Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/lkmkvyffA_py-hycB0MG5aBmMDM.roa
File: lkmkvyffA_py-hycB0MG5aBmMDM.roa (raw, json)
Hash identifier: i5IvqNeojb1C7nruHf0jerxBXaWBoPAWwwMYgpP/Oxg=
Subject key identifier: 96:49:A4:BF:27:DF:03:FA:72:FA:1C:9C:07:43:06:E5:A0:66:30:33
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 0185B656F0D7A9196D1BF802FE22C799832C
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/lkmkvyffA_py-hycB0MG5aBmMDM.roa
Signing time: Sun 15 Jan 2023 16:50:29 +0000
ROA not before: Sun 15 Jan 2023 16:50:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203905
IP address blocks: 185.33.169.0/24 maxlen: 24
185.33.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Jan 2023 18:58:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b6:56:f0:d7:a9:19:6d:1b:f8:02:fe:22:c7:99:83:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 15 16:50:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9649a4bf27df03fa72fa1c9c074306e5a0663033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:b6:ee:b3:1c:17:7a:0c:df:80:24:2c:18:
b0:56:e0:9e:b2:3e:ad:27:56:2b:9f:84:85:c0:f7:
37:84:7a:24:9f:d1:ae:78:c6:36:19:07:b4:15:49:
93:ac:9b:0d:eb:f4:25:23:7c:ab:91:e9:33:fb:2c:
b3:4a:04:d6:2f:66:61:05:3e:2d:29:8f:2f:ac:c0:
01:4b:9a:2a:74:1a:59:e5:c1:b6:11:3d:8a:ac:35:
91:02:41:1e:d4:32:d8:4d:6f:3e:1b:53:e5:ec:6f:
e8:8f:43:83:7d:8a:e7:0d:0b:ec:88:cb:15:c9:f0:
bd:01:99:5e:bf:d8:6a:4c:0a:0c:a5:7e:74:99:13:
c1:94:95:38:15:37:59:2c:cd:0c:81:53:5e:4b:5b:
73:0c:a4:d9:ea:d9:db:f5:cd:85:de:27:83:0e:c9:
86:bc:1f:ed:b0:ee:23:5c:79:22:2e:4a:48:11:cf:
ac:25:64:2a:71:ca:e9:82:84:90:ac:11:7a:2e:58:
1a:65:bb:b7:06:29:3f:cd:5a:7f:0a:f2:fc:d2:fb:
64:90:2f:66:c6:c8:a5:88:99:ad:09:b1:db:13:cc:
d3:2f:e2:9e:d1:77:11:ea:60:7e:4e:a8:5a:53:4b:
fa:6a:58:bc:b7:31:85:4a:cd:d8:9e:c6:6e:1f:78:
1a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:49:A4:BF:27:DF:03:FA:72:FA:1C:9C:07:43:06:E5:A0:66:30:33
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/lkmkvyffA_py-hycB0MG5aBmMDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.169.0-185.33.170.255
Signature Algorithm: sha256WithRSAEncryption
0c:ae:56:1b:b8:1a:11:ef:86:a9:96:8b:54:5a:63:52:25:c9:
e1:5d:9f:39:28:5d:88:6e:8c:c2:f9:9b:5d:69:e8:5b:e9:98:
e4:ef:36:69:b3:ba:fc:5f:6b:71:3d:df:f1:59:45:25:b0:91:
5a:ff:73:eb:5b:9b:cf:c3:d7:40:2b:3f:be:fd:a0:ab:0a:db:
42:d0:8e:d3:42:7c:4b:df:ac:d9:92:43:e0:26:ad:4f:c3:c2:
c1:ca:f3:ec:a7:8e:00:ac:8a:3a:4d:4d:1b:ef:5f:47:0d:6e:
28:a2:7c:92:cd:77:60:a5:83:ca:4f:a4:5a:d5:af:d2:19:25:
c1:94:0d:62:c7:54:1b:92:74:e5:77:99:f9:7c:3d:08:09:73:
9a:5b:dd:76:e6:cd:65:6f:e1:ac:b7:d2:0b:80:bf:b0:18:43:
2d:9b:12:46:6d:00:98:c3:8b:77:9b:c2:ec:48:d4:37:f4:1c:
b6:ef:1b:08:9a:fe:bc:c5:6b:78:ea:39:dd:82:2e:46:06:27:
bb:e7:91:94:c9:df:ec:ac:3a:a1:a8:8d:1a:7f:bf:7d:e3:42:
4e:44:31:2d:f4:8b:dc:8d:d3:9b:de:06:e1:0d:3d:f8:f5:b5:
43:56:61:79:cf:98:4e:49:df:32:41:6e:16:08:25:63:e5:a1:
43:11:9f:a6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYW2VvDXqRltG/gC/iLHmYMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMTE1MTY1MDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQ5YTRiZjI3ZGYwM2ZhNzJmYTFjOWMwNzQzMDZlNWEwNjYzMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh+27rMcF3oM34AkLBiwVuCesj6t
J1Yrn4SFwPc3hHokn9GueMY2GQe0FUmTrJsN6/QlI3yrkekz+yyzSgTWL2ZhBT4t
KY8vrMABS5oqdBpZ5cG2ET2KrDWRAkEe1DLYTW8+G1Pl7G/oj0ODfYrnDQvsiMsV
yfC9AZlev9hqTAoMpX50mRPBlJU4FTdZLM0MgVNeS1tzDKTZ6tnb9c2F3ieDDsmG
vB/tsO4jXHkiLkpIEc+sJWQqccrpgoSQrBF6LlgaZbu3Bik/zVp/CvL80vtkkC9m
xsiliJmtCbHbE8zTL+Ke0XcR6mB+TqhaU0v6ali8tzGFSs3YnsZuH3gaaQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJZJpL8n3wP6cvocnAdDBuWgZjAzMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvbGtta3Z5ZmZBX3B5LWh5Y0IwTUc1YUJtTURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5IakD
BAC5IaowDQYJKoZIhvcNAQELBQADggEBAAyuVhu4GhHvhqmWi1RaY1IlyeFdnzko
XYhujML5m11p6FvpmOTvNmmzuvxfa3E93/FZRSWwkVr/c+tbm8/D10ArP779oKsK
20LQjtNCfEvfrNmSQ+AmrU/DwsHK8+ynjgCsijpNTRvvX0cNbiiifJLNd2Clg8pP
pFrVr9IZJcGUDWLHVBuSdOV3mfl8PQgJc5pb3XbmzWVv4ay30guAv7AYQy2bEkZt
AJjDi3ebwuxI1Df0HLbvGwia/rzFa3jqOd2CLkYGJ7vnkZTJ3+ysOqGojRp/v33j
Qk5EMS30i9yN05veBuENPfj1tUNWYXnPmE5J3zJBbhYIJWPloUMRn6Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:37 2024 by rpki-client on console-ams.rpki-client.org