a:24:9b:
ca:db:69:ef:9b:6e:7a:c0:3a:02:ba:8a:fb:57:86:
ee:d4:ec:db:e7:1e:bf:30:2c:c6:1a:cf:1c:a4:57:
87:f9:45:bc:9d:dd:20:42:bd:da:00:6e:e5:6a:9c:
cf:99:86:fa:47:4b:b1:06:14:fc:63:b6:fd:58:16:
b5:c1:3d:96:84:10:2f:10:a4:e3:c1:de:71:8b:34:
60:b5:f0:ba:a5:e7:1b:b5:9a:04:6b:d7:c3:c9:5d:
3a:d2:bf:da:32:86:be:7a:45:dd:81:cb:c8:21:ba:
ac:e1:24:7e:63:53:b8:e0:d1:4f:02:e4:b2:24:2c:
8f:15:6b:df:17:6a:81:a4:8c:63:44:8e:bb:97:b1:
20:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:2F:50:2A:99:E4:FB:09:83:E0:3F:7E:18:B9:E0:B5:0A:61:8A:6A
X509v3 Authority Key Identifier:
keyid:23:4D:93:95:A2:BA:23:9C:B9:D2:78:EB:58:9B:72:ED:5C:96:72:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I02TlaK6I5y50njrWJty7VyWctE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3de8cc-db79-4a9b-b79a-4ef488dc6dc4/1/LC9QKpnk-wmD4D9-GLngtQphimo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3de8cc-db79-4a9b-b79a-4ef488dc6dc4/1/I02TlaK6I5y50njrWJty7VyWctE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.52.0-185.135.54.255
IPv6:
2a02:faa0::-2a02:faa0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:61:2f:0d:3e:93:d9:85:e2:35:24:52:aa:f4:e1:fd:76:16:
a9:bf:6c:6f:b1:a3:44:7f:90:f4:65:64:5b:1f:29:16:ed:56:
67:86:ab:66:ab:24:30:b1:d5:29:49:83:84:ec:8d:68:bd:a2:
8d:dd:4d:e1:d1:c8:d0:bf:2e:08:c4:6e:08:7d:d9:aa:d5:02:
41:07:c1:43:f1:3e:e3:46:c3:46:49:83:6b:38:ba:5d:bf:bc:
43:70:7c:b8:7f:57:80:a3:aa:f7:21:19:a9:df:3b:4d:f2:4e:
08:12:34:15:6f:14:ae:63:c9:bf:04:0d:27:09:e6:13:21:e9:
ad:15:93:f7:d8:bd:60:85:da:1e:12:48:6c:12:4e:e3:a5:99:
c2:77:39:6a:5a:c3:46:86:08:7f:14:eb:0d:cc:0c:d0:22:79:
ac:44:31:2b:68:72:c5:31:d1:bb:ed:06:d3:21:ec:29:53:97:
06:3c:75:32:01:1f:0a:e6:b6:52:c4:63:7c:25:e3:c7:31:32:
c6:71:f0:f7:47:31:57:c5:34:07:8d:dd:00:b4:3d:d1:b9:7e:
57:f0:ba:bd:1c:77:2e:1b:01:3f:01:7e:ec:3c:26:c3:5c:e9:
f3:34:dc:68:9b:2e:af:39:9c:7d:ed:26:c6:d4:83:80:70:e4:
5a:af:fd:87
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVxsOYDtYSJrYIBiVrTinRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGQ5Mzk1YTJiYTIzOWNiOWQyNzhlYjU4OWI3MmVkNWM5
NjcyZDEwHhcNMjMwMTAyMDg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzJmNTAyYTk5ZTRmYjA5ODNlMDNmN2UxOGI5ZTBiNTBhNjE4YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf+vFya2I8s3VYVm8U5uwXMXfwK6
OndVslOTzmCMk3KZqA/77Uo3v+m1Dr8pzCBPN8YmUiuO6HJbiAr6FKiJoFx88i7W
haFeFrX0/+/1TSR6XnQguXMFlmVPnUa4O4KHgfn/+5wi1r6TdqMchnFw2BW/OnEa
JJvK22nvm256wDoCuor7V4bu1Ozb5x6/MCzGGs8cpFeH+UW8nd0gQr3aAG7lapzP
mYb6R0uxBhT8Y7b9WBa1wT2WhBAvEKTjwd5xizRgtfC6pecbtZoEa9fDyV060r/a
Moa+ekXdgcvIIbqs4SR+Y1O44NFPAuSyJCyPFWvfF2qBpIxjRI67l7Eg3QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCwvUCqZ5PsJg+A/fhi54LUKYYpqMB8GA1UdIwQY
MBaAFCNNk5WiuiOcudJ461ibcu1clnLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTAyVGxhSzZJNXk1MG5qcldKdHk3VnlXY3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zZGU4Y2MtZGI3OS00YTliLWI3OWEt
NGVmNDg4ZGM2ZGM0LzEvTEM5UUtwbmstd21ENEQ5LUdMbmd0UXBoaW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zZGU4Y2MtZGI3OS00YTliLWI3OWEtNGVmNDg4ZGM2ZGM0
LzEvSTAyVGxhSzZJNXk1MG5qcldKdHk3VnlXY3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAK5hzQD
BAC5hzYwGAQCAAIwEjAQAwUFKgL6oAMHACoC+qAAAjANBgkqhkiG9w0BAQsFAAOC
AQEAHmEvDT6T2YXiNSRSqvTh/XYWqb9sb7GjRH+Q9GVkWx8pFu1WZ4arZqskMLHV
KUmDhOyNaL2ijd1N4dHI0L8uCMRuCH3ZqtUCQQfBQ/E+40bDRkmDazi6Xb+8Q3B8
uH9XgKOq9yEZqd87TfJOCBI0FW8UrmPJvwQNJwnmEyHprRWT99i9YIXaHhJIbBJO
46WZwnc5alrDRoYIfxTrDcwM0CJ5rEQxK2hyxTHRu+0G0yHsKVOXBjx1MgEfCua2
UsRjfCXjxzEyxnHw90cxV8U0B43dALQ90bl+V/C6vRx3LhsBPwF+7Dwmw1zp8zTc
aJsurzmcfe0mxtSDgHDkWq/9hw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:08 2024 by rpki-client on console-ams.rpki-client.org