Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/LsGR95GET_6eNdZD53f3mnIuvrA.roa
File: LsGR95GET_6eNdZD53f3mnIuvrA.roa (raw, json)
Hash identifier: ekEw1OpdE9OhXsNtmEL/6CZO0Di71pRSchg//bfNUeM=
Subject key identifier: 2E:C1:91:F7:91:84:4F:FE:9E:35:D6:43:E7:77:F7:9A:72:2E:BE:B0
Certificate issuer: /CN=06c44b821ab5db542cc536c1f88b84baf0621654
Certificate serial: 01857246D8A4331DA75240B3CD8B38A61899
Authority key identifier: 06:C4:4B:82:1A:B5:DB:54:2C:C5:36:C1:F8:8B:84:BA:F0:62:16:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BsRLghq121QsxTbB-IuEuvBiFlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/LsGR95GET_6eNdZD53f3mnIuvrA.roa
Signing time: Mon 02 Jan 2023 11:38:43 +0000
ROA not before: Mon 02 Jan 2023 11:38:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203653
IP address blocks: 185.128.38.0/24 maxlen: 24
185.128.36.0/24 maxlen: 24
185.128.39.0/24 maxlen: 24
2a03:9f60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:d8:a4:33:1d:a7:52:40:b3:cd:8b:38:a6:18:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06c44b821ab5db542cc536c1f88b84baf0621654
Validity
Not Before: Jan 2 11:38:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ec191f791844ffe9e35d643e777f79a722ebeb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f0:6d:f7:54:e5:9f:db:9a:62:b3:29:4e:81:
17:6f:3f:01:fe:0f:51:63:65:b3:d0:ed:c0:ed:77:
25:5d:50:6c:23:03:dc:f3:7d:62:62:ad:ca:f6:a6:
38:a1:ba:91:89:1e:de:e0:79:d6:e5:65:b4:4a:df:
21:40:12:cf:ec:2c:48:db:55:ba:ef:7f:4e:68:00:
9c:31:d6:bb:54:04:fe:0a:21:8a:9f:d9:0d:fd:d7:
94:db:4f:ac:3c:27:d0:1d:9d:3a:bb:f4:78:a5:6c:
aa:70:51:55:85:72:94:09:ec:b7:f2:12:df:5b:f3:
21:eb:5d:0d:97:ee:23:87:bb:69:11:88:0a:16:b9:
83:6e:af:e5:c7:4e:69:88:9d:c0:9b:59:ae:5f:57:
a9:d2:35:83:82:ce:a0:7a:d1:db:64:e2:18:81:4c:
13:fc:53:55:54:a8:c8:72:6f:29:9c:37:60:3b:3d:
f7:6c:4d:8c:49:4f:16:2a:93:46:f7:cc:d6:94:ba:
7e:1c:52:26:1f:e0:89:56:20:a7:c3:8a:b4:eb:f1:
be:7d:86:78:44:8b:80:99:5a:80:1c:16:aa:8f:de:
e1:8a:71:17:3f:90:5e:4a:46:ee:45:21:b3:ae:4b:
f8:79:73:3f:41:7f:3d:5a:d1:fe:8e:c1:31:f6:43:
72:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C1:91:F7:91:84:4F:FE:9E:35:D6:43:E7:77:F7:9A:72:2E:BE:B0
X509v3 Authority Key Identifier:
keyid:06:C4:4B:82:1A:B5:DB:54:2C:C5:36:C1:F8:8B:84:BA:F0:62:16:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsRLghq121QsxTbB-IuEuvBiFlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/LsGR95GET_6eNdZD53f3mnIuvrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/BsRLghq121QsxTbB-IuEuvBiFlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.36.0/24
185.128.38.0/23
IPv6:
