Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/1-Lb59xeVXbAZ63ZczQkuFRwqtJs.roa
File: 1-Lb59xeVXbAZ63ZczQkuFRwqtJs.roa (raw, json)
Hash identifier: EP2JgacmxF9XxFqckfe2j5SCHlvn3mpt7RA61LyPSGU=
Subject key identifier: F8:B6:F9:F7:17:95:5D:B0:19:EB:76:5C:CD:09:2E:15:1C:2A:B4:9B
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01856F94D38AF9A82EBBB6A7BEF61B4BE0AA
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/1-Lb59xeVXbAZ63ZczQkuFRwqtJs.roa
Signing time: Sun 01 Jan 2023 23:05:02 +0000
ROA not before: Sun 01 Jan 2023 23:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203978
IP address blocks: 185.176.104.0/22 maxlen: 24
185.106.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d3:8a:f9:a8:2e:bb:b6:a7:be:f6:1b:4b:e0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8b6f9f717955db019eb765ccd092e151c2ab49b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:95:36:ee:c4:33:95:18:c6:de:24:32:8c:10:
17:5e:83:68:e9:06:20:3b:f1:c0:df:8e:01:b9:d2:
a7:8b:79:1c:52:16:22:f5:b0:1e:12:f2:3b:cb:d7:
ef:cd:3b:1b:9f:42:a5:a7:35:b9:e1:48:3b:7c:2c:
84:2c:b3:a2:1c:e3:c0:04:b8:59:08:10:00:90:a8:
45:70:97:83:ac:eb:f3:71:6b:ff:a0:ec:e8:2e:a0:
0f:90:1b:ea:13:42:0a:ca:aa:e2:97:78:7d:9f:2b:
b7:3a:9c:92:e7:27:80:47:2e:15:14:1f:c0:7e:0b:
ee:c3:2e:44:59:36:63:e0:1b:83:6b:21:72:cd:67:
8d:3a:a7:62:22:00:4c:a0:90:b4:7b:9e:f4:a8:22:
55:86:02:8e:c6:66:f8:84:79:63:a4:27:2d:06:0f:
70:08:29:ea:32:2d:71:d0:ba:e9:fb:c2:7a:1a:a2:
3d:79:2b:54:fd:8f:1c:69:43:32:41:fb:13:04:c0:
1a:62:13:88:ff:db:e1:ba:41:8b:6d:ee:32:14:b5:
27:db:13:01:d0:23:1c:4d:61:3c:07:4b:0f:42:42:
90:99:8a:47:9f:3e:32:31:e8:56:ce:a3:68:4f:5c:
66:74:0d:ad:b1:a6:71:2d:c3:21:e8:85:0e:4e:5a:
3a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B6:F9:F7:17:95:5D:B0:19:EB:76:5C:CD:09:2E:15:1C:2A:B4:9B
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/1-Lb59xeVXbAZ63ZczQkuFRwqtJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.44.0/22
185.176.104.0/22
Signature Algorithm: sha256WithRSAEncryption
47:66:e5:19:ff:84:b4:49:b2:ea:e0:84:61:51:72:7d:a7:97:
78:08:d1:93:41:06:70:dd:fd:d6:b0:78:04:5e:38:0e:56:fc:
64:88:cb:9e:a3:ef:4b:1e:7f:19:9d:1d:b3:e7:40:86:8e:3f:
f4:e3:c7:a4:ec:da:68:6c:8f:09:30:45:e3:59:9d:e7:f2:3b:
1b:6c:22:8c:f5:b9:f1:54:f9:21:a7:9d:a8:33:60:f3:0d:26:
51:b7:20:b9:d8:9d:ff:bd:d3:47:80:bb:fa:21:e9:eb:5a:d4:
5d:31:9b:27:ee:ec:ca:29:6e:c3:6e:42:2c:98:e2:dd:34:75:
0a:e2:c4:99:2e:a7:c8:1a:d8:f7:3f:e5:67:11:bd:dd:72:d3:
4b:f3:82:77:95:e7:c9:e6:af:a7:cf:a3:23:9a:f4:d7:d3:3f:
55:9f:72:51:2a:3e:9a:7c:81:db:b2:07:dc:87:b9:64:fb:f9:
e3:91:83:22:46:58:d9:40:bb:87:a7:1b:90:da:90:13:59:20:
eb:30:1f:4d:93:c8:bd:14:b1:28:dd:c4:2d:ac:62:4a:8a:4d:
23:bc:da:a0:37:db:25:a7:d3:22:92:28:81:25:83:46:17:d3:
1b:ea:c2:f5:b9:8c:90:8e:2d:36:71:91:1c:4f:a7:25:c6:9c:
39:b4:f1:ba
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVvlNOK+aguu7anvvYbS+CqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMwMTAxMjMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI2ZjlmNzE3OTU1ZGIwMTllYjc2NWNjZDA5MmUxNTFjMmFiNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJU27sQzlRjG3iQyjBAXXoNo6QYg
O/HA344BudKni3kcUhYi9bAeEvI7y9fvzTsbn0KlpzW54Ug7fCyELLOiHOPABLhZ
CBAAkKhFcJeDrOvzcWv/oOzoLqAPkBvqE0IKyqril3h9nyu3OpyS5yeARy4VFB/A
fgvuwy5EWTZj4BuDayFyzWeNOqdiIgBMoJC0e570qCJVhgKOxmb4hHljpCctBg9w
CCnqMi1x0Lrp+8J6GqI9eStU/Y8caUMyQfsTBMAaYhOI/9vhukGLbe4yFLUn2xMB
0CMcTWE8B0sPQkKQmYpHnz4yMehWzqNoT1xmdA2tsaZxLcMh6IUOTlo6UwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPi2+fcXlV2wGet2XM0JLhUcKrSbMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvMS1MYjU5eGVWWGJBWjYzWmN6UWt1RlJ3cXRKcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvMDNiZjI4LWM1NWQtNGM3YS05MWJiLTkxNjQ2YmYwMTUz
ZC8xL2xiTUJFYkMzSUtJSjk0akl1UTlnT0F0R1hDNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlqLAME
ArmwaDANBgkqhkiG9w0BAQsFAAOCAQEAR2blGf+EtEmy6uCEYVFyfaeXeAjRk0EG
cN391rB4BF44Dlb8ZIjLnqPvSx5/GZ0ds+dAho4/9OPHpOzaaGyPCTBF41md5/I7
G2wijPW58VT5IaedqDNg8w0mUbcgudid/73TR4C7+iHp61rUXTGbJ+7syiluw25C
LJji3TR1CuLEmS6nyBrY9z/lZxG93XLTS/OCd5Xnyeavp8+jI5r019M/VZ9yUSo+
mnyB27IH3Ie5ZPv545GDIkZY2UC7h6cbkNqQE1kg6zAfTZPIvRSxKN3ELaxiSopN
I7zaoDfbJafTIpIogSWDRhfTG+rC9bmMkI4tNnGRHE+nJcacObTxug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org