Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/lcyG6obM-d1k7FXsIRAxiv4cCJU.roa
File: lcyG6obM-d1k7FXsIRAxiv4cCJU.roa (raw, json)
Hash identifier: JHfmyvLZFrQkB5Xf9HX8pBVN6e1Mv8I/axhP3oPB1kE=
Subject key identifier: 95:CC:86:EA:86:CC:F9:DD:64:EC:55:EC:21:10:31:8A:FE:1C:08:95
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018571B9F74667F2AB719B3F27153BF9F562
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/lcyG6obM-d1k7FXsIRAxiv4cCJU.roa
Signing time: Mon 02 Jan 2023 09:04:50 +0000
ROA not before: Mon 02 Jan 2023 09:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197343
IP address blocks: 2.189.128.0/20 maxlen: 20
2.189.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Sat 03 Jun 2023 11:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f7:46:67:f2:ab:71:9b:3f:27:15:3b:f9:f5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 09:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95cc86ea86ccf9dd64ec55ec2110318afe1c0895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:83:6f:ec:e5:02:fa:dc:cb:c5:3b:51:f0:1b:
d0:83:d6:86:77:f3:25:0f:b1:60:ac:60:63:c3:6a:
4a:0f:10:61:0f:91:e4:8b:ed:2f:dc:77:b4:f6:2f:
6d:c6:f9:11:fc:0a:9e:9a:ae:c6:3c:ca:90:91:57:
f1:56:54:66:b0:98:bb:a1:cc:6d:fb:46:f2:67:35:
2b:d3:e5:c0:3d:f7:64:f9:bf:c3:b6:49:ac:00:20:
e3:cc:84:cc:44:55:39:4b:93:72:94:0e:b1:bd:7c:
b6:4c:f0:15:37:00:08:81:1c:41:e2:45:82:0a:fc:
e0:55:7f:90:04:1e:67:e7:b7:aa:32:01:06:7f:e1:
e7:f5:da:35:6b:3c:63:f9:13:25:2e:ef:44:53:69:
0f:69:52:27:3c:28:95:bc:7a:dd:db:d8:de:aa:1f:
89:d6:19:da:f5:fc:e3:37:f1:41:49:90:01:e2:30:
0e:5b:d5:e6:ac:9f:4c:10:e7:fd:a3:cb:7c:b5:3f:
1d:bf:60:82:67:49:55:c7:c6:a3:36:d9:7b:2d:62:
1c:9c:d3:bc:fa:56:43:ab:67:66:09:40:97:de:6d:
63:08:ac:17:03:67:f0:a1:57:94:8c:43:f2:6f:86:
2e:72:2d:4b:fd:6e:ed:d4:74:dd:c6:b4:d9:d3:26:
84:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CC:86:EA:86:CC:F9:DD:64:EC:55:EC:21:10:31:8A:FE:1C:08:95
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/lcyG6obM-d1k7FXsIRAxiv4cCJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.128.0/19
Signature Algorithm: sha256WithRSAEncryption
52:91:1c:6a:cf:e1:3e:d9:bc:f7:2a:2b:24:c4:ba:1f:88:ce:
09:53:6a:01:a5:c4:4d:9d:1b:88:9b:57:7c:58:c0:db:1e:cf:
42:53:ce:02:ca:b4:b8:9a:88:eb:34:38:03:65:03:68:94:4b:
80:7d:d5:5c:4c:8d:94:4b:83:ba:0f:b8:7f:fb:aa:31:70:39:
36:6b:d2:b2:64:72:34:79:fd:94:4d:28:1b:73:89:01:32:c0:
3d:8e:64:2e:aa:59:3b:83:f1:03:3d:bf:54:7b:6b:90:f3:3a:
7a:86:58:8a:ac:92:ab:a3:71:12:21:b6:d6:03:c9:28:7c:97:
6d:5a:32:8d:fd:69:d9:63:01:42:6f:28:85:15:ae:d3:3f:63:
23:ad:77:32:e4:09:21:f5:5a:65:e9:55:f8:76:e9:34:23:96:
a5:3c:6f:a9:b5:90:8b:17:29:c0:0b:a3:e4:29:22:f7:3e:dd:
af:7d:d3:7c:ca:92:43:cc:cd:c2:fe:e5:a5:53:01:1b:e9:4e:
b7:a7:62:ff:a7:29:2a:7e:25:62:4a:70:5a:64:aa:86:c8:19:
f1:7a:1b:70:2c:e0:57:f7:69:d8:16:34:1a:01:47:d2:ad:92:
2d:52:1b:d6:90:d6:d3:2c:ab:c4:9a:27:39:b6:bc:12:40:6e:
0c:88:a1:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxufdGZ/KrcZs/JxU7+fViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwMTAyMDkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWNjODZlYTg2Y2NmOWRkNjRlYzU1ZWMyMTEwMzE4YWZlMWMwODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoNv7OUC+tzLxTtR8BvQg9aGd/Ml
D7FgrGBjw2pKDxBhD5Hki+0v3He09i9txvkR/Aqemq7GPMqQkVfxVlRmsJi7ocxt
+0byZzUr0+XAPfdk+b/DtkmsACDjzITMRFU5S5NylA6xvXy2TPAVNwAIgRxB4kWC
CvzgVX+QBB5n57eqMgEGf+Hn9do1azxj+RMlLu9EU2kPaVInPCiVvHrd29jeqh+J
1hna9fzjN/FBSZAB4jAOW9XmrJ9MEOf9o8t8tT8dv2CCZ0lVx8ajNtl7LWIcnNO8
+lZDq2dmCUCX3m1jCKwXA2fwoVeUjEPyb4Yuci1L/W7t1HTdxrTZ0yaEfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXMhuqGzPndZOxV7CEQMYr+HAiVMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvbGN5RzZvYk0tZDFrN0ZYc0lSQXhpdjRjQ0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFAr2AMA0G
CSqGSIb3DQEBCwUAA4IBAQBSkRxqz+E+2bz3KiskxLofiM4JU2oBpcRNnRuIm1d8
WMDbHs9CU84CyrS4mojrNDgDZQNolEuAfdVcTI2US4O6D7h/+6oxcDk2a9KyZHI0
ef2UTSgbc4kBMsA9jmQuqlk7g/EDPb9Ue2uQ8zp6hliKrJKro3ESIbbWA8kofJdt
WjKN/WnZYwFCbyiFFa7TP2MjrXcy5Akh9Vpl6VX4duk0I5alPG+ptZCLFynAC6Pk
KSL3Pt2vfdN8ypJDzM3C/uWlUwEb6U63p2L/pykqfiViSnBaZKqGyBnxehtwLOBX
92nYFjQaAUfSrZItUhvWkNbTLKvEmic5trwSQG4MiKEX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org