Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Lxb-Xabpu7EfauS3fzLZYGOGz2U.roa
File: Lxb-Xabpu7EfauS3fzLZYGOGz2U.roa (raw, json)
Hash identifier: rf6oQ91JGHR8OABaPgDJc6z9kL7hoYtLcX8s8hI1uI0=
Subject key identifier: 2F:16:FE:5D:A6:E9:BB:B1:1F:6A:E4:B7:7F:32:D9:60:63:86:CF:65
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 01857246FB7DE2709A659003FF4F3D730515
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Lxb-Xabpu7EfauS3fzLZYGOGz2U.roa
Signing time: Mon 02 Jan 2023 11:38:52 +0000
ROA not before: Mon 02 Jan 2023 11:38:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201551
IP address blocks: 5.149.157.0/24 maxlen: 24
5.149.156.0/24 maxlen: 24
5.149.156.0/23 maxlen: 23
5.149.155.0/24 maxlen: 24
2a02:1710:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:fb:7d:e2:70:9a:65:90:03:ff:4f:3d:73:05:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 2 11:38:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f16fe5da6e9bbb11f6ae4b77f32d9606386cf65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:ef:9c:12:7e:f9:86:99:63:ca:80:9f:1e:
52:b4:4d:c5:f1:a5:0b:a4:9f:a1:0c:51:8b:dd:71:
a1:5e:5d:0e:7d:48:55:08:03:b9:eb:c4:43:ab:69:
dd:23:48:1b:40:6d:06:af:a1:3a:22:33:8b:75:bd:
30:36:f0:09:f1:2b:80:54:15:59:46:55:13:13:17:
64:48:27:81:0e:fa:f8:b9:a2:34:2a:bd:24:dc:62:
8f:fb:7d:f6:58:d8:b6:5e:af:af:53:11:f4:e2:17:
80:c8:f6:d9:8e:f5:7f:75:1f:87:6d:27:2c:4d:0f:
a8:52:47:bb:4d:54:b8:83:e1:32:29:31:c5:84:ee:
ed:9b:fe:1e:f6:d8:32:5b:ac:95:2a:ee:d7:b7:d6:
53:67:81:f4:a1:c4:5a:ca:15:9f:b4:18:55:73:66:
d4:46:47:b3:9f:c1:57:15:a9:77:54:c2:d5:4d:89:
91:24:03:9a:c5:ae:00:04:38:b9:39:7d:33:db:e8:
0c:2f:6f:e6:4f:40:d7:63:41:bc:9b:f7:4e:c0:25:
85:6a:de:23:7e:2e:86:bb:a6:c2:6a:61:d7:27:42:
8b:dd:5e:36:e7:3d:50:e1:20:4b:97:3a:eb:8e:60:
14:65:b4:c6:28:44:de:6f:1b:d0:0d:0f:c5:e4:dd:
fc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:16:FE:5D:A6:E9:BB:B1:1F:6A:E4:B7:7F:32:D9:60:63:86:CF:65
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Lxb-Xabpu7EfauS3fzLZYGOGz2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.155.0-5.149.157.255
IPv6:
2a02:1710:6::/48
Signature Algorithm: sha256WithRSAEncryption
65:1e:63:d2:bd:ee:26:46:a8:3b:0f:50:0a:06:c4:96:e2:13:
c3:7e:d0:64:2b:44:c0:61:5c:7c:65:af:a6:2b:a2:6a:d3:7f:
15:c5:79:f1:08:d4:64:05:a2:8f:f8:16:75:a0:70:92:f5:55:
09:86:62:cc:cd:57:ff:f7:9b:ad:0b:62:49:57:07:4b:98:ae:
88:e1:cb:c0:79:87:b7:5e:e8:4f:32:7c:ac:2e:6d:0d:91:b0:
eb:25:16:1f:9f:75:40:86:5e:79:18:0a:82:8c:58:e6:96:4f:
09:9c:ee:93:06:92:23:4f:93:ba:ff:66:c9:3d:94:67:d6:86:
27:ff:7a:95:ad:4e:d9:00:65:84:c6:ed:d7:4d:34:05:86:65:
16:98:40:7a:cc:15:5f:be:8e:c5:35:2a:d8:2c:4f:48:93:15:
e4:42:c1:80:49:70:0d:05:4e:5d:77:85:dd:3f:22:52:77:84:
1e:8d:73:8c:d9:6c:b4:6f:3d:0f:9d:b2:eb:f0:80:89:38:6c:
b7:f3:f0:5e:49:9c:07:e5:15:3e:dc:dc:0a:52:e5:6a:df:76:
ee:51:4f:f1:90:7f:2a:07:e3:5e:98:2b:07:9f:ce:14:6b:bd:
fe:39:91:4c:05:8f:17:50:bf:94:58:d9:a5:af:2f:b0:af:2f:
51:da:f7:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVyRvt94nCaZZAD/089cwUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjMwMTAyMTEzODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE2ZmU1ZGE2ZTliYmIxMWY2YWU0Yjc3ZjMyZDk2MDYzODZjZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluDvnBJ++YaZY8qAnx5StE3F8aUL
pJ+hDFGL3XGhXl0OfUhVCAO568RDq2ndI0gbQG0Gr6E6IjOLdb0wNvAJ8SuAVBVZ
RlUTExdkSCeBDvr4uaI0Kr0k3GKP+332WNi2Xq+vUxH04heAyPbZjvV/dR+HbScs
TQ+oUke7TVS4g+EyKTHFhO7tm/4e9tgyW6yVKu7Xt9ZTZ4H0ocRayhWftBhVc2bU
Rkezn8FXFal3VMLVTYmRJAOaxa4ABDi5OX0z2+gML2/mT0DXY0G8m/dOwCWFat4j
fi6Gu6bCamHXJ0KL3V425z1Q4SBLlzrrjmAUZbTGKETebxvQDQ/F5N383QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8W/l2m6buxH2rkt38y2WBjhs9lMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvTHhiLVhhYnB1N0VmYXVTM2Z6TFpZR09HejJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAAFlZsD
BAEFlZwwDwQCAAIwCQMHACoCFxAABjANBgkqhkiG9w0BAQsFAAOCAQEAZR5j0r3u
JkaoOw9QCgbEluITw37QZCtEwGFcfGWvpiuiatN/FcV58QjUZAWij/gWdaBwkvVV
CYZizM1X//ebrQtiSVcHS5iuiOHLwHmHt17oTzJ8rC5tDZGw6yUWH591QIZeeRgK
goxY5pZPCZzukwaSI0+Tuv9myT2UZ9aGJ/96la1O2QBlhMbt1000BYZlFphAeswV
X76OxTUq2CxPSJMV5ELBgElwDQVOXXeF3T8iUneEHo1zjNlstG89D52y6/CAiThs
t/PwXkmcB+UVPtzcClLlat927lFP8ZB/KgfjXpgrB5/OFGu9/jmRTAWPF1C/lFjZ
pa8vsK8vUdr38Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:14 2024 by rpki-client on console-fra.rpki-client.org