Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/LziUjTG6SD7l5uZkqnOClT-CWSQ.roa
File: LziUjTG6SD7l5uZkqnOClT-CWSQ.roa (raw, json)
Hash identifier: zZWk3wIxmc78tzxFVDezBDbjGmUqsGk6G6SQh2SCBag=
Subject key identifier: 2F:38:94:8D:31:BA:48:3E:E5:E6:E6:64:AA:73:82:95:3F:82:59:24
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01876FA9C3A9996BC5381C25E0DFF67921FB
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/LziUjTG6SD7l5uZkqnOClT-CWSQ.roa
Signing time: Tue 11 Apr 2023 09:33:29 +0000
ROA not before: Tue 11 Apr 2023 09:33:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48314
IP address blocks: 185.14.94.0/24 maxlen: 24
37.114.53.0/24 maxlen: 24
37.114.57.0/24 maxlen: 24
37.114.62.0/24 maxlen: 24
37.114.61.0/24 maxlen: 24
2a00:ccc1:5::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:a9:c3:a9:99:6b:c5:38:1c:25:e0:df:f6:79:21:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Apr 11 09:33:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f38948d31ba483ee5e6e664aa7382953f825924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f7:32:1a:0e:32:e9:85:00:54:df:3f:f5:19:
36:b9:64:bc:ce:ba:5b:a9:16:96:08:f3:9d:c5:fd:
5d:f9:a3:99:8b:a1:24:05:57:7f:dc:7e:36:a0:d3:
2f:6c:51:9d:91:b7:d7:9b:a7:50:91:2b:94:25:d5:
01:6e:33:7e:d4:cf:44:35:9f:89:54:fe:e4:d8:6d:
ac:65:49:b8:ca:be:33:14:78:67:e5:e9:ee:18:db:
f2:5b:bb:74:93:7b:ee:ed:2e:45:34:0f:29:8a:61:
e0:55:e1:8d:74:3a:e9:ab:7a:58:c0:45:54:37:97:
4a:9c:fd:98:67:7f:7c:fe:7a:9e:61:28:54:e9:79:
8e:1e:1c:52:dd:b4:fb:31:fb:71:f4:b3:b0:22:8c:
37:85:85:70:fb:76:56:a4:65:15:78:7c:75:3b:02:
60:23:1b:a9:5b:70:30:f1:ae:3c:7a:4a:ea:4f:d0:
8f:99:e6:41:62:bf:42:42:d8:c7:40:b4:5e:a6:21:
6a:f0:a7:1f:ea:38:ad:da:11:4c:b6:77:99:0a:0a:
56:e6:08:3d:c7:53:96:fd:a1:5f:43:bb:c0:94:a0:
b3:b1:4b:fb:6c:06:ec:b7:0e:19:54:ad:46:e2:59:
d5:c2:56:80:8c:e3:55:87:3c:ef:ef:1b:e5:64:65:
14:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:38:94:8D:31:BA:48:3E:E5:E6:E6:64:AA:73:82:95:3F:82:59:24
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/LziUjTG6SD7l5uZkqnOClT-CWSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.53.0/24
37.114.57.0/24
37.114.61.0-37.114.62.255
185.14.94.0/24
IPv6:
2a00:ccc1:5::/48
Signature Algorithm: sha256WithRSAEncryption
63:1e:50:c5:37:37:85:e4:ce:67:c2:d4:b2:11:97:f5:55:42:
51:ac:ae:42:46:ba:9e:0a:fd:8c:39:bf:35:3e:f7:62:e3:83:
03:7e:b3:3e:52:9c:cf:19:65:90:04:b7:ac:c2:bc:61:82:07:
d4:3d:a0:66:3d:8a:10:73:f0:4e:50:31:04:7d:58:16:b4:b4:
a5:e7:90:ce:98:61:fb:0e:da:fd:f0:3f:46:d6:f6:ab:60:13:
49:57:a1:f9:44:a5:99:5a:9d:28:d9:66:5a:9e:de:17:10:fa:
9f:3f:76:b5:30:ef:c8:40:e9:51:84:a0:64:5b:38:5d:4a:80:
84:2c:29:13:7b:1a:b2:37:f1:f3:d1:96:57:7f:a9:ff:29:e6:
7d:3e:ef:af:12:02:a8:4b:a0:3b:67:04:de:02:77:19:d3:36:
c0:08:12:eb:ae:f4:25:aa:11:9e:cf:bf:59:2a:dc:2c:90:cf:
8a:fd:9a:73:fa:41:9f:b8:b9:cb:57:c2:c4:78:af:ab:ae:cd:
28:4e:7e:15:25:b4:4e:c7:e4:d2:c1:61:8b:52:68:c5:92:b3:
ad:62:a5:02:44:be:e0:0a:24:cc:5b:0d:73:43:f3:a7:2b:ab:
bd:3c:cb:98:fe:3e:82:d5:cb:3a:c3:a6:ee:b5:aa:e7:36:47:
ef:48:7d:9f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYdvqcOpmWvFOBwl4N/2eSH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwNDExMDkzMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjM4OTQ4ZDMxYmE0ODNlZTVlNmU2NjRhYTczODI5NTNmODI1OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPcyGg4y6YUAVN8/9Rk2uWS8zrpb
qRaWCPOdxf1d+aOZi6EkBVd/3H42oNMvbFGdkbfXm6dQkSuUJdUBbjN+1M9ENZ+J
VP7k2G2sZUm4yr4zFHhn5enuGNvyW7t0k3vu7S5FNA8pimHgVeGNdDrpq3pYwEVU
N5dKnP2YZ398/nqeYShU6XmOHhxS3bT7Mftx9LOwIow3hYVw+3ZWpGUVeHx1OwJg
IxupW3Aw8a48ekrqT9CPmeZBYr9CQtjHQLRepiFq8Kcf6jit2hFMtneZCgpW5gg9
x1OW/aFfQ7vAlKCzsUv7bAbstw4ZVK1G4lnVwlaAjONVhzzv7xvlZGUUfwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFC84lI0xukg+5ebmZKpzgpU/glkkMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvTHppVWpURzZTRDdsNXVaa3FuT0NsVC1DV1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQAJXI1AwQA
JXI5MAwDBAAlcj0DBAAlcj4DBAC5Dl4wDwQCAAIwCQMHACoAzMEABTANBgkqhkiG
9w0BAQsFAAOCAQEAYx5QxTc3heTOZ8LUshGX9VVCUayuQka6ngr9jDm/NT73YuOD
A36zPlKczxllkAS3rMK8YYIH1D2gZj2KEHPwTlAxBH1YFrS0peeQzphh+w7a/fA/
Rtb2q2ATSVeh+USlmVqdKNlmWp7eFxD6nz92tTDvyEDpUYSgZFs4XUqAhCwpE3sa
sjfx89GWV3+p/ynmfT7vrxICqEugO2cE3gJ3GdM2wAgS6670JaoRns+/WSrcLJDP
iv2ac/pBn7i5y1fCxHivq67NKE5+FSW0Tsfk0sFhi1JoxZKzrWKlAkS+4AokzFsN
c0PzpyurvTzLmP4+gtXLOsOm7rWq5zZH70h9nw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:51 2024 by rpki-client on console-ams.rpki-client.org