Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/lBqrHSbwCfjm3S5z983M1H8W3Oo.roa
File: lBqrHSbwCfjm3S5z983M1H8W3Oo.roa (raw, json)
Hash identifier: fmuHpMvkLTtTZMfiw2ZSApDNx1Elpcj1XDvU71Agwx4=
Subject key identifier: 94:1A:AB:1D:26:F0:09:F8:E6:DD:2E:73:F7:CD:CC:D4:7F:16:DC:EA
Certificate issuer: /CN=3b3daef89306a75f0b88191440742a720afb3f20
Certificate serial: 01856BCA23A2AA231B41BDAEC910904A017D
Authority key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/lBqrHSbwCfjm3S5z983M1H8W3Oo.roa
Signing time: Sun 01 Jan 2023 05:24:47 +0000
ROA not before: Sun 01 Jan 2023 05:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 193.201.28.0/23 maxlen: 23
185.1.218.0/24 maxlen: 24
2001:7f8:10::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 14 Feb 2023 15:20:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:23:a2:aa:23:1b:41:bd:ae:c9:10:90:4a:01:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3daef89306a75f0b88191440742a720afb3f20
Validity
Not Before: Jan 1 05:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=941aab1d26f009f8e6dd2e73f7cdccd47f16dcea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:76:d5:8f:3e:a4:dd:81:d6:94:69:9e:3f:7a:
f4:34:d3:e8:92:05:ed:8a:53:dc:10:14:3e:79:a5:
76:11:1e:b5:e2:61:bb:05:0b:d5:81:88:f6:0e:6f:
e1:6a:c0:f6:68:49:16:25:f8:e7:bf:3e:45:07:d1:
2d:78:ec:26:b0:45:d8:c8:d3:cf:70:72:ec:0b:3e:
c6:5a:f0:c5:9d:70:8d:8d:88:48:23:c6:d1:80:33:
d5:e3:68:33:8d:3c:31:c2:15:ea:f8:85:69:ac:10:
48:c6:f6:2d:2a:ec:06:dc:cf:43:7c:b3:12:6b:c3:
25:67:db:8a:50:58:15:60:cf:9f:48:30:b6:5a:d3:
df:5b:b7:8c:c3:96:29:6e:49:4f:51:89:e6:38:a2:
07:e4:26:7b:dd:cc:96:23:6f:3f:50:f3:58:23:87:
b2:4a:e1:24:0c:1a:1f:0f:56:eb:f9:af:94:d2:a6:
36:4b:b2:82:50:ee:e2:6f:da:c7:45:ad:33:9f:51:
4a:ba:82:e1:5d:04:06:0e:46:46:74:8f:3c:1f:9f:
76:20:a0:cc:4e:32:5a:3e:2d:68:4d:c1:81:2f:a1:
04:9d:5e:29:8d:eb:94:64:9a:18:bd:8c:96:b6:31:
85:16:3d:a9:de:b4:1e:51:4a:36:e4:00:ef:82:0c:
1c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1A:AB:1D:26:F0:09:F8:E6:DD:2E:73:F7:CD:CC:D4:7F:16:DC:EA
X509v3 Authority Key Identifier:
keyid:3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/lBqrHSbwCfjm3S5z983M1H8W3Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.218.0/24
193.201.28.0/23
IPv6:
2001:7f8:10::/64
Signature Algorithm: sha256WithRSAEncryption
b8:bb:e4:90:7a:f9:e2:24:cf:a2:67:3f:03:0e:31:9c:0d:db:
32:fa:67:3e:dc:bf:aa:ad:b2:48:26:25:66:dd:db:da:00:bf:
bc:d9:f2:2b:46:f4:da:b1:d8:3e:95:e8:91:45:48:3d:1a:6b:
e9:8a:b1:26:0b:50:77:b7:57:15:39:1a:22:f9:b6:16:20:0c:
a1:48:f5:6e:91:81:42:28:3b:c7:38:0d:09:2e:3e:af:22:91:
6e:2f:0e:be:e0:a7:c0:ca:f4:1f:c4:a4:3d:52:35:91:9b:6c:
20:35:de:bc:71:d2:07:58:66:ff:71:f3:a9:08:90:82:75:ad:
b0:d4:f6:b5:25:19:7e:e0:bd:41:75:89:75:ac:11:72:74:7c:
f0:18:7f:cf:0b:d9:10:0c:d9:a2:b2:bb:4d:34:83:ee:2c:ef:
ea:6f:52:d1:2d:f5:7d:c2:c0:e1:4b:a7:b7:ee:54:45:cd:0b:
6f:34:c7:be:76:39:fd:51:f3:d0:02:94:6a:18:d1:b4:53:92:
b7:d2:d9:4e:86:ca:b9:86:8e:da:f8:58:2f:0c:97:10:cb:30:
91:c3:bb:05:14:28:fc:f2:e3:63:20:23:15:18:87:fb:d7:0a:
df:42:99:44:f3:78:88:b2:6e:66:35:0b:36:e8:fd:fc:9d:d8:
5e:19:e2:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVryiOiqiMbQb2uyRCQSgF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2RhZWY4OTMwNmE3NWYwYjg4MTkxNDQwNzQyYTcyMGFm
YjNmMjAwHhcNMjMwMTAxMDUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDFhYWIxZDI2ZjAwOWY4ZTZkZDJlNzNmN2NkY2NkNDdmMTZkY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3bVjz6k3YHWlGmeP3r0NNPokgXt
ilPcEBQ+eaV2ER614mG7BQvVgYj2Dm/hasD2aEkWJfjnvz5FB9EteOwmsEXYyNPP
cHLsCz7GWvDFnXCNjYhII8bRgDPV42gzjTwxwhXq+IVprBBIxvYtKuwG3M9DfLMS
a8MlZ9uKUFgVYM+fSDC2WtPfW7eMw5YpbklPUYnmOKIH5CZ73cyWI28/UPNYI4ey
SuEkDBofD1br+a+U0qY2S7KCUO7ib9rHRa0zn1FKuoLhXQQGDkZGdI88H592IKDM
TjJaPi1oTcGBL6EEnV4pjeuUZJoYvYyWtjGFFj2p3rQeUUo25ADvggwc1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQaqx0m8An45t0uc/fNzNR/FtzqMB8GA1UdIwQY
MBaAFDs9rviTBqdfC4gZFEB0KnIK+z8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUt
YWFjYWQ4NmM2MTdkLzEvbEJxckhTYndDZmptM1M1ejk4M00xSDhXM09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUtYWFjYWQ4NmM2MTdk
LzEvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzASBAIAATAMAwQAuQHaAwQB
wckcMBEEAgACMAsDCQAgAQf4ABAAADANBgkqhkiG9w0BAQsFAAOCAQEAuLvkkHr5
4iTPomc/Aw4xnA3bMvpnPty/qq2ySCYlZt3b2gC/vNnyK0b02rHYPpXokUVIPRpr
6YqxJgtQd7dXFTkaIvm2FiAMoUj1bpGBQig7xzgNCS4+ryKRbi8OvuCnwMr0H8Sk
PVI1kZtsIDXevHHSB1hm/3HzqQiQgnWtsNT2tSUZfuC9QXWJdawRcnR88Bh/zwvZ
EAzZorK7TTSD7izv6m9S0S31fcLA4Uunt+5URc0LbzTHvnY5/VHz0AKUahjRtFOS
t9LZTobKuYaO2vhYLwyXEMswkcO7BRQo/PLjYyAjFRiH+9cK30KZRPN4iLJuZjUL
Nuj9/J3YXhnizw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:50 2024 by rpki-client on console-ams.rpki-client.org