2a03:9f60::/32
Signature Algorithm: sha256WithRSAEncryption
81:41:fe:fb:d5:f5:62:9e:b3:54:84:9b:21:7e:ba:b0:e6:24:
be:1d:f8:12:f4:7e:2e:08:f4:ba:bd:15:52:5c:be:df:ca:f8:
0c:2a:00:8f:b6:07:e9:ec:c9:9b:29:d7:8a:cd:3f:7f:bd:c6:
c6:30:93:db:c1:bc:af:ce:dc:2e:d6:46:58:b7:f0:b1:1b:1b:
d2:a2:19:8a:29:64:af:02:c8:df:60:ae:00:a8:f4:28:ab:f5:
ca:d2:6c:db:dc:24:e9:96:8c:4a:6f:d6:27:cc:70:b2:99:7c:
08:5e:9d:df:3f:75:2e:f9:67:50:e0:89:c4:7d:47:f9:ea:0e:
8d:3f:78:ea:e6:16:b1:f3:5a:f6:10:44:12:1d:fd:ec:c1:50:
25:a9:ad:ff:5b:77:b2:05:70:7b:fb:67:84:a5:4d:c4:54:04:
fe:4a:b6:72:90:80:d3:60:e7:97:1c:44:fa:00:02:2d:95:a9:
36:b6:79:37:46:66:a4:30:3c:ed:f0:7f:70:d6:a2:8e:94:bd:
64:24:58:1c:35:5e:01:33:72:b5:d0:0a:63:14:95:53:88:48:
73:8a:ba:8d:22:9f:37:c1:32:95:e5:13:42:32:ed:16:be:76:
61:62:c5:70:b0:fb:ca:22:03:d2:70:4c:1c:77:87:a8:04:56:
fb:25:8d:a6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyRtikMx2nUkCzzYs4phiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YzQ0YjgyMWFiNWRiNTQyY2M1MzZjMWY4OGI4NGJhZjA2
MjE2NTQwHhcNMjMwMTAyMTEzODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWMxOTFmNzkxODQ0ZmZlOWUzNWQ2NDNlNzc3Zjc5YTcyMmViZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPBt91Tln9uaYrMpToEXbz8B/g9R
Y2Wz0O3A7XclXVBsIwPc831iYq3K9qY4obqRiR7e4HnW5WW0St8hQBLP7CxI21W6
739OaACcMda7VAT+CiGKn9kN/deU20+sPCfQHZ06u/R4pWyqcFFVhXKUCey38hLf
W/Mh610Nl+4jh7tpEYgKFrmDbq/lx05piJ3Am1muX1ep0jWDgs6getHbZOIYgUwT
/FNVVKjIcm8pnDdgOz33bE2MSU8WKpNG98zWlLp+HFImH+CJViCnw4q06/G+fYZ4
RIuAmVqAHBaqj97hinEXP5BeSkbuRSGzrkv4eXM/QX89WtH+jsEx9kNy3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC7BkfeRhE/+njXWQ+d395pyLr6wMB8GA1UdIwQY
MBaAFAbES4IatdtULMU2wfiLhLrwYhZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNSTGdocTEyMVFzeFRiQi1JdUV1dkJpRmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83OWNlZjgtNDNhMS00MDg5LTgwOWYt
ZGM5ODQyNjU1NjdkLzEvTHNHUjk1R0VUXzZlTmRaRDUzZjNtbkl1dnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83OWNlZjgtNDNhMS00MDg5LTgwOWYtZGM5ODQyNjU1Njdk
LzEvQnNSTGdocTEyMVFzeFRiQi1JdUV1dkJpRmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuYAkAwQB
uYAmMA0EAgACMAcDBQAqA59gMA0GCSqGSIb3DQEBCwUAA4IBAQCBQf771fVinrNU
hJshfrqw5iS+HfgS9H4uCPS6vRVSXL7fyvgMKgCPtgfp7MmbKdeKzT9/vcbGMJPb
wbyvztwu1kZYt/CxGxvSohmKKWSvAsjfYK4AqPQoq/XK0mzb3CTploxKb9YnzHCy
mXwIXp3fP3Uu+WdQ4InEfUf56g6NP3jq5hax81r2EEQSHf3swVAlqa3/W3eyBXB7
+2eEpU3EVAT+SrZykIDTYOeXHET6AAItlak2tnk3RmakMDzt8H9w1qKOlL1kJFgc
NV4BM3K10ApjFJVTiEhzirqNIp83wTKV5RNCMu0WvnZhYsVwsPvKIgPScEwcd4eo
BFb7JY2m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:05 2024 by rpki-client on console-fra.rpki-client.org