Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lb-DMhJDgItK0_83wy_U-yXfIcc.roa
File: lb-DMhJDgItK0_83wy_U-yXfIcc.roa (raw, json)
Hash identifier: MT4YnG12OGm+slmtuNkt70gP3eG7ZRXhhP/t01C991U=
Subject key identifier: 95:BF:83:32:12:43:80:8B:4A:D3:FF:37:C3:2F:D4:FB:25:DF:21:C7
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D65BF12C313B8158AFCB081DF166B8EA3
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lb-DMhJDgItK0_83wy_U-yXfIcc.roa
Signing time: Thu 01 Feb 2024 17:37:17 +0000
ROA not before: Thu 01 Feb 2024 17:37:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207027
IP address blocks: 2.59.176.0/22 maxlen: 22
193.36.228.0/24 maxlen: 24
193.37.34.0/24 maxlen: 24
193.193.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 15:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:bf:12:c3:13:b8:15:8a:fc:b0:81:df:16:6b:8e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 1 17:37:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95bf83321243808b4ad3ff37c32fd4fb25df21c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:76:ef:92:35:f0:08:52:9a:de:96:ff:42:02:
95:06:c7:d4:90:0f:b4:62:c1:5f:1a:9d:d8:0c:50:
d5:db:f7:94:18:6b:66:49:5e:0d:c9:8e:c9:33:79:
cc:07:52:00:2a:64:bf:32:08:08:2c:96:b8:eb:14:
3c:fa:1f:6b:d5:b6:ca:e1:b5:b1:97:dc:75:50:db:
8a:66:96:0b:82:60:a9:0f:2f:68:19:22:7b:12:83:
b3:18:30:d9:93:46:d3:df:ee:c2:82:9f:a1:f4:b5:
32:27:c7:33:4b:6a:ff:bc:ad:6e:f6:e5:3f:f2:95:
10:15:58:47:db:85:36:2b:ab:ed:2d:8e:37:6e:8c:
3d:7a:e4:c4:52:9c:26:16:72:4a:b3:ed:81:36:12:
83:38:ac:18:6a:5b:5d:3b:49:ae:55:fe:c5:2e:2b:
dc:c7:ea:6b:43:d5:f2:89:4d:33:8c:0e:f1:ea:66:
2e:20:bd:38:09:26:da:79:5e:54:22:b6:ba:86:5a:
15:58:f2:c5:8f:d9:71:b0:6e:7f:33:6a:c0:8b:26:
ed:0e:51:4f:c9:56:18:71:89:33:dd:42:b2:28:d6:
7c:39:d0:f6:88:97:38:bf:ff:f1:9a:50:a5:d6:19:
f6:29:e3:57:48:73:d1:3c:5f:e8:29:c8:e6:f9:bb:
46:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BF:83:32:12:43:80:8B:4A:D3:FF:37:C3:2F:D4:FB:25:DF:21:C7
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lb-DMhJDgItK0_83wy_U-yXfIcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.176.0/22
193.36.228.0/24
193.37.34.0/24
193.193.160.0/24
Signature Algorithm: sha256WithRSAEncryption
94:4f:3f:57:95:97:10:2f:30:ff:bb:63:d3:c5:de:7a:78:22:
51:c5:b5:12:f8:e5:1e:52:f8:a4:53:b1:67:ee:02:00:ab:b2:
89:6f:37:ab:d7:eb:f9:1f:45:d5:c5:be:28:3d:a8:a8:c1:e6:
85:fa:7b:02:9e:36:94:a1:63:c7:03:e3:ac:a4:d2:80:16:47:
d9:2b:bb:a0:12:8d:d0:f1:4c:4f:3a:53:29:6f:0a:df:f8:6d:
0d:6e:bd:73:20:e4:11:c2:db:e4:fa:6d:3a:4f:30:8d:c0:5f:
cd:f4:5b:a5:70:af:57:ea:be:37:7f:b5:eb:f3:5a:48:40:4d:
c9:db:a6:58:8d:7d:2c:2c:72:58:9d:e4:a4:b5:7d:cb:a1:73:
ed:b7:79:bf:a5:11:fd:48:1c:df:38:1d:54:5d:bd:b4:30:99:
f6:7d:cb:4e:98:0f:f7:f9:ec:d8:db:2f:08:d7:35:43:b1:74:
87:ee:22:8b:df:39:90:bb:92:94:70:db:90:bb:bf:2f:dc:82:
cd:62:a8:69:b6:b6:68:61:b4:12:2f:69:c9:ee:2a:9a:be:7e:
75:58:4e:25:5b:89:63:0d:3f:9f:ca:1e:9e:0a:41:20:6a:60:
e7:0c:86:84:3a:47:f6:47:da:17:95:df:70:44:7d:10:50:79:
66:6e:3c:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1lvxLDE7gVivywgd8Wa46jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAxMTczNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJmODMzMjEyNDM4MDhiNGFkM2ZmMzdjMzJmZDRmYjI1ZGYyMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXbvkjXwCFKa3pb/QgKVBsfUkA+0
YsFfGp3YDFDV2/eUGGtmSV4NyY7JM3nMB1IAKmS/MggILJa46xQ8+h9r1bbK4bWx
l9x1UNuKZpYLgmCpDy9oGSJ7EoOzGDDZk0bT3+7Cgp+h9LUyJ8czS2r/vK1u9uU/
8pUQFVhH24U2K6vtLY43bow9euTEUpwmFnJKs+2BNhKDOKwYaltdO0muVf7FLivc
x+prQ9XyiU0zjA7x6mYuIL04CSbaeV5UIra6hloVWPLFj9lxsG5/M2rAiybtDlFP
yVYYcYkz3UKyKNZ8OdD2iJc4v//xmlCl1hn2KeNXSHPRPF/oKcjm+btGWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJW/gzISQ4CLStP/N8Mv1Psl3yHHMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbGItRE1oSkRnSXRLMF84M3d5X1UteVhmSWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjuwAwQA
wSTkAwQAwSUiAwQAwcGgMA0GCSqGSIb3DQEBCwUAA4IBAQCUTz9XlZcQLzD/u2PT
xd56eCJRxbUS+OUeUvikU7Fn7gIAq7KJbzer1+v5H0XVxb4oPaioweaF+nsCnjaU
oWPHA+OspNKAFkfZK7ugEo3Q8UxPOlMpbwrf+G0Nbr1zIOQRwtvk+m06TzCNwF/N
9FulcK9X6r43f7Xr81pIQE3J26ZYjX0sLHJYneSktX3LoXPtt3m/pRH9SBzfOB1U
Xb20MJn2fctOmA/3+ezY2y8I1zVDsXSH7iKL3zmQu5KUcNuQu78v3ILNYqhptrZo
YbQSL2nJ7iqavn51WE4lW4ljDT+fyh6eCkEgamDnDIaEOkf2R9oXld9wRH0QUHlm
bjzE
-----END CERTIFICATE-----
Generated at Wed Feb 21 19:42:57 2024 by rpki-client on console-fra.rpki-client.org