Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/lznMhgMiP8WrewJtTJOTZuREWjc.roa
File: lznMhgMiP8WrewJtTJOTZuREWjc.roa (raw, json)
Hash identifier: Rnzqv1TaOHF8Br5oJEXSh8xuRzh4oTNXNissvxeUyRM=
Subject key identifier: 97:39:CC:86:03:22:3F:C5:AB:7B:02:6D:4C:93:93:66:E4:44:5A:37
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018CC5005F3D50CE948755D5E25B7C58B338
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/lznMhgMiP8WrewJtTJOTZuREWjc.roa
Signing time: Mon 01 Jan 2024 12:29:45 +0000
ROA not before: Mon 01 Jan 2024 12:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206766
IP address blocks: 45.153.72.0/23 maxlen: 23
185.183.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 May 2024 08:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5f:3d:50:ce:94:87:55:d5:e2:5b:7c:58:b3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 1 12:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9739cc8603223fc5ab7b026d4c939366e4445a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d5:70:1f:c6:f2:b4:a5:3a:e5:90:f1:b4:e7:
79:62:b5:27:53:5c:f3:03:7b:b1:78:fc:bd:13:a9:
af:2f:55:dc:1d:35:7e:69:87:d1:9d:0c:50:e8:7a:
7c:74:4b:52:6d:54:be:9f:a2:56:8b:53:12:95:d4:
76:32:9f:af:ab:24:f2:9a:dc:50:f6:1d:61:5c:3b:
6a:d1:9f:21:80:5d:04:9d:29:ed:32:3f:f3:5c:6b:
88:6f:c1:31:77:4c:64:98:75:76:65:ce:d3:9b:4f:
3b:87:da:5f:c0:39:08:21:80:f7:95:43:d6:1e:b6:
fb:88:90:be:88:d0:a4:da:93:af:01:88:e2:89:16:
59:3e:f8:47:4e:b2:4f:10:52:2b:a5:5a:50:8b:1c:
a4:03:9e:5c:9a:94:46:08:d4:c1:13:c3:2f:e6:d0:
a1:49:bb:81:9e:6e:ff:32:a8:d3:dd:8b:ec:7a:a8:
a8:ad:8a:fe:0a:87:62:5b:96:9f:45:c0:71:64:22:
19:d6:20:f2:58:68:36:5e:2a:34:97:84:39:24:b0:
5a:2e:d7:8d:bc:19:e5:f8:f9:53:ff:fa:6f:d3:24:
03:94:b2:fe:fd:8a:56:2f:6a:89:7f:9a:76:7a:3b:
32:39:09:d8:40:30:af:80:63:ac:5d:26:57:55:a2:
bc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:39:CC:86:03:22:3F:C5:AB:7B:02:6D:4C:93:93:66:E4:44:5A:37
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/lznMhgMiP8WrewJtTJOTZuREWjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.72.0/23
185.183.160.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:6b:cb:54:0d:b8:50:94:42:44:ac:db:9c:32:b0:15:50:6b:
68:92:9b:b8:01:d8:92:fc:5e:f8:99:a7:66:e3:59:f0:0c:85:
dc:1e:30:21:3e:7c:04:91:4f:90:a0:ad:c6:fc:c2:36:8e:e7:
6d:fe:61:a5:20:dc:f9:41:36:48:64:37:14:fe:52:34:65:6b:
69:8f:6a:3a:d5:ad:bd:52:a9:03:32:73:77:f1:fa:0c:4e:3f:
8c:2f:af:b2:3a:b2:f5:58:e6:c5:40:9b:42:b5:9b:47:4e:90:
a4:14:17:70:cf:14:ec:2e:1f:be:d0:d2:48:90:ee:59:89:f7:
39:89:1c:a3:82:ff:ca:65:e9:76:90:36:79:6f:20:3d:5b:9d:
9f:88:c8:fc:10:36:ee:98:37:31:30:4d:6f:02:31:48:95:fc:
23:27:67:b1:a9:2d:45:80:7b:4c:a2:52:02:33:2b:cb:05:85:
d2:ed:f2:8a:66:41:43:30:9a:78:e3:0b:d0:60:c8:17:37:92:
db:92:40:80:ac:57:d0:0c:36:61:1f:29:c1:08:4d:80:1f:70:
2e:85:22:61:89:ad:66:94:54:28:ab:fc:1d:6d:55:48:4f:f4:
5c:39:83:0f:de:55:07:a5:ca:3e:ba:de:bc:a2:a8:e0:30:84:
11:3e:5b:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAF89UM6Uh1XV4lt8WLM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjQwMTAxMTIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzM5Y2M4NjAzMjIzZmM1YWI3YjAyNmQ0YzkzOTM2NmU0NDQ1YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidVwH8bytKU65ZDxtOd5YrUnU1zz
A3uxePy9E6mvL1XcHTV+aYfRnQxQ6Hp8dEtSbVS+n6JWi1MSldR2Mp+vqyTymtxQ
9h1hXDtq0Z8hgF0EnSntMj/zXGuIb8Exd0xkmHV2Zc7Tm087h9pfwDkIIYD3lUPW
Hrb7iJC+iNCk2pOvAYjiiRZZPvhHTrJPEFIrpVpQixykA55cmpRGCNTBE8Mv5tCh
SbuBnm7/MqjT3YvseqiorYr+CodiW5afRcBxZCIZ1iDyWGg2Xio0l4Q5JLBaLteN
vBnl+PlT//pv0yQDlLL+/YpWL2qJf5p2ejsyOQnYQDCvgGOsXSZXVaK87QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJc5zIYDIj/Fq3sCbUyTk2bkRFo3MB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvbHpuTWhnTWlQOFdyZXdKdFRKT1RadVJFV2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZlIAwQC
ubegMA0GCSqGSIb3DQEBCwUAA4IBAQAPa8tUDbhQlEJErNucMrAVUGtokpu4AdiS
/F74madm41nwDIXcHjAhPnwEkU+QoK3G/MI2judt/mGlINz5QTZIZDcU/lI0ZWtp
j2o61a29UqkDMnN38foMTj+ML6+yOrL1WObFQJtCtZtHTpCkFBdwzxTsLh++0NJI
kO5Zifc5iRyjgv/KZel2kDZ5byA9W52fiMj8EDbumDcxME1vAjFIlfwjJ2exqS1F
gHtMolICMyvLBYXS7fKKZkFDMJp44wvQYMgXN5LbkkCArFfQDDZhHynBCE2AH3Au
hSJhia1mlFQoq/wdbVVIT/RcOYMP3lUHpco+ut68oqjgMIQRPluo
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:32 2025 by rpki-client